# The example shows how to add a secret account to an existing Safe Box in SecureAnyBox # If you want to use PowerShell commands to work with SecureAnyBox, first # install SABPowerShellModule.msi # First, we need to authenticate the user. Connect-Sab command connects to SecureAnyBox and # opens the login dialogue. # Due to security reasons, we strongly recommend not using an admin user account. # Create (or use) a user account with minimum permissions (READ and CREATE) only # for the destination Safe Box instead. $sabUrl = "http://172.22.100.168:8866" ## enter Url of SecureAnyBox $loginStatus = connect-sab $sabUrl # If the second-factor authentication is required, the set-2fa function # opens a dialogue for entering the code if ( $loginStatus.SecondFactorRequired ) { set-2fa } try{ # After the user logs in, it is necessary to get the id of destination Safe Box, # to where the secret account will create. # PowerShell commands get-safeboxes and where-object are used to get Safe Box id # for a given Safe Box name. # When the response from the SecureAnyBox server is received, it is necessary to # check if the received id is valid and the script can continue $safeBoxName = 'SafeBoxInRoot' $safeBoxId = get-safeboxes | where-object { $_.name -like $safeBoxName -and $_.Type -eq 'SAFEBOX' } | Select-Object -expand id if ( $safeBoxId -le 0 ) { Write-Host "Safe Box' $safeBoxName 'not found." exit } Write-Host "Safe Box '$safeBoxName' found. (id $safeBoxId)" # Set the name and login for new secret account record. Note that the secret account name must be # unique within the Safe Box. # PowerShell New-SecretAccount function creates an object, which will be later used to create # an secret account record into the SecureAnyBox. # Into the new PowerShell object, specify other secret account's values. $secAccountName = "new_secret_account_run4" ## enter name of new secret account $loginName = "loginame" ## enter login name for new secret account $secAcc = New-SecretAccount -Name $secAccountName -LoginName $loginName $secAcc.Site = "site" $secAcc.Description = "description" $secAcc.Tags.Add('tag1') ## each tag must be added individually $secAcc.Tags.Add('PS_import') $secAcc.Note = "noteline1`nnoteline2" ## use `n to add new line $secAcc.Launcher = "NONE" ## select one of the values : NONE, REMOTE_DESKTOP, SSH, SFTP, SCP, TELNET, FTP, RASDIAL, WINBOX $secAcc.Attributes.'sec-serverAddress' = "serverAddress" $secAcc.Attributes.'sec-note' = "secretnoteline1`nline2" ## use `n to add new line $secAcc.Password = "hyBE719DslExma6w" $secAcc.PasswordRe = "hyBE719DslExma6w" ## repeat password # To add any record, we need to know an id of the Safe Box to where a secret account will create. # PowerShell Add-Record function returns the secret account object. If the id from returned secret # account object is greater than zero, then the secret account creation was successful. $newRec = $secAcc | Add-Record -Id $safeBoxId $secAccId = $newRec.id if ( $secAccId -gt 0 ) { Write-Host "Created secret account '$secAccountName' (id $secAccId )" Write-Host } } finally{ # When the connection is not needed anymore, disconnect from the SecureAnyBox server. $loginStatus = Disconnect-SAB if(! $loginStatus.Authenticated){ Write-Host "Disconnected from SecureAnyBox server" } }