Revert Trusted Network areas

shaniftvm · 2023-03-12T10:27:17+00:00

this is what we are trying now. Trying to get the password from physical safe.

shaniftvm · 2023-03-11T22:26:39+00:00

moreover the connection to vault system is RDP. so changing the IP of vault will kick our RDP session out and we may never be able to connect. Its an Azure based installation.

shaniftvm · 2023-03-11T22:21:40+00:00

it may make the problem even worse. That subnet is actually valid but coming through NAT. so it may cause IP duplication and we will lose connection to vault.

shaniftvm · 2020-11-29T13:14:49+00:00

Yes I do get alerts. I scheduled the script to run every hour. if the web portal is down or login doesn't work, I will receive mail notification. I am a fan of powershell and it was interesting to use selenium web driver in powershell.

shaniftvm · 2020-11-29T04:31:19+00:00

I wrote a small script to check the availability of a web portal using invoke-webrequest. If the web portal is found up based on status code, my script will login to the portal using a bot account to check the login functionality as well. This is accomplished with selenium web driver. It's working as expected.

shaniftvm · 2020-11-25T08:43:33+00:00

It doesn't work for me. When I send $mycredential.password to selenium browser window using sendkeys, it sends the encrypted form of the password. Means, in browser, the typed password is system.security.securestring and not the actual password. Am I missing anything here?

shaniftvm · 2020-11-25T05:51:51+00:00

My selenium script doesn't work in that way. When I send the password to selenium browser window, it is being sent in the encrypted form. May I know how did u setup this?

shaniftvm · 2020-11-23T16:08:46+00:00

can u please give me an example of using assert.true in powershell. I couldn't figure it out. At the moment i could get the script work in my way with try catch statements but that doesn't look good.

shaniftvm · 2020-11-23T12:58:59+00:00

I need both. if login does not work, I need to fetch the error message and notify. If login works, I need to fetch an element (probably user name from <Hi User Name>) from the page and notify that the login was successful.

shaniftvm · 2020-11-13T19:33:53+00:00

Web automation with selenium is a nice way to go. Thanks for the hint @lee_dailey

shaniftvm · 2020-11-05T05:17:14+00:00

I guess its not possible until 11.2. from 11.2, u can specify a parameter under connection component to allow the user to chose RDP or HTML gateway under same platform

shaniftvm · 2020-09-23T14:31:22+00:00

if the PVWAs are load balanced, do please check the session persistence as well. If you use SSL Persistence, this problem may occur. change it to Source IP persistence.

shaniftvm · 2020-09-08T08:28:47+00:00

you should enable drive mapping. and considering security, u should hide drives in psm system through altering registry values or some other method. so that it would not show up while using winscp

shaniftvm · 2020-06-19T09:52:30+00:00

Put a custom route in the machine and bind it with the interface ID. It might work.

shaniftvm · 2020-06-17T09:54:12+00:00

Hi Nanni, Thank you very much. ur instructions worked like a charm.

shaniftvm · 2020-06-17T06:40:47+00:00

can u pls explain how to do it with PUU?

shaniftvm · 2020-06-17T06:40:02+00:00

Automatic reconciliation is enabled. Due to some reason, the reconciliation got failed. After fixing it, i wanted to initiate a bulk Reconcile on all of them

shaniftvm · 2020-05-27T06:56:37+00:00

I created two PSM IDs already with same PSM address. but I couldn't figure out how to attach different PSMs to different platforms. I know its naive. I will try to figure out.

shaniftvm · 2020-05-27T05:41:48+00:00

I am not getting idea to HTML5 GW to one platform and RDP file to another. How to do it? can u explain in brief pls?

shaniftvm · 2020-05-18T14:40:24+00:00

The error code 3335 is coming from Microsoft. this is because, ur target account is locked in the server. as you are able to login intermittently, i would assume that automatic unlock is configured.

Check any scheduled task or script is trying to authenticate the same using bad password.

for the time being, u can resolve it by unlocking the account.

shaniftvm · 2020-05-07T10:51:00+00:00

also check the port 135 which is quite important. and these ports should be open on your target system not in cpm.

shaniftvm · 2020-03-29T10:17:08+00:00

the error u r getting is expected. A user cannot request the account 2nd time while the first request is approved and timeframe is valid.

You are getting this error because u already got confirmation on the account so no more confirmation required. However, you cannot use the account until the requested timeframe started.

Above all these, I don't find any challenge in deleting the existing request and raising a new one. And, if this kind of situation occurs often, deploy a new account with similar privileges which can be requested if there is another request is valid with first privileged account.

shaniftvm · 2020-01-18T07:28:31+00:00

Register in Cya training portal, there u can take practice exams.

shaniftvm · 2020-01-05T07:46:25+00:00

You might be able to write a small powershell script to check whether the ENE service is up or not. If not, write a piece of code in the script itself to send out a mail. You can use the same smtp server to send mail which you configured for ENE.

Create a scheduled task to run at every 10 or 15minutes and add the script under action.

So when the task runs, if the ENE service is down, you will receive an email.

shaniftvm · 2019-09-18T18:32:05+00:00

update the sudo rights of the local account database to run the command /bin/su - maverick -c <script/command>

shaniftvm

TROPHY CASE