Network Configuration Manager Password Management using ManageEngine Password Manager Pro
Network Configuration Manager integrates ManageEngine Password Manager Pro (PMP) using XML-RPC API. Using these APIs, Network Configuration Manager will fetch the passwords for the provisioned network devices from PMP and use the same to connect to the network devices. This integration provides a way to store the user account password for various network devices in PMP. Network devices password rotation can be performed from PMP and the same will get updated in Network Configuration Manager for subsequent use to connect to the network devices.
How does the integration work?
Create resources in PMP corresponding to the network devices available in Network Configuration Manager. Network Configuration Manager will invoke xml-rpc based APIs exposed by PMP using https to fetch the securely stored passwords for each and every network device. Once the passwords are fetched, the same will be used by Network Configuration Manager to connect to the network devices.
Steps to configure Network Configuration Manager and PMP for password management
- Create SSL certificate for Network Configuration Manager server to communicate with PMP securely (Look for generating certificate section for XML-RPC here).
- Add API user in PMP (Detailed help is available here).
- Add resources in PMP with the same hostname as that of the network devices in Network Configuration Manager and share the resources to the API user. For network devices that do not have username, need to add an account as deuser in PMP to store and fetch the passwords.
- Update the PMP server details and p12 key in the PMP_API.conf file available under <Network Configuration Manager Home>/conf/pmp/ directory.
- ServerName=<PMP servername>
- KeyStorePath=<PKCS12 keystore path>
- KeyStorePassword=<Password that was given while creating the pkcs12 key>
- From the Network Configuration Manager client, you can use the RetrievePassword menu item under MoreActions or use the bulk retrieve option from the Admin tab --> Password Management option.