CA PAM - Microsoft Office 365 integration

Document ID : KB000104074
Last Modified Date : 03/07/2018
Show Technical Document Details
Question:
What is the use case for the CA PAM - Microsoft Office 365 integration?

For example, how can the user then access Office 365, can the integration change the password after every login(and how to do that in CA PAM), what does CA PAM then monitor.?
Answer:
The main benefit is ADFS federation to Office 365 for privileged users who administer O365.
(it is not intended for end users to use Word, Excel, etc.)

The Xceedium Browser web session will provide SSO to O365 as well as web-based session recording of the activities of the O365 admin who is provisioning licenses and accounts for Exchange, SharePoint, and any other services on the O365 site.



Once your specific Office 365 login mechanism is configured to allow Federation, you can setup in PAM a TCP Service Web Portal using PAM Browser using SAML SSO Auto Login Method.

Here you can use the ADFS Security Token Service (STS) Endpoint Reference URI, typically:
urn:federation:MicrosoftOnline

 
Additional Information:
https://communities.ca.com/people/SungHoon_Kim/blog/2018/03/01/pam-and-o365-integration