25.0 Integrating Privileged Account Manager with Identity Manager

Privileged Account Manager can communicate with Identity Manager () by using the Identity Manager driver for Privileged Account Manager. An Identity Manager driver is an interface between the NetIQ Identity Manager and the connected application. Here, the connected application is PAM. For more information about Identity Manager, see Identity Manager documentation page.

The PAM driver is a Java program running in Identity Manager. This driver communicates with the PAM application using Java JSON API library provided by PAM. This communication happens over HTTPS channel.

To view the high level architecture diagram of how PAM is integrated with the Identity Manager, see Figure 25-1. For more information about the driver, see NetIQ Identity Manager® Driver for NetIQ Privileged Account Manager Implementation Guide.

Figure 25-1 Integrating PAM with Identity manager

From PAM 3.0.1 onwards, the PAM driver creates a channel from Identity Manager to PAM to synchronize the password that is changed through the password check-in process. The PAM driver checks for any changes performed on the PAM credential object. When a user checks-in the password, the driver generates a random password through Identity Manager and the same password gets reset on the application/ database through the driver for the respective application/ database.