Documentation forAccess Rights Manager

Configure scripts

Scripts are stored in the following directory:

%ProgramData%\protected-networks.com\8MAN\scripts\analyze

The supported file types are:

  • .ps (PowerShell)
  • .vbs (VisualBasic)
  • .bat
  • .cmd
  • .js (nodejs.exe)
  • .exe

The required PowerShell modules must be installed on the Access Rights Manager server.

PowerShell scripts in the ARM context are executed without a console. You may need to add the $ProgressPreference = "SilentlyContinue" command as the first line in the script to successfully execute the script.

(Optional) Create a baseline for all script configurations

You can create a baseline (hash value) for all script configurations. This security feature makes it difficult for unauthorized users and potential attackers to replace scripts or inject malicious code into the scripts. Otherwise, you can create a baseline when you create a script configuration.

  1. Start the Configuration application.

  2. Click the Scripting tile.

  3. In the Scripting window under the configuration area tabs, click Generate baselines for all configurations.

  4. If prompted, click Apply.

Create a script configuration

  1. Start the Configuration application.

  2. Click the Scripting tile.

  3. In the Scripting window, click Supported actions and parameters to review a list of all supported change actions.

    You can execute a script before or after these actions, as well as view the available parameters.

  4. Record the change actions that will include a script configuration. You will need this information in a later step.

  5. In the Scripting window, select a tab that identifies the area for your new script.

    For example, Change actions.

  6. Under the action tabs, click New.

  7. Select the script execution point and action.

    1. In the Execution point column, select whether to run the targeted script before or after an action.

    2. In the Action column, select an action for the script.

    3. If you have several scripts available for an action, select the default settings for ARM users.

  8. Select the script file on the server.

    1. Select a script file.

    2. Create a baseline (hash value) for the script configuration, and then click Apply to synchronize the hash values with the server. This is a security feature that makes it difficult for potential attackers to inject malicious code into the scripts or replace them.

    3. Select how ARM passes the parameters to the script. You can select the parameters directly or pass them as JSON or CSV objects.

  9. Select the command line parameters.

  10. Select the type of data transfer to the script. Using a JSON or CSV object as a selection causes the script to provide a temporary file that contains the object data in the selected format.

  11. Select the script credentials and apply a name.

    1. Select the credentials used to run the script.

    2. Apply a unique name to the script assignment. The script name will display in the ARM applications.

    3. (Recommended) Enter a description of the script.

    4. (Optional) Click the magnifying glass icon to preview the command line.

    5. If prompted, click Apply.

Delete a script configuration

  1. Start the Configuration application.
  2. Click the Scripting tile.

  3. In the Scripting window, select a tab that contains the script configuration you want to delete. For example, Change actions.

  4. Click Delete.