Blog Viewer

Tech Tip - CA Privileged Access Manager: Associate more than one Target Accounts with the RDP Application's Transparent Login

By wonsa03 posted 04-09-2017 08:50 PM

  

CA Privileged Access Manager Tech Tip by Kelly Wong, Principal Support Engineer for 10th April 2017

Introduction

You can implement transparent login for a Windows RDP server for secondary access through an application on that Device.

 

Question

In policy, can we associate multiple secondary Target Accounts with the RDP Application for Transparent Login? 

 

Example:

Two PuTTY RDP Applications referencing different Target Host with respective Target Account or one PuTTY RDP Application associate with multiple Target Accounts?

 

Answer

Out-of-the-box, CA PAM allows multiple Target Accounts set as primary access credentials that are consumed during login to the Device. However, it is not possible to associate more than one secondary credentials that are consumed by the RDP Application.

 

"Message 12015: There is credential conflict in Transparent Login Window with the title '***'" is returned when you attempt to save the user-device policy with two RDP Applications that have the same Transparent Login's Window Title.

3 comments
3 views

Comments

04-12-2017 06:20 PM

Hi Indra,

 

Yes, there's no workaround at the moment.

Idea has been raised, this is under Product Management assessment and considerations as future enhancements.

04-10-2017 11:58 PM

CMIIWit's mean that, we still cannot associate more than one target account with the RDP application transparent login ya?

and still no workaround and resolution for answer this cases to our client, or might be this cases can be addressed on next release (CA PAM 3.0)