Account Discovery - Can't add new machine becasue PING is blcoked from CPM to the target machines

Modified on Sun, 01 Jan 2017 at 01:04 PM


When runing Account Discovery (CyberArk PAS v9.6) the process can't PING some machines so the machines aren't added to the pending accounts feed, PING is blcoked from CPM to the target machines.


The Account Discovery process based on CyberArk DNA engine and CyberArk DNA  by default ping the machines before adding them to the report and if the machines aren't answer to ping they will not be added to the report - in our case the Account Discovery process will not add the machines to the Pending Accounts page if ping is disabled.

In order to solve the issue, please see the following procedure:

  1. Connect to the CPM machine
  2. Open the scanner config file:C:\Program Files (x86)\CyberArk\Password Manager\Scanner\CACPMScanner.exe.config
  3. Add the following value under the "<!-- DNA configuration  -->" section: <add key="PingMachineBeforeScan" value="False" /> 
  4. Restart the "CyberArk Central Policy Manager Scanner" service.
  5. Run new Account Discovery process from the PVWA.

Applies to: CyberArk PAS v9.6.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article