Verification

You can verify that the credentials stored in secrets are synchronized from Secret Server to Rapid7 InsightVM by using a credential ID or a site ID in InsightVM. The following sections provide steps to use each method. Before you begin verifying that the integration works, make sure that you complete the steps in Setup and Configuration.

The last section in this topic describes a quick method for testing in InsightVM that you can log in to a machine using the credentials synchronized from Secret Server.

Verifying the Integration with a Credential ID

  1. Retrieve the credential ID that you want to use by using this URL:

    https://insightVM URL/credential/wizard.jsp?credid=id

    insightVM URL is the URL of the machine where insightVM is installed, and creditid is the credential ID.

  2. In Secret Server, go to the folder that stores Rapid7 secrets and update one of the secrets with a new password.

  3. Execute the SS_Rapid7 integration executable file, Delinea.SS.InsightVM.exe.

    The Delinea.SS.InsightVM.exe file is included in the integration package. You can find this file in path of downloads folder\Rapid7SecretServer1.0.0\SS_Rapid7_With_Encryption_Utility\ss_rapid7_integration.

  4. At the command prompt, enter --credentialId as the key and then enter the credential ID that you retrieved in step 1.

    If you created more than one set of credentials in InsightVM for secrets in Secret Server, you can enter the IDs of the credentials, separating them with a comma:
    id1,id2...

    When the credentials in InsightVM are synchronized to the new password, the message The credential data [id=id] has been successfully synchronized appears.

Verifying the Integration with a Site ID

This method assumes that the credentials that you want to verify are assigned to one or more sites in InsighVM. For information about sites, creating sites, and assigning credentials to a site, see the InsightVM documentation.

  1. Retrieve the ID of the site that the credentials are assigned to in InsighVM by using this URL:

    https://<insightVMURL>/ site.jsp?siteid=id

    insightVM URL is the URL of the machine where insightVM is installed, and id is the site ID.

  2. In Secret Server, go to the folder that stores Rapid7 secrets and update one of the secrets with a new password.

  3. Execute the integration executable file, Delinea.SS.InsightVM.exe.

    The Delinea.SS.InsightVM.exe file is included in the integration package. You can find this file in path of downloads folder\Rapid7SecretServer1.0.0\SS_Rapid7_With_Encryption_Utility\ss_rapid7_integration.

  4. At the command prompt, enter --siteid as the key and then enter the site ID.

    If you use multiple sites, enter the site IDs, separating them with a comma:
    sid1,id2...

When the credentials assigned to the specified site in InsightVM are synchronized to the new password, the messages The credential data [id=id] has been successfully synchronized and Processing of site [site=id] is completed appear.

Testing Synchronized Credentials

Use this quick method to verify that you can log in to a machine with credentials that are synchronized from Secret Server to Rapid7 InsightVM:

  1. In InsightVM, open the shared credentials that you created for a secret in Secret Server.

  2. In the Account page of the Credentials Configuration panel, expand the Test Credentials section.

  3. Enter the name or IP address of the machine that you want to log in to with the credentials from the secret.

  4. (Optional) To test authentication on a single port, enter a port number.

  5. Select Test Credentials.

  6. Check that you have successfully logged into the machine.

If the login was successful, the message Authentication succeeded on machine ip address.