Adding and removing account permissions on CyberArk
The CyberArk administrator can grant or revoke permissions to the Guardium system on the CyberArk vault server.
The Guardium system's account inherits all permissions from the group that it is added to. The minimum group permissions that are required are: List, Retrieve, and View Accounts.
Use the following procedures to add or remove the Guardium system's account from the CyberArk group.
Providing permission to the Guardium system
Use the following procedure to provide permission to the Guardium system on CyberArk.
Note: The
CyberArk administrator must grant permission to complete installation of CyberArk on the Guardium
system.
- Use the CyberArk client to log in to vault server.
- From the menu, go to .
- On the Users and Groups on Server Vault page, select the group that owns your safe. Click Update.
- On the Update group page, click Add and select User from the drop-down menu.
- On the Add Members to Group page click the Applications folder, select the member (Guardium system’s account name) Prov_Guardium system's address, and click the right arrow button to move the member to the group.
- Click ok to add the account to the group.
Revoking the Guardium system's permissions on CyberArk
When CyberArk is uninstalled from the Guardium system, use the following procedure to revoke
permissions on CyberArk.
Note: To reinstall CyberArk on your Guardium system, you must remove the
CyberArk account from the group.
- Use the CyberArk client to log in to vault server.
- From the menu, go to .
- On the Users and Groups on Server Vault page, click the Applications folder, and select the member (Guardium system’s account name) Prov_Guardium system's address.
- Click Delete to remove the account from the group.