search cancel

PAM-CM-0567 error when using remote CLI with SAML user credentials

book

Article ID: 229433

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

We are trying to use the JAVA/CLI API following the steps described here but when we try to verify the installation it is returning "PAM-CM-0567: Failed to authenticate with the Password Authority service.". We are using credentials from a SAML user with Global Administrator role and System Admins group membership for credential management.

 

Cause

SAML authentication is not implemented in the API used by the remote CLI.

Environment

Release : 3.4

Component : PRIVILEGED ACCESS MANAGEMENT

Resolution

PAM does not support SAML authentication with the remote CLI. Define a local user for use with the remote CLI and assign group memberships as required by the remote CLI commands that you want to run. This limitation is documented now on page Remote CLI Command Syntax.