Test a Windows Management Instrumentation credential encrypted with Secrets Management

  • Release version: Xanadu
  • Updated August 1, 2024
  • 2 minutes to read

    • Verify that your Windows Management Instrumentation (WMI) credential is encrypted with Secrets Management and use an Integration Hub workflow to complete end-to-end testing.

    Before you begin

    Role required: admin, KMF_admin, sn_secrets.secret_manager, and sn_kmf.cryptographic_manager

    Procedure

    1. Confirm that the desired MID Server is associated with the Secret Group.
      Open the Secret Group with Criteria [sn_sm_criteria_secret_group] record, and look for your MID Server in the Secret Group – Identity Group Members list. If your MID Server isn’t associated with a group see Create a secret group with criteria.
    2. Confirm that the credential is encrypted with Secrets Management.
      1. Navigate to All > IntegrationHub > Connections & Credentials > Credentials.
      2. Open your credential record.
        Verify that you have a credential alias listed in the Credential alias field. If you have not created one already, see Create a Connection & Credential alias.
      3. Select and hold (or right-click) the header of your credentials record, and select Show XML from the list.
      4. In the XML view of the record, find the password and confirm that the value starts with □□□A□□.
        XML view of a credential alias record
    3. Create a testing workflow in Workflow Studio.
      1. Navigate to All > Process Automation > Workflow Studio.
      2. Select New, then select Action from the list.
      3. Enter a name in the Action name field.
        Leave the Application field set to Global.
      4. Select the Build action button.
    4. Configure a record lookup step in Workflow Studio.
      1. In the Action Outline, select the plus button to add a new step.
        Find and select the Look Up Record step type.
      2. In the Table field, select MID Server [ecc_agent].
      3. For the condition, select Name is, followed by the name of your MID Server.
      Look up Record step configuration
      Important:
      Make sure that the selected MID Server is the same as the one associated with the secret group.
    5. Configure a record lookup step in Workflow Studio.
      1. In the Action Outline, select the plus button to add a new step below your Look Up Record step.
        Find and select the PowerShell step type.
      2. In the PowerShell Step form, fill in the fields as needed.
        Table 1. PowerShell step fields
        Field Value
        Connection Select Define Connection Inline
        Credential Alias Select your credential alias
        Host Enter the IP address of the target Windows server
        Port Enter 22 if it isn’t already the default.
        MID Selection Select Specific MID Server
        MID Server

        Drag in the MID Server Record pill from the Data panel

        This data pill is visible in the Data panel on the right edge of the screen, under Look Up Record step.
        Remoting Type Select Run on a MID Server or have your script establish a remote session
      PowerShell step configuration
    6. Create a script for your test action.
      1. In the Script Type field, select Inline Script.
      2. Use the following script, replacing the example path with the path from your test host. 
        Get-Date | Out-File -FilePath C:\Users\<path>\sm_ig_text_file.txt
        Note:
        You may also run your own script that suits your remote host configuration. It’s important to confirm that a connection was established using the SM-encrypted value.
      3. Select the Save button to save your action.
      Script configuration for the PowerShell step
    7. Select the Test button to test your action.
    8. Review the output logs for any error messages.
    9. Verify that a test file has been created on the host server in the file path you provided in the script.
      Test file within a host server's file system