Steps

1 Add Chinese Language from Windows Settings - Time & Language - Language

2 Click next , then select install button to start installation. It will take some minutes to get all installed.

3 Once done, you will find Windows display language has a new option, but it shows square character only.

4 Change Language for non-Unicode program to Chinese

5 Reboot machine as prompted.

Videos

Architecture

• size of session recordings
• activity in your enterprise
• recordings retention period

• Distributed (Multiple sites, fault tolerance)

• Performance in a load balanced configuration

System Requirements

Installation Overview

Method 1 - Automatic Installation all in one

• This tool DOES NOT support upgrade.
• SM installation runs the hardening steps, including PSMConfigureApplocker, with a default configuration.
• The hardening stage blocks all administrators from navigating in the PSM server file system.
• The Registration stage creates the relevant PSM objects in the Vault each time it runs. When you run the tool, this stage is only run if it has not yet run or if the connection to the Vault failed. If registration started and was cancelled, you must run the repair via the installation Wizard.

Run the installation tool

1. From the installation CD, copy the PSM folder to the component server and unzip.

2. Open CMD and run

   CD <PSM CD-Image Path>\PSMAutoInstallationTool PSMAutoInstallationTool /vaultip <Vault IP address> /vaultuser <Vault username for installation> /accepteula yes

   • Restart - The tool runs the PSM installation stages. When a restart is required, the user is prompted to press Enter, restarting the machine. When the user logs in to the machine again, the tool continues from the relevant step.

   • Vault user credentials - If you are using a Vault username and password, after the last restart you are prompted to enter a password. Enter the password and click Enter. You can use the cred file to avoid entering the password interactively.

Method 2 - Automatic Installation in Five Stages

1. From the installation CD, copy the PSM folder to the component server and unzip.

2. Open InstallationAutomation\Prerequisites\PrerequisitesConfig.XML. Review the options and select the steps to enable by setting Enable = "Yes".

Run the set up stage

To run the script in standard mode, open a PowerShell window and run the following command:

CD “<CD-Image Path>\InstallationAutomation”
.\Execute-Stage.ps1 “<CD-Image Path>\InstallationAutomation\Prerequisites\PrerequisitesConfig.XML”

CD “<CD-Image Path>\InstallationAutomation”
.\Execute-Stage.ps1 “<CD-Image Path>\
InstallationAutomation\Installation\InstallationConfig.XML”

Configure the post-installation stage

From the CD image, open InstallationAutomation\PostInstallation\PostInstallationConfig.XML. and select the steps you want to enable by setting Enable = "Yes"

CD “<CD-Image Path>\InstallationAutomation”
.\Execute-Stage.ps1 “<CD-Image Path>\Installation automation\PostInstallation\PostInstallationConfig.XML

CD “<CD-Image Path>\InstallationAutomation”
.\Execute-Stage.ps1 “<CD-Image Path>\Installation automation\Hardening\HardeningConfig.XML

2. Run the registration stage with a password. Open a PowerShell window and run one of the following commands:

   1. Interactively run the script with the -spwd parameter to securely pass the password to the script. After running the script, enter the Vault user password and press Enter.

      CD “<installation package Path>InstallationAutomation” .\Execute-Stage.ps1 “<installation package Path>\InstallationAutomation\Registration\RegistrationConfig.XML”-spwd

   2. Automatically run the script with the -spwdObj parameter to securely pass the password to the script. First create a secure string that holds the Vault user password. For example:

      $sp = Read-Host -AsSecureString

      Enter the Vault user password, press Enter, and run the script.

      CD “<installation package Path>InstallationAutomation” .\Execute-Stage.ps1 “<installation package Path>\InstallationAutomation\Registration\RegistrationConfig.XML”-spwdObj $sp

   3. Interactively run the script with the -pwd parameter:

      CD “<installation package Path>InstallationAutomation” .\Execute-Stage.ps1 “<installation package Path>\InstallationAutomation\Registration\RegistrationConfig.XML”-pwd <vaultpassword>

       

      This method is not recommended, as it runs with the password in clear text.

3. If you use a credfile, open a PowerShell window and run the following command:

   CD “<installation package Path>InstallationAutomation” .\Execute-Stage.ps1 “<installation package Path>\InstallationAutomation\Registration\RegistrationConfig.XML”

4. When you use the registration tool, the PSM server is assigned a unique identifier, PSM-<identifier>.

   To view the ID assigned to each of PSM servers in your environment, go to PVWA > ADMINISTRATION > Systems Configuration > Options > Privileged Session Management > Configured PSM Servers.

5. When you use the registration tool on an existing vault environment, every platform's PSM in this vault environment is set to the unique identifier described in the previous step.

   To edit a PSM Server ID on an individual platform, go to Platform Management, select the platform and reset the PSM server ID.

   To edit multiple PSM Server IDs, you can do a bulk change. Go to Vault > PVWAConfiguration Safe > Policies.XML, and edit the PSM server IDs.

1. Log on as a domain user who is a member of the local administrators group.

2. Create a new folder on the PSM server machine. From the installation CD, copy the contents of the Privileged Session Manager folder to your new folder .

   Display the contents of the Privileged Session Manager folder.

3. Start the installation procedure:

   Double-click Setup.exe or,

   On systems that are UAC-enabled, right-click Setup.exethen select Run as Administrator.

   The PSM installation wizard appears and displays a list of prerequisites that are installed before the PSM installation continues.

   

4. Click Install to begin the installation process; the installation process begins and the Setup window appears.

   

   You can exit installation at any time by clicking Cancel. You can return to the previous installation window by clicking Back, where applicable.

