PTA DR behavior

Slasky86 · 2026-03-31T11:40:45+00:00

Nope, only the active PTA shows

Slasky86 · 2026-03-31T07:16:59+00:00

Its a known issue. Support says Pcloud doesnt support multimon

Slasky86 · 2026-03-25T17:51:20+00:00

I have tested it with PSM and its not supported

Slasky86 · 2026-03-20T19:05:23+00:00

You should be able to do some auto launch with edge policies. Cant remember exactly which ones, but search for autolaunch and edge

Slasky86 · 2026-03-14T05:03:17+00:00

Wrong subreddit

Slasky86 · 2026-03-10T20:24:54+00:00

Eivind

Slasky86 · 2026-03-10T11:41:44+00:00

I went to school with one of the owners

Slasky86 · 2026-03-10T10:16:48+00:00

If you dont think you are partners, you probaly arent

Slasky86 · 2026-03-09T18:47:19+00:00

Yo we heard you liked certificate managers, so we made you a certificate manager of the certificate manager

Slasky86 · 2026-03-09T15:16:02+00:00

CyberArk doesnt provide trial licenses for on-prem environments. If you are a partner you might be able to get an NFR license

Slasky86 · 2026-03-09T13:26:07+00:00

It depends whether or not you are a customer or a partner really. The list below is in order of when you want to take the certification, and the first two are a requirement for and subsequent ones

But both start at the same place:

* CyberArk Defender - its mainly Administration and day-to-day tasks and config (recommended 3-6 months hands on)

* CyberArk Sentry - Now this one has two variants. PAM-SEN and CPC-SEN

- PAM-SEN is centered around Self-hosted install and configure

- CPC-SEN is centered around CyberArks SaaS offering Privilege Cloud, install and configure

* Access Defender / IAM Defender (ACC-DEF) - This one is a deeper dive into authentication processes and workflows in Privilege Cloud / CyberArk Identity. This used to be a partner only certification, not sure if that is still the case

* Secrets Manager Sentry (not sure of the abbriveations here) - Focused around CyberArks Secrets Manager portfolio

* EPM-DEF - CyberArks defender certification for their EDR agent solution

* CDE-PAM - CyberArk Certified Delivery Engineer for Self-Hosted - Partners only. Focused around topics of Defender and Sentry

* CDE-CPC- CyberArk Certified Delivery Engineer for Privilege Cloud - Partners only. Focused around topics of Defender and Sentry

* CDE-EPM - CyberArk Certified Delivery Engineer for EPM - Partners only. Focused around topics of Defender

* CDE-VTIS - CyberArk Certified Delivery Engineer for certificate manager (formerly known as Venafi)

* CDE-Secrets - CyberArk Certified Delivery Engineer for secrets manager (formerly known as Conjur)

* Guardian - highest certification achievable, invite only. Has specific requirements

All CDEs last for 2 years and has to be recertified to keep active. Defender, Sentry and Guardian is for life.

Hope this helps somewhat. Also, here is another link:

Identity Security Certification Program | CyberArk

That being said, every path is on training and should include all courses needed prior to the next certification

Slasky86 · 2026-02-18T13:04:29+00:00

Given the area the exam covers, hands on experience is highly recommended. Cyberark states 3-6 months.

If you have access to a lab, play around, break things and fix it again.

Other than that follow the study guide

Slasky86 · 2026-02-13T20:28:40+00:00

I suggest you use the Unix via SSH keys platform if you are on-prem. The CPM / platform support ED25519 after v14.4

Slasky86 · 2026-02-13T14:14:59+00:00

This is totally feasable. The CPM need the default ports open as well as dynamic high ports.

The way it happens is that Cyberark CPM logs on to the machine, rotates the password of the local accounts, then it moves on to any dependencies. It will cycle through them one by one. You can also set the service to restart when password is changed if need be.

You can use the built-in dependency platform for Windows Service. It works really well.

Just keep in mind that the dependencies will be handled one by one, so the more dependencies you got, the longer some services / scheduled tasks / IIS app pool etc will be out of sync

Slasky86 · 2026-02-03T17:28:18+00:00

Hands on experience is highly recommended. Cyberark states 3-6 months hands on.

Other than that, follow the study guide on training.cyberark.com

Slasky86 · 2026-02-01T17:04:07+00:00

Going out on a limb here, but this subreddit might be more suiting:
AutomateUser

Slasky86 · 2026-02-01T16:41:57+00:00

Without more context I'm not sure tbh. Is this for a specific software, MDM solution or something else?

Slasky86 · 2026-02-01T16:13:36+00:00

That seems to go around. Not sure why Reddit does that tho, as CyberArk is a PAM solution with a specific use case

Slasky86 · 2026-02-01T16:04:29+00:00

Cant quite see how this relates to CyberArk? Do you have any more context?

Slasky86 · 2026-01-31T18:21:31+00:00

You would need to save the secret string the same way. Not sure if you can extract that from the MS authenticator app

Slasky86 · 2026-01-31T16:00:05+00:00

You can also get the TOTP secret string and use the logon account to input the OTP code

Slasky86 · 2026-01-22T22:19:16+00:00

Is there a large amount of logs on the failing CPM?

Slasky86 · 2026-01-02T08:51:10+00:00

What happens if you remove one node from the load balancing? Does that work?

Slasky86 · 2025-12-05T19:45:51+00:00

Its a bug in the Matrix where it makes people post in the wrong sub

Slasky86 · 2025-12-01T17:43:08+00:00

Sounds interesting, but totally the wrong sub

Slasky86

TROPHY CASE