Sign in to follow this  
Followers 0
Warlock

CyberArk PSM connection starting the journey

3 posts in this topic

#1 ·  Posted

Hello,

We use CybeArk password manager Vault and PVWA to access servers and applications in our environment. CybeArk recommends AutoIT to bridge the gap between the CyberArk Apppplications PSM (Privileged session manager) and the applications that the users would be accessing. I want to know where I should install AutoIT so as to be able to create and test "helper files" so that CyberArk can use the AutoIT file to complete its web connection to a web based application. Let me provide an overview, CyberArk removes or replaces the ability for employees to RDP to Servers and applications directly from thier desk to servers. CyberArk "brokers the rdp connection using a secure encrypted communication. When a user logs into CyberArk and selects a server and selects connect CybeArk will mark the "RDP" (This is a modified and encryoted version of RDP well call it CyberARK RDP or "CRDP") The user will connect to the servers desktop. I want to create AutoIT scripts to  allow people to connect to URL and weblinks and or applications via CyberArk PSM. 

My question is basic where do I install AutoIT on the CyberArk PSM server ?

Do I install on my workstation ?

Thank you! 

Share this post


Link to post
Share on other sites



#2 ·  Posted

@Warlock AutoIt scripts can be compiled into stand-alone executables. So you can install AutoIt on any workstation to create the scripts, and then copy the resultant exe's to wherever the users are going to access them from (network share, etc.).


√-1 2^3 ∑ π, and it was delicious!

Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

Can you show some pseudo code of how you envision autoit participating?  I hesitate to help you automate anything with a PIM solution, and would certainly attempt to deter you from altering the baseline on the PIM server.  But if we can do something innocuous to make selection of the destination easier for the client, without doing anything to alter the attack surface of your environment, then lets proceed.  But you will need to explain it with code because I don't understand the intent of the OP.

Edited by iamtheky

,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0