Shared Credential List Improperly Reports Success Even When Access is Denied

Follow

Date: March 31, 2014
Version: 1.0


Problem:

When using the Enterprise Random Password Manager Web Service (or PowerShell) in version 4.83.7 build 131004 to add a shared credential to a list that you do not have access to, the output reports success even though the actual process did indeed fail.

Cause:

The web service and ERPM website did not properly record and report the actual transaction message which should have been a failure.

Code:
Set-LSSharedCredential -AuthenticationToken $AuthToken -SharedCredentialList ListNameHere -AccountName test -SystemName test -Password test -AssetTag "n/a" -OverwriteType ADD_OR_OVERWRITE -Comment test

ExtensionData                           OperationMessage                                             OperationSucceeded
-------------                           ----------------                                             ------------------
System.Runtime.Serialization.Extensi... Saved password for test\test to shar...                                    True


Resolution:

The following fix is only intended to fix the problem outlined above and nothing else. The next release of ERPM will also include this fix.

Please download the following patch: http://ftp.liebsoft.com/ForumKBDownl...ServiceFix.zip

The zip file contains two files:

  • RouletteWeb.dll
  • RouletteAppServiceSupport.dll



Extract the files and replace the existing instances of the files.

Web servers will generally install the web service dll (rouletteAppServiceSupport.dll) to %inetpub%\wwwroot\erpmwebservice\. The website dll most often gets placed in %systemroot%\syswow64\ on the web servers.

Ensure that the current web and web service COM objects are not running before trying to replace them or you will get an error about a sharing violation from Windows.

Applies To:

Enterprise Random Password Manager (ERPM)

Was this article helpful?
0 out of 0 found this helpful

Comments

Powered by Zendesk