Symantec Privileged Access Management

Is it possible that entries made in idmmanage console like database hostname or reporting server hostname gets changed to something different automatically (i.e, it is defined to point to DR but instead of pointing DR it's starts pointing to DC after sometime) ?

Is it possible to find out how those entries got modified?

I found such abrupt behavior and sure about the thing that no one from my team did this modification.

I wanted to identify how this happened or is their something in background causing this change to happen.

Please help me to figure out this.

Hello,

The hostnames in IDMMANAGE should not be changed on their own, it would require a user manually changing them in the IDMMANAGE GUI or in the back-end database. The IDMMANAGE page is not audited in the same way as the main Enterprise Management GUI, so it would be hard to determine when the changes occurred and what user made the changes. It is suggested to keep the page disabled until access to the page is absolutely necessary.

Kind Regards,

Brian Rehder

CA Support Engineer

Hello Brian,

Thank you for your reply.

To put more light into the issue, the replication between DC and DR is happening through log shipping of Database. Perhaps, there is something happening in the back-end database as mentioned by you in the comment. It would be helpful if you can elaborate on the point and what could be happening in the back end that led to changes in the IDM console.

What I meant was that a user would have to manually log into the back-end database and make the modification, it should not be happening on its own. If this is a re-occurring issue that can be reproduced, it might be best to open a support case for us to review the environment.

Kind Regards,

Brian Rehder

CA Support Engineer