ServiceNow Integration with CyberArk:How to specify credential ID in ServiceNow when multiple host need to discover with same credential

Sharad2
Kilo Contributor

‎07-09-2020 08:15 AM

Expert Team,

Looking for your expert advice for the below use case.

How to specify the credential ID in the ServiceNow which should match with Name Field of CyberArk Vault.

In my case, we have IP-Range let's take example 10.x.x.x to 10.y.y.y and there is credential common user : abcd has created in cyber ark and Name field in the combination like HostName:user 

This is the document which I have referred to try a different combination

https://docs.servicenow.com/bundle/orlando-servicenow-platform/page/product/credentials/task/t_ConfigCyberArkCredIdentifr.html

-<Safe>:<Credential ID>

-Keeping credential ID blank and tried to retrieve the details through IP Address but it failed.

The only combination is working like HostName:user but in this case I need to credential record for every servers.

Thanks

Sharad

 

 

 

Labels:
0 Helpfuls
  • 2,001 Views
3 REPLIES 3

chuckm
Giga Guru

‎07-09-2020 08:35 AM

If you are using the <safe>:<credential ID> format, the <safe> is the value of the Safe attribute in the CyberArk Account (AWSDISCOVERY in this example).  The <credential ID> is the value of the Name attribute in the CyberArk Account (Operating System-AWSDISCOVERY-compute.amazonaws.com-Administrator in this example).

find_real_file.png

Note:  The Credential ID attribute was limited to 40 characters prior to New York, but has since been extended to 180 characters to accommodate larger values from CyberArk.

CyberArk Account Details

find_real_file.png

Config.xml

find_real_file.png

CyberArk APPAudit Log
This entry from the CyberArk APPAudit log represents one successful credential retrieval from the CyberArk Safe (AWSDISCOVERY) - where both the username (Administrator) and password are retrieved.

find_real_file.png

Preview file
44 KB
Preview file
38 KB
Preview file
28 KB
Preview file
38 KB
Preview file
29 KB
Preview file
33 KB
Preview file
16 KB

Ashutosh Munot1
Kilo Patron
Kilo Patron

‎07-09-2020 08:37 AM

HI,


To add:

 

If the credential is in the same safe which is specified in the MID config.xml then you can just give the credential id i.e. name of the account in cyberark.

If the creds are in different safe then you can give it as safe:creds id


Thanks,
Ashutosh

Sharad2
Kilo Contributor

‎07-09-2020 09:03 PM

Thanks, Chuckm appreciate your quick response and valuable input with a screenshot.

I will try the same in my setup to verify it and let you know about it.

 

Thanks, Ashutosh for the your assistance.

0 Helpfuls