The are different ways that CyberArk can be integrated with Royal TS/X. One way is via Dynamic Folders. This topic is well documented and you can find more information on this topic here:
https://github.com/itdistrict/cyberRoyal
We have, however, had numerous tickets regarding the integration of CyberArk with Royal TS/X without using a Dynamic Folder. This topic is, unfortunately, not that well documented, so we will discuss this topic next.
Connect through PSM for SSH in Royal TS/X:
The CyberArk Privileged Session Manager for SSH (PSM for SSH) enables you to connect to remote SSH systems and devices with a native user experience through any SSH client, such as Royal TS/X, plink, PuTTY, OpenSSH, and SecureCRT. We will only discuss how to do this using Royal TS/X.
The following is an example of the full connection string you will need: vaultuser@targetuser#domainaddress@targetmachine#targetport@targetpassword@proxyaddress:port
The documentation for the above connection string can be found here:
Please note: not all parameters are mandatory
Hostname: pam_server (FQDN - „Fully Qualified Domain Name“ of the CyberArk Privileged Session Manager Server)
Port: port number
Username: vaultuser@targetuser#domainaddress@targetmachine#targetport@targetpassword
Password: can be set from properties as usual. Please note that in some cases it can also be the PIN and a generated token (2FA)
Please also make sure to enable the "TLS Encryption" setting.
For Rebex-Based SSH connections, please configure the following:
Full Credentials:
*Please use the following string: vaultuser@targetuser#domainaddress@targetmachine#targetport@targetpassword
Basic Credentials (most frequently used):
For PuTTY-Based SSH connections, please configure the following:
*Please use the following string: vaultuser@targetuser#domainaddress@targetmachine#targetport@targetpassword
For RDP connections, please configure the following:
*If the PSM is load balanced, use the FQDN for the computer name!
*please use the following string: psm /u targetuser@domainaddress /a targetmachine /c PSM-RDP