We at ARCON have a product PAM(Privilege Access Management) system. It provides a SSO and password vault services.
We want to integrate with Royal TSX. To do that we need to lauch royal TSX auto-create the dynamic folders. When a user opens a new RDP or SSH connection we would like to fetch the password from the Vault API and establish the connection.
Kalpesh Pusalkar
We at ARCON have a product PAM(Privilege Access Management) system. It provides a SSO and password vault services.
We want to integrate with Royal TSX. To do that we need to lauch royal TSX auto-create the dynamic folders. When a user opens a new RDP or SSH connection we would like to fetch the password from the Vault API and establish the connection.
I tried to read the https://www.royalapplications.com/go/kb-all-royaljson but still not sure how do we proceed with this requirement.
Hi Kalpesh,
I'm sorry for the delay.
I stepped through the code and found the issue. The problem is that in the JSON the arguments like this:
"Arguments": "-ssh 10.10.0.38 -l $EffectiveUsername$ -pw $EffectivePassword$ -P 22 -X",
will resolve the the $EffectiveUsername$ and the $EffectivePassword$ with the credentials of the dynamic folder.
To ensure the tokens are resolved at connect time using the dynamic credential values, you need to escape the tokens:
"Arguments": "-ssh 10.10.0.38 -l $$EffectiveUsername$$ -pw $$EffectivePassword$$ -P 22 -X",
Let me know if this works.
Regards,
Stefan
- Oldest First
- Popular
- Newest First
Sorted by Oldest FirstKalpesh Pusalkar
Yes the api returns
{ "Username": "user1", "Password": "user@111" }Stefan Koell
Can you examine the logs (via the View tab) and check if there's an error or warning?
Kalpesh Pusalkar
I dont get any errors or warnings in log. Can you try if this works at your end?
Kalpesh Pusalkar
If we can pass Arguments before we launch the app just like credential this will be helpful.
Stefan Koell
Hi Kalpesh,
I'm sorry for the delay.
I stepped through the code and found the issue. The problem is that in the JSON the arguments like this:
"Arguments": "-ssh 10.10.0.38 -l $EffectiveUsername$ -pw $EffectivePassword$ -P 22 -X",
will resolve the the $EffectiveUsername$ and the $EffectivePassword$ with the credentials of the dynamic folder.
To ensure the tokens are resolved at connect time using the dynamic credential values, you need to escape the tokens:
"Arguments": "-ssh 10.10.0.38 -l $$EffectiveUsername$$ -pw $$EffectivePassword$$ -P 22 -X",
Let me know if this works.
Regards,
Stefan
Kalpesh Pusalkar
Hi Stefan
Thank you for the response. Yes just got that working when the token is escaped.
Stefan Koell
Glad to hear that. Is your issue now resolved or is still something missing/not working?
-
What happened to the forum?
-
About this Forum
-
Security Information
-
Supported Secure Gateway (SSH) ciphers
-
Why is no remote file browser in SCP available?
-
What encryption is used in the rtsz files when enabled?
-
Royal TS V4 License File
-
How to resolve RDP resolution issues in Windows 7 with high resolution screen
-
Auto Fill in web page connection
-
How to reference custom properties in tasks and templates?
See all 275 topics