Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Thycotic Secret Server using legacy integration
#1
Can you update the Thycotic Secret Server Integration? You are using the legacy integration via Web Service not the new one via REST API and this old one didn't support 2FA or Hide password option. It's an annoying lack of features of this integration.
Reply
#2
I put it on the list... we will add asap...
Regards/Gruss
Oliver
Reply
#3
Hi,[b][url=https://remotedesktop.rocketsoftware.com/member.php?action=profile&uid=41144][/url][/b]

is there a manual how to set up integration with webservice? Every time I try to fetch data/sync from Secret server ASRD crashes. Maybe I'm doing something wrong
Reply
#4
A short description can be found in online help - just press F1 when you are in the sync configuration of a credential folder.

Do you have a error log we can check? Is it crashing or do you just get an error message that something goes wrong?!?
Regards/Gruss
Oliver
Reply
#5
(22-03-2022, 09:18 AM)DevOma Wrote: A short description can be found in online help - just press F1 when you are in the sync configuration of a credential folder.

Do you have a error log we can check? Is it crashing or do you just get an error message that something goes wrong?!?

Could you point me to log location? it just crashes. Looking at the error log under administration-logs i cannot see an entry about the crash
Reply
#6
Ok when it crash there might be no error log entry - perhaps something in Windows Application Event Log - but I guess there is no much information

Can you post your configuration settings? The Url and which Authentication you have choosen?
Regards/Gruss
Oliver
Reply
#7
(22-03-2022, 09:35 AM)DevOma Wrote: Ok when it crash there might be no error log entry - perhaps something in Windows Application Event Log - but I guess there is no much information

Can you post your configuration settings? The Url and which Authentication you have choosen?

This is from Event viewer.

Faulting application name: ASGRD.exe, version: 14.0.7273.1, time stamp: 0x61a61671
Faulting module name: clr.dll, version: 4.8.4400.0, time stamp: 0x60b90751
Exception code: 0xc00000fd
Fault offset: 0x00000000001c859c
Faulting process id: 0x5bbc
Faulting application start time: 0x01d83daedfeeccc1
Faulting application path: C:\Program Files\ASG-Remote Desktop 2021 (X64)\ASGRD.exe
Faulting module path: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
Report Id: a1670677-d70a-4d83-b0e3-bf331656f1ee
Faulting package full name:
Faulting package-relative application ID:

Fault bucket 1174112619901999548, type 4
Event Name: APPCRASH
Response: Not available
Cab Id: 0

Problem signature:
P1: ASGRD.exe
P2: 14.0.7273.1
P3: 61a61671
P4: clr.dll
P5: 4.8.4400.0
P6: 60b90751
P7: c00000fd
P8: 00000000001c859c
P9:
P10:

Attached files:
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WER.07c3c62b-9013-426b-98e5-ec847f5f6c62.tmp.dmp
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WER.dc715b5e-f175-4b15-937d-5d2b597ef0aa.tmp.WERInternalMetadata.xml
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WER.85eee149-a69b-4f9e-8eb9-8277d3e50a0a.tmp.xml
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WER.772a60a8-76a3-460e-8499-71c915060693.tmp.csv
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WER.68ea49a9-d3fc-4d34-8727-31160a853102.tmp.txt

These files may be available here:
\\?\C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_ASGRD.exe_b6461a12a0ea7cf08f2ab0d528a8d6d538fad720_77c5f07c_62711440-284e-490b-abef-2678ac69c52a

Analysis symbol:
Rechecking for solution: 0
Report Id: a1670677-d70a-4d83-b0e3-bf331656f1ee
Report Status: 268435456
Hashed bucket: 71742abf7abe5e74104b4935038fd9bc
Cab Guid: 0

Also attaching configuration for webservice


Attached Files Thumbnail(s)
   
Reply
#8
Ok - I'm not sure as our last tests were against on-prem Thycotic Server - and there you need to specify the Url like https://servername/secretserver/... - but I think for the cloud version your settings are correct...

