Layer7 Privileged Access Management

Expand all | Collapse all

Discovery Accounts

Jump to Best Answer
  • 1.  Discovery Accounts

    Posted 07-04-2018 12:32 PM

    Hello, Is it possible to discover user accounts without provisioning the servers where they reside?



  • 2.  Re: Discovery Accounts

    Posted 07-04-2018 09:56 PM

    Hi,

     

    Can you elaborate more on what you are trying to achieve?

    Are you asking if you can discover target accounts without using Proxy Agent?

     

    Does the following discussion match your question?

    Privileged accounts auto discovery 

     

    Kim



  • 3.  Re: Discovery Accounts

    Posted 07-05-2018 10:15 AM

    Sorry Kim, sorry i mean, without target servers registered in CA PAM, is possible to discovery Account?

     

    Thank You.

     

    Adolfo.



  • 4.  Re: Discovery Accounts
    Best Answer

    Posted 07-05-2018 10:23 AM

    Hi Adolfo, This is not possible for local accounts. Even LDAP accounts have to be tied to a target application and target server (domain controller). See our online documentation at https://docops.ca.com/ca-privileged-access-manager/3-2/EN/implementing/configure-credential-manager-targets/account-discovery:

     

    Account Discovery Prerequisites

    Before you perform Discovery, the product has to know where to look, so target servers have to exist. Applications and administrative accounts have to be provisioned in Credential Manager as target accounts. This administrative account has to be verified in Credential Manager. See Configure Credential Manager Targets for more information.