I need to implement feature that sign on between Service Desk and PAM. I heard that you can enable Service Desk to use EEM. Once they logged into SD, clicking any task will auto sign them into PAM without logging in. I heard it pass some kind of token for PAM to auto log them in.
Anyone has tips and ways of doing this? I dont even know where to start for this kind of process. Since can't find documentation on this.
Thanks,
Ken
Anyone has tips and ways of doing this? I dont even know where to start for this kind of process. Since can't find documentation on this.
Thanks,
Ken
Please check the "How to Support Single Sign-On From CA Service Desk Manager to CA IT PAM Using CA EEM" section of the implemenation guide for more information.
The following is quoted from the 12.6 guide: 1. Verify that the following requirements have been met:
■ CA Service Desk Manager and CA IT PAM are configured to use the same CA EEM installation.
■ The user that logs in to CA Service Desk Manager is also a user in CA IT PAM.
■ When CA EEM uses the internal database as a user store, the users must have either global permissions or belong to the same folder. Otherwise, if CA EEM references an external user store like an external directory or CA Siteminder, the users must be of the same store to access single sign-on.
2. Install CA EEM from the CA Service Desk Manager DVD install media or use any existing CA EEM install (for example, CA EEM for CA IT PAM).
3. On the CA Service Desk Manager Administration tab, install the following options from under the Options Manager, Security folder:
■ eiam_hostname
■ use_eiam_authentication
Note: You do not need to install the option caextwf_eem_hostname under Options Manager, CA IT PAM folder. But if you do install it, the value must be the same as eiam_hostname option.
4. Restart CA Service Desk Manager.
5. To create a user in CA IT PAM, do the following:
a. Log in to CA EEM using the CA IT PAM application context using the EiamAdmin userid or any other administration user.
b. Select the Manage Identities tab and click the icon next to the Users folder.
c. On the New User page, the Name field at the top is the userid that must match the userid in the CA Service Desk Manager contact table.
d. Click the Add Application User Details button and do the following:
– Add any or both groups that are listed. Add at least one of these two groups in order to be able to log in to CA IT PAM.
– Complete the New User fields, such as First Name, Last Name, Display, and Password.
6. Create a user in the CA Service Desk Manager contact table with the same userid. Verify that the Access Type Validation Type field for the user is set to CA EEM.
You can log in to CA EEM and CA Service Desk Manager with this user and the password specified in CA EEM.