PTA Alert/Action
Hi,
Does PTA trigger an alert or take any action if someone tries to retrieve a password even though they have sudo privileges?
Hi,
Does PTA trigger an alert or take any action if someone tries to retrieve a password even though they have sudo privileges?
Hi,
I’m working with CyberArk PAM Self-Hosted and I want to automate a daily health check using the REST API with an AI agent.
My question is simple:
What can the CyberArk PAM self-hosted API actually retrieve related to system health?
Specifically:
I want to build a daily automated health report (healthy / warning / failed), so I need to know if the API is enough or if I must rely on external monitoring tools.
Thanks.
Hi everyone,
Has anyone upgraded their Active Directory Domain Controllers from Windows Server 2016 to Windows Server 2025 in a CyberArk PAM environment?
Were there any impacts or issues affecting CyberArk components such as Vault, PVWA, CPM, PSM, LDAP/LDAPS authentication, or password management after the upgrade?
I would appreciate hearing about any compatibility concerns or lessons learned.
Thanks!
Hi everyone,
We are currently planning an infrastructure upgrade where our Active Directory Domain Controllers will be moved from Windows Server 2016 to Windows Server 2025.
Our PAM solution is CyberArk, and we are trying to validate the compatibility impact before proceeding.
Specifically, I would appreciate insights on the following:
If anyone has already tested or implemented CyberArk with Windows Server 2025 DCs, your experience would be highly appreciated.
Thanks in advance.
Hi everyone,
We have a setup where some departments access their accounts through RDM instead of PVWA because they are more familiar with RDM.
We created a script for this access flow, and it was working fine when the user had only one account and the account address was defined as an IP.
Later, after password rotation changes, we grouped multiple IPs under one account and changed the address definition to use the LDAP server DNS instead of individual IPs for rotation purposes.
Since this change, the script is no longer behaving as expected.
Here is the RDM script we are using (sensitive info masked):
Full address:s:X.X.X.X
alternate shell:s:psm /u <username> /a X.X.X.X /c PSM-RDP
username:s:<RDM_User>
desktopwidth:i:1024
desktopheight:i:768
screen mode id:i:2
redirectdrives:i:1
drivestoredirect:s:*
redirectsmartcards:i:0
use multimon:i:0
EnableCredSspSupport:i:0
redirectcomports:i:0
remoteapplicationmode:i:0
The script was working before when the account address was directly mapped to a single IP. After switching to DNS/LDAP-based addressing for rotation, the behavior changed.
Has anyone faced a similar issue when using RDM with CyberArk PSM after changing from direct IP-based accounts to DNS/LDAP-based rotation? Could this be related to PSM target resolution, alternate shell behavior, or account mapping?
Any troubleshooting suggestions would be appreciated.
Hi all,
We have PSM servers on Windows Server 2022, and recently our target servers were upgraded to Windows Server 2025.
Now when users connect via PSM (RDP), we get this error:
>
Looks like an RDP/TLS/CredSSP negotiation issue.
Has anyone seen compatibility issues between CyberArk PSM (Win 2022) and Windows Server 2025?
Did you fix it through TLS/cipher suites, Schannel, CredSSP, GPO, or CyberArk patching?
Any help is appreciated.
We are currently investigating an issue in CyberArk PAM where approximately 60 accounts were deleted.
We need to identify who performed these deletions (targeting the accounts on the target servers, not the users themselves).
We have already extracted multiple reports from both PVWA and the Vault, but we were not able to find any relevant results or trace the deletion activity.
Has anyone faced a similar issue or can advise where else we should look to identify the source of these deletions?
We are currently facing a challenge regarding Linux local account password rotation using CyberArk CPM.
For Linux local users, CyberArk recommended configuring sudo permissions to allow the CPM user to execute the /usr/bin/passwd binary as root through /etc/sudoers or /etc/sudoers.d/.
However, this solution is not acceptable in our environment for the following reasons:
We are looking for alternative and secure approaches for Linux local account password rotation without granting broad sudo privileges.
Has anyone implemented a different method or best practice for handling Linux password rotation in a secure and scalable way?
Any recommendations or real-world experience would be appreciated.
Hello everyone, I’m trying to understand the real operational impact of the recent CyberArk / Idira rebranding for self-hosted PAM deployments.
I’m reviewing the recent CyberArk / Idira rebranding announcement for self-hosted PAM customers and trying to understand the practical operational impact in on-prem environments.
The announcement indicates that Self-Hosted PAM customers will receive rebrand-related updates in upcoming releases, including:
The stated changes appear to be primarily:
For organizations running fully on-prem or self-hosted CyberArk PAM deployments, I’m interested in understanding whether there are any real technical or operational impacts beyond cosmetic branding.
Specifically:
If anyone has already evaluated or deployed these updates in a production self-hosted environment, insights on actual operational impact versus purely cosmetic changes would be appreciated.
Or If anyone has gone through a similar upgrade or rebranding cycle in a production PAM environment, it would be helpful to share any real risks or issues encountered, especially anything beyond cosmetic or UI changes.
Hi Community,
We are planning to temporarily disable hardening on CyberArk PAM components during Nessus vulnerability scans and would like to understand the possible operational and security impact before proceeding.
Environment:
We would appreciate feedback from anyone who has experience with this scenario.
Questions:
We are trying to identify:
Any recommendations, lessons learned, or official guidance would be highly appreciated.
Can we open these ports without disable Hardening?
If Yes / How?
Thanks.