Scribd Logo
Upload

Welcome to Scribd!

  • Setting up PSM Connection AutoIt Scripts To Work With WebUIs

    Uploaded by

    minh buixuan
    105 views20 pages
    CyberarkDoc

    Original Title

    Toad for Oracle Installation Guide 2018 R2

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    CyberarkDoc

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    105 views20 pages

    Setting up PSM Connection AutoIt Scripts To Work With WebUIs

    Uploaded by

    minh buixuan
    CyberarkDoc

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 20

    Setting up PSM Connection AutoIt Scripts To Work With WebUIs

    This guide will show the steps to integrate a AutoIt WebUI plugin script to work with PSM. This guide
    covers the following sections:

    1. Editing the AutoIt plugin sample script for WebUI


    2. Connection Component configuration in PVWA
    3. Platform Configuration in PVWA
    4. WebUI Password Object Creation in PVWA

    NOTE: This guide only works for Internet Explorer. Other browsers is not supported!!!

    Pre-requisites
    The following items are needed before you begin:

    1. AutoIt Installation – This app is required and must be installed. The AutoIt app can be obtained
    via the following reference URL: https://www.autoitscript.com/site/autoit/downloads/

    2. AutoIt plugin sample script for WebUI – You can obtain the sample script from the same KB link
    of this guide.

    3. A good working knowledge of CyberArk PIM.


    Editing the AutoIt plugin sample script for WebUI

    1. On the machine that where you installed the AutoIt app, download the sample script
    (sample_WebUI.au3). Right click on the sample and select “Edit Script”.

    2. Take note of the areas that show “CHANGE_ME”. These are the lines that the values needs to be
    changed.

    i. Line 23 - $DISPATCHER_NAME – Change this value to a meaningful name to represent


    the dispatcher name of the WebUI that you are connecting to.

    ii. Line 24 - $LOGIN_WEBPAGE – Change this value to login URL of the webpage to access.

    iii. Line 25 - $CLIENT_EXECUTABLE – Change this value to path of the Internet Explorer
    executable file. You will need to specify the full path to the executable.
    The following figure shows an example of the edited values:

    3. The following lines 85 to 87 are for WebUIs that shows the SSL warning page. These lines are to
    simulate the mouse click to acknowledge the SSL warning and proceed.
    Note: For WebUI pages that do not show the SSL warning, comment out these lines by adding a
    “;” as shown in the example below.

    4. For lines 90 to 92, this is where the username, password fields as well as the login button of the
    WebUI will be automated by referencing the element name of the fields to input the values.

    Follow the below example to find the element values of a WebUI page. For the purpose of this
    example, PVWA WebUI page will be used.

    i. Using Chrome browser, access the URL of the WebUI page. Click on the Username field,
    right click and select Inspect Element

    Note: Finding element of the fields using Chrome browser is easier and more user friendly.
    ii. The elements in the User Name field is shown and highlighted in blue. As there are multiple
    element values, you may need to trial and error any of the values. Items inside the quotes
    (“<element name>”) can be used to try.

    For PVWA User Name field, we will be using the element value as shown:

    iii. For PVWA Password field, we will be using the element value as shown:
    iv. For PVWA Sign In button, the element value to use is as shown:

    5. Following are the element values for PVWA WebUI. Input these values into the script.

    i. Line 90 - $o_user (PVWA WebUI User Name field):

    pvBody_PageTemplate_innerHolder_ctrlLogon_txtUsername

    ii. Line 91 - $o_password (PVWA WebUI Password field):

    pvBody_PageTemplate_innerHolder_ctrlLogon_txtPassword

    iii. Line 92 - $o_signin (PVWA WebUI Sign In button):

    pvBody_PageTemplate_innerHolder_ctrlLogon_btnLogon
    The following figure shows the element values of PVWA WebUI on the script:

    6. In the script, lines 105 and 106 both represent the mouse click action that clicks on the Sign In
    box of the WebUI login page. However, only either line can be in used at any one time while the
    other is commented out. You may need to trial and error which one to use as every WebUI login
    page differs from each other.

    The following shows the line that is in use on the script for the mouse click action for the Sign In
    button of the PVWA WebUI:
    7. In some cases, a pause is needed before the script moves on to process the next line. To add the
    pause, insert the command: sleep (<time in millisecond>) into the script.

