How to test A2A client

Document ID : KB000103195
Last Modified Date : 04/07/2018
Show Technical Document Details
This article is to show on how to configure A2A client agent on RedHat 7 / Centos 7 and test with example code.
PAM 3.0.x
Centos 7
Redhat 7
1. Go to product download page in after logging in and search Privileged Access Manager. Select PAM version and download "CA Privileged App to App Manager Debian" product.
User-added image
2. Transfer "Unix A2A agent zip" file to target Linux server.
3. Unzip file

[root@parda25-I9298 tmp]# unzip Unix\ -d ./a2aclient
Archive:  Unix
   creating: ./a2aclient/packages/
  inflating: ./a2aclient/packages/cloakware_cspm_full_client_rhel50_x86.tar.gz
  inflating: ./a2aclient/packages/cloakware_cspm_full_client_sol10.tar.gz

4. Go to unzipped folder and change mode of setup_unix file to run.
[root@parda25-I9298 a2aclient]# chmod u+x setup_unix
5. Create directory for A2A client to be installed in target server and run setup_unix.
 usage: setup_unix <Linux|SolarisSparc> <32|64> <installDir> <serverFQDN or serverAddress>
[root@parda25-I9298 a2aclient]# mkdir ~/a2a
[root@parda25-I9298 a2aclient]# ./setup_unix Linux 64 ~/a2a/
Remember to set and export CSPM_CLIENT_HOME=/root/a2a//catech, or
"include" /root/a2a//catech/cspmclient/bin/.cspmclientrc
in all CAPAM A2A Client user's environment (/etc/[rc|profile] files)
***** CAPAM A2A Client Setup Process Finished Successfully *****
6. start a2a client deamon
[root@parda25-I9298 bin]# ./cspmclientd start
Client Daemon 7388 started
Now seed the local encryption with a unique password
Cache persistence is turned off. Authentication is not required!

7. Go to PAM client and set up for A2A test.


1) Device -> Manage device -> Enable Access, Password Management and A2A

User-added image


2) Create Target Application

User-added image


3) Create Target Account as A2A

User-added image


8. Configure A2A settings

1) Manage A2A -> Script

User-added image


2) Manage 2A2 -> A2A Clients

User-added image

3) Manage A2A -> Mapping

User-added image


9. Test. SSH to target server and run example perl script to get credential.

[root@parda25-I9298 examples]# ./ a2atest true

Return Code: 400

UserID:   root

Password:       Password01


[root@parda25-I9298 examples]#