SecureParameter is not working in API call

mail2vij 2022-05-18 07:28:28 UTC #1

while using SecureParameter it is not working as syntax in API call

<?xml version="1.0" encoding="UTF-8"?>
<BES xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="BES.xsd">
<SourcedFixletAction>
   <SourceFixlet>
     <Sitename>test site</Sitename>
     <FixletID>14703</FixletID>
     <Action>Action1</Action>
   </SourceFixlet>
   <Target>
     <ComputerName>jumpserver</ComputerName> 
    
   </Target>
<Parameter Name="Error_Folder">/tmp/180522</Parameter>
<Parameter Name="hostname">target1</Parameter>
**<SecureParameter Name="secret">password</SecureParameter>**
</SourcedFixletAction>
</BES>

Output:
Bad Request: (no reason given)

JasonWalker 2022-05-18 12:02:56 UTC #2

Can’t use SecureParameters in a SourcedFixletAction, unfortunately, you have to send it as a SingleAction.

mail2vij 2022-05-18 12:13:30 UTC #3

does it mean that i need to export an action and execute it via rest api call ?

Mike 2022-05-18 12:22:41 UTC #4

@JasonWalker are you sure?

<xs:complexType name="SourcedFixletAction">
    <xs:sequence>
        <xs:element name="SourceFixlet" type="BESActionSourceFixlet"/>
        <xs:element name="Target" type="BESActionTarget" minOccurs="0"/>
        <xs:element name="Parameter" type="BESActionParameter" minOccurs="0" maxOccurs="unbounded"/>
        <xs:element name="SecureParameter" type="BESActionParameter" minOccurs="0" maxOccurs="unbounded"/>
        <xs:element name="Settings" type="ActionSettings" minOccurs="0"/>
        <xs:element name="IsUrgent" type="xs:boolean" minOccurs="0"/>
        <xs:element name="Title" type="ObjectName" minOccurs="0"/>
    </xs:sequence>
    <xs:attribute name="SkipUI" type="xs:boolean"/>
</xs:complexType>

and the Action API documentation shows an example using SourcedFixletAction.

JasonWalker 2022-05-18 12:29:17 UTC #5

Well…this is embarassing. I shouldn’t post before coffee.

You’re absolutely right, SecureParameters are fine in SourcedFixletAction…it’s MIMEField that I was thinking of, that can’t be used in SourcedFixletAction.

Mike 2022-05-18 12:32:46 UTC #6

I’m thinking it might be the name of the site is bad, the id of the fixlet is bad, or possibly your using ComputerName vs ComputerID (while not explicitly stated you can’t use ComputerName, the example hinted at it). Also, if your password value contains special XML characters, they must be encoded properly first.

mail2vij 2022-05-18 13:12:45 UTC #7

@JasonWalker , is there any option how to use secure parameter as i can’t use this with single action as well

JasonWalker 2022-05-18 13:17:03 UTC #8

I like @Mike’s thinking here…try sending without the SecureParameter first, and with simple values, to rule out other things like a bad computername value or XML special characters in the password.

mail2vij 2022-05-18 13:19:15 UTC #9

i can send parameters with simple values but password shows at console in the parameter used list

JasonWalker 2022-05-18 13:26:29 UTC #10

I have a detailed writeup at Secret Parameter Actions , see whether you can spot any differences …

mail2vij 2022-05-18 15:11:13 UTC #12

just checked the source template again and replaced
<CompuerName> to <ComputerID> and it works

why it does not work with ComputerName?

JasonWalker 2022-05-18 16:23:07 UTC #13

Looks like a platform bug to me, and I’ve reproduced it on mine. When using the REST API, I can send a SourcedFixletAction to a ComputerName if there’s no SecureParameter, but with a SecureParameter it can only be actioned against a ComputerID.

@AlanM is that expected behavior?

brolly33 2022-05-18 18:06:36 UTC #14

Secure Parameter Action requires Mailbox site - hence targeting by ID.

mail2vij 2022-05-18 18:24:33 UTC #15

@brolly33 Does it mean that all other action may work with computer name or ID except secure parameter tag

brolly33 2022-05-20 20:00:44 UTC #16

Yes - Secure Parameter requires Mailbox, other action types should work fine with Computer Name