A working Connect-RDMDataSource that connects to DVLS datasource using application credentials
A working Connect-RDMDataSource that connects to DVLS datasource using application credentials
I've been struggling trying to get the new RDM cmdlets from PSGallery to connect to my Devolutions Password Server backend. What did the trick was when I read @ascheipner mention he was using Set-RDMPowerShellOverride. Even though Jonathan says no override should be needed, when I set the override path to my exported datasource xml, I was able to connect using the example previously provided (it throws some errors about missing dll's but those are benign.) What is interesting is providing a blank xml works as well. Once I figured that out, I was able to write a standalone function that can connect to RDM/DPS without RDM being installed on that machine.
Tested on:
PowerShell v5.1
RemoteDesktopManager PowerShell module version 2021.2.0.24
Here's the function, hope it helps others until the bugs are worked out.
function Connect-RDMDataSource {
<#
.SYNOPSIS
Connects RDM to DPS datasource and sets datasource to current.
.DESCRIPTION
The new PowerShell cmdlets for Remote Desktop Manager need a little help when
connecting to a Devolutions Password Server backend. By creating a blank XML
as a connection override, RDM is able to successfully connect to the DPS backend
using application credentials.
.EXAMPLE
Connect-RDMDataSource -dsname mydvs -dsurl https://myserver.mydomain.com/dps -appkey c13fd404-3445-11ec-8d3d-0242ac130003 -appsecret WjO4kwTEq21gVzTufUZlButjRC74Pnp7fe6x95kxDvK7vJigSZyvvkj2N6iGLaO2
.NOTES
Note: the RDM cmdlets will thrhow a DllNotFoundException if SQLite.Interop.dll is not installed. These errors are
benign and cannot be hidden with erroraction variables.
#>
[CmdletBinding()]
PARAM(
[Parameter(Mandatory=$true,
ValueFromPipeline=$false,
HelpMessage = 'A name for the DVLS datasource. This can be any value you want.')]
[String]$dsname,
[Parameter(Mandatory=$true,
ValueFromPipeline=$false,
HelpMessage = 'The URL of the Devolutions Password Server as it is in RDM (example, "https://myserver.mydomain.com/dps")')]
[ValidateScript({
if ($_ -match '((http|https)://).*'){
$true
} else {
throw "dsurl must be a url, i.e., https://myserver.mydomain.com/dps"
}
})]
[String]$dsurl,
[Parameter(Mandatory=$true,
ValueFromPipeline=$false,
HelpMessage = 'The application key created in DPS. See https://helpserver.devolutions.net/webinterface_applications.html for more information')]
[ValidateScript ({
if ($_ -match '^[{]?[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}[}]?$'){
$true
} else {
throw "appkey must be in GUID format, i.e., c13fd404-3445-11ec-8d3d-0242ac130003"
}
})]
[String]$appkey,
[Parameter(Mandatory=$true,
ValueFromPipeline=$false,
HelpMessage = 'The application secret created in DPS. See https://helpserver.devolutions.net/webinterface_applications.html for more information')]
[ValidateScript ({
if ($_.length -eq 64){
$true
} else {
throw "appsecret should be 64 characters is length. See https://helpserver.devolutions.net/webinterface_applications.html for more information"
}
})]
[String]$appsecret
)
process{
$TempFile = New-TemporaryFile
Set-Content $tempfile '<?xml version="1.0"?>'
Add-Content $tempfile '<Option></Option>'
$override = Get-RDMPowerShellOverride
$override.OptionFilePath = $TempFile
Set-RDMPowerShellOverride
$ds = New-RDMDataSource -DVLS -Name $dsname -Server $dsurl -SetDatasource -WarningAction SilentlyContinue
Set-RDMDatasourceProperty $ds -Property "ScriptingTenantID" -Value $appkey
Set-RDMDatasourceProperty $ds -Property "ScriptingApplicationPassword" -Value $appsecret
Set-RDMDataSource $ds
Set-RDMCurrentDataSource $ds
remove-item $TempFile
}
}
All Comments (2)
Hello Paul,
Thank you for sharing the script with the community. While the override should not be necessary, it is available for just such cases.
Best regards,
Richard Boisvert
Thanks Jonathan. I am still unable to get the cmdlets to connect the datasource on a machine with RDM installed, even with the override, but I have moved my RDM scripts over to a dedicated scripting host as a workaround.