Pull Domain field from CyberArk API
0 vote
It would be helpful to be able to pull the Domain field from the CyberArk, along with username and password. This would help creating a credential entry for CyberArk that is usable in multiple domains when the same username exists in several. The end goal would be that for a CyberArk credential entry, in the keywords field, %USERNAME%@%DOMAIN% would work to find accurate credentials to authenticate a user.
All Comments (6)
I used the wrong string for the domain variable, it should be $DOMAIN$. It looks like CyberArk responds with this information:
But RDM doesn't map it to a variable or Username format:
Hello,
We are waiting for a response from CyberArk's team. Our test environment is at v8, we do not have a domain field in the password entities.
Best regards,
Maurice
To add to this...
We currently store the domain in the ADDRESS field which is optional. I just want to ensure that we are following their best practices or what the community is doing.
Maurice
Hello,
We will have to implement a dropdown to offer a list of "Common" fields where the domain can be stored.
We've been told that the most widely used is Address, but we also have Domain and LogonDomain in our test rig.
best regards,
Maurice
I think that Address would work, based on how it appears the CyberArk UI is configured. Seems that Address is the equivalent to Domain there.
Hello,
Our integration expert completed this today. It will be in our next build.
To prevent issues with existing configurations, the default mode will be to NOT use the field. You will have to modify the entry to make use of the domain.
I am working on the script making use of the PACLI to create a CSV, which would then be imported with a CSV Synchronizer.
Best regards.
Maurice