Overriding the address of a device imported from LDAP

book

Article ID: 111555

calendar_today

Updated On:

Products

CA Privileged Access Manager - Cloakware Password Authority (PA) PAM SAFENET LUNA HSM CA Privileged Access Manager (PAM)

Issue/Introduction

In the case where the address of a server is not actually resolvable by the address in the Active Directory entry, ie the DNSname field, it is necessary to change the entry, so that PAM uses the address that will be resolvable by DNS.

Environment

Not release-specific.

Resolution

After importing a Device Group from LDAP you can update the device entry to change the address.  Check the Override Address box and then enter the address you wish to use, IP or FQDN.  Once the Override Address box is checked, future LDAP refreshes of the Device Group will not change the address.

You can also perform this task using the External API, which will allow for the change to be made on many devices in bulk.  Below is the body that was provided to the Put devices.json in the API Documentation under settings.

{
      "deviceId": "230",
      "domainName": "device.your.domain",
      "overrideaddress": "t"
}

You will get the deviceid for your device using the Get devices.json.

The program to perform this task should be very simple.  Please open a Support ticket if you need addtional assistance.

Note that some older PAM (maintenance) releases did not retain the customized setting on LDAP refreshes. If you are up-to-date in maintenance you should not have this problem.