search

royalapplications / toolbox

This repository contains various automation scripts for Royal TS (for Windows) and Royal TSX (for macOS). Also included are dynamic folder samples. This collection consists of scripts by the Royal Apps team or contributions from our great user-base!
https://www.royalapps.com
MIT License
150 stars 76 forks source link

Not all secrets showing with SecretServer #33

Open moseala55 opened 2 years ago

moseala55 commented 2 years ago

Connected and authenticated to on prem SecretServer just fine. Not all secrets that I know and have verified I have access too, including secrets that I have created are showing. "Personal Folder" does not show in the list as well. When refreshing the dynamic folder, I do get an information error in the bottom left saying "Some tokens couldn't be resolved".

lemonmojo commented 2 years ago

Please post a screenshot of the full error message. Also, there's a limit on how many entries should be returned by the API. How many are you expecting approximately?

moseala55 commented 2 years ago

2022-02-03_8-20-24 Screenshot of the log uploaded. We have 5,817 items in our SecretServer. If that is to many entries to be returned, how would I limit the script to pull from specific folders?

st9rm1337 commented 2 years ago

Please try adjusting the value on line 103 of the script as follows: "paging.take" = 1000;

you can also pick a different number, which suits your needs. ​

moseala55 commented 2 years ago

Increasing the value seems to show more if not all the credentials and nested folders (as far as I can tell). However I still get notified that some tokens couldn't be resolved. I have it set at 20000, but increased to 20000 by adding 1000 to the value. While I can see more credentials, it does cause the application to lock up upon start up as it reloads the folder. Is there anyway to limit the scrip to pull from only a specific folder?

lemonmojo commented 2 years ago

@moseala55 Yes, you can filter the secrets by certain criteria, including the folder ID. To do so, you'll want to modify the request body that is sent to the secret server from line 102 to 104 of the dynamic folder script.

By default, the body looks like this:

$secretsRequestBody = @{
  "paging.take" = 1000;
}

To include only secrets from a specific folder ID, you would adjust those lines like so:

$secretsRequestBody = @{
  "paging.take" = 1000;
  "filter.folderId" = 123;
}

For more information on the supported filter criteria, please see Thycotic's Rest API documentation.

lemonmojo commented 2 years ago

@moseala55 Did you get the chance to test the suggestion in my last reply?

jpitpol commented 1 year ago

Hello, We have the same issue. We use the secret server and our secrets are 5500. I changed the number on the script to 20000 and i still cannot see everything. Is there a different explanation?

jpitpol commented 1 year ago

Also, the "filter.folderId" = 123; does not work.