CA PAM: CLI command with special character password
Article ID: 103755
Updated On:
Products
CA Privileged Access Manager (PAM)
Issue/Introduction
If the password includes special characters in the CLI command, it’s better to encode it (base64) and use below syntax “…TargetAccount.password='<base64string>' passwordIsBase64Encoded=true …”
For example, if your password is “Password01!”, it is <TargetAccount.password='UGFzc3dvcmQwMSE=' passwordIsBase64Encoded=true>
For example, if your password is “Password01!”, it is <TargetAccount.password='UGFzc3dvcmQwMSE=' passwordIsBase64Encoded=true>
Environment
Release:
Component: CAPAMX
Component: CAPAMX
Resolution
Below is the example to encode base64. Execute echo command on Linux machine;
# echo -n 'Password01!' | base64
UGFzc3dvcmQwMSE=
[DocOps - passwordIsBase64Encoded option]
Credential Manager CLI Commands
passwordIsBase64Encoded
Example)
# ./capam_command capam=<capamServer> adminUserID=admin cmdName=addTargetAccount TargetAccount.userName=<TargetAccount> TargetServer.hostName=<myhostname.mydomain.com> TargetApplication.name=<myApplication> TargetAccount.password=UGFzc3dvcmQwMSE= passwordIsBase64Encoded=true
# echo -n 'Password01!' | base64
UGFzc3dvcmQwMSE=
[DocOps - passwordIsBase64Encoded option]
Credential Manager CLI Commands
passwordIsBase64Encoded
A flag when true indicates that the specified password has been Base64-encoded and should be first decoded before being stored.
| Required | Default Value | Valid Values |
|---|---|---|
| no. | false | true|false |
Example)
# ./capam_command capam=<capamServer> adminUserID=admin cmdName=addTargetAccount TargetAccount.userName=<TargetAccount> TargetServer.hostName=<myhostname.mydomain.com> TargetApplication.name=<myApplication> TargetAccount.password=UGFzc3dvcmQwMSE= passwordIsBase64Encoded=true
Feedback
Yes
No
Powered by
