Symantec Privileged Access Management

Custom Connector for PostgreSQL

  • 1.  Custom Connector for PostgreSQL

    Posted 10-16-2019 04:08 AM
    Edited by Soon Leong Yap 10-16-2019 04:18 AM
      |   view attached
    The PostgreSQL custom connector is a sample custom connector that can be used to manage password synchronization for PostgreSQL databases from CA Privileged Access Manager.

    The custom connector was tested with standalone PostgreSQL 12 and 11 databases as well as a two node primary and secondary cluster running streaming replication.

    This software is provided without warranty of any kind, including without limitation, any implied warranties of merchantability or fitness for a particular purpose. In no event will CA be liable to the end user or any third party for any loss or damage, direct or indirect, from the use of this software, including without limitation, lost profits, business interruption, goodwill, or lost data, even if CA is expressly advised of such loss or damage.

    The following conditions must be satisfied in order to use the custom connector:

    Deploy the Target Connector
    Follow these steps:
    1. On the Tomcat Custom Connector Server, download, extract and copy the postgresql.war files to the webapps_targetconnectors directory.

    Specify a Remote Target Server
    Follow these steps:
    1. In the UI, select Devices, Manage Devices.
    2. From the Devices page, select ADD.
    3. In the Add Device dialog, complete the required fields in the Basic Info tab. This device is the PostgreSQL database server.
    4. For the Device Type, select the Password Management checkbox. Keep the Access checkbox selected.
    5. Go to the Access Methods tab and specify an access protocol, such as SSH. The appliance uses the access method to contact the remote target server.
    6. Select SAVE AND ADD TARGET APPLICATIONS to complete the configuration.
    Add the Target Application
    Follow these steps:
    1. Select or enter values for the Application Name field.
    2. In the Application Type field, select PostgreSQL.
    3. A new tab labelled PostgreSQL is displayed.
    4. On the  PostgreSQL tab, specify values for the following fields:
      Server Port: Specify the port that the PostgreSQL database server listens on. Default: 5432.
      Fail-over Target Servers: For database cluster, specify the list of servers using the format host1:port1,host2:port.
    5. Select OK.

    Add the Target Account
    Follow these steps:
    1. Select Credentials, Manage Targets, Accounts.
    2. Select ADD.
    3. Complete the required fields:
    4. - Application Name: Select the PostgreSQL application name that you configured in the previous procedure.
      - Account Name: Enter the user name of the named credential.
      - Password: The password of the user account at the remote target server.
    5. On the Password tab, select Update both the Password Authority Server and the target system.
    6. On the PostgreSQL tab, specify values for the following fields:
      - Master Account: Specify whether to use the existing target account or an alternative account to change the password.
    7. Select OK to save the account.