The "Use elevated privileges" in UNIX tab of the Target Account triggers to fail the change password. Also, what is each item of the Privilege Elevation settings mean in the target account >> UNIX tab that is UNIX target application connector?
Environment
Privileged Access Manager, all versions
Resolution
Check the account can run the passwd command via accessing the target server by emulator. If the account does not have the permission about that, it should fail to change the password. After giving an appropriate permission to the account and complete to check if it works, try to change the password via PAM.
It is necessary that the target account have the permission to run the command on the target server.
- Use elevated privileges The command will be run by using sudo command. It is necessary for the account that has the permission to run the sudo command WITHOUT password. It is controlled by the linux OS side. The visudo command can set the configuration. Add like the below line at the bottom of the configuration screen.
<account name> ALL=(ALL) NOPASSWD: ALL
- Use elevated privileges with authentication The command will be run by using sudo command. It is necessary for the account that has the permission to run the sudo command WITH password. It is controlled by the linux OS side. The visudo command can set the configuration. Add like the below line at the bottom of the configuration screen.
<account name> ALL=(ALL) ALL
- This account is a root account If the account is the root account, select this switch.