CA IdentityMinder provides a Pluggable Authentication Module (PAM) that allows the Provisioning Server to authenticate against external security systems, such as a Primary Domain Controller (PDC).
Note: An external security system need not be a Windows system. But if it is, you can use one of the predefined PAM modules provided with the Provisioning Server (two for Active Directory and one for Windows NT). Otherwise, you must write your own PAM module.
When PAM is enabled, global users can log on to any Provisioning Manager or etautil using the user's password in the external security system. It is only the password check that the Provisioning Server defers to the PAM module. All additional user information, such as suspension state, Self-Administration check box, and administrative privileges, that controls what actions you may perform still reside in the provisioning directory as properties of the global user or related objects.
|
Copyright © 2013 CA.
All rights reserved.
|
|