Upgrade the Privilege Cloud Connector

This topic describes how to upgrade the Privilege Cloud Connector from any legacy version to the latest version by upgrading both the CPM and PSM components on your Connector server.


Following are important considerations for upgrading the Privilege Cloud Connector:



CPM and PSM components

Each of the Privilege Cloud Connector components  (CPM and PSM have separate upgrade procedures).

If you have multiple Connectors, you need to perform the upgrade on each one of them.

GPO hardening - Upgrading customized settings

The Connector machine is secured by the CPM and PSM hardening settings, which are updated from time to time. If you have applied customized settings of your own these will be overridden by the new GPO hardening. You can choose to perform the hardening in one of the following ways:

  • Record your customized hardening settings, complete the hardening process, and reapply your settings.

  • Retain your current GPO settings. Run the upgrade process up to the GPO step, do not apply the automatic GPO hardening update, and manually add the new GPO hardening settings that have been added in this upgrade to your legacy GPO settings.

Unified GPO hardening vs. PSM only hardening

When installing both PSM and CPM on a single machine, deploy the unified GPO hardening file.

When installing only the PSM component on the machine, use the separate PSM GPO script.

Upgrade tool

For Privilege Cloud components CPM and PSM, there are two upgrade tools:

  • Make sure to review the Privilege Cloud Connector end of support dates  to help determine when to upgrade your Connector.

  • You can upgrade the Connector components at any time, regardless of whether the Privilege Cloud backend has been upgraded to the latest version or not.

Check your CPM and PSM versions

  1. On the Connector, press Windows + R keys simultaneously to launch the Run box.

  2. In the Run box, enter appwiz.cpl, and click OK.

  3. On the Programs and Features page, select CyberArk Privilege Session Manager>CyberArk Central Policy Manager. The versions are displayed.

For details about the version files and builds, see Release notes v14.1