Symantec Privileged Access Management

  • 1.  Authentication while accessing a device

    Posted Dec 04, 2017 04:36 AM

    After user logged in to CA PAM Client.do we have any chances to put saml authentication while accessing a device through CA PAM Client  ?i can see while assigning a device to user  on policy there is an option of SAML on tab.Please help me with possibilites. 



  • 2.  Re: Authentication while accessing a device

    Broadcom Employee
    Posted Dec 04, 2017 11:59 AM

    Venkatesh,

     

    I am not sure that I understand your question completely, but SAML is supported and can be integrated into CAPAM login authentication.

     

    Here is some documentation that will help you understand SAML and CAPAM.  As you read on, there are instructions further on that go through installing SAML in CAPAM.

     

    SAML - CA Privileged Access Manager - 3.0.2 - CA Technologies Documentation 

     

    Regards,

     

    Anthony



  • 3.  Re: Authentication while accessing a device

    Posted Dec 05, 2017 01:51 AM

    hI Manan,

     

                   Thank you for your response.I have configured saml on capam home page its working well.But i wanted it to be triggered on while accessing a device.do you have anything to help me on this scope?

     

    Regards,

    venkatesh v



  • 4.  Re: Authentication while accessing a device
    Best Answer

    Broadcom Employee
    Posted Dec 08, 2017 09:16 AM

    Hello,

    Please find here a list of Target Connectors supported by CA PAM

    Target Connectors - CA Privileged Access Manager - 3.0.2 - CA Technologies Documentation 

     

    Currently we do not support saml to connect to target devices - but we do support SPML



  • 5.  Re: Authentication while accessing a device

    Posted Dec 09, 2017 01:52 AM

    Hi Mueller,

             Thank you for kind response.Correct me ,If I am wrong, I feel like Connectors we use here for Managing Target Account Passwords right.What i am expecting is like When you access device in CA Pam It needs to pop-up an Authentication window saying that Enter credentials of some other Identity provider.

     

    Regards,

    venkatesh v



  • 6.  Re: Authentication while accessing a device

    Posted Jan 08, 2018 04:17 AM

    Yes you can use a TCP service to do a SSO to a target web portal using SAML. Create a TCP service, select the application protocol as web portal, Select browser type as CA PAM browser, and then select the auto login method as SAML 2.0 SSO POST then configure the remaining two tabs for SP initiated or IDP initiated SSO for PAM and assign this service to your device.