Trillium Discovery can be integrated with your company’s CyberArk account security solution. The integration enhances Trillium Discovery security by passing secure, encrypted password vault information when connecting to password-protected ODBC data sources.
The basis of the integration is the CyberArk password vault URL, which enables Trillium Discovery to retrieve secure database credentials stored in an encrypted digital vault. The vault URL is a parameter in the Trillium server config.txt file.
This URL can be specified during the Trillium server installation. Administrators can also change the URL at any time (or add it if not previously specified) by editing the server’s config.txt file.
The vault URL needs to be configured in the config.txt file to allow Discovery Center and Control Center users to enter CyberArk credentials when creating an ODBC data source/entity using a Trillium-Supplied ODBC connection.
To configure the CyberArk password vault URL
-
On the Trillium server system, open the config.txt file for editing. By default, the file is installed in the server install path. For example:
-
On Windows: C:\Program Files\Trillium Software\MBSW\17\etc
-
On Linux: …install path/metabase/etc
-
-
Go to the
key password_vault
section. -
Modify the value of the
service_url
parameter.For example,
key password_vault { key cyberark { value service_url @https://server.us.company.com } }
Note: The URL consists of the name of the server where CyberArk is hosted, starting with http:// or https://. Any additional URL path properties are automatically populated by the application. -
Save and close the file.
-
Restart the Trillium RestAPI service.