Before you can configure service-to-service password management, you need to add the computers that will be communicating with each other to the Privileged Access Service. You can complete this step by registering computers in the Privileged Access Service as described in Enrolling a computer.
If you register a computer and enable the aapm feature, the service user account for the computer is automatically added to a Client Management role with administrative rights to use commands such as the csetaccount, cgetaccount, and cdelaccount commands. You can then use these commands in scripts to set, retrieve, and delete manged account passwords. The permissions required are set automatically as part of registration.