prasenjitmass Respected Contributor.
Respected Contributor.
1220 views

Configuring Fingerprint method of AA as 2FA for PAM

HI,
Can anyone tell please How to configure Fingerprint method of Advanced Authentication As 2nd factor of authentication for PAM. I've configured EMail OTP Method as 2FA for PAM, It is working fine.
Is there any option that during access of pam/myaccess url page system will ask for 2nd factor also, rather than it comes when going to RDP Relay or SSH Relay?

Thank you
0 Likes
2 Replies
tirthankar1984 Absent Member.
Absent Member.

Re: Configuring Fingerprint method of AA as 2FA for PAM

I have also the same query, that is it possible to protect the pam myaccess page with NetIQ advanced authentication?
0 Likes
Micro Focus Expert
Micro Focus Expert

Re: Configuring Fingerprint method of AA as 2FA for PAM

In PAM 3.5, the User Console has been updated dramatically - see User Experience Improvements from PAM 3.5 Release Notes.

I have tested this against a PAM 3.5 system and the 2FA prompts appear for the User Console as well based on this setting in PAM Framework User Manager to set Account Settings "Secondary Authentication Required" (make sure admins are added to Bypass - at least one in case there is some 2FA misconfiguration). For details on this configuration, please refer to the following:
https://www.netiq.com/documentation/privileged-account-manager-35/npam_admin/data/b1l5f78d.html#b1l5fpqm

I have not yet verified if the same is true for the old MyAccess console found in PAM 3.2 and before.
I suspect it was not included at that point, but perhaps you guys can verify this point. Does this setting have an effect on the MyAccess user login in PAM 3.2?

I suspect it does not work in PAM 3.2, but functionality was added in the UI revamp of PAM 3.5 release.
You guys should checkout the new User Console (MyAccess) as it has been dramatically improved, really looks great!
PAM 3.5 Release Notes
PAM 3.5 Download
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.