Centrify

Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-8423: ServiceNow CPS Integration failure

Centrify Privilege Service ,  

22 March,17 at 10:49 PM

Applies to: Centrify Priveledge Service 16.12 and above

Problem: 
When attempting to set-up a user or service account in the Privileged Service App within ServiceNow I get the following Java error:
Error getResources -> java.util.NoSuchElementException x_cenr3_priv_acces

Cause:
The user or service account has MFA enabled for authentication.

Resolution:
In Centrify Identity Service:

  1. Create a Role (e.g. Service Accounts) and add the service account for ServiceNow.

  2. Create an Authentication profile (e.g. User/Password) and only check the password box for the first challenge.

  3. Create a Policy (e.g. Service Accounts), make sure it applies only to the role created to step # 1 and set it to User Security Policies > Login Policies > Default Auth profile if no conditions are met = User/Password.

  4. In an incognito window, try to log in with the ServiceNow service account, you should only be challenged to provide a password.

In ServiceNow:

  1. Navigate to the Centrify Privilege Service App > Properties and make sure the tenant URL, account and password are correct and press save.

  2. Navigate to Centrify Privilege Service App > API Sync and make sure the check for Active is set. Configure interval if needed, press save and then Sync Now.

  3. Navigate to Centrify Privilege Service App > Resources and you should see the resources there.

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.

Related Articles

 articleKB-6044: How to configure users for automatic Kerberos Credentials for infinite renewal even after users have logged out? articleKB-6050: How to configure a group for automatic Kerberos Credentials for infinite renewal? articleKB-8951: Centrify Product Naming Changes - July 2017 articleKB-4257: Troubleshooting Integrated Windows Authentication (IWA) with Centrify Identity Service articleKB-7555: Unable to login as root after upgrade to Centrify Suite 2016 (CDC 5.3.0) articleKB-8942: What are the steps to migrate a RHEL Brightstore cluster to Centrify articleKB-6073: How to join the Linux/Unix Centrify Server to Active Directory with specific Computer Role? articleKB-6041: How to show current license type in use by adclient? articleKB-6040: How to change the license type in use after adclient successful joined to the AD?