03-11-2016, 11:27 PM
Ok, bear with me.
We are implementing CyberArk. To integrate this into ASG-RD, we create a connection which as a connection field of
Cyberarkgateway.domain.loc
Then on the RDP connection attributes, on the program line, we put:
psm /u proxyaccount1@domain.loc /a servername /c PSM-RDP
This launches a passthrough RDP session to "servername", using proxyaccount1 which is retrieved from the Cyberark store if the user authenticating has privs to it.
The problem with this is that I need to create an actual connection object, with a few steps/hand edit, for each server. When you're used to using ad-hoc connections by just typing in the server name, this is a pain but it's also a pain to create new connections - minus Cyber-Ark, you say new connection and put a name in and you're done, no copying strings to the program line and editing.
What I would LIKE to do is two-fold:
1. Feature request - I wish that the Programs/"executable path" field would support variables the way that the extapp General fields do. This would let me turn the above into:
psm /u proxyaccount1@domain.loc /a %NAME% /c PSM-RDP
Then you could just copy connection objects, rename them, and they would pass in the correct info dynamically. Much simpler for creating objects.
1a. Even better, if you had a special token in your connection object that flagged to ASG-RD that it needed to query for a value, you could make a connection object that would ask you for this value. psm /u proxyaccount1@domain.loc /a &PROMPT1& /c PSM-RDP
2. Perhaps easier to implement, as the above will involve some complexity, is there a way of calling a command that will initiate a new connection/create a new connection tab within the existing ASG-RD instance, via an extapp? If there is, it would let us use a static object and call an ext app against it), then initiated a new connection tab along with the dynamic program line. This doesn't help the prompting for a name for an ad-hoc.
Ext. Application\Options\Filename = C:\PATH\ASGRD.EXE -INSTANCE 1 -NEWTAB %NAME% [-credential %CREDENTIALSDESCRIPTION%] -PROTOCOL rdp -executablepath "psm /u proxyaccount1@domain.loc /a %NAME% /c PSM-RDP" -startfolder ""
Does anyone know if there's already a way to re-call ASG-RD to create a new connection tab dynamically like this?
We have one remaining sharp edge to this, in that the "proxyaccount1" needs to be uniquely in use on the target server. A variable that was random in a range would reduce these collisions but that's asking for an unreasonable feature unless people can think of more use-cases.
We are implementing CyberArk. To integrate this into ASG-RD, we create a connection which as a connection field of
Cyberarkgateway.domain.loc
Then on the RDP connection attributes, on the program line, we put:
psm /u proxyaccount1@domain.loc /a servername /c PSM-RDP
This launches a passthrough RDP session to "servername", using proxyaccount1 which is retrieved from the Cyberark store if the user authenticating has privs to it.
The problem with this is that I need to create an actual connection object, with a few steps/hand edit, for each server. When you're used to using ad-hoc connections by just typing in the server name, this is a pain but it's also a pain to create new connections - minus Cyber-Ark, you say new connection and put a name in and you're done, no copying strings to the program line and editing.
What I would LIKE to do is two-fold:
1. Feature request - I wish that the Programs/"executable path" field would support variables the way that the extapp General fields do. This would let me turn the above into:
psm /u proxyaccount1@domain.loc /a %NAME% /c PSM-RDP
Then you could just copy connection objects, rename them, and they would pass in the correct info dynamically. Much simpler for creating objects.
1a. Even better, if you had a special token in your connection object that flagged to ASG-RD that it needed to query for a value, you could make a connection object that would ask you for this value. psm /u proxyaccount1@domain.loc /a &PROMPT1& /c PSM-RDP
2. Perhaps easier to implement, as the above will involve some complexity, is there a way of calling a command that will initiate a new connection/create a new connection tab within the existing ASG-RD instance, via an extapp? If there is, it would let us use a static object and call an ext app against it), then initiated a new connection tab along with the dynamic program line. This doesn't help the prompting for a name for an ad-hoc.
Ext. Application\Options\Filename = C:\PATH\ASGRD.EXE -INSTANCE 1 -NEWTAB %NAME% [-credential %CREDENTIALSDESCRIPTION%] -PROTOCOL rdp -executablepath "psm /u proxyaccount1@domain.loc /a %NAME% /c PSM-RDP" -startfolder ""
Does anyone know if there's already a way to re-call ASG-RD to create a new connection tab dynamically like this?
We have one remaining sharp edge to this, in that the "proxyaccount1" needs to be uniquely in use on the target server. A variable that was random in a range would reduce these collisions but that's asking for an unreasonable feature unless people can think of more use-cases.