search cancel

fingerPrint Logic in PAMProxy and A2A Client

book

Article ID: 256197

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

Credential Manager tomcat logs report as part of the parameters passed for registration  fingerprint value when a new PAM Proxy or A2A machine is added

This fingerprint value is stored in field currentfingerprint of the requestserver table and it does not change even if the machine is moved to a different subnet

Sometimes this may be causing issues when trying to reregister an already existing proxy or A2A client

So the question may arise how the fingerprint is calculated for a PAM Proxy or A2A client

Environment

CA PAM all releases

Resolution

The fingerprint value passed to PAM by the A2A or PAM Proxy client software is a hashed  xml combination of the mac address+machineid of the machine being added and the application type.

As such it will not change even if the machine is moved to a different location