5. Click Next to view the CyberArk license and accept the terms of the License Agreement.

   

   Read the license agreement, then click Yes to accept its terms.

6. On the Customer Information window, enter your name and your Company name in the appropriate fields, then click Next.

   

7. On the Destination Location window, click Next to accept the default location provided by the installation.

   

8. On the Recordings Folder window, click Next to accept the default recordings folder provided by the installation.

   The Recordings Folder may require a large amount of disk space, depending on the number of recordings that are stored there before being uploaded into the Vault. Take into consideration that, by default, the recordings folder is on the System disk under Program Files and you may want to change it to a different location.

   

   If you install multiple PSMs in the same Vault environment, verify that each PSM has the same path to the Recordings folder.

9. On the Password Vault Web Access Environment window, click Next to accept the default name of the PVWA Configuration Safe provided by the installation.

   

10. Click Next; the installation automatically installs the Oracle Instant Client, then displays the Vault's Connection Details window. Next.

    Skip this step if you want to register the Vault later or if the PSM is already registered. For details, see Install the PSM server in stages.

    

11. 

    It is recommended to use the Vault administrator user for this installation as this user has the appropriate Vault authorizations and is created in the appropriate location in the Vault hierarchy. If you install multiple PSMs in the same Vault environment, you must install all PSMs with the same Vault user

    If a previous PSM has been installed on this machine and a PSM was created, the following message will appear:

    

    This is an informative message. Click OK to continue installation.

12. On the API Gateway Connection Details window, enter the protocol and hostname of the PVWA where the PSM connects to the API Gateway, then click Next. This information is used to generate an endpoint for API calls (<protocol>://<Host>/passwordvault/api).

    

    This window is for use in a Distributed Vaults environment and to automatically unlock accounts. The PSM machine must have trusted communication to the PVWA machine. Port 443 between the PSM the PVWA machines must be open.

13. On the PKI authentication configuration window, select the checkbox to enable smart card authentication, then click Next.

    

    Do not enable this setting if PKI Authentication is not used in your organization. If you do not enable this setting during installation and want to enable PKI authentication for PSM, follow the instructions in During PSM installation.

14. On the Hardening window, click Advanced to customize the post installation and hardening processes, or click Next to perform the standard post installation and hardening processes and display the Setup Complete window.

    

    If you clicked Advanced, select the post installation and hardening processes that the installation will run, then click Next to display the Setup Complete window.

    

15. Click Finish to complete the Privileged Session Manager installation.

    

16. Restart the PSM server. 

17. On the PVWA machine, run iisreset,

    or

    Wait for the PVWA refresh configuration interval to pass.

1. Follow the Method 3 (Wizard Installation all in one) procedure. Skip steps 10 - 12. These steps register the PSM server to the Vault.

2. Use the Registration tool to register the PSM server to the Vault.
3. Finally,  Activate the Privileged Session Manager server

Load Balancing

External Load Balancing

References

• Install AD & CS (Certification Service) on Windows Server 2016 to Deploy Enterprise PKI
• Logo Privileged Access Manager Version 12.2 - Installation

Using Existing Github Project to Get Root Access to Okteto Instance

1 Got to github project majalaya/xssh:

2 Fork it into your own Repository

3 Go to https://ngrok.com/. Log in or sign up if you do not have an account

Click Your Authtoken link and copy your ngrok token.

4 Change your token value in config.sh file from your xssh repository

5 Log into Okteto.com with your Github account

6 Launch Dev Environment

7 Choose from Github, then select your xssh repository

8 Select main branch then launch

9 Your xssh project will be deployed in a minute.

10 You will be able to see a new agent shows in Ngrok's Tunnels menu page.

Create Your Own Image

Test Your On-Premises Domain Controller

Install Docker & Docker-Compose

apt install docker.io -y && apt install docker-compose

curl -sSL https://get.docker.com/ | sh 
systemctl start docker 
systemctl enable docker

curl -L "https://get.daocloud.io/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose

ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose

[root@arm1 ~]# docker volume create portainer_data
portainer_data
[root@arm1 ~]# docker run -d -p 9000:9000 --name portainer --restart always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest

version: '3'
services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    restart: unless-stopped
    ports:
      - '80:80'
      - '81:81'
      - '443:443'
    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt

docker-compose up -d

Email:    [email protected]
Password: changeme

Videos

 

References

• NPM Quick Setup
• How to Install and Use Portainer for Docker management with Nginx Proxy Manager
• How to setup the Nginx Proxy Manager Docker example
• Install Docker, Docker-Compose, Portainer & Nginx on CentOS 8 & Ubuntu 20.04

• https://up.51sec.org
• https://demo.upptime.js.org/

Introduction

Main features

Installation

1 Create a repository from the template

• Click "Create a new repository"
• Enter repository name and check "include all branches"

2 Publishing Page

By default, it has been published automatically with right source and folder settings. 

Only thing you might want to add is a custom domain name,

Custom domain name will require a cname record added into your domain registrar. 

3 add repository secrets

• Click on your profile picture on the top-right corner and select "Settings"
• In the left sidebar, select "Developer settings"
• In the left sidebar, click "Personal access tokens"
• Click "Generate new token"
• Select the "repo" and "workflow" scopes
• Click "Generate token"

4 Add secret into your repository settings

• After generating your token, copy it (you will not see it again). Then, add it as a repository secret:

• In your Upptime repository, select "Settings"
• In the left sidebar, click "Secrets"
• Press the button "New repository secret"
• Enter the name of the secret as GH_PAT
• Paste your personal access token into the Value field
• Be sure there are no spaces before or after the token and/or linebreaks after your token
• Save your PAT by selecting "Add secret"

5 Update configuration

Videos