Specifying an Active Directory group in the Account Discovery section and launching discovery for an application configured as Windows Domain Service, I am getting "Missing distinguished name" why ?

book

Article ID: 14834

calendar_today

Updated On:

Products

CA Privileged Access Manager - Cloakware Password Authority (PA) PAM SAFENET LUNA HSM CA Privileged Access Manager (PAM)

Issue/Introduction



I have configured an application as a Windows Domain Service (WDS) and I have specified  a group in its Account Discovery/Groups section.

Afterwards I have tried to perform an account discovery, but I am always getting "Missing distinguished name" no matter what group and syntax I specify there. 

The account I am using for discovery works for LDAP to Access Manager integration.

What happens and how can I solve it ?

<Please see attached file for image>

AccountJPG.jpg

Environment

Release: PAMDKT99500-2.7-Privileged Access Manager-NSX API PROXY
Component:

Resolution

Whenever defining the account that will be used to perform discovery in the Password Management section of the product, it is necessary to specify in the Distinguished Name (DN) the DN for the account in active directory 

 

<Please see attached file for image>

src="/servlet/servlet.FileDownload?file=0150c000004AKgQAAW" alt="Application.jpg" width="889" height="660">

Attachments

1558718252274000014834_sktwi1f5rjvs16uwc.jpeg get_app
1558718250291000014834_sktwi1f5rjvs16uwb.jpeg get_app