Closed deanhinson closed 5 years ago
It appears I introduced some code requiring at least PowerShell v5 a while back, but did not update the modules minimum version requirement to support this.
Import-Module psPAS -ArgumentList $true
might make a difference.
If I am unable to find a way to change the code in a way which is backward compatible, the minimum version requirement of the module will need to be corrected to PowerShell 5...
Just tested it out with the command you gave me and still got the same errors. Are these fatal to the module? or could I still get functionality out of it being on PowerShell 4
Is this a related error to the previous one I showed?
does the module import despite the errors?
The psPAS commands which have version 5 specific commands in them would be New-PASDirectoryMapping
& Set-PASDirectoryMapping
(neither of which will you be able use anyway as they require a 10.4(ish) version of CyberArk and are not applicable to 9.9.5).
Server 500 errors are usually related to your IIS/PVWA configuration. You can search for previously logged issues around this topic - check your web.config file first: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Troubleshooting.htm#RESTAPIdoesnotwork
I looked at the config file and it has the line they wanted me to add already in it. I will look around for some previous issues on this topic. Thanks for all the help.
After looking through my Cyber Ark web logs I found something interesting. On those logs i am getting a 403 error. It is odd because the credentials I am using are Vault Administrator for the location I am trying to logon to.
A 403 could be generated by supplying an incorrect password for the user, or an incorrect username:
I am using the same credentials as when I log in through the web page ui.
I just noticed your New-PASSession
command syntax.
9.9.5 of Cyberark uses the classic API - the module favors the v10 API by default.
You can force use of the classic API by specifying the -UseClassicAPI
switch:
New-PASSession -UseClassicAPI -Credential $cred -BaseURI https://abc.com
So this is now the error. This means I am not using an acceptable IP correct? I am confused cause looking through Cyber Ark documentation it says the API is set up automatically with the PVWA meaning that this should connect right?
So looking through the problem you stated about the web.config. I belive this may be the probelm as in https://github.com/pspete/psPAS/issues/62 you talk about how it shows itself as a 404 error. I am going to work to fix that web.config and get back to you.
I have the web.config set up properly but I still recevie the same 404 error. I am also sometimes receving this weird error:
I am not sure if this is connected at all. Also do you have any ideas why the 404 error would be happening.
Any chance of you upgrading to PS5 or 6 and seeing if these errors still persist? They are likely due to version specific constructs being used. You have not shared any information on a 404 error you are receiving.
Test authentication outside of the module and share results:
$url = "https://PVWA/PasswordVault/WebServices/auth/Cyberark/CyberArkAuthenticationService.svc/Logon"
$body = New-Object -Property @{"username" = "YourUser"; "password" = "SomePassword" } -TypeName psobject | ConvertTo-Json
Invoke-RestMethod -Uri $url -Method POST -ContentType "application/json" -Body $body
The Verbose & Debug output of New-PASSession
may help too.
Attached are two screenshots of the 404 errors I am receiving.
As the authentication request in native PowerShell an error, investigation of a fix in the module is not applicable. The issue you are experiencing is external to psPAS and must be resolved first.
Yeah I was worried about that. I have opened a ticket with Cyber Ark support for the mean time. Do you have any ideas of why the 404 error is happening? Configuration of the PVWA probably right?
Sometimes IIS configuration. Until your configuration is fixed, I will close this issue. Feel free to comment if you feel it should be reopened.
Windows 2012 server
Steps to Reproduce (for bug reports)
I followed the steps on the github page to install and use the module.
Context
using Import-Module command. followed all steps for manual installation because I do not have PS 5 or above. I put the module in the modules file for powershell.
Error
VERBOSE:Loading module from path
'C:\Windows\system32\WindowsPowerShell\v1.0\Modules\psPAS\psPAS.psm1'.
Exception calling "Create" with "1" argument(s): "At line:224 char:3 [Flags()]enum Authorizations{