Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. IT Analytics Help
  3. Section XVI. System Administration
  4. Integrating with CyberArk
  5. Setting up the portal to integrate with CyberArk

Setting up the portal to integrate with CyberArk

Setting up the Portal to work with CyberArk requires a properties file with specific values and executing a script to enable the feature. Most values required in the properties file are derived from entries in the CyberArk application. There are two steps to setup the portal; Setting up properties and running the utility.

Set Up the Properties File on the IT Analytics Portal

  1. Create a properties file in the tmp directory. For example:

    /tmp/dbvaultconnection.properties or C:\tmp\dbvaultconnection.properties

  2. Configure the properties file with the following information:

Table: Properties file configuration

Field Name

Value

vault_vendor_name

CyberArk

Note:

Use only CyberArk as a value in this field.

host

IP Address or hostname of the machine where Agentless AAM(Central Credential Provider) web service is running.

port

port # of Agentless AAM(Central Credential Provider) web service.

https

Set this value to true if Agentless AAM(Central Credential Provider) is running as https service otherwise false

schedule_frequency

The value of this field is in hours. Defines the frequency that IT Analytics will poll CyberArk for password updates. This field is optional. The default is every hour.

app_id

Name/ID of the application as defined in CyberArk. For example: IT Analytics.

user_safe_id

Name of the CyberArk Safe, where 'Portal' user account password is stored.

user_password_folder_name

Name of the CyberArk folder, where the 'Portal' user account password is stored. This field is optional.

user_password_object

Name of the 'Portal' user account password object in CyberArk

For each user account repeat the following. This sample describes the aptare_ro user.

ro_safe_id

Name of the CyberArk Safe, where 'aptare_ro' user account password is stored.

ro_password_folder_name

Name of the CyberArk folder where the 'aptare_ro' user account password is stored. This field is optional.

ro_password_object

Name of the 'aptare_ro' user account password object in CyberArk

Properties file examples

Sample of dbvaultconnection.properties containing 'portal' user account configured:

vault_vendor_name=CyberArk
host=10.x.x.x
port=443
https=true
schedule_frequency=2
app_id=testappid

user_safe_id=safe1
user_password_object=portal_account

Sample of dbvaultconnection.properties containing 'portal' user account configured:

vault_vendor_name=CyberArk
host=10.x.x.x
port=443
https=true
schedule_frequency=2
app_id=testappid

user_safe_id=safe1
user_password_object=portal_account

ro_safe_id=safe2
ro_password_object=ro_account

Run the Utility to enable the CyberArk Integration.

  1. Navigate to the OS-specific utility on the Portal.
    <APTARE_HOME>/utils/configure-db-vault-connection-info.sh 
    <APTARE_HOME/utils/configure-db-vault-connection-info.bat
  2. Execute the utility as a root/tomcat user.

    On Linux:

    <APTARE_HOME>/utils/configure-db-vault-connection-info.sh /tmp/dbvaultconnection.properties

    On Windows

    <APTARE_HOME>/utils/configure-db-vault-connection-info.bat

    /tmp/dbvaultconnection.properties

    The utility validates the connection parameter by invoking the REST API for each user configured in the properties file. If the validation is successful, the properties file is copied to the <HOME>/datarcvrconf/passwordvault/ folder. If the validation fails, a message is displayed and the CyberArk integration is not enabled.

  3. If required, navigate to the log file to troubleshoot further:
    <APTARE_HOME>\logs\passwordVaultValidator.log

Feedback

Was this page helpful?
Previous

CyberArk setup prerequisites

Next

Tuning IT Analytics

Feedback

Was this page helpful?