Chris
So the basic command looks like this
capam_command
capam=capamServer
adminUserID=admin
cmdName=updateTargetAccount
TargetAccount.ID=12
TargetServer.hostName=myhostname.mydomain.com
TargetApplication.name=myApplication
TargetAccount.userName=sysop1
TargetAccount.password='sys0p!@2'
TargetAccount.cacheBehavior=useServerFirst
TargetAccount.cacheDuration=17
I would try with a value something like
TargetAccount.ownerID=######
TargetAccount.credentialOwner=XXXXXXXX
Unfortunately, this level of experience is outside my ability. I have only test specific commands for errors and troubleshooting but I would assume if a services engineer sees this they may be able to give you a specific answer.
sorry I could not answer this
Joe
Original Message:
Sent: 03-31-2020 06:55 PM
From: Chris Scott
Subject: REST API object for target account "owner user name"
Joe,
listTagetAccounts gives the output below. There does appear to be xml attributes uoid and uoname, but I cannot seem to find a cli cmd attribute to change those.
Any suggestions?
<cr.result>
-<c.cw.m.tacs>
<ts.id>1428</ts.id>
<ta.id>2002</ta.id>
<bm.id>2002</bm.id>
<hn>10.0.0.0</hn>
<dn>Identity Suite C++ Connector Server 1</dn>
<di>1021</di>
<na>name</na>
<ty>Generic</ty>
<un>admin</un>
<um>true</um>
<as>false</as>
<cat>false</cat>
<pv>false</pv>
<cou>0</cou>
<cid/>
<autoConnectEnabled>true</autoConnectEnabled>
<tapcd>null</tapcd>
<tapma>0</tapma>
<taped>null</taped>
<tapcac>false</tapcac>
<tapcpn>null</tapcpn>
<uoid>2114001</uoid>
<uoname>cred_owner</uoname>
<ag>false</ag>
<pvp>1000</pvp>
</c.cw.m.tacs>
</cr.result>
Original Message:
Sent: 03-27-2020 08:19 PM
From: joseph lutz
Subject: REST API object for target account "owner user name"
Chris
You should look at CLI commands instead of API's to manage accounts and target accounts. The API's that are available relate to user accounts and not target accounts. That is why you are not seeing the link to SCIM user. See this link to the CLI
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-privileged-access-management/privileged-access-manager/3-3-2/programming/credential-manager-remote-cli-and-java-api/credential-manager-cli-commands/addtargetaccount.html
While using the CLI you should remember the Target Account Owner User Name can only be set to an existing CA PAM user that already has the Credential Manger rights to manage that Target account.
Joe
Original Message:
Sent: 03-27-2020 02:08 PM
From: Chris Scott
Subject: REST API object for target account "owner user name"
Hello,
My intent is to use the REST API to create a target account with a owner user name.
What I am struggling with is finding the right attribute to set the Target Account Owner User Name (in the Password TAB).
My thought is there would be a link with the SCIM user - but I'm just not finding where the link between the SCIM User and and Target account is established.
We do use this property for account governance.
Thanks
Chris Scott