Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
ASG 2015 patch 7 command line options
#1
We are looking at publishing this app in a Citrix/Terminal Services farm scenario and need assistance with the command line for integrating the database connection string into the command line.

We are attempting the following and not having success:
"C:\Program Files\ASG-Remote Desktop 2015\ASGRD.exe" "/dcs:Data Source=visionappdb.ourcompany.com;Initial Catalog=visionApp_2015;Integrated Security=True</ConnectionString>"

does someone have any examples of the expected format of the database connection string?
Reply
#2
I use it over Citrix using a batch (bat) file, the published app points to the batch file and I use the following command line within the batch file:

start "ASG Launch" "C:\Program Files (x86)\ASG-Remote Desktop 2015\ASGRD.exe" "/dcs:Data Source=<DBSERVERNAME>;Initial Catalog=<DBNAME>;Integrated Security=False;User ID=ASG15;Password=<ENCRYPTEDPASSWORD>;Connect Timeout=60" /loginintegrated:true /loginsubmit /onlyoneinstance /noenv /loginintegrated /novideo
Reply
#3
In the above example the "</ConnectionString> should be removed - I think that's the issue
Regards/Gruss
Oliver
Reply
#4
OK I am not having any luck when I use Integrated Security=False - I am using an AD Domain account to connect the database.. is that what you are doing about or is that a SQL Account?

when I use Integrated Security=True everything works fine
Reply
#5
It depends on how you set up the database - if you create the database using the option "SQL Account" this account is added to the security of this database - else the domain user needs permissions to access the database
Regards/Gruss
Oliver
Reply
#6
I have made a bunch of progress on this but I need to fully lay out what we are trying to do so that it makes sense.

We are using a privilege identity product (one of the main ones on the market) that has the ability to publish applications using MS Remote Desktop Services.

Clients connect to a web console with a non-privileged account and are presented with the option to launch applications with privileged accounts that they do not know the password for and have very short password cycles (hour or less).

When the session to the published app is established it uses a non-privileged generic account which starts the process and goes out the privileged identity product and gets the password for the account they are trying to use...

This part all works fine... the result that I see in procmon is the correct username and password are being passed in the following DE-identitified string.

"C:\Program Files (x86)\ASG-Remote Desktop 2015\ASGRD.exe" /Instance:Admin /loginmethod:0 /loginintegrated:false /logindomain:dev.com /loginusername:ultravenom-admin /loginpassword:P@$$w0rd! /LoginSubmit /passthrough:false /noenv /novideo


In the security log I see that the correct user is logged on (ultravenom-admin) and we have the option selected to the do RDP SSO -- The issue is that ASG is popping for the password of the privileged account (which the person doesn't know) when making connections to servers.

Any ideas?
Reply
#7
I answered in the second thread you posted...
Regards/Gruss
Oliver
Reply




Users browsing this thread: 1 Guest(s)