Error: Endpoint cannot be created in this endpoint type.
search cancel

Error: Endpoint cannot be created in this endpoint type.

book

Article ID: 30152

calendar_today

Updated On:

Products

CA Virtual Privilege Manager CA Privileged Identity Management Endpoint (PIM) CA Privileged Access Manager (PAM)

Issue/Introduction

Symptom:

The following error is received when trying to create a SAM/PUPM endpoint of type "Access Control for PUPM":

Error:  Endpoint cannot be created in this endpoint type. Details: Failed to authenticate user. Verify the user name or password Native error: org.apache.log4j.Logger.error(Ljava/lang/Object;Ljava/lang/Throwable;)V

 

Cause:

This means that the Distribution_Server parameter on the Endpoint is not pointing to the Enterprise Manager you are creating the SAM/PUPM Endpoint on. This could be because the PUPM integration option was not chosen when the ControlMinder/Access Control agent was installed on the Endpoint. In this case, it needs to be installed. It could also be that the PUPM integration option was chosen, but is pointing to a different Distribution Server than the Enterprise Manager you are creating the SAM/PUPM Endpoint on. 

 

Resolution:

It is possible, and may be the easier option, to just reinstall the endpoint, making sure you install the PUPM integration option and point it to the Enterprise Manager you are creating the SAM/PUPM Endpoint on.

Alternatively, this can be corrected by changing the parameter Distribution_Server on the Endpoint.

 

On a Windows endpoint, this is located in the registry:

HKEY_LOCAL_MACHINE\SOFTWARE\ComputerAssociates\AccessControl\Common\communication\Distribution_Server

On Linux and Unix, this is located in accommon.ini as Distribution_Server in the [Communication] section.

 

For both windows and Linux/Unix, change the value to:

ssl://<entm hostname>:<port> 

Where <entm hostname> is the hostname of the Enterprise Manager you are creating the SAM/PUPM Endpoint on and the  port is the communications port, e.g. ssl://PUPMENTM:7243.

 

The following sections of the manuals (latest release at time of writing is 12.9.02), may be of assistance:

https://docops.ca.com/ca-privileged-identity-manager/12-9-02/EN/reference/registry/common/communication

 

https://docops.ca.com/ca-privileged-identity-manager/12-9-02/EN/reference/configuration-files/the-accommon-ini-file/communication-accommon-ini

 

Note that you may also need to change the communications password.

https://docops.ca.com/ca-privileged-identity-manager/12-9-02/EN/implementing/how-ca-controlminder-service-accounts-interact-with-ca-privileged-identity-manager-components/changing-message-queue-communication-settings

Environment

Release: ACP1M005900-12.9-Privileged Identity Manager
Component:
Powered by Wolken Software