Hi Ralf,
My SAML account is PAM Administrator member, I suppose that this role permise me to login on every host without a problem.
When I try to login on the hosts with this problem I found the following error on tomcat log:
"
Dec 03, 2018 8:31:52 AM com.cloakware.cspm.server.app.impl.kz c
WARNING: UpdateTargetAccountCmd.invoke exception:
com.cloakware.cspm.server.app.ApplicationException: UpdateTargetAccountCmd.invoke Failed to synchronize password with target
at com.cloakware.cspm.server.app.impl.kz.c(SourceFile:883)
at com.cloakware.cspm.server.app.impl.aa.invokeCommand(SourceFile:263)
at com.cloakware.cspm.server.app.impl.aa.invokeCommand(SourceFile:209)
at com.cloakware.cspm.server.app.impl.lc.a(SourceFile:509)
at com.cloakware.cspm.server.app.impl.lc.c(SourceFile:403)
at com.cloakware.cspm.server.app.impl.aa.invokeCommand(SourceFile:263)
at com.cloakware.cspm.server.app.impl.aa.invokeCommand(SourceFile:122)
at com.cloakware.cspm.server.app.impl.aa.invokeCommand(SourceFile:114)
at com.cloakware.cspm.server.app.impl.aa.invokeCommand(SourceFile:110)
at com.cloakware.cspm.server.security.ScheduledJob.execute(SourceFile:90)
at org.quartz.core.JobRunShell.run(JobRunShell.java:203)
at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:520)
Dec 03, 2018 8:31:52 AM com.cloakware.cspm.server.app.impl.lc c
SEVERE: UpdateTargetAccountPasswordCmd.invoke applicationexception, error code:15212, msg: UpdateTargetAccountCmd.invoke Failed to synchronize password with target
Dec 03, 2018 8:31:52 AM com.cloakware.cspm.server.app.impl.lc c
WARNING: UpdateTargetAccountPasswordCmd.invoke, end: result=false, accounts=1, duration=6094.8296ms
"
This is the error that I receive on PAM client
Many thanks
Marco