Symantec Privileged Access Management

Hello SME's ,

What is the use of command string option in Transparent Login tab in devices ?
I am  assuming its for custom command other than pbrun and sudo .  We have PIM on endpoints so added sesu and in policy mentioned "servername - account" ( I was not able to scroll down and find the server/account , so I added it via csv import) but it did n't work . 
Kindly assist.

Hi Pankaj, This is covered on documentation page https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-privileged-access-management/privileged-access-manager/3-4/implementing/configure-policies-to-provision-user-access-to-devices-and-applications/configure-devices/device-setup.html under header "Command Strings for Transparent Login". As noted there, the command string you configure must match exactly, and the substring for the password prompt must be right, so that PAM knows at what point to provide the configured password.
Original Message:
Sent: 05-27-2020 08:36 AM
From: Pankaj Kumar
Subject: Transparent Login -Command string PAM 3.4

Hello SME's ,

What is the use of command string option in Transparent Login tab in devices ?
I am  assuming its for custom command other than pbrun and sudo .  We have PIM on endpoints so added sesu and in policy mentioned "servername - account" ( I was not able to scroll down and find the server/account , so I added it via csv import) but it did n't work .
Kindly assist.

Hi @Ralf Prigl,

Apologies for late response . I tried configuring PIM command sesu  with it . When I go ​to transparent login tab in policy  I was not able to scroll down and find the server/account. 



Original Message:
Sent: 05-27-2020 10:55 AM
From: Ralf Prigl
Subject: Transparent Login -Command string PAM 3.4

Hi Pankaj, This is covered on documentation page https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-privileged-access-management/privileged-access-manager/3-4/implementing/configure-policies-to-provision-user-access-to-devices-and-applications/configure-devices/device-setup.html under header "Command Strings for Transparent Login". As noted there, the command string you configure must match exactly, and the substring for the password prompt must be right, so that PAM knows at what point to provide the configured password.
Original Message:
Sent: 05-27-2020 08:36 AM
From: Pankaj Kumar
Subject: Transparent Login -Command string PAM 3.4

Hello SME's ,

What is the use of command string option in Transparent Login tab in devices ?
I am  assuming its for custom command other than pbrun and sudo .  We have PIM on endpoints so added sesu and in policy mentioned "servername - account" ( I was not able to scroll down and find the server/account , so I added it via csv import) but it did n't work .
Kindly assist.