Cyber Ark .NETPasswordSDK not able to connect

Vishal picture Vishal · Jan 29, 2013 · Viewed 10.5k times · Source

I am not able to find any good documentation on .NET SDK for CyberArk.

I am trying to integrate CyberArk password management system to get password for an Outlook account using the below code

PSDKPasswordRequest passReq = new PSDKPasswordRequest();
PSDKPassword password = null;

// What is the purpose of CredFile??
passReq.CredFilePath = "F:\\CredFiles\\AppUser.cred";

passReq.Safe = "SAFE_NAME";
passReq.Folder = "root";

passReq.Object = userName;
passReq.Reason = "Get some stuff done.";

// Sending the request to get the password
password = CyberArk.AIM.NetPasswordSDK.PasswordSDK.GetPassword(passReq);

However I am not able to connect and getting the following error

"PDKTC006E Failed to connect to provider (Reason=[connect command failed])"\

Answer

caesarshift picture caesarshift · Mar 1, 2013

As I understand it, the API (NetPasswordSDK) is actually a caching service that sits between you and the CyberArk appliance. So you have to configure the service correctly during install as it handles the connection to the CyberArk appliance.

Instructions:

  1. Write down a CyberArk Administrator account's username/password
  2. Write down the CyberArk IP address. This is NOT the web access IP address (PVWA). It's the IP address of the appliance.
  3. On your dev machine, run the CyberArk SDK installer and enter in the IP address and Admin username/password from steps #1 and #2

    Assuming the installer completes successfully, it is going to create a user called "Prov_MACHINENAME." (MACHINENAME will equal your NetBIOS hostname) on the CyberArk appliance.

  4. On your dev machine, open C:\Program Files (x86)\CyberArk\ApplicationPasswordProvider\Vault\AppProviderUser.cred and write down the name generated during the install.

  5. Log in to the CyberArk appliance as an administrator
  6. Create a Safe named MySafe
  7. Add the Administrator account from step #1 as a member to MySafe
  8. Add the Prov_MACHINENAME account from step #5 as a member to MySafe
  9. Create an Application named MyApp
  10. Add the Application as a member MySafe
  11. Create an Account named MyAccount and assign it to MySafe

You can now use the following code to connect:

PSDKPasswordRequest objPasswordRequest;
PSDKPassword objPassword;

objPasswordRequest = new PSDKPasswordRequest();
objPasswordRequest.AppID = "MyApp";
objPasswordRequest.Safe = "MySafe";
objPasswordRequest.Object = "MyAccount";

objPassword = PasswordSDK.GetPassword(objPasswordRequest);
password = objPassword.Content;
username = objPassword.UserName;