We at ARCON have a product PAM(Privilege Access Management) system. It provides a SSO and password vault services.
We want to integrate with Royal TSX. To do that we need to lauch royal TSX auto-create the dynamic folders. When a user opens a new RDP or SSH connection we would like to fetch the password from the Vault API and establish the connection.
Thank you for the response. Yes just got that working when the token is escaped.
Stefan Koell
said
about 5 years ago
Glad to hear that. Is your issue now resolved or is still something missing/not working?
K
Kalpesh Pusalkar
said
about 5 years ago
If we can pass Arguments before we launch the app just like credential this will be helpful.
Felix Deimel
said
over 5 years ago
Hi Kalpesh,
yes, that's exactly what Dynamic Folders and Dynamic Credentials are for.
We have several sample scripts available in our toolbox repository. We currently have samples for Thycotic Secret Server and Pleasant Password Server available. If you're using another product, you could probably still use the samples as starting point for integrating the PAM solution you use.
Could you please also let us know which product you use?
thx,
felix
Felix Deimel
said
over 5 years ago
One more question: You posted in the Royal TS (for Windows) forum but mentioned Royal TSX in your message. Which product/platform are you using?
K
Kalpesh Pusalkar
said
over 5 years ago
I am using Royal TS (for Windows).
Our product is ARCON PAM.
Felix Deimel
said
over 5 years ago
Hi Kalpesh,
I didn't notice that you are actually the vendor of the PAM solution.
So how can I help you with getting your solution integrated with Dynamic Folders?
You already mentioned the documentation which is available here. I guess that's the best starting point as it explains all of the available features in RoyalJSON and Dynamic Folders as well as Dynamic Credentials.
Also, like previously mentioned, it's probably a good idea to study the existing sample scripts we have available in our toolbox repository.
If you have any specific questions, please don't hesitate to ask!
cheers,
felix
K
Kalpesh Pusalkar
said
about 5 years ago
Hi Stefan I've managed to use RoyalJSON to fetch services from API and connect RDP with the password from API.
Now i want to launch an external application using the dynamic folder
I'm using the below json object to create the external app.
Whenever i try to launch the app it says "An error occurred while starting the external application: Cannot start process because a file name has not been provided.."
Note that we also have TerminalConnectionType in the royalJson docs for these kind of connections.
Let me know if this helps.
Regards, Stefan
K
Kalpesh Pusalkar
said
about 5 years ago
Hi Stefan
Thanks for your response. I am able to create the connection in the dynamic folder in that way. But the arguments are hard coded in the dynamic folder. Can we pass the arguments at connection time just like dynamic credentials.
But none are able to supply the arguments at the time of connection.
Can you help me out here?
Stefan Koell
said
about 5 years ago
This is unfortunately not possible. What part of the arguments are dynamic? If it's the username and password, you can actually use dynamic credentials and use in the Arguments the replacement tokens:
$EffectiveUsername$ and $EffectivePassword$
Then you just have to assign the appropriate dynamic credential to the connection object.
Let me know if this helps.
Regards,
Stefan
K
Kalpesh Pusalkar
said
about 5 years ago
If i use the below json the aplication is launched with arguments "-ssh 10.10.0.38 -l -pw -P 22 -X"
Kalpesh Pusalkar
We at ARCON have a product PAM(Privilege Access Management) system. It provides a SSO and password vault services.
We want to integrate with Royal TSX. To do that we need to lauch royal TSX auto-create the dynamic folders. When a user opens a new RDP or SSH connection we would like to fetch the password from the Vault API and establish the connection.
I tried to read the https://www.royalapplications.com/go/kb-all-royaljson but still not sure how do we proceed with this requirement.
Hi Kalpesh,
I'm sorry for the delay.
I stepped through the code and found the issue. The problem is that in the JSON the arguments like this:
"Arguments": "-ssh 10.10.0.38 -l $EffectiveUsername$ -pw $EffectivePassword$ -P 22 -X",
will resolve the the $EffectiveUsername$ and the $EffectivePassword$ with the credentials of the dynamic folder.
To ensure the tokens are resolved at connect time using the dynamic credential values, you need to escape the tokens:
"Arguments": "-ssh 10.10.0.38 -l $$EffectiveUsername$$ -pw $$EffectivePassword$$ -P 22 -X",
Let me know if this works.
Regards,
Stefan
- Oldest First
- Popular
- Newest First
Sorted by PopularKalpesh Pusalkar
I dont get any errors or warnings in log. Can you try if this works at your end?
Stefan Koell
Hi Kalpesh,
I'm sorry for the delay.
I stepped through the code and found the issue. The problem is that in the JSON the arguments like this:
"Arguments": "-ssh 10.10.0.38 -l $EffectiveUsername$ -pw $EffectivePassword$ -P 22 -X",
will resolve the the $EffectiveUsername$ and the $EffectivePassword$ with the credentials of the dynamic folder.
To ensure the tokens are resolved at connect time using the dynamic credential values, you need to escape the tokens:
"Arguments": "-ssh 10.10.0.38 -l $$EffectiveUsername$$ -pw $$EffectivePassword$$ -P 22 -X",
Let me know if this works.
Regards,
Stefan
Kalpesh Pusalkar
Hi Stefan
Thank you for the response. Yes just got that working when the token is escaped.
