After the update to version 13 of CyberArk, I noticed that I am unable to manage the passwords of my privileged accounts in the vault. When I check pm.log and pm_error.log that I found error which is CACPM415E Parameter file name of Password Safe: is larger than the maximum allowed file name.
Central Policy Manager (CPM) Log files path:
“C:\Program Files (x86)\CyberArk\Password Manager\Logs”
CACPM415E Parameter file name of Password Safe: is larger than the maximum allowed file name. Operation aborted.
The XML file created for the usage is based on the following categories and the file name is over 240 characters.
NTFS only supports names up to 240 characters.
The answer or the steps taken to resolve the issue. The XML files for the service is created based on the following Categories:
1) Full path of CPM
7) File name postfix (“XML”)
This means that the name of the xml file for this specific object will be: “C:\Program Files (x86)\CyberArk\Password Manager\tmp\-PolicyID-SafeName-FolderNAme-ObjectName-CurrentTime.xml” When this is over 240 characters, the file is not created and the CPM fails to change the password for the usage.
The interesting thing is that I was not getting this kind of error in the previous version. I noticed that CyberArk writes CurrentTime longer with version 13. It causes that name of the xml file exceeds over 240 characters.
Easiest workaround would be to shorten account/platform name. But It takes so much time and operational work. So that I used CyberArk REST API via python script.
Solution (Best Way)
CyberArk accepted this issue as a bug and released new CPM upgrade packet on CyberArk Marketplace
I hope this helps!