Skip to main content

Onboarding a system

Users assigned as system trustees can use the System: Onboard request to onboard a system.

Click below to view a demonstration:

  1. From the home page, click Manage resources.

  2. Click System: Onboard.

  3. Select a System Type from the drop-down menu.

    Valid system types depend on the scenario components installed, and can include:

    • CentOS

    • Windows Server

    • Oracle

    • MSSQL

    • Vault System

    • Red Hat Enterprise Linux

    • SUSE Linux

    • Solaris 10+ Server

    Vault systems are null targets that can be used to simulate a target system that cannot be targeted another way.

    3406.png

    Click Next .

  4. Enter system onboarding details. including the System Team, the team that will be able to access the system. Depending on the system type, other attributes may include:

    • System FQDN The system’s fully qualified domain name

    • System Team the team that will be able to access the system

    • System Instance ID (Oracle)

    • System Port Format: 1-65535

    • Zone The proxy zone or network (Windows, optional)

      See Example: Expose the ZONE attribute for an example of how to configure this attribute.

    • Connect using managed account (Windows, optional)

      See Example: Expose the USE_MANAGED_CREDENTIALS attribute for an example of how to configure this attribute.

    3407.png

    Click Next .

  5. Enter System onboarding credentials as required.

    For Windows systems, if Connect using managed account was selected in the previous step, you must enter the account ID to use for target system credentials.

    3408.png

  6. Click Submit.

    Bravura Security Fabric notifies authorizers to review the request if required.

  7. Click the View request link at the top of the page to view the status of the request.

Once the request has been approved, account trustees can manage accounts on this system. Systems are onboarded in real time; there is no need to wait for auto discovery to load the system into the database.

API automation for system onboard

Once the API has been configured (See ”SOAP API” in Bravura Security Fabric Remote API (api.pdf) and your script has been authenticated to the API (Login or LoginEx API calls), the WF API calls can be used to create an API request.

Use the WFPDRSubmit function to create a workflow request and submit the request for publishing.

When submitting a request, use "ONBOARD_SYSTEM" as the PDR ID. The request uses the following attributes:

attrkey

value

SYSTEM_TYPE

The system type:

  • CENTOS for CentOS

  • WINNT For Windows Server

  • ORACLE for Oracle

  • MSSQL for SQL Server

  • SYSTEM VAULT for Vault System

  • REDHAT for Red Hat Enterprise Linux

  • SUSE for SUSE Linux

  • SOLARIS for Solaris 10+ Server

FQDN

The fully qualified domain name of the system to be onboarded.

INSTANCE

Optional: System Instance ID (Oracle system type only).

PORT

Optional: System port (format: 1-65535)

ZONE

Optional: Proxy zone. Leave it blank if not using proxy server.

MS_TEAM

The team that the system will be assigned to

USE_MANAGED_CREDENTIAL

T to use a managed credential, F to use system credentials.

ADMIN

Administrator ID of the system. Leave it blank if USE_MANAGED_CREDENTIAL is set to T.

ADMIN_PASS

Administrator password of the system.

SYS_UUID

A universally unique identifier that will be used as the target ID of the onboarded system (Optional).

MANAGED_ADMIN

The account GUID of the managed account being used as the admin credential. Leave it blank if USE_MANAGED_CREDENTIAL is set to F.

ONBOARD_SYSTEM batch request sample:

"SYSTEM_TYPE","FQDN","ZONE","MS_TEAM","USE_MANAGED_CREDENTIAL","ADMIN","ADMIN_PASS","SYS_UUID"
"WINNT", "AMS-WIN8-7M9.corp1.domain","none","TEAM-000000","F","Administrator","F00bar123","d39b55f0-7a6a-487a-abe4-bd8c9ec1679c"
In this section: