Installing and Configuring the Linux PAM

The PAM is an authentication module for Linux that performs end-user authentication with IAM.

The PAM also lets Linux administrators, or end users, to query information about users and groups stored in IAM using standard Linux commands that use NSS such as id, group, and getent.

Use the PAM when you want to authenticate users in Linux using IAM.

An organization might have large numbers of Linux servers, making management of users, for example creating, modifying, or deleting users, a time intensive and costly activity. With the Linux PAM you can manage Linux users centrally in IAM, providing cost and time savings.

Linux administrators can utilize IAM to authenticate end users. End users can log in to a Linux server, for example with SSH, and authenticate with their IAM user credentials. In addition, the multifactor authentication offerings of IAM can be utilized so end users are prompted to authenticate with a second factor such as a One Time Password code sent using Email, SMS, a Mobile Authenticator application, or authenticate using security questions. As well as authenticating with single or multiple factors, administrators, and end users can use NSS and standard Linux commands to query user and group information.

The following table lists the certified releases for IAM and your OS (which is required for the Linux PAM to run).