User is not authenticating When AA get integrated to PAM

Hi,
We are using PAM 3.2 (OS Linux).Added Account domain(AD) in credential vault . User of Authentication domain can also access through pam/myaccess . But after integrating Advanced Authentication to PAM , those users could not authenticated through myaccess.
The configuration and Integration steps are as follows :
1) What done at AA server end,
Created repository as same as the name mentioned in PAM Enterprise Credential Vault.
We are using the method Email OTP.
Included that method to a newly created chain.
Also event has been created.
and Endpoint got created when we mention that in PAM end.

2) What done in PAM server end,
In framework user manager "AA Configuration" AA server details are mentioned.
AA server Address Name : ip
Name : endpoint name
Domain: repository name
Event: event name

In Framework User manager Account Setting , secondary authentication also selected.

But After AA integration User could not authenticated. Error given "Invalid user name or password"

Can anyone tell me what the wrong I've made ?

Thank you
  • Hi,
    Can anyone please help me to solve this issue ?
  • Are these Local Framework users you are attempting to add to AA for 2FA?

    The following worked for me in this case from AA:
    - REPOSITORIES: Make sure the local user(s) are created in the "LOCAL" Repository on AA
    - EVENTS: Verify the 2FA chain(s) are added to the Event that was created (From "Available" -> "Used" column).
    - EVENTS: Also make sure the PAM-AA Endpoint is moved into "Used" for the "Endpoints whitelist".
    - AA: Logged in as User into AA in order to configure the appropriate 2FA Method (i.e. TOTP).

    Then, one important thing I noticed, it would only allow me to login with the password configured in PAM for the user, but would then present the 2FA options for the user I had configured.
    I was able to login with a local framework user's password in PAM and then validate the 2FA device from AAF.

    Hopefully the above helps your situation here.