DirWiz Logo
Knowledgebase

Article Tags

Source and Destination tabs logon/password - cyberark support

2020-10-30 15:02:33
Active Directory Features System Requirements UnitySync 

As of UnitySync v3.1, CyberArk authentication support has been added for LDAP, o365 and ODBC.

CyberArk functionality is enabled when the CyberArk parameters appear in config.txt. (For the source and/or destination connections as configured).

To enable CyberArk, go to the connection’s Custom tab, click Raw Config. Enter the following set of parameters as appropriate if source and/or dest will use CyberArk.

source-cyberark-url=
source-cyberark-domain=

and/or

dest-cyberark-url=
dest-cyberark-domain =

An example of the Cyberark authentication syntax follows:

dest-cyberark-url=https://www.AcmeCo.com/aimwebservice/api/accounts?appid=UnitySync&safe=A-WND-PROD-UNITYSYNC&Object=SVCUNITYSYNC01  

dest-cyberark-domain=AcmeCo.com

The domain is automatically appended to the login ID received from CyberArk (i.e. @AcmeCo.com)

Caveats for LDAP connections when CyberArk is enabled:

  1. Logon/pw:
    Any value in the UI Source tab Logon/Password parameters (sourcelogon/sourcepw) and Destination tab Logon/Password parameters (destlogon/destpw) are ignored.

  2. Test and Verify buttons:
    While you CAN use the Source tab’s Selection DN to define the source OU for Discovery, the TEST and VERIFY buttons will NOT return a valid result. Likewise, the Destination tab’s Placement DN can be used, but Verify will not return a valid result.

  3. Source Dest tab Port parameter:
    When Cyberark is enabled, the connection will ONLY use ports (389/636) for read or write.

Share this article: Twitter reddit