PAM-IDCS

Oracle Identity Cloud Service Linux Pluggable Authentication Module (PAM) is used to manage Linux users in Oracle Identity Cloud service. End users can log in to a Linux server, with SSH, and authenticate with their Oracle Identity Cloud Service user credentials.

image

PAM-IDCS Integration:

To integrate PAM-IDCS, the following steps should be conducted:

  • 1
    Install PAM on Linux servers where users can SSH. Download pam_cloud.rpm and authn_oracle_cloud.rpm.
  • 2
    Create one confidential application in Oracle Identity Cloud Service with POSIX viewer role to register the Oracle Identity Cloud Service Linux Pluggable Authentication Module (PAM) as a client application and note the client id and client secret of confidential application.
image
  • 1
    Configure a wallet on Linux servers to store client_ID and client_secret of the confidential application. Use the following commands: walletMgr add client_id walletMgr add client_secret
  • 2
    Configure (PAM) on Linux servers using SSSD service.
  • 3
    Configure group and users with POSIX attributes to allow end-users authenticate with Oracle Identity Cloud Service using PAM on Linux. This is a very essential step. Only users with Posix attributes can authenticate with PAM. And this is not possible via console. This can be done using the command line only.
Copyrights © 14 December 2024 All Rights Reserved by Vast Edge Inc.