    The following shows an example of 2 pause command used on the PVWA WebUI Script:

    A pause of 3 seconds occurs after the SSL warning page and a pause of 5 seconds occurs after
    the automated entry of username and password.

    8. Save the edited script with a new filename and point the location of the script to the following:

    <PSM Installation location>\Components


    Connection Component Configuration in PVWA

    1. Login to PVWA as Administrator. Go to Administration  Options  expand Connection


    Components. Right-click on PSM-VNCClientSample and select copy.

    2. Scroll up and right-click on the Connection Components header and select Paste Connection
    Component. The duplicated PSM-VNCClientSample connection component will appear at the
    bottom of the list.
    3. Click on the duplicated PSM-VNCClientSample, to the right change the Id to a name that
    represent your WebUI. Note that the name on the left will follow the change.

    For PVWA example, we will rename it to PSM-CyberArk-PVWA.

    4. Expand PSM-CyberArk-PVWA and click on Target Settings. Change the values as according to the
    table as shown below:

    Name Value

    Change this value to the protocol (HTTP or HTTPS) that the WebUI will be using.
    Protocol
    For PVWA WebUI, the value is: HTTPS

    Change this value to the full path of the Internet Explorer executable file.
    ClientApp For PVWA WebUI, the value is:
    "C:\Program Files (x86)\Internet Explorer\iexplore.exe"

    Change this value to the path of the PVWA script file.


    For PVWA WebUI, the value is:
    ClientDispatcher "C:\Program Files (x86)\AutoIt3\AutoIt3.exe"
    "{PSMComponentsFolder}\PSMCyberArkPVWADispatcher.au3"
    "{PSMComponentsFolder}"

    Leave the rest of the values as default.


    The following figure shows the edited values of PSM-CyberArk-PVWA Connection Component:

    5. Expand Target Settings, right-click on Client Specific and select Add Parameter. A new
    parameter properties appears.
    6. Change the properties of the new Parameter as follows:

    i. Change the Name properties to URL

    ii. Change the Value properties to the URL of the WebUI.

    7. Click on Lock Application Window. Ensure that the Enabled is set to Yes. Change the
    MainWindowClass value to IEFRAME.
    8. Click on OK to save the settings.
    Platform Configuration in PVWA

    1. First we will need to duplicate a platform. Go to Administration  Platform Management. Scroll


    down and click on Cisco Pix via SSH and click on Duplicate.

    Note: For the purpose of PVWA WebUI example, we are duplicating the Cisco Pix via SSH for demo
    only. If your WebUI uses other method for CPM (for e.g LDAP) password management of the
    device/appliance, choose the most appropriate platform to duplicate instead.

    *The following steps may not apply to you if you have duplicated a different platform.

    2. In the name field, enter CyberArk-PVWA via HTTPS then click on Save and Close.
    3. Click on the duplicated CyberArk-PVWA via HTTPS platform and set it as Active and click on the save
    icon next to it. Click on the Edit button.

    4. Expand UI & Workflow  Properties  Required. Click on Type and change it to Username on the
    right as shown below.
    5. Expand Optional and right-click on username, then click Delete.

    6. Expand Connection Components, right-click on Connection Components and select Add Connection
    Component. A new Connection Component will appear at the bottom of the list.
    7. Click on the new Connection Component and change the Id on the right to the connection component
    Id that was created previously.

    For PVWA WebUI, the Id would be PSM-CyberArk-PVWA

    8. Right-click on PSM-CyberArk-PVWA connection component and select Move Up. Repeat until is at
    the top of the list. Click on OK when done.
    9. The changes are saved and the conformation message appears.
    WebUI Password Object Creation in PVWA

    1. Go to Accounts  Add account. Create the WebUI password object based on the table below:

    Properties Value
    Store In Safe Select the safe where this password object will be stored in.

    Select the Device Type of the WebUI stated in Platform Management.


    Device Type
    For PVWA WebUI, the Device Type will be Security Appliance.

    Select the name of the WebUI.


    Platform Name
    For PVWA WebUI, the name will be CyberArk PVWA via HTTPS.

    Address Input the URL of the WebUI.

    Username Input the login username.

    Password and Confirm Password Input the password and confirm the password.

    Click on Save when done and the password will be created.


    2. Click on Connect to test the Plug-in.

    3. PSM will run the script and launch the Internet Explorer Window and access the WebUI URL.
    Following that the login is performed automatically as shown in the PVWA example below.

    -- End of Document --

    You might also like