CyberArk AIM Pack.#This Integration is part of the
The CyberArk Application Identity Manager (AIM) provides a secure safe in which to store your account credentials. Use this integration to retrieve the account credentials in CyberArk AIM. This integration fetches credentials. For more information, see Managing Credentials.
The integration uses the
Central Credential Provider and supports the following authentication methods:
- OS User (Windows NTLM Authentication): Set the domain user and password in the credentials field. Make sure your CyberArk Server is configured to support
NTLMauthentication as documented here. Note that the
useroption may require specifying full
- Client Certificate Authentication: Enter the Certificate and Private key in the integration instance configuration parameters. Make sure to follow the instructions here to enable the
Central Credential Providerto accept client authentication with client certificates.
- Allowed Machines: Leave all authentication methods empty. Follow CyberArk's instructions here to accept the
Cortex XSOAR Server IPfor the configured AppID.
Further information is available from CyberArk at:
- Navigate to Settings > Integrations > Servers & Services.
- Search for CyberArkAIM v2.
- Click Add instance to create and configure a new integration instance.
|url||Server URL and Port (e.g., https://example.net:1234\)||True|
|app_id||AppID as configured in AIM||False|
|folder||Folder to search in safe||True|
|safe||Safe to search in||True|
|credential_names||Credential names - comma-separated list of credentials names in the safe. Partial names are not supported.||False|
|cert_text||Certificate file as text||False|
|key_text||Key file as text||False|
|insecure||Trust any certificate (not secure)||False|
|proxy||Use system proxy settings||False|
- Click Test to validate the URLs, token, and connection.
You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
Lists all available credentials according to the list of credential names configured.
There are no input arguments for this command.
|CyberArkAIM.AccountType||String||The type of the account.|
|CyberArkAIM.Address||String||The address of the account.|
|CyberArkAIM.CPMStatus||String||The CMP status of the account.|
|CyberArkAIM.Domain||String||The domain of the account.|
|CyberArkAIM.Name||String||The credential name of the account.|
AccountCategory AccountDescription AccountDiscoveryDate AccountEnabled AccountExpirationDate AccountOSGroups AccountType Address CPMDisabled CPMStatus CreationMethod DeviceType DiscoveryPlatformType Domain Folder LastLogonDate LastPasswordSetDate LastSuccessChange LastSuccessReconciliation LastSuccessVerification LastTask LogonDomain MachineOSFamily Name OSVersion OU PasswordChangeInProcess PasswordNeverExpires PolicyID RetriesCount SID Safe SequenceID Tags UserName True Built-in account for administering the computer/domain 1573128798 True 0 Administrators Domain AIM.COM (CPM)Newly discovered dependency success AutoDetected Operating System Windows Domain AIM.COM Root 1572451901 1566376303 1575910475 1583521898 1583256386 ReconcileTask domain1 Server name1 Windows Server 2016 Standard CN=Users,DC=COM False True WinDomain -1 sid Windows Domain Admins 1 DAdmin username1