IPAM Credential Update Via SDK Not Working

Hello,

I was told by a sales engineer this would be the best place to ask about this because devs monitor the forum.

Company I am currently at utilizes a PAM solution for credential management. This solution allows a script to be executed whenever an accounts credentials are updated.

I have created a script using OrionSDK to push the new credentials to Solarwinds using invoke for UpdateUsernamePasswordCredentials.

Now, this works when updating credentials for Orion and UDT, However when I try to update the IPAM credential, I get the error below:

"Orion.Credential.UpdateUsernamePasswordCredentials failed, check fault information. No UsernamePasswordCrednetial with ID xx was found in the Credential table."

However, I can go into database manager, and I see the credential ID is there.

Is this broken functionality? Any other way to do this? Can it be easily fixed or made to work?

We are trying to find a way to automate the credential updates in Solarwinds, as the accounts are updated automatically on a timed basis.

Would preferably like to speak to a SDK/Product dev about this. Please let me know if any other information is required.

Thank you.

  • Hello,

    What is the credential type for the credential ID you are trying to update which is failing?

  • Hi Tony,

    Credential Type is "SolarWinds.IPAM.Storage.Credentials.WindowsCredentialDataObject."

    I thought this might tie into the IPAM_WindowsCred table in some way, and could use that to update the credential, but this doesn't appear to be the case. As that table is empty.

    Thanks for the response!

  • I will need to work this in the lab to validate and come back to you as soon as I can.

  • Only credentials of type SolarWinds.Orion.Core.SharedCredentials.Credentials.UsernamePasswordCredential can be updated by invoking UpdateUsernamePasswordCredentials. Despite being shown when you query Orion.Credential, the IPAM credentials are not stored in the same way and cannot be updated via the API

    Improving how we handle shared credentials across modules, and in particular, this use case you are trying to solve is something I am tracking internally. What is the PAM solution you are using?

  • Thank you ,

    The PAM solution is CyberArk. Currently it just passes the credentials to a script that I created that then updates the credentials in Solarwinds, via OrionSDK. It is not directly updating Solarwinds, itself. Though integrations like that would be great for the future.

    I hope this is something that can be fixed in a future version. It is extremely useful to be able to update this via API and automation.

    It would be nice to see more integration for Solarwinds IPAM in general. As it is, kind of just feels like it was tossed in as a side project and not fully integrated with the rest of Orion.

    One example I can think of for integration, would be pulling device name from nodes when DNS names are not available, say for routers, switches and access points. In the case of a router or L3 switch that may have multiple addresses, this should now allow you to search in IPAM for the device name and see all IP's assigned to that device, and export it.