MID server doesn't accept SNMPv3 credentials from CyberArk that do have a policy id other than SNMPv3 and SNMPv3PrivacyKey


Description

MID server doesn't accept  SNMPv3 credentials from CyberArk that do have a policy id other than SNMPv3 and SNMPv3PrivacyKey

Steps to Reproduce

  1. Create a new SNMPv3 Credential as per CyberArk vault configuration
  2. Create a new MID SNMP Trap Listener
  3. Associate the credential from item 1 to item 2 above
  4. Start MID SNMP Trap listener
  5. Observed warning that ignoring the SNMPv3 Credential
    06/02/20 12:20:49 (039) ECCQueueMonitor.1 WARNING *** WARNING *** (70)SNMPTrapListener - SNMPTrapListener: (<credential>): Security name does not defined for credentials: <credential>,skeeping this record

OR

  1. Create snmpv3 credential on discovery_credentials table
  2. In order to confirm the credential is correct discover an IP address which uses such credential while at the same time reviewing network traffic with wireshark
  3. Recreate the credential, however this time as an external CyberArk credential
  4. Discover the same CI while at the same time reviewing network traffic with wireshark and compare the captures, instance credential vs external credential

Workaround

  1. Set CyberArk credential policy IDs to 'SNMPv3' and 'SNMPv3PrivacyKey' respectively.

Related Problem: PRB1409851