CyberSecurity Memo

Learning, Sharing, Creating

CyberArk

Configure Remote Connection Tools (RDCM, MobaXterm, mRemoteNG) Integrate with PSM

ByJon

Jul 6, 2020 #CyberArk

This post is to summarize a way how to configure a remote connection manager tool to integrate with CyberArk PSM. In this way, you can directly RDP into target server through PSM, without logging into PVWA to do connect.

Related Post:

Microsoft Remote Desktop Connection (MSTSC)

To use Microsoft standard RDP client, Microsoft Remote Desktop Connection (MSTSC), you will need to start a program with following command
psm /u {Priv_Account_Name}@51Sectest.dev /a {Server_Name} /c PSM-RDP
For example: psm/u [email protected] /a 192.168.2.12 /c PSM-RDP

Windows 10 machines, Remote Desktop Connection might not have Program tab. Add the following line to the .rdp file: alternate shell:s:psm /u target-user /a target-address /c connection-component

Info

MSTSC has NLA enabled by default and the RDP connection will prompt a Windows Security window for authentication. To disable NLA when connecting with MSTSC, add the setting enablecredsspsupport:i:0 to one of the following files by editing the rdp file with notepad

Microsoft Remote Desktop Connection Manager

Microsoft has retired MRDCM software and following link is not having download anymore. There is some serious vulnerabilities found in this software, although it is still very popular Remote Desktop Connection Manager tool.
You can
download RDCM here: https://www.microsoft.com/en-gb/download/details.aspx?id=44989 

Search by google and found this link to download : https://www.scom2k7.com/downloads/rdcman.msi
To integrate RDCM with CyberArk PSM, it requires some configuration changes on RDP file object. This post lists least step you will need to follow to get RDCM working with PSM. 


1      In RDP Connection Manager, highlight your RDP
File object and select Add Server…
2       Configure the Server Settings tab:
2.1.  
Populate the Server name field with the text {PSM-Server-Hostname}
2.2.  
Enter a friendly name of your
choice in the Display name field.
3        Configure the Connection Settings tab:
3.1.  
Uncheck the Inherit from parent checkbox.
3.2.  
Populate the Start program field with this string as
shown in the sample screenshot below:
psm /u {Priv_Account_Name}@51Sec-ITPROSEC /a {Server_Name}
/c PSM-RDP
              
               Substitute:
            {Priv_Account_Name} = The username
of the privileged account as defined in CyberArk; ie. MyUsernameAdmin
            {Server_Name} = The shortname of
the server name as resolvable via DNS; ie. 
PrintServer

1   4   Configure the Logon Credentials tab as
shown in the sample screenshot below:
4.1.  
Uncheck the Inherit from parent checkbox
4.2.  
Enter your non-privileged AD account
username in the User name field
4.3.  
Enter the text 51Sec-ITPROSEC in the Domain
field


When you click to connect, you will enter the
password for your non-privileged AD account.



Notes: How to connect to RDP Console / admin mode:
If you choose connect to console / admin, PSM will deny the session.

PSM server will tell you “The requested session access is denied”.
  • Make a copy of the PSM-RDP connection component (lets call it PSM-RDP-ADMIN).
  • Set the “AlloweConnectToConsole” Value=Yes, Visible=Yes.
  • Add it to the desired platform
  • In RDP client where you specify the psm /u etc.. commands, change the /c to PSM-RDP-ADMIN
There is no “admin connect” in current version of MS-Windows after server 2003:
https://blogs.technet.microsoft.com/askperf/2007/04/27/application-compatibility-session-0-isolation/
For 2003 or Windows XP you would need a custom connection component with mstc.exe /admin or mstc.exe /console as the command.

MobaXterm

MobaXterm also support PSM well. Here are all configuration steps in the screenshot. 


Most important step is to configure Remote command “psm /u [email protected] /a 192.168.2.12 /c PSM-RDP


Create a domain user account and save it into credential list. 











mRemoteNG

So far, not find a good way to support remote command to launch “psm /u [email protected] /a 192.168.2.12 /c PSM-RDP” after RDP logged in PSM .







Remote Desktop Manager Free Edition












YouTube Video:👀




References




















By Jon

Related Post

CyberArk

CyberArk P-Cloud (CyberArk Privilege Cloud)

May 28, 2023 netsec
CyberArk

CyberArk PAS Integration with LDAP,NTP,SMTP,SIEM,SNMP,Backup,Local Firewall

Aug 12, 2022 netsec
CyberArk

CyberArk 12.1 Lab – 5. PSM Installation

Aug 12, 2022 netsec

Leave a Reply

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. Please support us by disabling these ads blocker.

%d