Symantec Privileged Access Management

  • 1.  How to Automatic Login to Web Portals for Sphere Web Client 6.5

    Broadcom Employee
    Posted Dec 11, 2017 11:56 PM

    Customer is using PAM2.8.3 and want to configure automatic login to web sphere client 6.5.

     

    Followed instructions in Special Instructions for Automatic Login to vSphere Web Client 6.0.

     

     

    But it only open login page and login does not occurs.

     

    Below is the Service/Target application/Policy/Target Account settings.

     

     

    Config is ok seems to me, wonder if this instruction is only for sphere 6.0 and need special configuration for 6.5.

     

     

    Best Regards

     

    Jerry



  • 2.  Re: How to Automatic Login to Web Portals for Sphere Web Client 6.5
    Best Answer

    Broadcom Employee
    Posted Dec 13, 2017 02:30 PM

    To create the service for automated login to the VmWare 6.5 you would create a TCP/UDP Service using the “Xsuite HTML WebSSO”  like normal, however due to the way the page validates login we will need to use a workaround in order to properly complete the Learn Mode. Here are some basic instructions:

     

    The Launch URL should be set to: https://<Local IP>:<First Port>/ui/#

     

     

    Next you would need to define a policy to allow access. Once the policy has been defined; visit the Access Page & restart your session. You should see the “Learn Mode” appear for your configured device under Web Portal. Select Learn Mode like you normally would.

     

     

     

    Here is where the workaround comes in. While selecting the 3 required fields (using right mouse click) you will notice that you cannot select the submit option for the “log in” button (It appears to be disabled):

     

     

    This happens because the webpage is validating for user inputted text. The word ‘accountname’ is added to the box as a placeholder programmatically by PAM, and due to the way the validation works, the webpage does NOT recognize this as user input. To work around this, we can enter one additional character in the username field (see the underscore after accountname) to trick the page into believing there was valid input that it is expecting and now we can see that the Log In button will then be enabled:

     

     

    The ‘accountname’ placeholder is important to the process so it is VERY IMPORTANT to remove the extra character we added once the log in button is enabled. After removing the extra character, you can select the login button with a right mouse click to mark the submit button and then save your configuration.

     

     

    Once the learn process has been properly completed the Web Portal auto login should work as expected:

     

     

     

     

     



  • 3.  Re: How to Automatic Login to Web Portals for Sphere Web Client 6.5

    Broadcom Employee
    Posted Dec 13, 2017 10:23 PM

    Hi Joseph,

     

    worked like a charm! 

     

     

    Thanks for sharing.

     

     

    Jerry