Enterprise Administration GuideViewing Your Enterprise Implementation › Configure a UNIX Endpoint for CA Access Control Endpoint Management SSO

Previous Topic: Open CA Access Control Endpoint Management to Manage an Endpoint

Next Topic: Modify a PUPM Endpoint

Configure a UNIX Endpoint for CA Access Control Endpoint Management SSO

CA Access Control Enterprise Management lets you easily log in to CA Access Control Endpoint Management to manage any of the endpoints that CA Access Control Enterprise Management manages. In an automatic login, you log in to CA Access Control Enterprise Management with your Active Directory credentials. CA Access Control Enterprise Management retains the credentials and provides them to the endpoint when you open CA Access Control Endpoint Management to manage the endpoint. Automatic login to CA Access Control using CA Access Control Endpoint Management relies on the user account you use to authenticate to CA Access Control Enterprise Management.

Note: To configure automatic login to UNAB endpoints, verify that both CA Access Control Enterprise Management and UNAB use the same Active Directory.

Important! Configure the user you want to use as a UNIX user in Active Directory.

To configure a UNIX endpoint for CA Access Control Endpoint Management SSO

  1. On the CA Access Control endpoint, open the seos.ini file, locate the [OS_User] section and set the value of the token osuser_enabled to 1.

    Enterprise users and groups are enabled.

  2. Locate the [seos] section and set the value of the token auth_login to pam.

    The login authority method used is PAM.

  3. Create a TERMINAL record for the CA Access Control Endpoint Management computer.

    The CA Access Control Endpoint Management computer is assigned TERMINAL access.

  4. Configure the user account you use to log in to CA Access Control Enterprise Management as an XUSER and assign it the admin attribute. Use the following format: <DOMAIN-NAME>user_account.
  5. Define an ACL for the superadmin user in TERMINAL class with read and write access rights. For example: 
    Defaccess         : R, W

    ACLs              :

        Accessor                Access

        DOMAIN\user(XUSER  ) R, W

    The user can use the CA Access Control Enterprise Management Server to manage the endpoint.