How to test A2A client

Document ID : KB000103195
Last Modified Date : 04/07/2018
Show Technical Document Details
Introduction:
This article is to show on how to configure A2A client agent on RedHat 7 / Centos 7 and test with example code.
Environment:
PAM 3.0.x
Centos 7
Redhat 7
Instructions:
1. Go to product download page in support.ca.com after logging in and search Privileged Access Manager. Select PAM version and download "CA Privileged App to App Manager Debian" product.
User-added image
2. Transfer "Unix A2A agent zip" file to target Linux server.
 
3. Unzip file

 
[root@parda25-I9298 tmp]# unzip Unix\ A2A_GEN500000000000518.zip -d ./a2aclient
Archive:  Unix A2A_GEN500000000000518.zip
   creating: ./a2aclient/packages/
  inflating: ./a2aclient/packages/cloakware_cspm_full_client_rhel50_x86.tar.gz
  inflating: ./a2aclient/packages/cloakware_cspm_full_client_sol10.tar.gz

4. Go to unzipped folder and change mode of setup_unix file to run.
 
[root@parda25-I9298 a2aclient]# chmod u+x setup_unix
 
5. Create directory for A2A client to be installed in target server and run setup_unix.
 
 usage: setup_unix <Linux|SolarisSparc> <32|64> <installDir> <serverFQDN or serverAddress>
[root@parda25-I9298 a2aclient]# mkdir ~/a2a
[root@parda25-I9298 a2aclient]# ./setup_unix Linux 64 ~/a2a/ 155.35.245.84
 
..
Remember to set and export CSPM_CLIENT_HOME=/root/a2a//catech, or
"include" /root/a2a//catech/cspmclient/bin/.cspmclientrc
in all CAPAM A2A Client user's environment (/etc/[rc|profile] files)
 
***** CAPAM A2A Client Setup Process Finished Successfully *****
 
6. start a2a client deamon
[root@parda25-I9298 bin]# ./cspmclientd start
 
Client Daemon 7388 started
Now seed the local encryption with a unique password
Cache persistence is turned off. Authentication is not required!

7. Go to PAM client and set up for A2A test.

 

1) Device -> Manage device -> Enable Access, Password Management and A2A

User-added image

 

2) Create Target Application

User-added image

 

3) Create Target Account as A2A

User-added image

 

8. Configure A2A settings

1) Manage A2A -> Script

User-added image

 

2) Manage 2A2 -> A2A Clients

User-added image

3) Manage A2A -> Mapping

User-added image

 

9. Test. SSH to target server and run example perl script to get credential.

[root@parda25-I9298 examples]# ./example.pl a2atest true

Return Code: 400

UserID:   root

Password:       Password01

PASSED

[root@parda25-I9298 examples]#