multiple authentication at the same time to log in PAM
Article ID: 74919
Updated On:
Products
CA Privileged Access Manager - Cloakware Password Authority (PA)
PAM SAFENET LUNA HSM
CA Privileged Access Manager (PAM)
Issue/Introduction
Is it possible to implement the multiple authentication for PAM login? For example, it is ID/Password authentication and smart card. If both authentications combination are passed at the same time, the user can login to the PAM client.
Environment
CA Privileged Access Manager 3.1.1
Resolution
The DocOps explains about this topic in the below URL page.
The below can be realized the multiple authentication at the same time.
The "LDAP+RADIUS in Combination" in the below URL page explains as follows.
https://goo.gl/bKcQp8
The "RSA SecurID and LDAP+RSA" in the below URL page explains as follows.
https://goo.gl/43DV6n
Title:Authenticate Users Locally or Remotely
https://goo.gl/uxxs7x
https://goo.gl/uxxs7x
The below can be realized the multiple authentication at the same time.
- RADIUS and TACACS+– Authentication against a RADIUS or TACACS+ server.
- LDAP+RSA–Sequential authentication from an LDAP directory and an RSA SecurID server.
- SAML–SAML authentication using CA PAM server as one or both of the following providers:
Identity Provider
Relying Party/Service Provider
Relying Party/Service Provider
The "LDAP+RADIUS in Combination" in the below URL page explains as follows.
https://goo.gl/bKcQp8
"User1 is authenticated against the LDAP server. If the first authentication is successful, user1 is authenticated against the RADIUS server. If authentication is successful, user1 gets logged in to CA Privileged Access Manager."
The "RSA SecurID and LDAP+RSA" in the below URL page explains as follows.
https://goo.gl/43DV6n
"User1 is authenticated against the time-sensitive RSA server. If the first authentication is successful, user1 is authenticated against the LDAP server. If authentication is successful, user1 gets logged in to CA Privileged Access Manager.".
Feedback
Yes
No
Powered by
