×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')
BMC Helix Discovery ... Integrating Integrating with credential brokers

Integrating with Centrify Identity Platform

Centrify Identity Platform is application software that helps you to store and manage credentials securely, according to policies that your organization might require.

You can configure the integration with Centrify Identity Platform using the vault providers page in the BMC Discovery Outpost.

Related topics

Integrating with credential brokers

Credentials

Adding credentials

Before you begin

Tip

Credential broker performance testing

Credential brokers are designed with human interaction in mind. When BMC Helix Discovery is scanning, it can make many simultaneous API calls. Before putting an integration with any supported credential broker into production, you should perform scale and performance testing in your IT environment.

To integrate with Centrify Identity Platform

  1. From the main menu in the BMC Discovery Outpost, click Manage > Vault Providers.
    The Manage Vault     page opens. 

  2. Select the Centrify Identity Platform tab.

  3. Enter the settings appropriate to your Centrify Identity Platform on the page:

    Parameter

    Description

    Status

    A read-only display showing the status of the integration with Centrify Identity Platform. This can be one of: ACTIVE, DISABLED, or messages such as TEST OK, TEST ERROR, or ERROR and an explanatory message.

    Enabled

    Select the check box to enable the integration with Centrify Identity Platform.

    URL

    The URL of Centrify Identity Platform. Only HTTPS URLs are permitted. This field is mandatory.

    You should ask your Centrify Identity Platform administrator for the URL, tenant ID, user name, and password to access Centrify Identity Platform.

    Tenant ID

    The Tenant ID for Centrify Identity Platform. This field is mandatory.

    User Name

    A user name for Centrify Identity Platform. The user name is of the form, name@domain. This field is mandatory.

    Set Password

    Field in which you can enter the password. To make the field editable, select the check box and set the password. The password is not displayed.

    Checkout Duration
    (in minutes)

    The time (in minutes) for which the password is guaranteed to remain valid. The default is 15 minutes and the minimum is one minute.

    Timeout (in seconds)

    The timeout (in seconds) for requests to the provider. The default is 300 seconds and the minimum 5 seconds.

    SSL Certificate Check

    Select to enable an SSL certificate check against the server. The result is reported in the Status message.

  4. Click Test to test the connection. The configuration is not saved until you click the Apply button.
  5. Click Apply to save and apply the configuration.

The integration between BMC Helix Discovery and Centrify Identity Platform is complete. For information on using credentials from Centrify Identity Platform to access discovery targets, see Adding credentials.

How credentials are stored in Centrify Identity Platform

You add credentials according to the  Centrify Identity Platform documentation Open link . Credentials are organized under the following headings, that are shown with the corresponding BMC Helix Discovery Add Credential field name in the following table:

Centrify
Identity Platform parameter

BMC Helix Discovery Add Credential field name

Meaning in BMC Helix Discovery

System

Centrify System

The name of the system for which the credential has been configured in Centrify Identity Platform. This should be considered as the credential name in BMC Helix Discovery. It has no effect on the target that BMC Helix Discovery will scan, it simply locates the credential in Centrify Identity Platform.

Account

Centrify Account

The user name with which to access the discovery target. The integration retrieves the corresponding password from Centrify Identity Platform.

There might be more than one account for each system. For example, an account called discovery and one called root or admin for discovering targets using elevated permissions.

To use a credential from Centrify Identity Platform in BMC Helix Discovery

In this example there is a server called "server74". The following details are configured in Centrify Identity Platform:

  • System — server74
    • Account — discovery. A UNIX account called discovery and its corresponding password
    • Account — root. A UNIX root account for the server and its corresponding password

For the discovery account, you specify the credential using server74 for the system and discovery for the user.

For the root account, you specify the credential using server74 for the system and root for the user.

The following screenshot shows adding the credential for server74:



For information on integrating BMC Helix Discovery with Centrify Identity Platform, see the following video (03:06):

 https://youtu.be/elcibuDagjc


Was this page helpful? Yes No Submitting... Thank you
Last modified by Vinay Bellare on May 23, 2022
help_manage_vault_op production_ready help_op_vault_centrify videos

Comments

Log in or register to comment.

Integrating with BeyondTrust Password Safe
Integrating with CyberArk Enterprise Password Vault
© Copyright 2004 - 2023 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.