Stefan Koell
Glad to hear that. Is your issue now resolved or is still something missing/not working?
Kalpesh Pusalkar
If we can pass Arguments before we launch the app just like credential this will be helpful.
Felix Deimel
Hi Kalpesh,
yes, that's exactly what Dynamic Folders and Dynamic Credentials are for.
We have several sample scripts available in our toolbox repository. We currently have samples for Thycotic Secret Server and Pleasant Password Server available. If you're using another product, you could probably still use the samples as starting point for integrating the PAM solution you use.
Could you please also let us know which product you use?
thx,
felix
Felix Deimel
One more question: You posted in the Royal TS (for Windows) forum but mentioned Royal TSX in your message. Which product/platform are you using?
Kalpesh Pusalkar
I am using Royal TS (for Windows).
Our product is ARCON PAM.
Felix Deimel
Hi Kalpesh,
I didn't notice that you are actually the vendor of the PAM solution.
So how can I help you with getting your solution integrated with Dynamic Folders?
You already mentioned the documentation which is available here. I guess that's the best starting point as it explains all of the available features in RoyalJSON and Dynamic Folders as well as Dynamic Credentials.
Also, like previously mentioned, it's probably a good idea to study the existing sample scripts we have available in our toolbox repository.
If you have any specific questions, please don't hesitate to ask!
cheers,
felix
Kalpesh Pusalkar
Hi Stefan I've managed to use RoyalJSON to fetch services from API and connect RDP with the password from API.
Now i want to launch an external application using the dynamic folder
I'm using the below json object to create the external app.
----------------------------------------------------------------------------------------------------------------------------
{
"Type":"ExternalApplicationConnection",
"Name":"kalpesh-38",
"ComputerName":"10.10.0.38",
"ID": "00004",
"Description": "test",
"CommandWindows": "putty.exe",
"ArgumentsWinodws": "-ssh 10.10.0.38 -l user1 -pw user@111 -P 22 -X",
"WorkingDirectoryWindows": "F:\\app"
}
----------------------------------------------------------------------------------------------------------------------------
Whenever i try to launch the app it says "An error occurred while starting the external application: Cannot start process because a file name has not been provided.."
Please find the attached screenshot
Stefan Koell
Hi
For this connection type you need to set special properties which have to be addressed differently.
In the docs:
https://www.royalapplications.com/go/rjson-documentation
There's a section called "Advanced scenarios"
{
"Type":"ExternalApplicationConnection",
"Name":"kalpesh-38",
"ComputerName":"10.10.0.38",
"ID": "00004",
"Description": "test",
"Properties": {
"Command": "putty.exe",
"Arguments": "-ssh 10.10.0.38 -l user1 -pw user@111 -P 22 -X",
"WorkingDirectory": "F:\\app"
}
}
You can find all properties for the external application connection here:
https://content.royalapplications.com/Help/RoyalTS/V5/index.html?scripting_objectproperties_royalappconnection.htm
Note that we also have TerminalConnectionType in the royalJson docs for these kind of connections.
Let me know if this helps.
Regards,
Stefan
Kalpesh Pusalkar
Hi Stefan
Thanks for your response. I am able to create the connection in the dynamic folder in that way. But the arguments are hard coded in the dynamic folder. Can we pass the arguments at connection time just like dynamic credentials.
I tried to return following json
--------------------------------------------------------------------------------------------------------
{
"Username": "user1",
"Password": "user@111",
"Arguments": "-ssh 10.10.0.38 -l user1 -pw user@111 -P 22 -X"
}
OR
{
"Arguments": "-ssh 10.10.0.38 -l user1 -pw user@111 -P 22 -X"
}
OR
{
"Properties": {
"Command": "putty.exe",
"Arguments": "-ssh 10.10.0.38 -l user1 -pw user@111 -P 22 -X",
"WorkingDirectory": "F:\\app"
}
}
--------------------------------------------------------------------------------------------------------
But none are able to supply the arguments at the time of connection.
Can you help me out here?
Stefan Koell
This is unfortunately not possible. What part of the arguments are dynamic? If it's the username and password, you can actually use dynamic credentials and use in the Arguments the replacement tokens:
$EffectiveUsername$ and $EffectivePassword$
Then you just have to assign the appropriate dynamic credential to the connection object.
Let me know if this helps.
Regards,
Stefan
Kalpesh Pusalkar
If i use the below json the aplication is launched with arguments "-ssh 10.10.0.38 -l -pw -P 22 -X"
{
"Type":"ExternalApplicationConnection",
"Name":"kalpesh-38",
"Description":"test",
"Properties":{
"Command": "putty.exe",
"Arguments": "-ssh 10.10.0.38 -l $EffectiveUsername$ -pw $EffectivePassword$ -P 22 -X",
"WorkingDirectory":"F:\\Test"
},
"ComputerName":"10.10.0.38",
"CredentialID":"00002",
"ID":"00004"
}
-
What happened to the forum?
-
About this Forum
-
Security Information
-
Supported Secure Gateway (SSH) ciphers
-
Why is no remote file browser in SCP available?
-
What encryption is used in the rtsz files when enabled?
-
Royal TS V4 License File
-
How to resolve RDP resolution issues in Windows 7 with high resolution screen
-
Auto Fill in web page connection
-
How to reference custom properties in tasks and templates?
See all 260 topics