search

cyberark / Secret-Manager-formerly-AAM

Apache License 2.0
0 stars 6 forks source link

Support case-insensitive AuthenticationMethod parameter values #6

Closed infamousjoeg closed 2 years ago

infamousjoeg commented 2 years ago

Summary

PS /Users/joe.garcia/Git/cyberark/Secret-Manager-formerly-AAM/Dual Account Script> ./DualAccount-Creation.ps1 -PASUsername jgarcia -PASPassword ******* -AccountList "test1@127.0.0.1@Cyberark1;test2@127.0.0.1@Cyberark1" -AuthenticationType ldap -ConfigFileFullPath "//Users/joe.garcia/Git/cyberark/Secret-Manager-formerly-AAM/Dual Account Script/Policy-DualAccount-Creation.json"
-----------------------------------------------------------------------------------------
The following values were read from the configuration file:
The value of: 'PVWAURL' is: https://cyberark.joegarcia.dev
The value of: 'PlatformSampleTemplate' is: /Users/joe.garcia/Git/cyberark/Secrets-Manager-formerly-AAM/Dual Account Script/Rotation Groups.zip
The value of: 'PlatformID' is: WinDomain
The value of: 'VirtualUserName' is: TestDocs-DomAdmin
The value of: 'SafeName' is: TestDocs-DualAccounts
The value of: 'GroupName' is: TestDocs-DualAccountGroup
The value of: 'LogDebugLevel' is: True
The value of: 'LogVerboseLevel' is: True
VERBOSE: POST with 57-byte payload
VERBOSE: received 1245-byte response of content type text/html
An error occurred while retreiving the group object, Executing REST API: Error in running Post on 'https://cyberark.joegarcia.dev/api/auth/cyberark/Logon'

Steps to Reproduce

  1. Execute script with AuthenticationType parameter in all lowercase letters.

Expected Results

Regardless of casing, AuthenticationType parameter value should be determined properly.

Actual Results

The script reverted to the default AuthenticationType of CyberArk when ldap instead of LDAP was provided.

Reproducible

Version/Tag number

main branch scripts

Environment setup

PowerShell 7.2.2 CyberArk PAS v12.4.1

Additional Information

n/a

infamousjoeg commented 2 years ago

It's any AuthenticationType other than CyberArk:

PS /Users/joe.garcia/Git/cyberark/Secret-Manager-formerly-AAM/Dual Account Script> ./DualAccount-Creation.ps1 -PASUsername jgarcia -PASPassword ******* -AccountList "test1@127.0.0.1@Cyberark1;test2@127.0.0.1@Cyberark1" -AuthenticationType LDAP -ConfigFileFullPath "//Users/joe.garcia/Git/cyberark/Secret-Manager-formerly-AAM/Dual Account Script/Policy-DualAccount-Creation.json"
-----------------------------------------------------------------------------------------
The following values were read from the configuration file:
The value of: 'PVWAURL' is: https://cyberark.joegarcia.dev
The value of: 'PlatformSampleTemplate' is: /Users/joe.garcia/Git/cyberark/Secrets-Manager-formerly-AAM/Dual Account Script/Rotation Groups.zip
The value of: 'PlatformID' is: WinDomain
The value of: 'VirtualUserName' is: TestDocs-DomAdmin
The value of: 'SafeName' is: TestDocs-DualAccounts
The value of: 'GroupName' is: TestDocs-DualAccountGroup
The value of: 'LogDebugLevel' is: True
The value of: 'LogVerboseLevel' is: True
VERBOSE: POST with 57-byte payload
VERBOSE: received 1245-byte response of content type text/html
An error occurred while retreiving the group object, Executing REST API: Error in running Post on 'https://cyberark.joegarcia.dev/api/auth/cyberark/Logon'
=========================================================================================
Dual Account - Creation: failed
Logoff Session...
Dual Account - Creation: script ended
infamousjoeg commented 2 years ago

Something else is going on and I'm getting the wrong error info given back.

infamousjoeg commented 2 years ago

Needed to end with /PasswordVault on the URL 🤦🏻