Symantec Privileged Access Management

 View Only
  • 1.  A2A Integration PHP

    Posted Mar 09, 2016 10:23 PM

    Hi all,

    I have a question regarding A2A Integration with PHP

    my code is:





    $data = getCredential($alias,$bypassCacheFlag);

    echo "Return code: $data[retCode]\n";

    echo "User name: $data[user]\n";

    echo "Password: $data[password]\n";

    function getCredential($inAlias,$inFlag){

    $exec = "/opt/cloakware/cspmclient/bin/cspmclient";

    $command = "$exec $inAlias $inFlag";

    $hndl=popen($command,'r') or die ("Unable to open pipe for command $command\n");

    echo "About to execute command: $command\n";

    $retVal=fread($hndl,2096) or die ("Unable to execute command $command\n");

    $n = sscanf($retVal, "%s %s %s", $retCode, $user, $password);

    $arr=array("retCode" => $retCode,

    "user" => $user,

    "password" => $password);

    return $arr;




    I add a command in the php file to print the handler

    $hndl=popen("/opt/cloakware/cspmclient/bin/cspmclient A2ASQL false","r") or die ("Unable to open pipe for command $command\n");



    If i execute from terminal,its return Recource id #4


    But if i deploy that php file to webserver (apache2.2) and run from web browser, its return Resource id #2

    and it cannot get credentials from server


    Anyone can help me?

    Thank You

  • 2.  Re: A2A Integration PHP
    Best Answer

    Posted Mar 10, 2016 05:31 AM

    First step is always to investigate the error code details.

    Look in the PM Dashboard - Failed A2A calls.


    Expand the error revceived and look at the the details.


    The error 409 is that the script seen by PAM is not mapped to retrieve credentials for the alias.

  • 3.  Re: A2A Integration PHP

    Posted Mar 11, 2016 02:32 AM

    Hi rascl01,


    this is the log

    from this log i realize that the script that client get is httpd not test.php.

    So after i add the script httpd and do mapping , its work

    Thank you for your help