We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.

Configuring MASTER WINDOWS PAM Connection

nilesh_ghorpade
New Contributor III
New Contributor III

Hello,

I run into issues while configuring the MASTER WINDOWS PAM TEMPLATE Connection object. The issue is that when I provide the details around the host name, domain, username and password I get an error stating the APM Server URL https://monitor-<AWS>:443/intake/ failed with error code 404.

I tried to search the documentation around the APM server however was not able to get any information on the same.

 

Also as part of the pre-requisites, I have enabled the Windows Remote Management on the host, with PS Remoting enabled and an administrator account with all privileges created on the server. The port 5985 is also opened. We have not opened the port 3389 as it seems it will be used only for remote desktop which will be required for session monitoring etc.

If anyone has been  able to successfully configure the WINDOWS TEMPLATE connection object it will be a great help to provide the details on how they have done it.

Thank you.

 

Regards,

Nilesh

8 REPLIES 8

sk
All-Star
All-Star

I know you mentioned that you are getting error. But do you see the details are gave are being saved?

Because Windows Master connection doesn't have to be successful as long as you have master account and password other connection parameters are saved. 


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

NageshK
Saviynt Employee
Saviynt Employee

Nilesh,

Can you please provide more information on what exactly are you trying to configure and when and where you are seeing the error? APM is internal to the platform and those errors can be ignored. It should not impact your connections. 
Also, if you are trying to onboard your windows VMs for privilege access, port 3389 is also required so that you can launch priv sessions from Saviynt.

Hi Nagesh,

Thanks for the response.

I see the error in the logs when I click on the 'Save and Test Connection' button of the WINDOWS MASTER TEMPLATE Connection.

I am trying to simply configure the WINDOWS MASTER TEMPLATE connection to enable CPAM perform discovery of the windows servers and manage their privilege accounts.

Thank you.

Regards,

Nilesh

NageshK
Saviynt Employee
Saviynt Employee

@nilesh_ghorpade Master connections are available as a template that is used by the bootstrap process to create connections for each VM that you are trying to onboard. So, master connection does not represent any single VM. However, if you are trying to verify the connectivity from saviynt to your target VM, you can provide the ip address and try "save and test". This will only tell you if the connection is good or not. 

For onboarding target VMs, you will have to make sure to properly configure the corresponding parent system where target endpoint is present. Where is your Windows VM hosted at? Is it in one of the major Cloud providers (AWS, GCP, Azure) or is it on-prem?

Please follow this article to understand how to onboard your target VMs for the corresponding parent systems. 

https://docs.saviyntcloud.com/bundle/CPAM-Admin-Guide-v2020x/page/Content/E-Onboard-Target-Endpoint/...

Thanks Nagesh. We are using the MASTER connection to help us bootstrap the Windows servers. The MASTER connection also has a 'Save and Test Connection' button. When we hit that to Save the MASTER connection configuration we get a message stating 'an error occurred'. Since it does not give any additional details on the dialog we inspected the logs and ran into the APM issue.

 

If you can provide any additional pointers on how to go about debugging the issue it will be helpful.

Regards,

Nilesh

NageshK
Saviynt Employee
Saviynt Employee

@nilesh_ghorpade as I mentioned above, you will not be able to bootstrap a server with just the master windows connection. Also, the APM error is unrelated to connection test. Please go through the article I have shared and it should become evident on how to bootstrap windows servers

Hi Nagesh,

I believe I am not able to clearly state the problem statement. Basically I am not able to Save the WINDOWS MASTER CONNECTION. I do understand how the bootstrapping will be done. However to have it bootstrapped I need to first Save the WINDOWS MASTER CONNECTION with the master username and master password. 

I hope this helps.

 

Regards,

Nilesh  

NageshK
Saviynt Employee
Saviynt Employee

@nilesh_ghorpade Thanks for the clarification. what is the host name value you gave in your master connection? Also, when you entered the password, did you click on "save in vault" checkbox? And have you selected the connector version dropdown? 
Additionally, please share the screenshot of the error when you click on "save and test" along with the logs from ecm pod.