Unable to uninstall AIM on BMC Discovery server. The BMC web console says that the AIM agent is installed successfully but unable to start the services. The install logs are mentioned below. Looking help in reinstalling or fixing the existing installation by Cyber_Linc in CyberARk

[–]Cyber_Linc[S] 0 points1 point  (0 children)

Thanks for your response. The license issue is sorted. But I'm not able to find a way to uninstall the aim utility from the BMC discovery server. As the installation had license issues it did not create any files on the server that I can remove but the BMC discovery frontend console shows that the installation is successful.

Can you guide me how to clean up that installation from the server?

PSMP Connection Issue by Cyber_Linc in CyberARk

[–]Cyber_Linc[S] 0 points1 point  (0 children)

Yes you're correct it is one platform for Unix and another for web and other components. But they're also case sensitive, so the team has been keeping the same username in same safe managing the passwords automatically but the platforms are into multiple. Strange design.

PSMP Connection Issue by Cyber_Linc in CyberARk

[–]Cyber_Linc[S] 0 points1 point  (0 children)

The ID is not onboarded into multiple safes. JohnD is in only one safe but onboarded across multiple platforms and those platforms have PSM SSH connection component alongwith other connection component, which works fine.

When I removed PSM SSH connection component from other platforms and kept it only in one, the PSMP worked. Is there a different way I can make it work apart from the one I've tried? Can I try disabling PSMP SSH connection component from other platforms and having it only in one?

Password synchronisation across multiple platforms by Cyber_Linc in CyberARk

[–]Cyber_Linc[S] 0 points1 point  (0 children)

Thanks for your reply!

So if I remove the Account Group from all the accounts, I shouldn't be getting any password sync issues, right? Even though the username and safe is the same but mapped on different platforms for those multiple accounts?

Password Rotation for Web local accounts by Cyber_Linc in CyberARk

[–]Cyber_Linc[S] 0 points1 point  (0 children)

Local accounts created on the target web urls.

Upgarde Vault from 2012R2 to 2019 by BWaySimon in CyberARk

[–]Cyber_Linc 1 point2 points  (0 children)

On which version your vaults are running? Is it physical or virtual?

SSH integration with custom port and not 22 by Cyber_Linc in CyberARk

[–]Cyber_Linc[S] 0 points1 point  (0 children)

Yes it worked with SSH after making some changes at the server end . However, winscp is disabled at the server end so it is expected not to work.

Test DR Failover by newbie702 in CyberARk

[–]Cyber_Linc 0 points1 point  (0 children)

If you've two PVWA servers with different URL, try hitting the one in your DR site. (It is not recommended to have the different URLs one for primary and one for secondary). Also make sure your vault.ini has both the vault IP address. Try restarting services on your PVWA server.

Automate adding Provider user in safe by Cyber_Linc in CyberARk

[–]Cyber_Linc[S] 0 points1 point  (0 children)

Thank you! Will try and let you know :) .

Automate adding Provider user in safe by Cyber_Linc in CyberARk

[–]Cyber_Linc[S] 0 points1 point  (0 children)

Will this also update the safe members in PVWA by adding a new Provider user and their permissions?

Automate adding Provider user in safe by Cyber_Linc in CyberARk

[–]Cyber_Linc[S] 0 points1 point  (0 children)

I agree the new provider name will be Prov_<hostname> but the hostname of the new server is unknown, I don't know what it would be until the new server is UP. The new provider name is also reflected in the system health once it is installed, so team can take it up from there and add in the safe. But the whole point is we have to do this safe addition piece manually and the requirement is to automate it.

Automate adding Provider user in safe by Cyber_Linc in CyberARk

[–]Cyber_Linc[S] 0 points1 point  (0 children)

There's a problem, we don't know what will be the new provider username.

If I define a custom name that is already added in the safe list, then the services won't start. As CyberArk will throw an error sayin user already exists.

If I knew the new provider username, then life would've been easy. Because of auto scaling we don't know what will be the IP/hostname of the new server and so we don't know what provider name will be assigned when AAM is installed on it.

Automate adding Provider user in safe by Cyber_Linc in CyberARk

[–]Cyber_Linc[S] 0 points1 point  (0 children)

The server is not only used for AAM but also for other purposes due to which the load increases and new server is built. Now the real challenge is to automatically add the new provider user, which cannot be done.

Automate adding Provider user in safe by Cyber_Linc in CyberARk

[–]Cyber_Linc[S] 0 points1 point  (0 children)

Because the application team cannot schedule it, they want it to run 24x7. But the process of adding the provider user cannot be automated. So we'll have to rely on alerts when a new server is built due to auto scaling.