We at ARCON have a product PAM(Privilege Access Management) system. It provides a SSO and password vault services.
We want to integrate with Royal TSX. To do that we need to lauch royal TSX auto-create the dynamic folders. When a user opens a new RDP or SSH connection we would like to fetch the password from the Vault API and establish the connection.
I didn't notice that you are actually the vendor of the PAM solution.
So how can I help you with getting your solution integrated with Dynamic Folders?
You already mentioned the documentation which is available here. I guess that's the best starting point as it explains all of the available features in RoyalJSON and Dynamic Folders as well as Dynamic Credentials.
Also, like previously mentioned, it's probably a good idea to study the existing sample scripts we have available in our toolbox repository.
If you have any specific questions, please don't hesitate to ask!
cheers,
felix
K
Kalpesh Pusalkar
said
about 5 years ago
I am using Royal TS (for Windows).
Our product is ARCON PAM.
Felix Deimel
said
about 5 years ago
One more question: You posted in the Royal TS (for Windows) forum but mentioned Royal TSX in your message. Which product/platform are you using?
Felix Deimel
said
about 5 years ago
Hi Kalpesh,
yes, that's exactly what Dynamic Folders and Dynamic Credentials are for.
We have several sample scripts available in our toolbox repository. We currently have samples for Thycotic Secret Server and Pleasant Password Server available. If you're using another product, you could probably still use the samples as starting point for integrating the PAM solution you use.
Could you please also let us know which product you use?
Kalpesh Pusalkar
We at ARCON have a product PAM(Privilege Access Management) system. It provides a SSO and password vault services.
We want to integrate with Royal TSX. To do that we need to lauch royal TSX auto-create the dynamic folders. When a user opens a new RDP or SSH connection we would like to fetch the password from the Vault API and establish the connection.
I tried to read the https://www.royalapplications.com/go/kb-all-royaljson but still not sure how do we proceed with this requirement.
Hi Kalpesh,
I'm sorry for the delay.
I stepped through the code and found the issue. The problem is that in the JSON the arguments like this:
"Arguments": "-ssh 10.10.0.38 -l $EffectiveUsername$ -pw $EffectivePassword$ -P 22 -X",
will resolve the the $EffectiveUsername$ and the $EffectivePassword$ with the credentials of the dynamic folder.
To ensure the tokens are resolved at connect time using the dynamic credential values, you need to escape the tokens:
"Arguments": "-ssh 10.10.0.38 -l $$EffectiveUsername$$ -pw $$EffectivePassword$$ -P 22 -X",
Let me know if this works.
Regards,
Stefan
- Oldest First
- Popular
- Newest First
Sorted by Newest FirstFelix Deimel
I'm not sure why you would want to automate that step. Could you please elaborate?
Kalpesh Pusalkar
The readme on https://github.com/royalapplications/toolbox/tree/master/Dynamic%20Folder suggest that to create a dynamic folder the user has to manually "Import - Dynamic Folder". Is there a way to automate this via an external application?
Felix Deimel
Hi Kalpesh,
I didn't notice that you are actually the vendor of the PAM solution.
So how can I help you with getting your solution integrated with Dynamic Folders?
You already mentioned the documentation which is available here. I guess that's the best starting point as it explains all of the available features in RoyalJSON and Dynamic Folders as well as Dynamic Credentials.
Also, like previously mentioned, it's probably a good idea to study the existing sample scripts we have available in our toolbox repository.
If you have any specific questions, please don't hesitate to ask!
cheers,
felix
Kalpesh Pusalkar
I am using Royal TS (for Windows).
Our product is ARCON PAM.
Felix Deimel
One more question: You posted in the Royal TS (for Windows) forum but mentioned Royal TSX in your message. Which product/platform are you using?
Felix Deimel
Hi Kalpesh,
yes, that's exactly what Dynamic Folders and Dynamic Credentials are for.
We have several sample scripts available in our toolbox repository. We currently have samples for Thycotic Secret Server and Pleasant Password Server available. If you're using another product, you could probably still use the samples as starting point for integrating the PAM solution you use.
Could you please also let us know which product you use?
thx,
felix
-
What happened to the forum?
-
About this Forum
-
Security Information
-
Supported Secure Gateway (SSH) ciphers
-
Why is no remote file browser in SCP available?
-
What encryption is used in the rtsz files when enabled?
-
Royal TS V4 License File
-
How to resolve RDP resolution issues in Windows 7 with high resolution screen
-
Auto Fill in web page connection
-
How to reference custom properties in tasks and templates?
See all 260 topics