After 3.4 upgrade not able to list one application - PAM-CM-0622: Invalid proxy sever specified

book

Article ID: 197293

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM) CA Privileged Access Manager - Cloakware Password Authority (PA) PAM SAFENET LUNA HSM CA Privileged Access Manager - Server Control (PAMSC)

Issue/Introduction

After the PAM upgrade to v3.4 trying to list the ServiceNow TargetApplication by capam_command is reporting this error:

/opt/capimhg/prod/tools/capam_command capam=pamserver.fqdn Userid=super password=pass  Page.Size=0 cmdName=searchTargetApplication TargetApplication.name=mypruit
<CommandResult><cr.itemNumber>0</cr.itemNumber><cr.statusCode>466</cr.statusCode><cr.statusDescription>PAM-CM-0622: Invalid proxy server specified. ListAllTargetApplicationsCmd.getServiceDeskProxyServer not found.</cr.statusDescription><cr.result></cr.result></CommandResult>

Because of this error can't also list all TargetApplications via capam_command.

It's necessary remove this ServiceNow  Target Application that is not in use anymore but trying to open or delete via PAM Client also getting PAM-CM-0622: Invalid proxy server specified

How possible to fix this bad object?

 

Cause

The ServiceNow application Type allows under the tab "Service Now" put some, "Optional Proxy Details" as:

Proxy Protocol: (example http)

Proxy Server: (one existing device in CA PAM)

Proxy Application: (one existing Target Application)

Proxy Account (one existing Proxy Account)

Proxy Port: (example 8080)

Before upgrade the Device, Target Application and Target Account were removed from PAM and configuration was yet in the existing ServiceNow account.

Environment

Release : 3.4

Component : PRIVILEGED ACCESS MANAGEMENT

Resolution

1-  It's necessary create again the missing target application, target user  and device. (PS: You will need check in previous environment before the upgrade because the actual will show the error  in PAM Client PAM-CM-0622: Invalid proxy server specified. If you don't known the names, please, open a support case mentioning this document. The support engineer may try check inside of DB. 

2 - after create this objects it's possible access the Servicenow account. Also possible to delete it if this is not in use.

3 - test that it's possible to use capam_command to list all TargetApplications now