CA ControlMinder integrates with CA AuthMinder to provide a strong authentication option for privileged and other native users of the operating system.
The CA ControlMinder system administrator restricts interactive sessions coming from a terminal by adding users to a group. To get write permission to files, users in this group must authenticate themselves using CA ArcotID OTP (one-time passwords).
After authentication, CA ControlMinder does not apply the rules created for the native user (“root”), but it applies rules to users according to their internal identities. CA ControlMinder differentiates non-restricted, restricted, and promoted users, and applies specific rules to them.
Examples:
Example:
Note: For more information on how to set up strong authentication, see the CA AuthMinder chapter of the CA ControlMinder Integration Guide.
This command has the following format:
sepromote [-h] [-u username] [-o orgname] [otp] [-v]
Displays help and exits.
Defines the name of the user in the interactive_restricted group who is requesting strong authentication.
Default: If not supplied as argument, the tool prompts for the user name.
Defines the one-time password that the user in the interactive_restricted group has generated.
Default: If not supplied as argument, the tool prompts for the password.
Defines the organization where CA AuthMinder searches users of strong authentication.
Default: Value of the organization_name token in strong_auth.
Activates verbose mode.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|