Configuring the Kron PAM Extension Before Uploading to UCMDB

kron pam extension package according to the standard guidelines provided by opentext unzip the kron pam extension package navigate passwordvaults and then the kron pam folder open the passwordvault json file with a text editor edit the file with proper values and then save it then zip the files again to re pack the extension package configuration parameter description vaultrestapiserver the url for accessing the kron pam password vault’s rest api this should be the fully qualified domain name or ip address along with the correct protocol (e g , https //pam example com) token the application token obtained from kron pam this token authenticates and authorizes requests to the password vault ignoresslcert a boolean parameter indicating whether ssl certificate validation should be bypassed set to true in test environments where certificates might be self signed, and false in production environments for strict ssl validation comment a text field that can be used to store notes about the credential requests this note will be logged by kron pam tenantid if kron pam is deployed in a multi tenant environment, this parameter specifies the unique tenant identifier it ensures that credentials and operations are correctly scoped to the appropriate tenant if there is a single tenant installation, it should be configured as “host” expirationinminute the time period (in minutes) after which the password is considered expired kron pam can rotate or invalidate credentials once this threshold is reached, enhancing security by reducing the window of exposure changerequired a boolean parameter that, when set to true, indicates the password must be changed (or rotated) before password retrieval