Symantec Privileged Access Management

  • Private Community

  • 1.  CA PAM - Cannot change password on the first time login

    Posted Nov 12, 2018 03:03 AM

    Hi,

     

    I am installing .ova of CA PAM on VMWare. Everything just fine, until I logged in on the first time that made me was forced to change super password (i believe user pass is super/super)  But even I input very complex password it still says "too simple" or "up to word in dictionary". Is there anything wrong with my configuration?

     

     

    hopefully, anyone can help this situation

     

     

     



  • 2.  Re: CA PAM - Cannot change password on the first time login

    Broadcom Employee
    Posted Nov 12, 2018 06:36 AM

    This is not a known issue. If you have not modified anything and this is just a new installation, not an upgrade or similar, it should allow you to change the password just fine at first login. If you access your PAM instance using https://<pam>/config (if you have not changed the config pasword config/config should allow you in) and you attempt to update the password from there, you have the same problem ?

     

    If the password cannot be changed I would advise you to open a case with support to have this reset accordingly



  • 3.  Re: CA PAM - Cannot change password on the first time login

    Posted Nov 12, 2018 07:11 AM

    already try also to change from https://<pam>/config/ , but still cannot change from there

     

     

    and then already try re-download *ova and again, but still have the same problem



  • 4.  Re: CA PAM - Cannot change password on the first time login

    Broadcom Employee
    Posted Nov 12, 2018 03:04 PM

    Hi Indra,

    You cannot change the super user password using the config user. You can only change the user name on that page, and the password of the config user itself.

     PAM has a default password complexity requirement for local users:

    • 2 - 1+ Require [a-zA-Z0-9]: Level 0, 1 and password must have both an alphabet character and a digit.

     

    The minimum length is 6 characters and the maximum length is 14. If your new super password satisfies that requirement, it should get updated. Once you are logged in you can change the password security level under global settings.



  • 5.  Re: CA PAM - Cannot change password on the first time login

    Posted Nov 12, 2018 11:55 PM

    Hi Ralf,

     

    Thanks and appreciate for your answer, but my problem is not there (change a password from config user), please highlight the first one.

     

    also already done with that complexity but still doesn't work, even though re-download and boot up with the new *ova and the problem still the same. or you or anyone can suggest me a sample complexity word and I'll follow on my side.

     

    for short, I download the 1 version below (3.1.1) and running it and work fine with my own complexity word.

     

    and back to my question, why with 3.2 this case occur?

    I am not modified anything, this is fresh install (for highlight)



  • 6.  Re: CA PAM - Cannot change password on the first time login

    Posted Nov 13, 2018 05:51 AM

    Hi Indra,

     

    Could you try with password for example: T1s1nw34!

    If it works just change the complexity to your desired level and put some other password later.

     

    Best regards,

    Nikola



  • 7.  Re: CA PAM - Cannot change password on the first time login

    Broadcom Employee
    Posted Nov 13, 2018 09:38 AM

    Hi Indra, If you continue to have the problem, your file download may be corrupt. For PAM 3.2 non-FIPS the file would be DVD500000000001333.ova and the size in bytes 5,418,731,520. Discard the old file and download again. It works for everyone else.



  • 8.  Re: CA PAM - Cannot change password on the first time login

    Broadcom Employee
    Posted Nov 15, 2018 12:52 PM

    Indra, did you get the problem resolved? If needed, please open a support case so that someone can investigate the problem with you in detail.