Create the provider user in the CyberArk Enterprise Password Vault
If this is your first integration between BMC Discovery and the CyberArk Enterprise Password Vault, you mustr create an administrator-level provider user, BMC_Discovery
that has access to the vault (safe) in CyberArk, and add the BMC_Discovery
user to the various safes to which you need access to in CyberArk. Without performing these steps, you cannot configure access for additional users or appliances to a specific safe in CyberArk.The BMC Discovery application can access the credentials stored in the CyberArk Vault (safe) using queries, after you create the provider user and add it to the required safes in CyberArk. For more information about configuring additional appliances, BMC Discovery Outpost, or users, see Configuring access to the CyberArk Vault.This section covers only the steps that are required to create access from the BMC Discovery application to CyberArk. For more information about using other features in CyberArk, see the CyberArk Vault documentation, or contact your CyberArk administrator.
CyberArk uses the term Vault to refer to the CyberArk server component which holds information securely (all Safes reside in the Vault). This should not be confused with the BMC Discovery Vault.
Before you begin
Ensure that you have installed the CyberArk Application Identity Manager (AIM) Provider on the appliance or a BMC Discovery Outpost.
To create the provider user for accessing CyberArk
- Log in to your CyberArk Password Vault Web Access (PVWA) and click Applications from the main menu.
Click Add Application and enter the information about BMC Discovery.
You must use the application name
BMC_Discovery
. All other values can be specified as required by your organization.Click Apply to save the changes.
From the applications list, open the BMC_Discovery application page.
Perform the following steps to add any restrictions required by your organization.
These steps are optional and depend on your organizations business policies. For more information, contact your CyberArk administrator.From the Allowed Machines tab, add the BMC Discovery appliance name, or in the case of a clustered BMC Discovery deployment, appliance names of all machines in the cluster.
Where to go from here
Depending on whether you are integrating with the CyberArk Enterprise Password Vault using the REST API or the AIM Provider, go to one of the following topics:
Comments
Log in or register to comment.