search

cyberark / cyberark-aws-auto-onboarding

Solutions for automatically detecting, managing and securing privileged accounts in AWS EC2
Apache License 2.0
40 stars 32 forks source link

PSM Connection Fails to Audit Windows Session When Onboarded Automatically via Lambda #10

Closed infamousjoeg closed 5 years ago

infamousjoeg commented 5 years ago

After reviewing the code, it is not apparent anywhere that $env:COMPUTERNAME associated with the Windows EC2 instance is being captured. This will cause issues when attempting to RDP using the WinServerLocal platform as LogonTo should be given the AWS EC2 instance's HOSTNAME in order to properly copy over the audit agent needed for Windows Session Event capture.

Including the capture of the Windows internal hostname and populating in EPV with the account object being onboarded will prevent a lot of hair-pulling from customers utilizing this Lambda functionality.

zivshits commented 5 years ago

Hi @infamousjoeg , An internal ticket has been created for this issue (CLI-576).

With best regards, Ziv

infamousjoeg commented 5 years ago

This turns out to be an issue with the location of the PSM server rather than an issue with this script. Closing. (Make sure your PSM Server is in the same AWS region as your instances and it'll be fine.)