Environment
Privileged Account Manager 3.7.0.1
Privileged Account Manager 3.7
Situation
Checking out a credential from the My Access User Console reports the following error:
Unauthorized operation.
The unifid.log reports the following:
Info, prvcrdvlt getVault client:localhost rc:0 status:200(No resource(s) found.) (2ms)
Info, cmdctrl passwordCheckOut client:localhost rc:0 status:401(Unauthorized operation.) (5ms)
Debug, https POST /SPF.Util client:<ip> rc:0 status:200(OK) (119ms)
Resolution
Please correct either the Command Control's "Run Host" value to match exactly the intended "Resource Name" from the Credential Vault or correct the "Resource Name" value from the Credential Vault to match the "Run Host" configured in the cmdctrl rule. They should explicitly match.
Cause
A mismatch in "Run Host" vs Vault's "Resource Name." The value of the authorizing cmdctrl rule's "Run Host" field could not be found from the Credential Vault. The "Resource Name" from the Vault and the "Run Host" field from the Command Control Rule should match.