Hello PAM Team,
AFAIK, we don't have 2FA for DB session from PAM. This customer is using PAM Proxy method to connect db.
This is becoming a trend in most of the public/govt sector compliance, the connection to DB must have 2Factor authentication.…
We use SSSD on SLES servers to allow users to authenticate using their eDir password. sssd avoid us have to create entries in /etc/passwd for local users:
% grep -i china /etc/passwd % getent passwd china china:*:100039:100:Albert Chin-A-Young:/home…
Hi,
syslog server integration must be really improved.
There are 4 main points to be enhanced in PAM:
1. The idea is to implement in PAM the possibility to send CEF events via Syslog and not using JSON format. CEF would be great in order to integrate…
Implement a WEB proxy in similar manner to the RDP proxy
.I would suggest implementing a WEB proxy feature similar to the RDP so access controls can be applied to Privileged Web enviroments as well as SSH and RDP. This would be used to limit and hide…
With PAM you can proxy RDP sessions with an preconfigured Active-Directory account (run User). Some configuration is not working for SSH or SQL Developer connections.
Use Case:
External customers have their Accounts in a dedicated "isolated" domain…
Hi All,
The PAM Version: 4.2.0 don't having feature of how to restrict multiple concurrent logins simultaneously from different source.
Multiple concurrent logins in PAM Version: 4.2.0 should be integrated as an enhanced feature.
Thanks,
Niraj…
Hi,
My customer has concern if I as PAM administrator must get/see/put in all the SSH private keys for purpose of private key authentication. I was thinking that I can also prepare PAM reconciliation procedure in the similar way like change password…
Risk base can be enabled from AM & AA for better security purpose.
But it seem can't enable it on PAM system?
PAM need more competitive functions ,one of them is risk base.
I don't why it's not ready for 4.2.1?
Hi ,
We urgently require Installation and integration guide on PCAnywhere with PAM. As per MicroFocus Support team , MicroFocus do not have official docs particularly on PAM integration with pcanywhere.
Please send notification on mail id : subrata…
One of the great differentials, if not the only one, is the ability to integrations between our solutions. If a new functionality or model is available in PAM, we have to be able to take full advantage of the integrations. It's hard to tell the customer…
In our environment we should need to send PAM logs to an ArcSight Smartconnector Syslog using UDP.
When configuring the Syslog Server in PAM, it's not possible to choose the Protocol because only TCP is supported when forwarding logs.
It will be really…
When we write a PERL Reset Script we this list of input args from PAM:
my $host = $args->arg("host"); my $port = $args->arg("port"); my $admin = $args->arg("adminName"); my $adminPasswd = $args->arg("adminPasswd"); my $user = $args->arg("userName");…
With a large number of appliances now available which have GUI WEB management interfaces, PAM should be enhanced with a WEB proxy to enable access control and session recording. At the moment to control access to web based management interfaces we must…
Scenario
Implement machine to machine communication using PAM sshrelay without entering PAM user's password.
Component A (machine 1) -----> PAM Host ------> Component 2 (remote machine)
From component 1 following command is sent:
1) ssh -t -p2222…
Dear all Can you integrate FreeIPA as a supported LDAP authentication server with the PAM server? The native integration of linux devices with FreeIPA and the per command authorization and recording capabilities of PAM would offer a fully seamless experience…
Dear all We would like for you to consider the migration (or option to activate) a more centralized PAM database scheme, where SQLite could be replaced in favor for MySQL or PostgreSQL. The above would allow the deployment of multiple PAM reporting servers…
The password management type for resources created by the IDM driver is hard coded to "delegate to IDM". Instead, the password management type should set according to a new attribute (DirXML-pumAccDomDelegate) on DirXML-PUMAccountDomain objects.
This…
PAM User console page most of the customer request to customize those page as per there Organization logo and Name detail. This makes User-friendly to users who using Console for the session. Last version 3.6 there was a limited option like color and…
Today we all know that customers have paid certified and they want that the application should use those SSL certificates. But in PAM We still don’t have this kind of feature. Correct me if I am wrong.
Currently, PAM supports integration with the Micro Focus Advanced Authentication product. Customers need to also make use of other multi-factor tools; even if through Radius or other solutions.