Unable to authenticate to Devolution Server

Ctrl + k

Published 2 years ago

Hello,

I am going crazy working on PS module for Devolution Server, I need help

First of all, I would like to use powershell module without RDM installed. Is it supported?

I do not find a documentation about command usage so I tried to look at : https://github.com/Devolutions/devolutions-server/blob/main/Powershell%20Module/Devolutions.Server/Public/Authentication/New-DSSession.ps1

There is a little syntax erron in the example: you typed parameter -Credentials (right one is without last s)

This was I have done:
Create on Devolution Server an application and got back Application Key and Secret.

$YourApplicationKey = "zzzzzzzzzzzz"
$YourApplicationSecret = "xxxxxxxxxxxxxxxx"

$SecurePassword = ConvertTo-SecureString $YourApplicationSecret -AsPlainText -Force
$Credentials = New-Object System.Management.Automation.PSCredential ($YourApplicationKey, $SecurePassword)
$URI = "https://my.dvls.local/dvls"

New-DSSession -Credential $Credentials -BaseUri  $URI -AsApplication

I always got this error:

New-DSSession: Exception of type 'Devolutions.RemoteDesktopManager.Business.TryGoOfflineException' was thrown.

What does it mean? What is wrong with my code?

Thanks a lot

PowerShell connectivity methods to Devolutions Server - Devolutions

Create a Devolutions Server data source with an application key - Devolutions

Applications - Devolutions

All Comments (5)

Richard Boisvert

Published 2 years ago

Hello,

It is indeed possible to connect to your Devolutions Server data source without having RDM.

The documentation to connect to your Devolutions Server data source with the PowerShell module is available: https://docs.devolutions.net/kb/devolutions-powershell/devolutions-server/powershell-connectivity/

The page you found used to be for the old module; it is no longer maintained.

That being said, the code you are using seems to be correct. Could you confirm what version of Devolutions Server you are using and what version of the PowerShell module (Get-RDMInstance)? The first two sets of digits must match, or else the authentication will not be possible.

Best regards,

Richard Boisvert

mmusolesi

Published 2 years ago

Hi Richard

I am using:
Get-RDMInstance -> 2023.3.0.0
DVLS Version -> 2023.3.6.0

I just checked and also without RDM I am able to user Devolution Server modules.

I found the problem: I am trying to use an active directory user and it fails. But if I use a local user it works!

So how can I use an AD user to login powershell?

Thanks a lot

Kind Regards

Richard Boisvert

Published 2 years ago

Hello,

If you want to use the script for automation, you will need to use an application - https://docs.devolutions.net/server/web-interface/administration/security-management/applications/

If not, you must authenticate manually whenever you want to run the script.

If you still want to use your domain account, use:

New-DSSession -BaseURI "Your/DVLS/Instance/URL" -UseOAuth

Best regards,

Richard Boisvert

mmusolesi

Published 2 years ago

Hello Richard ,

I moved to Method1 suggested by your document. But there are a lot of issue:

A- Method 1 needs RDM or it doesn't work, while Method 2 works also without RDM. You suggest me to use application, see next point B

Is it by design or something is wrong?

B- I need to use this in an automatic script, so as you told me I am trying to use Applications key/secret. This should be possible with Method 1, but during code execution a redirect to DVLS web login page appears

I think a redirect to a web page login is not an expected behavior. Is it?

Note: Redirect login page do not allow me to insert the username that is prefilled. The prefilled user is not the one used to create key/secret, but it is the one configured for another existing datasource in RDM (I do not find any sense, can you explain me?)

an automatic script cannot manage a redirect and I think this is not the scope of a key/secret. I think something is wrong.

C- Now if i open RDM I have a new configured Data Source named as $dsname.

Used code:

Install-Module Devolutions.PowerShell

$dsname = "PowerShell-Admin"  
$dsurl = "https://srv.xxxx.it/dvls" 
$appkey = "xxxxx-fca6-4890-abd2-xxxxx"
$appsecret = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx" 

$ds = New-RDMDataSource -DVLS -Name $dsname -Server $dsurl -ScriptingTenantID $appkey -ScriptingApplicationPassword $appsecret -SetDatasource -WarningAction SilentlyContinue
Set-RDMDataSource $ds

So I tried to use next code on a new ps session:

$dsname = "PowerShell-Admin"  
$ds = Get-RDMDataSource -Name $dsname  
Set-RDMCurrentDataSource $ds
$All_entry = Get-RDMEntry

1- Get-RDMDataSource redirect me again to DVLS login web page......
2- same user prefilled .....

code:

$dsname = "PowerShell-Admin"  
$ds = Get-RDMDataSource -Name $dsname 
Set-RDMCurrentDataSource $ds

now looking ad $ds I see:

ID          : bb58bbec-1a1e-41b8-a4c8-47ea99a41c80
IsConnected : True
IsOffline   : False
Name        : PowerShell-Admin
Type        : RDMS

It seem fine but if i use:
Get-DSEntries
I got:
Get-DSEntry: Session does not seem authenticated, call New-DSSession.

You told me that New-DSSession id dismissed.

Can you help me?

Thanks a lot

Richard Boisvert

Published 2 years ago

Hello,

RDM does not need to be installed to use the module with the RDM cmdlets. If you have RDM installed, however, when you load the module, it will first use the default data source of RDM, hence the prompt you are receiving.

You would need to put the Application key and ID in RDM directly for it to be seamless: https://docs.devolutions.net/kb/devolutions-server/how-to-articles/create-server-data-source-application-key/#method-1-remote-desktop-manager

The
You cannot use *-DS* cmdlets without first using New-DSSession, it is the second method in the KB previously listed.

Best regards,

Richard Boisvert