Previous Topic: How to Configure an Endpoint to Use a Password Consumer SDK ApplicationNext Topic: How to Configure an Endpoint to Use a Web Services SAM SDK Application


Run a Java SAM SDK Application

After you configure an endpoint to use a password consumer SDK application, you can run the application to get, check out, and check in privileged account passwords.

To run a Java SAM SDK application

  1. Verify that you have created a password consumer for the application in CA ControlMinder Enterprise Management.
  2. Open a Command Prompt window and navigate to the folder in which the application is installed.
  3. Run the following command:
    java -cp PupmJavaSDK.jar;CAPUPMClientCommons.jar;jsafeFIPS.jar;[log4jLib];. 
    applicationName {explicit | keyvalues} {checkout | checkin} "endpointType" 
    "endpointName" "accountName" "accountContainer" flags
    
    log4jLib

    (Optional) Defines the name of the log4j library that the application uses to log runtime events and information.

    applicationName

    Defines the name of the Java SAM SDK application.

    explicit

    Specifies that the command provides explicit values for each parameter.

    keyvalues

    Specifies that the command uses key/value pairs.

    checkout

    Specifies that the application retrieves (gets or checks out) a privileged account password.

    Note: The flags parameter specifies the get or check out action that application performs.

    checkin

    Specifies that the application checks in a privileged account password.

    endpointType

    Defines the type of endpoint on which the privileged account is defined.

    Note: You can use the View Endpoint Type task in CA ControlMinder Enterprise Management to view a list of available endpoint types. Define the endpoint type exactly as it appears in CA ControlMinder Enterprise Management, for example, "SAP R3 via Provisioning".

    endpointName

    Defines the name of the endpoint on which the privileged account is defined.

    accountName

    Defines the name of the privileged account.

    accountContainer

    Defines the name of the container in which the privileged account is defined.

    If the privileged account is not defined in a container, specify "Accounts" for this parameter.

    flags

    Specifies if the application checks out or gets the privileged account password.

    Values: 0—check out or check in the privileged account password (GetOnly flag is false); 1—get the privileged account password (GetOnly flag is true)

    The application performs the specified action on the privileged account password and displays the result.

Note: You can use the semsgtool utility to view the textual explanation of numerical SAM SDK error codes. For more information about the semsgtool utility, see the Reference Guide.