Symantec Privileged Access Management

  • Private Community
 View Only

  • 1.  User accounts deactivated

    Posted Dec 19, 2019 03:36 PM
    Hi,

    Users are continuously getting deactivated when they are logging to PAM multiple times via GTM (Global Traffic Manager) after they enter LDAP credentials and token then PAM kicks back to login page. 


    Version: 3.3.0
    Authentication type: Radius

    ------------------------------
    CA PAM Consultant
    ------------------------------


  • 2.  RE: User accounts deactivated
    Best Answer

    Broadcom Employee
    Posted Dec 20, 2019 03:55 AM

    Hello Shiva

     

    Make sure Virtual IP / Virtual Hostname of the GTM is included in PAM's SSL certificate subject.

    (Please see the documentation how to create such certificate:

    https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-privileged-access-management/privileged-access-manager/3-3-1/implementing/configuring-your-server/configure-security-settings/create-a-self-signed-certificate-or-a-certificate-signing-request/request-certificates-for-a-cluster.html)

     

    Do you see if the user gets disabled upon login via the GTM (which I guess is a load balancer device)?

    In this case see if the suggestions from this article apply

    https://ca-broadcom.wolkenservicedesk.com/external/article?articleId=107680

     

    Should the issue remain please do not hesitate to open a formal support case with us and we shall have a closer look.

     

    Best Regards,

    Andreas




    Original Message