Skip to content
This repository has been archived by the owner on Jan 17, 2021. It is now read-only.

Latest commit

 

History

History
40 lines (37 loc) · 10 KB

readme.md

File metadata and controls

40 lines (37 loc) · 10 KB

The content on this repository is no longer being maintained and is now archived for read-only access. Complete removal of the content is TBD.

Discovery

The Thycotic Extensible Discovery Script Repository is a repository of scripts that have been created by internal Thycotic consultants, support representatives, and others, along with clients, and partners of Thycotic. As such:

  1. The scripts have to be changed to match your environment.
  2. The scripts have NOT been tested for quality assurance in any way and are offered as is with no warranty.
  3. The scripts are not covered by Thycotic's regular support policy, or any other implied policy.
  4. By downloading a script from this repository, you acknowledge that you are using this as a starting point, and doing so at your own risk.
  5. Should you need help implementing these scripts in your environment in a formally 'Quality Assured' fashion, please reach out to your Client Services representative to discuss a Professional Services engagement in order to do that.

Tokens used for Dependencies and Account Scanning

Token Available In Translates To
$USERNAME pre-10.0 The username on the secret.
$PASSWORD pre-10.0 The password on the secret.
${name of any field on secret} pre-10.0 The value of the field on the secret with the same name (ex; $DOMAIN matches the secret's "Domain" field, $NOTES matches the "Notes" field, etc).
$[x]$USERNAME pre-10.0 The username on the xthsecret on the RPC tab for use in custom password changing commands and scripts (ex: $[1]$USERNAME is the username of the first associated secret).
$[x]$PASSWORD pre-10.0 The password on the xthsecret on the RPC tab for use in custom password changing commands and scripts.
$[x]${name of any field on secret} pre-10.0 The value of the field with the same name on the xthsecret on the RPC tab for use in custom password changing commands and scripts.
$DATABASE pre-10.0 The value of the Database field from the dependency. Only valid for SQL dependencies unless added as a field by the scan item template (see below).
$PORT pre-10.0 The value of the Port field from the dependency. Only valid for SQL and SSH dependencies unless added as a field by the scan item template (see below).
$SERVICENAME 10 The value of the Service Name field on the dependency. Service Name may have a different name based on the dependency type but is always the first part of the dependency title ( "________ on ________" )
$MACHINE 10 The value of the Machine Name field on the dependency. This is always the second part of the dependency title ( "________ on ________" )
${scan item field name} 10 The name of any scan item field (defined on the scan item template) that is visible in the dependency edit dialog. If a scan item field is derived from a parent field, you may also use the parent field name as a parameter that translates to this field's value.
$CURRENTPASSWORD pre-10.0 The password currently on the secret (context-sensitive to whether script is run before or after password change).
$NEWPASSWORD 10.2 The new password that is being set on the secret.
$PRIORPASSWORD 10.2 The password that was set on the secret before the current password change.
$PASSPHRASE 10.2 The passphrase used to encrypt the private key in a public/private key pair on this secret.
$PRIORPASSPHRASE 10.2 The passphrase that was set on the secret before the current passphrase rotation.
$PUBLICKEY 10.2 The public key on the secret.
$CURRENTPUBLICKEY 10.2 The public key currently on the secret (context-sensitive to whether script is run before or after key rotation).
$NEWPUBLICKEY 10.2 The new public key that is being set on the secret.
$PRIORPUBLICKEY 10.2 The public key that was set on the secret before the current key rotation.
$DEPENDENCYPRIVILEGEDUSERNAME 10.3 The user name on the privileged account assigned to the dependency.
$DEPENDENCYPRIVILEGEDPASSWORD 10.3 The password on the privileged account assigned to the dependency.
$DEPENDENCYPRIVILEGEDPRIVATEKEY 10.3 The private key on the privileged account assigned to the dependency.
$DEPENDENCYPRIVILEGEDPASSPHRASE 10.3 The private key passphrase on the privileged account assigned to the dependency.
$DEPENDENCYSSHKEY 10.3 The new SSH key to set on the dependency.
$DEPENDENCYSSHKEYPASSPHRASE 10.3 The new passphrase of the SSH key to be set on the dependency.