search cancel

Registration of a Windows Proxy with new hostname and IP not showing up in CA PAM


Article ID: 252762


Updated On:


CA Privileged Access Manager (PAM)


After changing the name and IP address of a Windows Proxy server, the Proxy is not showing up with the new name and IP. Instead the old values are still in PAM and the Proxy cannot be used 


CA PAM all active releases


When a Windows Proxy is registered for the first time in CA PAM, the product adds machine name, host IP and device name to the CA PAM tables, plus a unique fingerprint for that machine. In this way every proxy is defined univoquely by its fingerprint.

When a Windows Proxy starts, it sends a registration request to PAM which includes its name, ip address and fingerprint. CA PAM verifies whether a machine with the same fingerprint as is being sent from the Windows Proxy already exists in its database. If it does, it does not modify the existing entry. This, for instance, if a machine is registered first as, and IP, and it is subsequently moved and renamed to machine name and IP 100.200.300.400, when the Windows Proxy starts it will send a registration request for machine and IP 100.200.300.400, but since its fingerprint already exists in the database (as machine had been previously registered as and IP, the old entry will not be modified. 


Before changing the ip address and/or name of a Windows Proxy, please make sure to delete the old entry from CA PAM so that it registers itself with the right parameters next time you start it. Also, if building a Windows Proxy in a subnet different from the one it will finally be running in, make sure to start it once you have moved it to the final subnet, so that it picks up the address and name correctly