Documentation forAccess Rights Manager

Configure scripts

Scripts must be stored in the following directory:

%ProgramData%\protected-networks.com\8MAN\scripts\analyze

 

Supported file types are:

  • .ps (PowerShell)
  • .vbs (VisualBasic)
  • .bat
  • .cmd
  • .js (nodejs.exe)
  • .exe

 

Required PowerShell modules must be installed on the Access Rights Manager server.

Please note that PowerShell scripts in the ARM context are executed without a console. Therefore, it may be necessary to include the $ProgressPreference = "SilentlyContinue" command as the first line in the script for successful execution of the script.

 

 

On the start page of the ARM configuration application, click Scripting.

 

Select the area for which you are configuring scripts.

 

  1. Access Rights Manager shows you a list of all the supported change actions before or after which scripts can be executed, as well as available parameters.
  2. Create a new script configuration.
  3. Delete the selected script configuration.

  4. Create a baseline (hash value) for all script configurations. Click Apply to synchronize the hash values with the server. This is a security feature that makes it difficult for potential attackers to inject malicious code into the scripts or replace them.

 

  1. Select whether to run the script before or after the action. Your selection filters the available actions (column 2).
  2. Select an action for which you want to make a script available.
  3. If you have several scripts available for an action, specify the default settings for the Access Rights Manager users in the drop-down menu.

 

  1. Select a script file.
  2. Create a baseline (hash value) for the script configuration. Click Apply to synchronize the hash values with the server. This is a security feature that makes it difficult for potential attackers to inject malicious code into the scripts or replace them.
  3. Select how Access Rights Manager passes the parameters to the script. You can select the parameters directly or pass them as JSON or CSV objects.

 

Select the command line parameters.

 

Select the type of data transfer to the script. Using a JSON or CSV object as a selection causes the script to provide a temporary file that contains the object data in the selected format.

 

  1. Specify credentials to run the script.
  2. Give the script assignment a unique name for the selection in the Access Rights Manager applications.
  3. Optional but recommended: Leave a description.

 

Get a command line preview at any time.