When trying to create a SAM/PUPM endpoint of type "Access Control for PUPM", it fails with the following error.
Error: Endpoint cannot be created in this endpoint type. Details: Failed to authenticate user. Verify the user name or password Native error: org.apache.log4j.Logger.error(Ljava/lang/Object;Ljava/lang/Throwable;)V
This means that the Distribution_Server parameter on the Endpoint is not pointing to the Enterprise Manager you are creating the SAM/PUPM Endpoint on. This could be because the PUPM integration option was not chosen when the ControlMinder/Access Control agent was installed on the Endpoint. In this case, it needs to be installed. It could also be that the PUPM integration option was chosen, but is pointing to a different Distribution Server than the Enterprise Manager you are creating the SAM/PUPM Endpoint on.
It is possible, and may be the easier option, to just reinstall the endpoint, making sure you install the PUPM integration option and point it to the Enterprise Manager you are creating the SAM/PUPM Endpoint on. Alternatively, this can be corrected by changing the parameter Distribution_Server on the Endpoint.
On a Windows endpoint, this is located in the registry below. On Linux/Unix, this is located in accommon.ini as Distribution_Server in the [Communication] section.
HKEY_LOCAL_MACHINE\SOFTWARE\ComputerAssociates\AccessControl\Common\communication\Distribution_Server
For both Windows and Linux/Unix, change the value to:
ssl://<entm hostname>:<port>
Where <entm hostname> is the hostname of the Enterprise Manager you are creating the SAM/PUPM Endpoint on and <port> is the communication port, e.g. ssl://ENTMServer.example.com:7243
Support for Shared Account Manager functionality ended on November 12th, 2022, according to this announcement. If Shared Account Management functionality is still being utilized, please contact your Broadcom account representative to discuss migration options.
For more information about the Distribution_Server token and other tokens within the [Communication] section, please refer to the Communication Registry documentation page for Windows, or the Communication (accommon.ini) documentation page for Linux.
Please note that it may also be required to update the communication password. Please refer to one of the following documentation pages for the instructions on how to update the communication password.
PIM 12.9: Changing Message Queue Communication Settings
PIM 14.0: Changing Message Queue Communication Settings