I am trying to set up privileged task workflow and testing out using the get user by samaccountname AD task. I am getting the following error when I test it.
{“error”:{“detailCode”:“403 Authorization Failed”,“message”:{“locale”:“en-US”,“localeOrigin”:“DEFAULT”,“text”:“Login failed for the supplied user account. Invalid username or password for the supplied domain.”}}}
I can confirm that the username and password are accurate. I am also able to run an ldap search from PAG and I am getting results. I couldn’t find any additional details in PAG logs even after turning on debug level.
Anyone else faced this issue? Are there any additional configurations to enable more logging in PAG?
Resurfacing this post to see if anyone got the privileged task automation workflow to work using a Delinea Secret Server cloud credential store? I don’t think there’s an issue with the secret path or credential store configuration as I am able to use the same path in Source configuration which works without issue. Its the privileged task workflow that is having issue. Couldn’t get much from logs. Support too doesn’t seem to know much about this feature.
I am using domain info in Delinea. I am using the same secret path in the credential store configuration of an AD source which works fine. It fails only in Privileged task automation action. Unfortunately, nothing in logs that is helping me solve this and support has no clue about this feature.
How are you enabling debug level for pag logs. our workflow is getting struck at one of the pag step and we dont see any thing in pag logs and workflow is also not getting executed. its just struck at the pag step. can any one help.
In the logs there is a bit of a stack trace. Calling this URL w/ curl gives a 403. I would like to debug/turn up logging, but it doesn’t seem to work so far.
I read somewhere it only works with cyberark (got to dig up where I saw that). I tried it with Azure Vault way back. Url works well and brings out the id and password info in json format but ISC ignored it. Wonder if anyone has got it working without cyberark
My issue was with the credential provider url syntax. (we are using delinea as the cred provider)
The error I saw in the log was during the SHUTDOWN of PAG, and not the start up.
Everything is working as it should now. I am still looking for a way to debug. I will try using the GUI to set debug on, and see if that helps and report back.
So, in short it definitely works with Delinea.
I found that you have to use the following syntax: (everything inside the “/”, between the cred_providername and the field you are pulling back needs to be URL, encoded.) SP uses the “/” as a field separator it appears.
Hi All
Does anyone worked with AWS vault with PTA.
I have azure VA and i am using AWS vault as credential provider.
I am facing some issue. If anyone worked on it. Please let me know
thanks