During login user's PIV Certificate is not populating in the PAM client
Article ID: 245574
Updated On:
Products
Issue/Introduction
User's login is not possible as the user's PIV certificate does not get populated in the PAM client. Refer to the login screen below, note there is know PIV certificate to select for the login connection..
Background:
1. A new PIV card assigned to this user that cannot login.
2. A new PAM client was installed on the user's laptop.
Environment
Release : 3.x, 4.x
Component :
Cause
Possible causes:
a. PAM client installed on user's laptop in a filesystem location where the user does not have required write privileges.
b. Use's laptop may not have all Trusted Root certificates
c.. May need to update the certificate chain in the PAM appliance as User's PIV certificate may be using a newer CA certificate that is not currently trusted by PAM.
Resolution
The user had installed the PAM client in the windows "Program Files" location where PAM did not have appropriate write privileges. Once the PAM client was re-installed in user's user profile location the issue was resolved as PIV certificate to establish the user's identity is populated and is selectable for login.
Additional Information
None.
Attachments
Feedback
