Symantec Privileged Access Management

  • Private Community

  • 1.  How to get into Learn Mode in RDP Access ?

    Posted Sep 24, 2018 03:39 AM

    Hi, can someone advice me, how to get into Learn mode in RDP Access ?

    I already login in "super" user but still can access the "learn mode" in RDP



  • 2.  Re: How to get into Learn Mode in RDP Access ?
    Best Answer

    Posted Sep 24, 2018 08:38 AM

    Have you looked at the RDP Transparent Login section in the PAM wiki:  Set Up Transparent Login for RDP Servers - CA Privileged Access Manager - 3.2 - CA Technologies Documentation ?  In particular, you have to publish cmd.exe on the Windows server you wish to use.  Take a look at the Windows Configuration section on this page.  You will see that you have to provide a specific parameter when you publish cmd.exe, and that it is slightly different depending on the OS of the server.  Please follow these instructions and open a ticket if you are still unable to get it to work.



  • 3.  Re: How to get into Learn Mode in RDP Access ?

    Posted Sep 24, 2018 10:56 PM

    I did follow the guide and managed to publish the cmd.exe with parameters at initial stage.

    By the way, am using Windows Server 2016 trial version. Does it have to be Windows Server 2008 or Windows server 2012 ?

     

    Initially, after i added the RDP Role, i manage to to publish cmd.exe but now i can't... 

    On my Windows Server 2016, now i see this.

     

    On IIS i see this



  • 4.  Re: How to get into Learn Mode in RDP Access ?

    Posted Sep 24, 2018 09:54 AM

    In Addition to what Ed said there is a new course in LMS on this topic: 04PIM30430 CA Privileged Access Manager 3.2: Use the Transparent Login Learn Tool 300



  • 5.  Re: How to get into Learn Mode in RDP Access ?

    Posted Sep 25, 2018 06:43 AM

    I manage to make the learn mode works in my env and manage to create a new MSSQL 2012 script and tested working in Debug mode in Learn mode RDP session.

    <window id="">
    <combobox id="[CLASS:WindowsForms10.COMBOBOX.app.0.33c0d9d; INSTANCE:2]" type="text" value="win26jump"/>
    <combobox id="[CLASS:WindowsForms10.COMBOBOX.app.0.33c0d9d; INSTANCE:3]" type="index" value="1"/>
    <edit id="[CLASS:Edit; INSTANCE:2]" username="true"/>
    <edit id="[CLASS:WindowsForms10.EDIT.app.0.33c0d9d; INSTANCE:1]" password="true"/>
    <sleep time="500"/>
    <click id="[CLASS:WindowsForms10.BUTTON.app.0.33c0d9d; INSTANCE:1]"/>
    <sleep time="1500"/>
    </window>

     

    But when i test on actual policies, i can see the able to RDP to JumpServer and then MSSQL Studio Mgmt GUI is launch and "sa" & password is auto-filled but after few second, the RDP session automatically sign-off !!!

    What is wrong here ?