13 Aug 2020 01:20 PM - last edited on 10 Mar 2023 03:48 PM by Ana_Kuzmenchuk
Hi,
We want our browser monitor to run with the current user's credentials (windows-authentication).
When we record or play the clickpath -> it works fine!
When the synthetic instance runs (from a private location) it fails on authorization, as the windows login credentials are those that are required.
I've seen similar posts around this issue answered by the Credentials Vault feature, but that does not apply to this use case of windows credentials.
How can we make the private synthetic use the current user's windows credentials?
this is how it's done manually:
https://knowledge.kofax.com/Smart_Process_Applications_-_TotalAgility/Configuration/Configure_Chrome...
Is this something we can configure in config.properties perhaps?
Thanks,
Daniel
Solved! Go to Solution.
13 Aug 2020 01:42 PM
Have you already tried adding 'basic authentication'? This option allows Chrome to perform the authentication in more situations than you might expect.
13 Aug 2020 01:53 PM
Hi Hannah,
But Basic Authenticaion requires me to use user/password from the Vault, and i want those to be taken from the windows login.
Is there something i'm missing?
Daniel
13 Aug 2020 02:11 PM
No, you're correct, it would be taken from the Credentials Vault and not the ActiveGate itself. If you want to use different logins for different Activegates I don't think that can currently be done. It would be good to confirm if it's a suitable solution for a single ActiveGate initially though.
13 Aug 2020 02:16 PM
I'm afraid that's not what i had been asking about.
I want the synthetic to use the current user's windows credentials, without having to supply them myself at all.
This is an option that is configurable for chrome and i was wondering if there is a way to do so for the dt-synthetic embedded chrome as well..
13 Aug 2020 02:41 PM - last edited on 16 Oct 2023 03:22 PM by random_user
Never done this, so these are hints:
You might also want to have a look at the following thread:
https://community.dynatrace.com/questions/237533/view.html
13 Aug 2020 02:46 PM
Regarding the link you sent, I would try to find out also which user Dynatrace is using in your Windows ActiveGate, than "Run As" that user, than do the impersonation configuration.
There's a problem with this though, as this might break some type of integration Dynatrace might have...
13 Aug 2020 04:51 PM
Hi Daniel,
as @Antonio S. mentioned, for security reasons Dynatrace is using the LocalService account run the Synthetic service for private locations. (https://docs.microsoft.com/en-us/windows/win32/services/localservice-account) You might be able to achieve what you are asking for by changing the user of the Synthetic service, however we do not recommend this and it would be also changed back to LocalService during updates of the ActiveGate.
In general, we don't recommend using integrated authentication in combination with Synthetic. Mainly because it's likely you or other users want to use different users for different scenarios. The preferred way is what @Hannah M. mentioned.
May I ask which version of Chrome you are using locally as you mentioned recording/playback was working fine for you. As far as I'm aware Chrome disabled integrated authentication starting with version 81 (see https://www.chromium.org/developers/design-documents/http-authentication for details)
Kind regards,
Philipp
30 Aug 2020 03:41 PM
In case someone else is also facing this issue:
We we're able to overcome getting the synthetic test to run under our desired user by bypassing the Dynatrace Synthetic windows service-
We simply started the synthetic process from cmd (which was run by the logged in user) -
vucwrapper.exe
(you need to provide the .ini file located in the same folder)
Also, adding the --headless runs the chromium test without opening the browser.
Cheers,
Daniel