"Use elevated privileges" in UNIX tab of the Target Account triggers to fail the change password
Article ID: 92737
Updated On: 02-07-2024
Products
CA Privileged Access Manager - Cloakware Password Authority (PA)
CA Privileged Access Manager (PAM)
Issue/Introduction
The "Use elevated privileges" in UNIX tab of the Target Account triggers to fail the change password.
Also, what is each item of the Privilege Elevation settings mean in the target account >> UNIX tab that is UNIX target application connector?
Environment
Privileged Access Manager, all versions
Resolution
Check the account can run the passwd command via accessing the target server by emulator. If the account does not have the permission about that, it should fail to change the password. After giving an appropriate permission to the account and complete to check if it works, try to change the password via PAM.
Account with UNIX target connector target application >> UNIX tab >> Privilege Elevation:
- Do not use elevated privileges.
It is necessary that the target account have the permission to run the command on the target server.
- Use elevated privileges
The command will be run by using sudo command. It is necessary for the account that has the permission to run the sudo command WITHOUT password. It is controlled by the linux OS side. The visudo command can set the configuration. Add like the below line at the bottom of the configuration screen.
<account name> ALL=(ALL) NOPASSWD: ALL
- Use elevated privileges with authentication
The command will be run by using sudo command. It is necessary for the account that has the permission to run the sudo command WITH password. It is controlled by the linux OS side. The visudo command can set the configuration. Add like the below line at the bottom of the configuration screen.
<account name> ALL=(ALL) ALL
- This account is a root account
If the account is the root account, select this switch.
If the account is the root account, select this switch.
Feedback
Yes
No
Powered by
