Press "Enter" to skip to content

Posts published in “CyberArk”

CyberArk PAS Install and Configure Lab – v10.9


My Home CyberArk Lab Environment:

  • Vault Server1:
  • Vault Server2:
  • PVWA/CPM/PSM 1 :
  • PVWA/CPM/PSM 2 :
  • PSMP-PSM Gateway
  • PTA

As my record, I put all simplified installation steps together as shown below:

1. Vault Installation

a. Remove unnecessary TCP/IP protocols and only left TCP/IP v4 enabled, and TCP/IP v6 disabled.
b. Right click setup.exe under C:\CyberArkInstallationFiles\Vault Install Files\Server to run as administrator
c. Same process to install PrivateArk client on the vault server.

Install PAS (Privileged Account Security) Vault High Availability


  Topology Server Name       IP Vault01a Storage  VIP DC (NTP Src)   Install Vault in Cluster Mode Following steps are instruction how to install the Vault in cluster mode using above infrastructure.: Set up the Shared Storage Vault Hardening – Preparing Network Interfaces Install the Vault on Node A Configure the Cluster on Node A…

Configure CyberArk PVWA and PSM for SQL Server Management Studio Version 17


Using CyberArk PVWA and PSM to manage SQL Server Management Studio connection is one of use cases in the project. Unfortunately, there was not much detailed documentation how we can get this job done. I have searched CyberArk document site and found following two KBs are very helpful: Eventually I have gone through those documents and guessed some steps to get this configuration working. I am trying to summarize those steps here for…

CyberArk Automatic Account Management


Enable/Disable Automatic Account Management All passwords must be handled through the PVWA interface to ensure that the passwords on remote devices must be synchronized with the corresponding passwords in the Password Vault. However, if a password on the remote device is changed manually and not through the PVWA, it is no longer synchronized with its corresponding password in the Vault, and it becomes unavailable. Whenever this happens, it is essential for the relevant personnel to…

CyberArk PAS Solution Issues and Troubleshooting (PVWA, PSM, CPM)


This is my CyberArk learning post to record those issues I met during working on CyberArk PAS (Privileged Account Security) Solutions which including following modules: PVWA (Password Vault Web Access), PSM (Privileged Session Manager), CPM (Central Policy Manager)

List of my issues:

  • Issue: This app has been blocked
  • Issue: Network Level Authentication Disabled
  • Issue: RDS Installation - Collection Role failed to create
  • Issue: Remote Desktop Licensing mode is not configured
  • Issue: SSH through PSM failed
  • Issue: RDP Remote through PSM failed using local admin account
  • Issue: CyberArk System Health Dashboard
  • LDAP Log In without Entering Domain Name

How to Upgrade a PVWA installation (version to 11.1)


Backup Existing PVWA Configuration Back-up the web.config file from C:\Inetpub\wwwroot\PasswordVault\:  Download PVWA Installer Download the appropriate version of the PVWA installer.  Extract the files out of the installer Zip folder. In the extracted folder, navigate to the Password Vault Web Access Folder and double click on the setup application (Run as Administrator).  Run Setup.exe to upgrade When prompted, select Yes to perform an upgrade of the PVWA  If you come across an error in locating the install path, click Browse and locate the CyberArk Password Vault…

You cannot copy content from