Search for	Example	Results
A single word	`cat`	Topics that contain the word "cat". You will also find its grammatical variations, such as "cats".
A phrase. You can specify that the search results contain a specific phrase.	`"cat food"` (quotation marks)	Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase.

Search for	Operator	Example
Two or more words in the same topic	`AND` `and` `+` (plus symbol) `&` (ampersand)	`cat AND dog` `"cat food"+milk` `"cat food"&"dog food"`
Either word in a topic	`OR` `or` `\|` (pipe)	`cat OR dog` `cat \| dog`
Topics that do not contain a specific word or phrase	`NOT` `not` `!` (exclamation point)	`NOT cat` `! dog`
Topics that contain one string and do not contain another	`^` (caret)	`cat ^ mouse`
A combination of search types	`( )` parentheses	`cat + (dog \| mouse)` `cat \| dog + (! mouse)`

Configuration Management System (CMS)2018.05

Use > Data Flow Management > Integrations > Integrating UCMDB with CyberArk Enterprise Password Vault > Overview

Overview

CyberArk’s Application Identity Management solution uses the Privileged Account Security solution to eliminate the need to store application passwords embedded in applications, scripts or configuration files, and allows these highly-sensitive passwords to be centrally stored, logged and managed within the Vault. This unique approach enables organizations to comply with internal and regulatory compliance requirements of periodic password replacement, and monitor all activities associated with all types of Privileged Identities whether on-premise or in the cloud, across operating systems, databases, applications, hypervisors, network devices, and more.

The integration between UCMDB and CyberArk's Application Identity Management allows Universal Discovery administrators to configure credentials for supported Universal Discovery protocols, which enables administrators to manage the credentials in a secure and easy way.

Instead of storing the passwords themselves in UCMDB/UD, this integration involves storing only references (in the CyberArk Enterprise Password Vault part of the Privileged Account Security Solution) to the passwords, and retrieving (using CyberArk’s AIM SDK) the passwords when they are needed from the digital vault using the stored references.

Note As the CyberArk integration enables the discovery of content but does not actually perform data collection, no MDR integration license is required for the use of this capability.

Deployment

The following diagram illustrates the overall deployment.

How the CyberArk Integration Works

The CyberArk integration enables UCMDB/UD to retrieve usernames and passwords from the CyberArk Enterprise Password Vault as follows:

Administrators to create a Safe, Application, and Account on the CyberArk Server, including username, password, and unique reference ID.
Universal Discovery administrators to create a credential on UCMDB Server, using the same CyberArk Safe, Application, and Account values created in step 1 as reference ID in the following format: <Safe_Name>\<Folder_Path>\<Reference_ID>
The CyberArk integration synchronizes the CyberArk references to Data Flow Probes. No password information contained.
Universal Discovery administrators to run discovery jobs using the unique referenceID to retrieve username and password from CyberArk.

Send Help Center feedback