Export Data using Delinea Escrow Functions
The following commands are available for exporting and emailing data attributes for Systems, Accounts, Domains, and Databases from Privileged Access Service:
| Command | Description |
|---|---|
| Set-EscrowKey -Endpoint -Token -FilePath | Uploads the public key to the Admin Portal and stores it in the tenant configuration. |
| Set-EscrowEmail -Endpoint -Token -Emails | Configures the recipients that will receive the email containing the Systems, Accounts, Domains, and Database data and stores it in the tenant configuration. Separate multiple email recipients using one of the following: , ; space. |
| Get-EscrowEmail -Endpoint -Token | Displays email addresses for recipients designated to receive the exported content. |
| Run-Escrow -Endpoint -Token | Exports the data for Systems, Accounts, Domains, and Databases. Securely sends the .csv file to designated email recipients. If the amount of data before encryption and compression exceeds more than 20MB, the additional data is written to another file and sent in a second email. A passphrase is required in order to open the attachments in the email. |
| Schedule-Escrow -Endpoint -Token | Sets the escrow job (exports data) to run every 24 hours. To change the default configuration, you use CPS.EscrowJobIntervalTimeSpan. The time span is entered as days, hours, minutes, and seconds (d.hh:mm:ss or hh:mm:ss). For example, entering 2.08:30:10 indicates data will be exported every 2 days 8 hours 30 minutes and 10 seconds. |
| Unschedule-Escrow -Endpoint -Token | Cancels the schedule for the escrow job (data export). |
| Get-EscrowScheduleStatus -Endpoint -Token | Displays whether a schedule for exporting data is configured to run periodically (default is every 24 hours). Returns a value of True (schedule is configured) or False (schedule is not configured). |
To Export Data Using Delinea Commands in PowerShell:
Depending on the number of entities you are exporting, the process might take some time to complete.
-
Verify that the computer you are using to export data has access to the Privileged Access Service Admin Portal and that the user to be logged in tothe Admin Portal has the System Administrator role (defined in the Admin Portal).
-
Open the Centrify.Samples.PowerShell.Example.ps1 script file you downloaded earlier to use as a template to run the commands.
-
Modify the script file (uncomment the appropriate lines) to run commands in order to export the data attributes for Systems, Accounts, Domains, andDatabases from Privileged Access Service and email it to designated recipients.
At a minimum you must run the following commands (uncomment the command lines) to export the data and email it to recipients:
-
Set-EscrowKey -Endpoint -Token -FilePath
-
Set-EscrowEmail -Endpoint -Token -Emails
-
Run-Escrow -Endpoint -Token
-
-
Start Windows PowerShell to open a command window and run the modified script (Delinea.Samples.PowerShell.Example.ps1).
The script calls the Centrify.Samples.PowerShell.Example.ps1 module to export Systems, Domains, Databases, Accounts and their attributes into a CSV file and emails it to designated recipients.
