A CLI password consumer is a type of software development kit password consumer. You can use CLI password consumers to replace hard-coded passwords in scripts with privileged account passwords. A CLI password consumer is a representation of a script that gets, checks out, or checks in privileged account passwords. The script calls the SAM Agent, which retrieves the privileged account password from CA ControlMinder Enterprise Management.
Use CLI password consumers to write .bat or .sh scripts that are limited in their ability to change other files or scripts. For example, you can write a script that uses the acpwd utility to manually update a hard-coded password in a file. You also use CLI password consumers to let users run the acpwd utility from the command line on an endpoint.
Note: You can also use the SAM SDK to replace hard-coded passwords in scripts with privileged account passwords. For example, use the SAM SDK to write a customized script that replaces passwords in multiple files.
To configure an endpoint to use a CLI password consumer
acpwd {-checkout | -get} -account name -ep name -eptype type [-container name] -nologo
Note: For more information about the acpwd utility syntax, see the Reference Guide.
You have configured the endpoint to use a CLI password consumer. You must now create a Software Development Kit (SDK/CLI) password consumer for the script in CA ControlMinder Enterprise Management.
|
Copyright © 2013 CA Technologies.
All rights reserved.
|
|