Layer7 Privileged Access Management

Expand all | Collapse all

Transparent Login

  • 1.  Transparent Login

    Posted 11-15-2018 07:18 AM

    Hi Team,

     

    I have integrated some target devices for testing transparent login. However on accessing some accounts on account page of PAM appliance, the session is started from a service invoking PuTTY the "login as:" prompt appears and the credentials seem to be not injected.

     

    Can you please provide error rectification for transparent login so that the credentials get injected and doesn't ask for any "login as" prompt?

     

     

     

    Regards,

    Shahbaz Shaikh



  • 2.  Re: Transparent Login

    Posted 11-15-2018 11:11 PM

    Hi,

    I think the transparent login does not work in that way, based on what u have describe.

    If u refer auto login with credential to SSH server by using PAM client(build in putty client) then it is using "Access" option.

     

    If u refer auto login using Putty.exe(auto fill username & password) on a Windows Server, where using use the transparent login. 

     

    Set Up Transparent Login for RDP Servers - CA Privileged Access Manager - 3.2 - CA Technologies Documentation 

    To test/work on Transparent login, you need to setup RDP Server(We called it JumpServer).

     

    The user experience will be:-

    User login CA PAM client with credential.

    After that, user select the "Putty - linux1" from Access tab. 

    then a RDP session is created PAM auto login the RDP session(based on the credential configured in PAM).

    After a successful RD login, it auto launch Putty.exe and prompt for username. 

    Then transparent login script will fill up the username and password accordingly.

    After that, user see a connected PuTTY session.

    If user finish the PuTTY session, just exit. It will end the RDP session.

     

    in CA PAM Policy, we have 2 set of credential

    1. Credential to Login RDP Server.

    2. Credential to Login Linux Server.

     

    regards,

    William 



  • 3.  Re: Transparent Login

    Posted 11-27-2018 06:48 PM

    Hi William,i would like to ask you the following:

    At the time of creating the endpoint there is the possibility to parameterize the option "Transparent login" where you must specify the full path to sudo / pbrun values, you could explain this option that allows me and what values should be specified?

     

    Thanks



  • 4.  Re: Transparent Login

    Posted 11-28-2018 12:32 AM

    Hi Julian,

    I have not come across with parameterize the "sudo/pbrun" command.

     

    regards,

    William