Issue/Introduction:
- Is it necessary to use the same version between A2A client and PAM server? The communication failed when we tried to use the combination between PAM 3.1.1 and the A2A Client of PAM r3.2. Is it necessary to use the matched release during them?
- The A2A client settings screen on the PAM client, there is the "Client Version". What does it mean because it is different from the A2A manager version?
- After the upgrade, where is it possible to check the version information of the A2A Manager?
Environment:
CA Privileged Access Manager r3.x
Resolution:
Regarding the #1, the A2A client cannot be at a newer release than the PAM manager. The A2A client can be at a lower release.
Regarding the #2 and #3, it is the same version as the Credential Management version in the corresponding PAM server release.
In order to check the version of the Credential Management on the PAM server, catalina.out will show like the below logs that can verify the version.
7 26, 2018 1:59:58 午前 com.cloakware.cspm.server.app.ApplicationImpl a
INFO: ApplicationImpl.initialize Finished PA startup on <IP ADDRESS> (<FQDN OF THE PAM SERVER>) appClustering=OFF dbClustering=OFF externalSyncUnlocked=NO
7 26, 2018 1:59:58 午前 com.cloakware.cspm.server.security.PatchAuthenticator init
INFO: PatchAuthenticator.init Maximum client/proxy version allowed is 4.15.1.99
The catalina.our can get from the below place.
Configuration >> Diagnostics >> Diagnostic Logs >> Download tab >> "Download" button at the right of the "Tomcat:".