Test Data Manager

  • Private Community
 View Only

  • 1.  Store TDM Credentials in Password Vault.

    Posted Jul 27, 2020 02:30 PM
    Hello Community

    We have a use case to integrate 

    Is there an TDM integrations to  Broadcom Password Management Solutions  or Security Software like Cloakware, or CA PAM (Privileged Access Manager)?

    If so, appreciate to point out some documentation.

    Thanks


  • 2.  RE: Store TDM Credentials in Password Vault.
    Best Answer

    Broadcom Employee
    Posted Aug 02, 2020 01:57 PM
    cloakware (CA PAM) is integrated with TDM

    FastDataMasker:

    Support for Cloakware in FastDataMasker is governed by the env variable TDM_ENABLE_PASSMGR.

     Before launching FastDataMasker, the variable TDM_ENABLE_PASSMGR must be set in the environment with one of the following values:

    yes                   -> this lets you create either normal profiles or profiles using external password manager.

    no                    -> this lets you only create normal profiles.

    exclusive         -> this lets you only create profiles that use external password manager.

     

    To sum up this way we can control UI behavior of FastDataMasker integration with Cloakware.

     the FastDataMasker engine doesn't need to be configured with environment variables.

     

    In order for FastDataMasker to work with Cloakware you should copy Cloakware jar files: cspmclient.jar and cwjcafips.jar from the Cloakware installed location to the lib folder of the installed FastDataMasker location, for example C:\Program Files\Grid-Tools\FastDataMasker\lib.

     

    Also, in installed FastDataMasker location there is a file GTMAPPER.l4j.ini.

    you should open it with a text editor and check the path for java properties java.library.path and cspm_client_config_file. Where java.library.path is the path to the Cloakware native dlls and cspm_client_config_file is the path to the Cloakware configuration xml.

     

    In order to use Cloakware integration aliases in FastDataMasker one should use the following format:

    ext:cspm:<cloakware_alias> where < cloakware_alias> is the alias in Cloakware.


    Javelin:

    For database activities you should  enter the cloakware alias  in username\login field in the following form:

    ext:cspm:<alias>

     

    Prefix "ext:cspm:" is used to determine that we use cloakware.

     The  cloakware client should be installed.


    GTSUBSET:

    Before running GTSubset please check the content of file GTSubset.l4j.ini.

    Java properties JAVA_LIBRARY_PATH and CSPM_CLIENT_CONFIG_XML should point to cloakware native dlls and to cloakware configuration file respectively.

     

    As usual, in order to use cloakware authentication aliases please use the following form of login:

    ext:cspm:<alias>

    where <alias> is the cloakware alias.


    DATAMAKER:




    Original Message


  • 3.  RE: Store TDM Credentials in Password Vault.

    Broadcom Employee
    Posted Aug 02, 2020 02:01 PM
    Portal:

    Prerequisite:

    1. Cloakware client should be installed and running on machine where CA TDM Portal is being installed.
    2. CSPM_CLIENT_HOME environment variable should be set and should be pointing to Cloakware installation directory

     

    Configuration:

     

    NEW INSTALL:

    CA TDM Portal will not start automatically after installation and before starting CA TDM Portal do the following changes

    1. Open wrapper.conf (Default location C:\Program Files\CA\CA Test Data Manager Portal\service\conf\wrapper.conf ) and uncomment following lines by removing # from front of each line and save the file.

    # set.default.CSPM_CLIENT_HOME=c:\cspm\cloakware

    # wrapper.java.classpath.6=%CSPM_CLIENT_HOME%\cspmclient\jre\lib\ext\cwjcafips.jar

    # wrapper.java.classpath.7=%CSPM_CLIENT_HOME%\cspmclient\lib\cspmclient.jar

    # wrapper.java.additional.11=-Dcspm_client_config_file=%CSPM_CLIENT_HOME%\cspmclient\config\cspm_client_config.xml

    # wrapper.java.library.path.2=%CSPM_CLIENT_HOME%\cspmclient\lib

    # wrapper.java.library.path.3=%CSPM_CLIENT_HOME%\cspmclient\jre\bin

     

    NOTE: These setting assumes Cloakware client to be installed at default location, please change them accordingly if that's not the case.

    1. Start TDM Portal.

     

    UPGRADE:

    CA TDM Portal would start automatically

    Wrapper.conf will be overwritten and therefore should be re-edited as shown above (NEW INSTALL: 1)

     

     

    Format to provide Alias Name:

    Where ever you are providing alias name it should be pre fixed with ext:cspm: for example if alias name is GTREP_CRED then in TDM Portal it should be provided as ext:cspm:GTREP_CRED

     

    Usage:

    1. During Installation on Repository screen alias name should be provided in Username field and password should be kept blank. (NOTE: Alias name should be valid because we validate database credentials by making connection to Database)
    2. While creating  connection profile alias name should be provided in  User Name field.
    3. While configuring AD Authentication alias name should be provided in User DN field.


    Original Message