Forum / Remote Desktop Manager - PAM Partners

Cyberark Privileged Access Solution

  • Create an Issue
  • Cancel

Current integration


We offer two credential entry types to get passwords that are stored in a Cyberark vault.

The first one is named Cyberark AIM and, as the name implies, it gets the passwords in a AIM server that typically resides in your own infrastructure. That being said, authorization is still performed against your PAS server, that means that this integration is not available offline.

The second one is simply Named Cyberark, it performs authorization, and also gets the credentials directly from the PAS. It reflects more closely the usage pattern of entry level customers of the PAS solution.

Our current limitation is that we cannot list credentials that one has access to in order to offer a list to pick from. This means that all credentials that you need to access, need to have a corresponding entry in RDM. We can work around that limitation by using the PACLI to extract a csv, which can then be imported in RDM.

Coming features

We are currently working on integrating the PSM, which would reduce the workload of sysadmins that have to handle creation and management of alternate shell commands in tens of entries. We will offer a mechanism, much like a gateway, which will create a single PSM server to a great number of sessions.

We recommend that you subscribe to new replies to this topic, as we will publish a notice when the feature can be tested. Please be advised that Cyberark must approve any integration before we can render it available to our community.

Best regards,



Maurice Côté

signaturesignature

Clock3 mths

Thanks for the update, any indication on how far we are away from the PSM/GW solution.

As a organization that uses both methods it would be great if there was a way to choose between methods (PSM vs GW) or give them a priority order?

Clock25 days

Hello,

It turns out that another integration had been prioritized before this one, luckily it has just been completed. Engineering should start on this in the coming days.

Its a few days work, but intertwined with bug fixes and the daily whirlwind, it should be done in a release or two.

Sorry about that.



Maurice Côté

signaturesignature

Clock24 days

We're also evaluating CyberArk PSM, and are using a RDM Enterprise version, so we're really keen on testing these new features as soon as they're coming out, please keep us posted.
Please also note that we are using different multifactor tools to access CyberArk PSM, including RSA tokens, so it would be great if we can combine those features. I'll post a separate feature request to create a credential type of RSA for that.

Clock9 days

Hello,

we are almost ready to showcase our integration to Cyberark’s team. if they accept it as is, it should be a matter of weeks before the feature is delivered in a beta. I cannot say for sure when it will be available in a General Availability release though.

For RSA, we are at the initial phases of being able to work with them, and i mean just at signing their non-disclosure agreement. The whole process could takes months, can’t says for sure before we get access to their documents and platform.

Best regards,



Maurice Côté

signaturesignature

Clock9 days

Thank you for the continued status updates! Look forward to that Beta more than you can imagine!

Clock9 days