PS to PRA - Tunnel Jump Credential Inject

Forum|Forum|8 months ago
February 26, 2025
2 replies
64 views

+5

Paulo144
Veteran
65 replies

Guys, hello!

I created a script that gets a Managed Account from Password Safe and creates the same account as a Vault Account on the PRA or if the account already exists, just update the password, description and vault group which the account should belong.

Its something we are using in some enviroments that have both PS and PRA, that way the user does not have to manually request the password to use in a Tunnel Jump, as the native integration is not compatible with credential injection.

P

+1

PhillC
BeyondTrust Employee
169 replies
Forum|Forum|8 months ago
February 28, 2025

Hello @Paulo144 - that’s a pretty neat script.

In your post, you mention ‘ user does not have to manually request the password to use in a Tunnel Jump’, can you outline or screenshot which part of the process your are stating here? I am just curious which step in the Jump Session process we are working around here.

+5

Paulo144
Author
Veteran
65 replies
Forum|Forum|8 months ago
February 28, 2025

@PhillC I have attached a print of the password safe account i have put on the vault accounts to use on a SQL Tunnel Jump, that way as long as i put this script in a task schedule once password safe changes the database account my users would still be able to login without knowing the credentials by requesting on Password Safe or i having to manually update the password on the Vaults everytime password safe changed it.

I have updated the script file as well, there were some missing functions on the initial version.

Pulitros

Badge Earners

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded