How to enable NTLM authentication in Process Automation and configure it to use an Alias in place of the Hostname?

Document ID : KB000046026
Last Modified Date : 14/02/2018
Show Technical Document Details

Question: 

How to enable NTLM authentication in Process Automation and configure it to use an Alias in place of the Hostname?

Environment:  

CA EEM - Release: 12.51.2.11 - FIPS: Disabled
CA PAM - Version: 4.2 SP02 - Build: 4.2.200
CA Service Desk Manager 12.9

Answer:

There are two parameters to be changed in oasisconfig.properties:

1. In order to enable NTLM configuration set:

ntlm.enabled=true

 

2. To change the hostname displayed in the URL by an Alias set: 

oasis.local.hostname=mypamalias.com

3. Next, recycle the Process Automation service.

Now, accessing Process Automation via http://mypamalias.com:8080 should work with authentication via NTLM.

 

Additional Information:

 

There may be situations where the NTLM setting with an Alias configured does not work, requiring the users to provide the logon credentials.

An alternate solution for it may consist of the following:

1. Create a new Web Site definition in IIS.

2. Add 2 HTML pages. Those should contain an iFrame which loads the Process Automation pages, pointing to the local server.

This will allow the NTLM configuration to work and bypasses the page redirection, which in some environments have some delay.

See attached an example on how to create those pages. 

PAMRedirect.zip

File Attachments:
TEC1789003.zip