search

pspete / psPAS

PowerShell module for CyberArk Privileged Access Security REST API
https://pspas.pspete.dev
MIT License
286 stars 90 forks source link

Script is asking for sessionToken but I've used -Credential to logon #519

Closed winslowohio closed 5 months ago

winslowohio commented 5 months ago

Describe the issue I have a script that is used to add subject names from certificates to CyberArk appIDs. However after supplying my credentials it comes back asking for sessionToken. I can't figure out why it is asking for this. To Reproduce Here is the script:

$global:url = 'https://myurl.com' # no app name

$global:url = 'https://my.other.url.com' # no app name

$global:cred = get-credential $global:pvwaappname = 'PasswordVault' # no change

import-module psPAS

New-PASSession -BaseURI $global:url -Credential $global:cred -PVWAAppName $global:PVWAAppName

$appid = 'myappID' #Change to valid AppID $app = Get-PASApplication -AppID $appid -ExactMatch

Write-Host "App data" $app | select * | fl

Write-Host "Current authentication methods" Get-PASApplicationAuthenticationMethod -AppID $appid

$appSplat = @{

Issuer = @(

 #   "" 
#)
Subject = @(
    "CN=mycn.com"  #Change
      "E=mycn.email.com" #Change
)

}

Add-PASApplicationAuthenticationMethod -AppID $appid @appSplat

Remove-PASApplicationAuthenticationMethod -AppID $appid -AuthID 7

Get-PASApplicationAuthenticationMethod -AppID $appid

Expected behavior After logging on, it should run through without asking for sessionToken and add the subject name to the appID listed.

Screenshots & Console Output image



**Your Environment**
Include relevant details about your environment

* PowerShell Version: 4
* psPAS Version: 4
* CyberArk Version: 11.2
pspete commented 5 months ago

Not sure @winslowohio psPAS Version 4 is four years old - the code base has moved on significantly since then.

Believe by that time, the minimum required PowerShell version for the module was 5.1, so milage may vary with PowerShell 4....

winslowohio commented 5 months ago

I found I had to move to PoSH 5.1 and psPAS 6.03. It was incompatible. Once I updated both it worked correctly. Thanks

From: Pete Maan @.> Sent: Thursday, February 1, 2024 5:21:26 PM To: pspete/psPAS @.> Cc: Michael Winslow @.>; Mention @.> Subject: Re: [pspete/psPAS] Script is asking for sessionToken but I've used -Credential to logon (Issue #519)

You don't often get email from @.*** Learn why this is importanthttps://aka.ms/LearnAboutSenderIdentification

Not sure @winslowohiohttps://github.com/winslowohio psPAS Version 4 is four years old - the code base has moved on significantly since then.

— Reply to this email directly, view it on GitHubhttps://github.com/pspete/psPAS/issues/519#issuecomment-1922367554, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AJRNKAR7K5J5MMAV4SB5QTDYRQIONAVCNFSM6AAAAABCVFZMTOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSMRSGM3DONJVGQ. You are receiving this because you were mentioned.Message ID: @.***>