Feature Request: Delinea Password/Credential Management

The only option seems to be only cyberark. I’m wondering how many others have other privilege management systems that they would like to connect to and use so there’s not a service account waiting to be exploited with access to the entire company.


Delinea Secret Server would be great to get as credential management!


I agree, Rapid7 should think on the FR/IDEA.

1 Like

Agreed! Rapid7 - let’s get this rolled out!

1 Like

I agree too! Would love to have Delinea Secret Server for credential management.

1 Like

i feel any password vault, regardless of which brand, should be protected with some sort of MFA, to dramatically reduce wrongful, unauthorized access.

1 Like

A while back, I tried to implement a dependency changer for Delinea using powershell to rotate the stored credentials. I couldn’t get it to work the way I wanted. If someone wants to expand/fix my mistake (can’t remember what it was anymore), have at it.

#### Set stuff here ####

# Server hostname
$r7ivmserver = "x.x.x.x"

# Credential ID number
$id = 5

# Credential name
$name = "dummytest"

# Site assignment (either all-sites or specific-sites)
$siteAssignment = "all-sites"

# Service typ. can be "as400", "cifs", "cifshash", "cvs", "db2", "ftp", "http", "ms-sql", "mysql", "notes", "oracle", "pop", "postgresql", "remote-exec", "snmp", "snmpv3", "ssh", "ssh-key", "sybase" or "telnet"
$service = "cifs"

# Rapid7 API credential
$cu = "vault"
$cp = "xyz" | ConvertTo-SecureString -AsPlainText -Force
$cred = New-Object System.Management.Automation.PSCredential -AgumentList $cu, $cp

#### End of settings ####

$Url = "https://" + $r7ivmserver + ":3780//api/3/shared_credentials/" + $id 

$body = @{"siteAssignment"=$siteAssignment; "name"=$name; "account"=@{"service"=$service; "password"="$PASSWORD"}} | ConvertTo-Json

$data = Invoke-RestMethod -uri $Url -Authentication Basic -Credential $cred -Method PUT -Body $body -ContentType "application/json"

Would love to have this

1 Like