Default language.

Important This documentation space contains information about the SaaS version of BMC Helix Discovery. If you are using the on-premises version of BMC Helix Discovery, see BMC Helix Discovery 25.2 (On-Premises).

Enabling and testing the CyberArk integration

Once you have configured the integration, you need to enable and test it. Enabling the integration with CyberArk Enterprise Platform Vault using the AIM Provider does not work reliably using Microsoft Internet Explorer. You can enable the integration using another supported browser.

After you configure access for the BMC Discovery Outpost to the CyberArk Vault (safe), you need to configure the integration on the BMC Discovery Outpost.

To enable and test the CyberArk integration

  1. From the main menu in the BMC Discovery Outpost, click Manage > Vault Providers. The Manage Vault page opens. 

  2. Select the CyberArk tab. 
    The following screenshot shows the CyberArk tab with the AIM access method selected.

    CyberArkAIM.png

    Parameter

    Description

    Status

    A read-only display showing the status of the integration with the CyberArk Vault. This can be one of: ACTIVE, DISABLED, or messages such as TEST OK, TEST ERROR, or ERROR and an explanatory message.

    Enabled

    Select the check box to enable the integration with the CyberArk Vault.

    Application ID

    The application ID of the BMC Discovery Outpost. By default this is BMC_Discovery. You can change this if required.

    Access Method

    The way in which the provider on the BMC Discovery Outpost will communicate with the CyberArk Vault.

    Select AIM — The CyberArk AIM provider.

    Aim install path

    The installation path for the CyberArk AIM provider. The default path is: C:\Program Files (x86)\CyberArk

  3. Enter the settings appropriate to your CyberArk Vault on the page. 
  4. To apply and save the configuration click Apply.
  5. Click Test to verify whether the integration has successfully completed and you can successfully connect to the CyberArk Vault.
  6. If the connection test is successful, click Test Query to test whether you can access credentials in the CyberArk Vault. The Test Query dialog is displayed.
  7. Enter the query string to test.
    In this example the query string is Safe=Test;Folder=Root;Address=137.72.94.237
    This query is the one you would use when creating a scan. For more information about how to create a query, see Using-CyberArk-credentials-for-discovery.


The CyberArk query must return only one credential. If more than one credential is matched, CyberArk returns an error message, which is displayed in the Test CyberArk Query dialog.

The following screen shows a successful test.

CyberArkTestCredResult.png

Where to go from here

Using-CyberArk-credentials-for-discovery


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*