Questions tagged [cyber-ark]

CyberArk is a security software, specialized on large-scale corporate privilege access management. The software can be on-premise, cloud or hybrid. It focuses on password and secret management of users, robots, AI, etc. Post only question related to the REST API features or PrivateArk Command Line features.

CyberArk comprises of various parts:

CyberArk Core
- Vault
- PVWA (Password Vault Web Access)
- CPM (Central Policy Manager)
- PSM (Privileged Session Manager)
- OPM (On-Demand Privilege Manager)
AAM (Application Access Management)
EPM (Endpoint Protection)
Alero (Third party access)

The tag is suitable for all programmable, automation related questions. Each of the main parts of CyberArk have REST APIs, plus CyberArk Core also has PrivateArk automation commands.

The official CyberArk documentation can be found at docs.cyberark.com.

55 questions

vote

1 answer

From a WCF service how can I call a method in a third party dll as the current user not IIS\DefaultApppool

I have a requirement to write a WCF service that will be called from MS Excel using the Service Moniker from VBA code. So far that part I have figured out. I also have impersonation working so that if I were to return the current user from a web…

wcf impersonation cyber-ark

asked Oct 10 '12 at 18:48

user1735894

votes

0 answers

How to install CyberArk PSM through automation accomplishing multiple steps with Powershell Scripts?

I want to install CyberArk PSMs in multiple server automatically with the help of powershell scripts and powershell scripts should accomplish all required steps to install PSMs until the stage of Hardening. Is it possible? I am very confused about…

powershell powershell-remoting cyber-ark

asked Aug 08 '23 at 21:36

S G

votes

0 answers

NullPointerException using Context aware credential store of Conjur plugin 1.0.15

I am using a Jenkins instance 2.375.2 and Conjur plugin 1.0.15. I have a multi-branch pipeline. I am able to refresh credential store and see my CyberArk secrets sync’d in the ‘credentials’ tab in Jenkins UI. But when I try to fetch them using…

jenkins-plugins multibranch-pipeline cyber-ark

asked Jun 22 '23 at 19:10

Yo mama

votes

0 answers

CyberArk CorePAS REST API to search for accounts

How should I use REST API to search for multiple accounts based on account name? The below API returns empty. I am assuming, it tries to match both the values passed with search query separated by space against one record and not, one value against…

rest cyber-ark

asked Apr 28 '23 at 05:33

19_Manjunath HT

votes

0 answers

Problem with load balancing web app (CyberArk's pvwas) with HAProxy over ssl

I have some difficulties with setting up a load balancer for a web app (CyberArk's pvwas, but i'm not sure it matters). Here is my certificate and page.cfg config file info: `Subject: CN=my.machine.name.in.DNS.A.record Subject Alternative Name: DNS…

security ssl haproxy cyber-ark

asked Dec 27 '22 at 12:37

somerandomguy

votes

1 answer

CyberArk vs Azure Key vault

I was trying to understand on usages for CyberArk. Currently we are using Azure Key Vault for storing secret & credentials. Do anyone have any details when should use CyberArk or what is advantages of CyberArk over Azure Key vault.

azure azure-keyvault cyber-ark

asked Jun 01 '22 at 06:47

Baharul

votes

1 answer

CyberArk ITATS004E Authentication failure for User in python script

I'm trying to implement a python script that executes local bash scripts or simple commands on remote CyberArk machines. Here is my code: if __name__ == '__main__': for ip in IP_LIST: bash_cmd = f"ssh -o stricthostkeychecking=no…

python bash ssh cyber-ark

asked May 05 '22 at 07:53

Alexandru Ropotica

votes

0 answers

Ansible task failed because of censored output

I am trying to run a task with the no_log: true attribute to keep password out of logs, but I am receiving "the output has been hidden due to the fact that 'no_log: true' was specified for this result' Failure. Here is the task: - name: set varible…

security ansible ansible-awx cyber-ark

asked Mar 22 '22 at 15:20

Asma En-nomany

votes

1 answer

Assigning shell variable with Grave Accent

I have created a script which will need to pass a variable to shell file Below script when i ran in shell-> This are working as expected. i will ran in my terminal ' sh /path/shell.sh ' echo "cyberark" PasswordRetrived=0 # 0=No, 1=Yes while […

shell cyber-ark

asked Mar 21 '22 at 08:57

Farid Arshad

votes

2 answers

How can I represent authorization bearer token in YAML

I have generated the access token and placed in below mentioned mount path and this token need to be included in the Authorization header when making a request against the retrieve secret endpoint. How can we achieve it in yaml…

kubernetes yaml hashicorp-vault aws-secrets-manager cyber-ark

asked Nov 25 '21 at 18:52

GPK327

votes

1 answer

How to secure conjur "api key" in ansible awx

We have requirement to secure credential with cyberArk and use it in ansible awx credential. Note:not within ansible playbook. In ansible(AWX) credential, How to secure/automate conjur "api key" without manual type

ansible cyber-ark

asked Oct 13 '21 at 03:11

san

votes

1 answer

Read jboss datasource password from web API

My standalone.xml file in jboss server reads datasource passwords from a vault stored in the filesystem. I am configuring a new password server, where password of the account can be retrieved via a secure web API. How can I change my jboss setup to…

configuration jboss jboss7.x cyber-ark password-manager

asked Aug 03 '21 at 02:36

Chamila Wijayarathna

1,815
5
30
54

votes

0 answers

Spring Application Context add bean to retrieve password

I have a Spring Context with a bean id called batchdatasource that refer to class DriverManagerDataSource and with four properties driverClassName, url, username and password. I get the value for placeholder from an external file called…

spring cyber-ark

asked May 11 '21 at 10:43

user3310573

votes

1 answer

Ansible hide ansible_password

I am familiar with the solution of ansible-vault feature. Our passwords are stored as a call to an external lookup (to be specific - Cyberark password). However, a regular user can still with simple debug command to see them ansible -m debug -a…

ansible ansible-vault cyber-ark

asked Mar 29 '21 at 16:40

Idan Tank

votes

1 answer

Fail to connect to the provider Reason=[connect: timeout cant be negative] Cyberark

I am getting the following error when trying to get the creds via cyber-ark SDK. javapasswordsdk.exceptions.PSDKException: PDKTC006E Failed to connect to provider (Reason=[connect: timeout cant be negative], Rc=[-1]) at…

java spring spring-boot cyber-ark

asked Jan 05 '21 at 17:09

Preetam Kumar

Prev 1 2

4 Next