CPM plugins


CPM plugins support remote password management on the platforms set forth in this documentation. CyberArk may choose not to provide maintenance and support services for CPM plugins with relation to any of the platforms and systems which have reached their formal End-of-Life date, as published by their respective vendors from time to time. For more information, contact your CyberArk support representative.

CPM plugins are used to connect to target machines in order to manage passwords. CPM plugin functionality includes:
  • Changing or verifying passwords on target machines
  • Updating new passwords in Privilege Cloud
  • Reconciling passwords, when necessary

Different systems types have different plugins. For example, the way you log in and change a password on a Windows server is different than how you do the same thing on a Unix server.

Each plugin is associated with the relevant platform that manages the password policy setting for the specific target machine.

For information about which local user permissions are required for a plugin to run, see How local Windows user permissions may affect plugins.

Privilege Cloud includes out-of-the-box plugins, which are already associated with a platform. For details, see Target account plugins and Service account plugins.

You can also download plugins from CyberArk Marketplace, or develop new plugins yourself. For details, see Create CPM plugins.

During the CPM hardening process, three local Windows service users are created to run the CPM service. The permission levels of these users may affect plugins, requiring changes to the plugin user permissions. For more information, see How local Windows user permissions may affect plugins.