Cyberark credential issue in discovery

Prateek Bisht · ‎03-25-2022

Few Servers which are synced in Cyberark are not getting discovered and giving out credential error during discovery.
we have checked it is pingable and can be logged in. What can be the possible thing that is causing this issue?

Michael de Boer · ‎03-25-2022

Do you get an error message when you use the "Test credential" ui action for one of those servers?
You can also check the MID Server "agent0.log" log file after a quick discovery of one of those servers.
If there is something wrong with the credential in CyberArk, you'll find it there.

Regards,

Michael

Regards,
Michael

Please mark the suggestion as helpful/like, if you find it useful to you or others who wants to refer similar content.
Please mark the solution as correct, if the answer provided has resolved your query.

chuckm · ‎03-25-2022

Have you checked the CyberArk logs on the MID Server? They might give you more information if CyberArk is successfully retrieving the credentials from the CyberArk safe. The CyberArk logs are located on the MID server where the CyberArk AIM client is installed in the following directory (default installation):

C:\Program Files (x86)\CyberArk\ApplicationPasswordProvider\Logs

There are 3 separate CyberArk log files in the Logs directory: 1) APPConsole, 2) APPAudit, and 3) APPTrace. The APPConsole and APPAudit are helpful in troubleshooting. The APPConsole log shows if the CyberArk AIM client is communicating successfully with the CyberArk Vault. The APPAudit log shows successful password retrievals from the CyberArk Vault.

When troubleshooting, I suggest starting with the APPConsole log first (3 log entries to determine successful communication to CyberArk Vault). Then, looking at the APPAudit log file to determine successful credential retrievals.