Pre-Requisites: You need to install the app which we will be managing, in our case it is FileZilla. And we have to install AutoIt. You use the full installation of AutoIt. We want to copy portions of the BYOC to a different folder for our configurations. configurations. On the Components box, which has the PSM portions, go to c:\Program Files (x86)\CyberArk\PSM\Components. Create a folder under Filezilla Program files called FileZillaBYOC to identify this is the FileZilla’s BYOC.,”
Copy the files PSMAutoItDispatcherSkeleton.au3, PSMGenericClientDriver.dll, PSMGenericClientDriver.xml, and PSMGenericClientWrapper.au3 In the new folder that we’ve copied the files to, right click the PSMAutoDispatcherSkeleton file which
will open the AutoIt editor. You will now see the script skeleton. Click cntrl-N or file, New to create an untitled script. Type Run, then select the path of the filezilla executable.
Perform File, Save As, FilezillaTest FilezillaTest or any other name you wish to call this. For now, save this in the same folder as the rest of this BYOC test. For initial test, click Tools, Go. This will start Filezilla for you. Leaving the Filezilla program running, running, go to the AutoIt Program Files folder and run Au3Info.exe
Enter a WinWait(“FileZilla”) in script. This way it will wait unt il FileZilla is up until it continues. Very
important to enter these. Can also opt for seconds to wait. Click the Finder Tool. And drag it to the Host box. It will now show that the control info is Edit 1.
In the script box, enter the following. Remember the 2 sets of quotes between filezilla and edit1.
The definition of the 4 areas in quotes is First is title, the 2 nd is text of the window, the 3 rd to control to enter into, and the 4 th what to enter.
To test, exit FileZilla, then in AutoIt, do a Tools, Go. And it will open FileZilla and enter text into the field. Now for the other ones, use the AutoIT Window and get the 2 nd control set which which in this case is Edit2. In the editor, copy the first control set, then change to the right information. Continue for Edit3 and Edit4. Then for the Quickconnect button, drag the Finder Tool on to the Quickconnect to learn that its title is Button1. All 5 entries are in the editor in this screenshot. After this, another test of it can occur with Tools, Go utilized.
Once this test is complete, in the editor, change over to the tab to edit the skeleton file.
In the event you want to use WinSCP, WinSCP has a dropdown function. Note that for the dropdown, you would use the ControlCommand ControlCommand on line 6.
Take note of the areas that show “CHANGE_ME”. The first in use is on line 22.
On line 22, change the word “MyDispatcherName” to “PSMFileZillaDispatcher”. “PSMFileZillaDispatcher”. On line 23, change the “c:\VNC….| to the path of the FileZilla Executable. You can copy this from the 2nd
tab you created for the test.
Navigate to line 129 in the Skeleton file. Currently, there are 3 session properties to grab from; Username, Password, Password, and Address. We want to add one for Port. This is where any other optional items are placed for our requirements. To add the fourth, just copy the if to EndIf of the one above and modify the item after the GetSessionProperty GetSessionPro perty to Port Port and $TargetAddress $TargetAddres s with $TargetPort . It’s important that this additional If/Endif is copied correctly so it is not nested inside the one above.
Go to Line 29, and the $TargetAddress is displayed. You need to add the parameter for $TargetPort in here as well.
Each of these items like TargetPort will need to be associated to a File Category Name in PVWA. We need to address the Handle Login portion. Go to about line 73 of the skeleton file. Now switch back to our o ur newly created file, in our case filezilla.au3. Copy from line 2, which begins with WinWait, until the end. Copy this and place this right after the Handle login here! Which is line 75. Highlight the lines just pasted and hit tab to shift the lines over for better look and feel.
Change the end control text like target of dc1, username of kevin, password of Cyberark1, and port of 21, to the variables shown below.
Save this file. Exit, and rename to PSMFileZillaDispatcher.au3 To test this further, Open the PSMGenericConnectDrive.xml file in notepad The items we need to change in here are administrator, the IP address, and the password.
The changes are in the below screenshot. Note the added parameter for Port is in this. Just copy and paste from the line above and modify as necessary.
Then save. Open a Command Prompt and navigate to the same location as the files you’ve just modified.
To test the command, utilize the tab key to auto-fill the line below. This needs to run the AutoIt3 executable, then the Filezillatest.au3 file, then the path of the BYOC, and lastly a /test. Once all this is entered into the Command Prompt, hit enter. This will run the FileZilla executable with all the variables created.
In the above example, before the /test, it does not show an a backslash (\) nor an end- quote. It’s stated that this is mandatory, but the exclusion of these items still worked. The beginning of the last c:\program files has a beginning quote yet no end-quote.
After successfully testing, a log file will be created. Rename the Filezillatest.au3 to PSMFileZillaDispatcher.au3 Copy the file PSMFileZillaDispatcher.au3 from the test area to the components folder. Note the folder names in the screenshot.
Log into the PVWA as Mike. Create a new connection component. Go to System Configuration, Component Settings, Options, Expand Connection Components, Find the PSM-VNCClientSample Connection which is at the bottom of the list of Connection Components. RightClick on the PSM-VNCClientSample PSM-VNCClientSample and click Copy.
Scroll back up to the item Connection Components and right-click and select Paste Connection Component.
In the Id Value Field, change the title PSM-VNCClientSample to something that better describes this PSM Connection. In this case, rename it to PSM-FileZillaFTP. With the PSM-FileZillaFTP created, expand this title. Select Target Settings on the left side. On the right side, change the Protocol to FTP, and for the ClientDispatcher, change where it says PSMRealVNCDispatcher.au3 to the name of the au3 created before. This au3 file is located in the C:\Program Files (x86)\CyberArk\PSM\Components folder.
Under the Target Settings, expand Target Settings and select Lock Application Window. In this example, change the Enable to No. This way it is not locked. However, if you wish to lock this window, leave the Enable to Yes and change the MainWindowClass to the application name. If you choose not to enable Window Locking, you must change the Enable value to No.
Click OK.
Within System Configuration, click Policies, expand Devices, expand Application, Right Click Policies, and select Add Policy. Within this title Policy, and ID has a blank value. Change this blank value to FileZillaFTP. FileZillaFTP.
Right Click on FileZillaFTP and select Add Connection Components.
Right Click on Connection Components and select Add Connection Component
For the ID, enter PSM-FileZillaFTP. This should be a name associated with the task.
Right Click on FileZillaFTP and select Add Privileged Session Management
Within the Privileged Session Management, change the Enable from No to Yes.
Expand Properties. And right click on Required and select Add Property.
Once the Property is added, edit the property and set the Name to Username.
Add a second property and set the Name to Port. In this location, if there are any other required properties, this is how you would add them.
Click OK on the bottom right or the top left. In the event that this needs to have its own safe for its password, select Safes, Add Safe, and enter the information as shown in this screenshot.
Then Click Save. On the top left dropdown, change from System Configuration to Accounts. Select Add Account. Define the Store in Safe, Device Type, Policy ID, address, and password. These should match what was tested previously. Then click save.
Enter the information similar to this for the Account Information then click Save.
The Account and all settings are now configured in the PVWA. Enter the details of the account and it should look similar to this.
Note that the password is currently allowed to be seen, the connect is available using the PSMFileZillaFTP BYOC. Click Connect to test.