Previous Topic: Open CA ControlMinder Endpoint Management to Manage an EndpointNext Topic: Modify a SAM Endpoint


Configure a UNIX Endpoint for CA ControlMinder Endpoint Management SSO

CA ControlMinder Enterprise Management lets you easily log in to CA ControlMinder Endpoint Management to manage any of the endpoints that CA ControlMinder Enterprise Management manages. In an automatic login, you log in to CA ControlMinder Enterprise Management with your Active Directory credentials. CA ControlMinder Enterprise Management retains the credentials and provides them to the endpoint when you open CA ControlMinder Endpoint Management to manage the endpoint. Automatic login to CA ControlMinder using CA ControlMinder Endpoint Management relies on the user account you use to authenticate to CA ControlMinder Enterprise Management.

Note: To configure automatic login to UNAB endpoints, verify that both CA ControlMinder Enterprise Management and UNAB use the same Active Directory.

Important! Configure the user you want to use as a UNIX user in Active Directory.

To configure a UNIX endpoint for CA ControlMinder Endpoint Management SSO

  1. On the CA ControlMinder endpoint, open the seos.ini file, locate the [OS_User] section and set the value of the token osuser_enabled to 1.

    Enterprise users and groups are enabled.

  2. Locate the [seos] section and set the value of the token auth_login to pam.

    The login authority method used is PAM.

  3. Create a TERMINAL record for the CA ControlMinder Endpoint Management computer.

    The CA ControlMinder Endpoint Management computer is assigned TERMINAL access.

  4. Configure the user account you use to log in to CA ControlMinder Enterprise Management as an XUSER and assign it the admin attribute. Use the following format: <DOMAIN-NAME>user_account.
  5. Define an ACL for the superadmin user in TERMINAL class with read and write access rights. For example:
    Defaccess         : R, W
    
    ACLs              :
    
        Accessor             Access
    
        DOMAIN\user(XUSER )  R, W
    

    The user can use the CA ControlMinder Enterprise Management Server to manage the endpoint.