search cancel

The Symantec PAM login integration does not show the proper user when login is done through PAM

book

Article ID: 226723

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

The Symantec PAM login integration does not show the proper user when login is done through PAM

 

[[email protected] ~]# sewhoami -a
root
ACEE Contents
  User's Name             : root

 

 

You currently have

editres LOGINAPPL ('SSH') audit(FAILURE) comment('Predefined rule for Login application.') defaccess(EXECUTE) loginflags(NONE) loginmethod(NORMAL) loginseq(SGRP SUID) loginpath(/usr/sbin/sshd)

 

this should have   loginflags(PAMLOGIN)

Environment

Release : 4.0

Component : PRIVILEGED ACCESS MANAGEMENT

Resolution

editres LOGINAPPL ('SSH') audit(FAILURE) comment('Predefined rule for Login application.') defaccess(EXECUTE) loginflags(PAMLOGIN) loginmethod(NORMAL) loginseq(SGRP SUID) loginpath(/usr/sbin/sshd)

 

PAMSC> sr loginappl SSH
(localhost)
Data for LOGINAPPL 'SSH'
 -----------------------------------------------------------
Defaccess         : X
Audit mode        : Failure
Comment           : Predefined rule for Login application.
Login flags       : PAM login
Login method      : Normal
Login path        : /usr/sbin/sshd
Login sequence    : SGRP, SUID

 

 

[[email protected] ~]# sewhoami -a

root

ACEE Contents  

User's Name             : TestAmp