Could you just test to select "Sync folders" by pressing the "..."-button behind the field "Synced folders" - also crashing?

Currently we are in final steps for the next main release - we will try to update Thycotic afterwards and test again also via REST API...
Regards/Gruss
Oliver
Reply
#9
(22-03-2022, 09:56 AM)DevOma Wrote: Ok - I'm not sure as our last tests were against on-prem Thycotic Server - and there you need to specify the Url like https://servername/secretserver/... - but I think for the cloud version your settings are correct...

Could you just test to select "Sync folders" by pressing the "..."-button behind the field "Synced folders" - also crashing?

Currently we are in final steps for the next main release - we will try to update Thycotic afterwards and test again also via REST API...

Thanks for update. Yes also crashing. Looking forward to hear when REST API is in place Smile
Reply
#10
(22-03-2022, 08:40 AM)DevOma Wrote: I put it on the list... we will add asap...

any update on this? is it soon to be released?
if you are interested we have a large thycotic database and could test a beta version of ASG to test the integration.
Reply
#11
Sorry no - I give the issue now a higher priority - try to look at the new REST API soon
Regards/Gruss
Oliver
Reply
#12
I know it has only been a few months since the last post, but is there any update on this one?
Although ASG isn't crashing for us, it does throw an error when trying to connect to our cloud version of Thycotic.

"Reading data from 'Thycotic Secret Server' failed
The content type text/hmtl; charset=utf-8 of the response message does not match the content type of the binding (text/xml; charset=utf-8). If using a custom encoder, be sure that the IsContentTypeSupported method is implemented properly."

The rest of the message is the html from the response.
Reply
#13
We will check asap - try to setup a new environment...
Regards/Gruss
Oliver
Reply
#14
I have access to an internal used environment and get the same error message as you did - so I will work on that issue now and hope to find a solution soon!
Regards/Gruss
Oliver
Reply
#15
Hi Guys, looks like we have support for it in rocket remote desktop 2023 now - any updates on this? still crashing for us. Maybe there is a document we can follow?
Reply
#16
If you want to use REST-API you must configure it in Settings=>Thycotic - SOAP is default.

Then it should use the REST API - we have tested against Cloud based version of Thycotic/Delinea Secret Server - but we didn't found a good solution for authenticating with OAuth2 like Okta - spend a lot of time on that, read a lot of articles - we have added a new auth method "Bearer token" - if you choose that a popup is displayed and you need to enter the bearer auth token from your User Profile (in Thycotic portal in your User Profile) - then you can access the API - this token is changing so we do not store it and you need to paste content each time you are using the API.

OAuth2 is normally designed that you have authentication url and a callback url that give you the token back after authenticating - but we didn't find a way how to do with Thycotic/Delinea - we also raised support requests but only get some links to documentation where this scenario is not described in detail. If you have any more information regarding that issue you are welcome to share with us - we would like to implement smoother integration if possible
Regards/Gruss
Oliver
Reply
#17
HM, I do not get a pop up. I get error message "Reading data from "thycotic secret server" failed. Bad Token.


I would prefer to use username and password but when I choose that software just crashes
Reply
#18
or when I use username and password I get error "Web service authentication filed. login failed"
Reply
#19
Ok - give me some details

Settings=>Thycotic=>API - SOAP or REST?
Are you using cloud based thycotic environment?
What Authentication (in Rocket Remote Desktop) have you set for accessing your Thycotic environment?

And on folder level - based on which API you are using the url is different - I currently use Cloud Based Environment - secured by OAuth2 (Okta) - so for Authentication I choose "Bearer Token" and use the follwing API "https://companyenv.secretservercloud.com/api" - for all SOAP communication there were 2 different API-Url's that you also can find in documentation
Regards/Gruss
Oliver
Reply




Users browsing this thread: 1 Guest(s)