To integrate Advanced Authentication, you must install NetIQ Advanced Authentication 5.2 or later on a separate server.
The Advanced Authentication Server must be active and available.
The users who are added locally to the Framework User Manager must be added to the Local repository of Advanced Authentication server.
To use Advanced Authentication application you must perform the following in the same order:
In Advanced Authentication server, create required number of repositories for local and LDAP users.
These repositories should be the domains used in Privileged Account Manager.
Modify the supported methods as per requirement.
Create chains. Ensure that the chain includes only the supported methods and the default chains are not deleted.
Create an event.
In Privileged Account Manager specify the Advanced Authentication server details to register Privileged Account Manager server.
This creates new endpoint in Advanced Authentication server.
In Advanced Authentication server, select the Privileged Account Manager endpoint in Events.
All Privileged Account Manager users and Administrators must access the Advanced Authentication URL and enroll the methods before using Privileged Account Manager.
Only the methods that are enrolled will be available for secondary authentication.