Since TPAM expects the address of the target host as a hostname rather than as an IP address, IP addresses must be transformed to hostnames. The hostname is then used as input when the TPAM plugin calculates the System name for TPAM. For this, you need to configure DNS resolution on SPS.
To resolve hostnames, SPS uses the Domain Name Servers set in Basic Settings > Network > Naming > Primary DNS server and Secondary DNS server. For details on these fields, see the section on naming in "Network settings" in the Administration Guide.
This section provides detailed instructions as to what to configure on TPAM:
When communicating with TPAM, SPS uses a CLI user with Information Security Administrator (ISA) rights to establish an SSH connection to TPAM. This user must be present in TPAM. In addition, in the TPAM plugin's configuration file, you need to provide the user name of this user (server_user).
To add an ISA CLI user
For details on how to add an ISA CLI user in TPAM, see section Add a CLI user ID in the TPAM Administration Guide.
Ensure that the user has ISA permissions (configurable through access policies) for all Accounts and Systems whose credentials will be retrieved from TPAM. For details on how to assign ISA access policies, see Assign ISA access policies to ISA CLI user.
If this user is already present in TPAM, here is how you can obtain its user name:
In order for SPS to be able to retrieve information from TPAM, you must ensure that the ISA CLI user that is used for communicating with TPAM has ISA permission to all relevant Systems and Accounts whose credentials will be retrieved from TPAM.
To grant the ISA CLI user ISA permission
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Términos de uso Privacidad Cookie Preference Center