Symantec Privileged Access Management

  • Private Community

  • 1.  capam_command and batchsequence

    Posted Jan 23, 2018 05:58 AM

    Helllo

     

    Has anyone ever tried running batchsequences ?

    I'm trying to send a batchsequence command using the CAPAM CLI, but it's complaining about the schema validation.

    Based on the AddAll.xml sample that's on the documentation, I created the following one:

    <?xml version="1.0" encoding="UTF-8"?>
    <CLI_REQUEST>
       <COMMAND name="addTargetApplication">
          <COMMAND_PARAMETERS>
             <PARAMETER>
                <NAME>TargetServer.hostName</NAME>
                <VALUE>10.1.1.1</VALUE>
             </PARAMETER>
             <PARAMETER>
                <NAME>TargetApplication.type</NAME>
                <VALUE>Generic</VALUE>
             </PARAMETER>
             <PARAMETER>
                <NAME>TargetApplication.name</NAME>
                <VALUE>GEN-Test</VALUE>
             </PARAMETER>
             <PARAMETER>
                <NAME>Attribute.descriptor1</NAME>
                <VALUE>Test</VALUE>
             </PARAMETER>
             <PARAMETER>
                <NAME>Attribute.descriptor2</NAME>
                <VALUE>Test</VALUE>
             </PARAMETER>
          </COMMAND_PARAMETERS>
       </COMMAND>
    </CLI_REQUEST>

     

    But I'm getting the following error.

    Jan 23, 2018 10:45:29 AM com.cloakware.cspm.common.util.ab b
    SEVERE: Failed to validate XML document schema
    org.xml.sax.SAXParseException; cvc-elt.1.a: Cannot find the declaration of element 'CLI_REQUEST'.

     

    For me, this error doesn't make sense since my request respects the schema provided on the documentation.

    Does anyone ever saw this error?

    Thanks in advance

     

    Best regards



  • 2.  Re: capam_command and batchsequence
    Best Answer

    Broadcom Employee
    Posted Jan 23, 2018 11:20 AM

    Hello, your CLI_REQUEST element is missing name server and schema information. The correct first line is

    <CLI_REQUEST xmlns="http://www.cloakware.com" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.cloakware.com/opt/cloakware/cspmserver/tools/cli/cspmcli.xsd">

     

    See https://docops.ca.com/ca-privileged-access-manager/3-0-2/EN/programming/credential-manager-apis/use-the-credential-manager-cli/batch-command-execution, except that the example in there doesn't quote the name server value properly, and it's not clear that the <CLI_REQUEST …> element should be on a single line. We'll notify the doc team on this.