ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
RSA Authentication not working
Article ID: 207450
Updated On:
Products
CA Privileged Access Manager (PAM)
Issue/Introduction
PAM Admin cannot get the RSA integration working with PAM.
Environment
Release : 3.4.x
Component : PRIVILEGED ACCESS MANAGEMENT
Resolution
When integrating PAM into RSA you need to validate:
- PAM Server needs to be added as an Authentication Agent
- RSA UI -> Access -> Authentication Agents -> Add New
Servername needs to match exactly as it is in the PAM UI -> Configuration -> Network -> Network Setting -> Hostname
- RSA UI -> Access -> Authentication Agents -> Add New
- After defining the Authentication Agent -> RSA Admin will “Generate a Configuration File”
- RSA UI -> Access -> Authentication Agents -> Generate a Configuration File (generates a sdconf.rec file)
- PAM admin will need to manually create a sdopts.rec file
- Download the server certificate file from RSA
RSA UI -> Access -> Authentication Agents -> Download Server Certificate File - Upload the Certificate into PAM:
- PAM UI -> Configuration -> Security -> Certificates -> Upload -> CA Bundles -> Upload certificate here
Finally in RSA - use the Real-time Activity Monitor to see if any requests are going to the RSA server:
- RSA UI -> Reporting -> Real-time Activity Monitors -> Authentication Activity Monitor -> Start Monitor (with Successful, Warning and Failure Events selected)
Feedback
Yes
No
Powered by
