Integration with Arbor Servers

Dears, 

I am integrating SPP with a machine that has the ArbOS operating system (A proprietary operating system created by Netscout). However, after contacting support, I knew that the initial shell that open when someone tries to login to the server is AED shell. To change to bash, the user has to type: / shell 

Is there a way to add this "/ shell" command before the commands Safeguard runs when it tests the connection?

Parents
  • This would require a custom platform to change the way the commands are sent from SPP:

    https://support.oneidentity.com/kb/4209805/how-to-use-custom-platforms-in-safeguard

    For assistance with creating a custom platform, We recommend consulting with One Identity Professional Services.

    Thanks!

  • Thank you, Mr. Tawfiq, for the reply.

    I tried cloning the GenericLinux custom script from the SafeguardCustomPlatform Repo on GitHub, and placed the commnd at the start of the SetupEnvironment function, as in this:

    ...
    "SetUpEnvironment": {
        "Do": [
          { "Send": { "ConnectionObjectName": "ConnectSsh", "Buffer": "/ shell; unset TERM; stty -echo; LANG=C; LC_ALL=C; SUDO_PROMPT='SUDO password for %p:'; export LANG LC_ALL SUDO_PROMPT; echo \"INIT_CHECK=$?\"" } },
          { "Receive": { "ConnectionObjectName": "ConnectSsh", "BufferName": "FlushBuffer" } },
          { "Return": { "Value": true } }
        ]
      },
    ...

    However, I receive this error:

    2024-07-21T14:14:34+03:00 Debug RECV buf(("Last login: Mon Jul  8 15:46:10 2024 from 10.9.106.173
    
    
    Arbor Edge Defense v7.0.1.0
    Copyright (c) 2000-2023 Arbor Networks, Inc.  All Rights Reserved.
    
    Welcome to ArbOS
    
    PAM-SVC-l@HQ-AED-01:/# "))
    2024-07-21T14:14:34+03:00 Debug Send : / shell; unset TERM; stty -echo; LANG=C; LC_ALL=C; SUDO_PROMPT='SUDO password for %p:'; export LANG LC_ALL SUDO_PROMPT; echo "INIT_CHECK=$?"
    2024-07-21T14:14:34+03:00 Debug RECV buf(("/ shell; unset TERM; stty -echo; LANG=C; LC_ALL=C; SUDO_P ROMPT='SUDO password for %p:'; export LANG LC_ALL SUDO_PROMPT; echo \"INIT_CHECK= $
    PAM-SVC-l@HQ-AED-01:/# / shell; unset TERM; stty -echo; LANG=C; LC_ALL=C; SUDO_P 
    ROMPT='SUDO password for %p:'; export LANG LC_ALL SUDO_PROMPT; echo \"INIT_CHECK= 
    $?\"
    120: Invalid command
    PAM-SVC-l@HQ-AED-01:/# "))
    2024-07-21T14:14:34+03:00 Debug Send : sudo egrep -q '^(PAM-SVC-l):' /etc/shadow; echo "CHECKSYS=$?"
    2024-07-21T14:14:35+03:00 Debug RECV buf(("**secret**"))

    Can you recognize the issue?

Reply
  • Thank you, Mr. Tawfiq, for the reply.

    I tried cloning the GenericLinux custom script from the SafeguardCustomPlatform Repo on GitHub, and placed the commnd at the start of the SetupEnvironment function, as in this:

    ...
    "SetUpEnvironment": {
        "Do": [
          { "Send": { "ConnectionObjectName": "ConnectSsh", "Buffer": "/ shell; unset TERM; stty -echo; LANG=C; LC_ALL=C; SUDO_PROMPT='SUDO password for %p:'; export LANG LC_ALL SUDO_PROMPT; echo \"INIT_CHECK=$?\"" } },
          { "Receive": { "ConnectionObjectName": "ConnectSsh", "BufferName": "FlushBuffer" } },
          { "Return": { "Value": true } }
        ]
      },
    ...

    However, I receive this error:

    2024-07-21T14:14:34+03:00 Debug RECV buf(("Last login: Mon Jul  8 15:46:10 2024 from 10.9.106.173
    
    
    Arbor Edge Defense v7.0.1.0
    Copyright (c) 2000-2023 Arbor Networks, Inc.  All Rights Reserved.
    
    Welcome to ArbOS
    
    PAM-SVC-l@HQ-AED-01:/# "))
    2024-07-21T14:14:34+03:00 Debug Send : / shell; unset TERM; stty -echo; LANG=C; LC_ALL=C; SUDO_PROMPT='SUDO password for %p:'; export LANG LC_ALL SUDO_PROMPT; echo "INIT_CHECK=$?"
    2024-07-21T14:14:34+03:00 Debug RECV buf(("/ shell; unset TERM; stty -echo; LANG=C; LC_ALL=C; SUDO_P ROMPT='SUDO password for %p:'; export LANG LC_ALL SUDO_PROMPT; echo \"INIT_CHECK= $
    PAM-SVC-l@HQ-AED-01:/# / shell; unset TERM; stty -echo; LANG=C; LC_ALL=C; SUDO_P 
    ROMPT='SUDO password for %p:'; export LANG LC_ALL SUDO_PROMPT; echo \"INIT_CHECK= 
    $?\"
    120: Invalid command
    PAM-SVC-l@HQ-AED-01:/# "))
    2024-07-21T14:14:34+03:00 Debug Send : sudo egrep -q '^(PAM-SVC-l):' /etc/shadow; echo "CHECKSYS=$?"
    2024-07-21T14:14:35+03:00 Debug RECV buf(("**secret**"))

    Can you recognize the issue?

Children