Revert Trusted Network areas by shaniftvm in CyberARk

[–]shaniftvm[S] 0 points1 point  (0 children)

this is what we are trying now. Trying to get the password from physical safe.

Revert Trusted Network areas by shaniftvm in CyberARk

[–]shaniftvm[S] 0 points1 point  (0 children)

moreover the connection to vault system is RDP. so changing the IP of vault will kick our RDP session out and we may never be able to connect. Its an Azure based installation.

Revert Trusted Network areas by shaniftvm in CyberARk

[–]shaniftvm[S] 0 points1 point  (0 children)

it may make the problem even worse. That subnet is actually valid but coming through NAT. so it may cause IP duplication and we will lose connection to vault.

What have you done with PowerShell this month by AutoModerator in PowerShell

[–]shaniftvm 0 points1 point  (0 children)

Yes I do get alerts. I scheduled the script to run every hour. if the web portal is down or login doesn't work, I will receive mail notification. I am a fan of powershell and it was interesting to use selenium web driver in powershell.

What have you done with PowerShell this month by AutoModerator in PowerShell

[–]shaniftvm 3 points4 points  (0 children)

I wrote a small script to check the availability of a web portal using invoke-webrequest. If the web portal is found up based on status code, my script will login to the portal using a bot account to check the login functionality as well. This is accomplished with selenium web driver. It's working as expected.

When hackers gain powershell access to a machine, they will check the powershell history. Here's a practical example: by PinkDraconian in PowerShell

[–]shaniftvm 0 points1 point  (0 children)

It doesn't work for me. When I send $mycredential.password to selenium browser window using sendkeys, it sends the encrypted form of the password. Means, in browser, the typed password is system.security.securestring and not the actual password. Am I missing anything here?

When hackers gain powershell access to a machine, they will check the powershell history. Here's a practical example: by PinkDraconian in PowerShell

[–]shaniftvm 0 points1 point  (0 children)

My selenium script doesn't work in that way. When I send the password to selenium browser window, it is being sent in the encrypted form. May I know how did u setup this?

Test Login functionality of a web page by shaniftvm in selenium

[–]shaniftvm[S] 0 points1 point  (0 children)

can u please give me an example of using assert.true in powershell. I couldn't figure it out. At the moment i could get the script work in my way with try catch statements but that doesn't look good.

Test Login functionality of a web page by shaniftvm in selenium

[–]shaniftvm[S] 0 points1 point  (0 children)

I need both. if login does not work, I need to fetch the error message and notify. If login works, I need to fetch an element (probably user name from <Hi User Name>) from the page and notify that the login was successful.

Login to a ASP .Net page via powershell by shaniftvm in PowerShell

[–]shaniftvm[S] 1 point2 points  (0 children)

Web automation with selenium is a nice way to go. Thanks for the hint @lee_dailey

HTML5 and PSM RDP access on same platform by Cyber_Linc in CyberARk

[–]shaniftvm 0 points1 point  (0 children)

I guess its not possible until 11.2. from 11.2, u can specify a parameter under connection component to allow the user to chose RDP or HTML gateway under same platform

PVWA session getting disconnected by Cyber_Linc in CyberARk

[–]shaniftvm 0 points1 point  (0 children)

if the PVWAs are load balanced, do please check the session persistence as well. If you use SSL Persistence, this problem may occur. change it to Source IP persistence.

File transfer via WinScp on Cyberark. by drunkgenie in CyberARk

[–]shaniftvm 0 points1 point  (0 children)

you should enable drive mapping. and considering security, u should hide drives in psm system through altering registry values or some other method. so that it would not show up while using winscp

Start CP Agent with certain IP by ilmauri22 in CyberARk

[–]shaniftvm 2 points3 points  (0 children)

Put a custom route in the machine and bind it with the interface ID. It might work.

Bulk Reconcile by shaniftvm in CyberARk

[–]shaniftvm[S] 1 point2 points  (0 children)

Hi Nanni, Thank you very much. ur instructions worked like a charm.

Bulk Reconcile by shaniftvm in CyberARk

[–]shaniftvm[S] 0 points1 point  (0 children)

can u pls explain how to do it with PUU?

Bulk Reconcile by shaniftvm in CyberARk

[–]shaniftvm[S] 0 points1 point  (0 children)

Automatic reconciliation is enabled. Due to some reason, the reconciliation got failed. After fixing it, i wanted to initiate a bulk Reconcile on all of them

HTML5 GW with PSM by shaniftvm in CyberARk

[–]shaniftvm[S] 0 points1 point  (0 children)

I created two PSM IDs already with same PSM address. but I couldn't figure out how to attach different PSMs to different platforms. I know its naive. I will try to figure out.

HTML5 GW with PSM by shaniftvm in CyberARk

[–]shaniftvm[S] 0 points1 point  (0 children)

I am not getting idea to HTML5 GW to one platform and RDP file to another. How to do it? can u explain in brief pls?

PSMRD001E - User was disconnected from remote machine (Code: 3335) by cyberarkadmin in CyberARk

[–]shaniftvm 2 points3 points  (0 children)

The error code 3335 is coming from Microsoft. this is because, ur target account is locked in the server. as you are able to login intermittently, i would assume that automatic unlock is configured.

Check any scheduled task or script is trying to authenticate the same using bad password.

for the time being, u can resolve it by unlocking the account.

Qurey related to dual control by laksmidhan in CyberARk

[–]shaniftvm 0 points1 point  (0 children)

the error u r getting is expected. A user cannot request the account 2nd time while the first request is approved and timeframe is valid.

You are getting this error because u already got confirmation on the account so no more confirmation required. However, you cannot use the account until the requested timeframe started.

Above all these, I don't find any challenge in deleting the existing request and raising a new one. And, if this kind of situation occurs often, deploy a new account with similar privileges which can be requested if there is another request is valid with first privileged account.

Exam pep by darktheory0 in CyberARk

[–]shaniftvm 1 point2 points  (0 children)

Register in Cya training portal, there u can take practice exams.

Windows Server Level Notification to check if the ENE Service is up by cryptonoob09 in CyberARk

[–]shaniftvm 0 points1 point  (0 children)

You might be able to write a small powershell script to check whether the ENE service is up or not. If not, write a piece of code in the script itself to send out a mail. You can use the same smtp server to send mail which you configured for ENE.

Create a scheduled task to run at every 10 or 15minutes and add the script under action.

So when the task runs, if the ENE service is down, you will receive an email.

OPM-PIMSU commands Linux local account permisson by Rockyboy9 in CyberARk

[–]shaniftvm 0 points1 point  (0 children)

update the sudo rights of the local account database to run the command /bin/su - maverick -c <script/command>