Documentation forDatabase Performance Analyzer

Revert the CyberArk integration

If you have configured DPA to use credentials stored in CyberArk, complete the following steps if you need to revert the integration and have DPA manage the credentials instead.

  1. Delete all the CyberArk-related certificates from the DPA trust store.
  2. Change the credential provider type:

    1. Open the following file in a text editor:

      DPA-install-dir\iwc\tomcat\ignite_config\idc\system.properties

    2. Change the value of the following properties (if they exist) from CYBERARK_REMOTE to DPA, and save the file:

      com.solarwinds.dpa.credentials.provider.type=DPA

      com.solarwinds.dpa.credentials.provider.type.database=DPA

      com.solarwinds.dpa.credentials.provider.type.repository=DPA

      com.solarwinds.dpa.credentials.provider.type.vsphere=DPA

      com.solarwinds.dpa.credentials.provider.type.mail=DPA

      com.solarwinds.dpa.credentials.provider.type.ldap=DPA

  3. Remove the keystore containing the CyberArk client certificate. The location of the keystore is in the following file:

    DPA-install-dir\iwc\tomcat\ignite_config\idc\cyberark.properties

  4. Delete the cyberark.properties file.

  5. Restart DPA.

    After the restart, DPA wizards and other interfaces display fields for credentials instead of the CyberArk credentials query.

  6. For each monitored database instance, use the Update Connection Wizard to enter the user name and password for the DPA monitoring user.
  7. For each monitored VMware ESX/ESXi Host or vCenter Server, open the Update VMware Connection page and update the credentials.
  8. To stop using CyberArk credentials for the DPA repository database:

    1. Open the following file in a text editor:

      DPA-install-dir\iwc\tomcat\ignite_config\idc\repo.properties

    2. Remove the line that starts with repo.cyberarkQuery,

    3. Add or uncomment the repo.user and repo.password properties.

    4. Save the file.

    5. Restart DPA for the changes to take effect.

  9. If DPA uses your company's mail server to send email, update the user name and password required to access the mail server.

    If DPA uses the default mail server or the embedded mail server, no changes are needed.

  10. If DPA is configured to use AD or LDAP user authentication, use the Configure AD/LDAP wizard to update the user name and password that DPA uses to query the directory for users and groups. Then restart DPA for the changes to take effect.