How to test A2A client


Article ID: 103195


Updated On:


CA Privileged Access Manager - Cloakware Password Authority (PA) PAM SAFENET LUNA HSM CA Privileged Access Manager (PAM)


This article is to show on how to configure A2A client agent on RedHat 7 / Centos 7 and test with example code.


PAM 3.0.x
Centos 7
Redhat 7


1. Go to product download page in after logging in and search Privileged Access Manager. Select PAM version and download "CA Privileged App to App Manager Debian" product.

2. Transfer "Unix A2A agent zip" file to target Linux server.
3. Unzip file

[[email protected] tmp]# unzip Unix\ -d ./a2aclient
Archive:  Unix
   creating: ./a2aclient/packages/
  inflating: ./a2aclient/packages/cloakware_cspm_full_client_rhel50_x86.tar.gz
  inflating: ./a2aclient/packages/cloakware_cspm_full_client_sol10.tar.gz

4. Go to unzipped folder and change mode of setup_unix file to run.
[[email protected] a2aclient]# chmod u+x setup_unix

5. Create directory for A2A client to be installed in target server and run setup_unix.
 usage: setup_unix <Linux|SolarisSparc> <32|64> <installDir> <serverFQDN or serverAddress>

[[email protected] a2aclient]# mkdir ~/a2a
[[email protected] a2aclient]# ./setup_unix Linux 64 ~/a2a/
Remember to set and export CSPM_CLIENT_HOME=/root/a2a//catech, or
"include" /root/a2a//catech/cspmclient/bin/.cspmclientrc
in all CAPAM A2A Client user's environment (/etc/[rc|profile] files)
***** CAPAM A2A Client Setup Process Finished Successfully *****

6. start a2a client deamon

[[email protected] bin]# ./cspmclientd start
Client Daemon 7388 started
Now seed the local encryption with a unique password
Cache persistence is turned off. Authentication is not required!

7. Go to PAM client and set up for A2A test.


1) Device -> Manage device -> Enable Access, Password Management and A2A


2) Create Target Application


3) Create Target Account as A2A


8. Configure A2A settings

1) Manage A2A -> Script


2) Manage 2A2 -> A2A Clients

3) Manage A2A -> Mapping

9. Test. SSH to target server and run example perl script to get credential.

[[email protected] examples]# ./ a2atest true

Return Code: 400

UserID:   root

Password:       Password01


[[email protected] examples]#


1558700134325000103195_sktwi1f5rjvs16k09.png get_app
1558700132471000103195_sktwi1f5rjvs16k08.png get_app
1558700130840000103195_sktwi1f5rjvs16k07.png get_app
1558700129069000103195_sktwi1f5rjvs16k06.png get_app
1558700127517000103195_sktwi1f5rjvs16k05.png get_app
1558700125798000103195_sktwi1f5rjvs16k04.png get_app
1558700123730000103195_sktwi1f5rjvs16k03.png get_app