The content on this repository is no longer being maintained and is now archived for read-only access. Complete removal of the content is TBD.
The Thycotic Extensible Discovery Script Repository is a repository of scripts that have been created by internal Thycotic consultants, support representatives, and others, along with clients, and partners of Thycotic. As such:
- The scripts have to be changed to match your environment.
- The scripts have NOT been tested for quality assurance in any way and are offered as is with no warranty.
- The scripts are not covered by Thycotic's regular support policy, or any other implied policy.
- By downloading a script from this repository, you acknowledge that you are using this as a starting point, and doing so at your own risk.
- Should you need help implementing these scripts in your environment in a formally 'Quality Assured' fashion, please reach out to your Client Services representative to discuss a Professional Services engagement in order to do that.
| Token | Available In | Translates To |
|---|---|---|
| $USERNAME | pre-10.0 | The username on the secret. |
| $PASSWORD | pre-10.0 | The password on the secret. |
| ${name of any field on secret} | pre-10.0 | The value of the field on the secret with the same name (ex; $DOMAIN matches the secret's "Domain" field, $NOTES matches the "Notes" field, etc). |
| $[x]$USERNAME | pre-10.0 | The username on the xthsecret on the RPC tab for use in custom password changing commands and scripts (ex: $[1]$USERNAME is the username of the first associated secret). |
| $[x]$PASSWORD | pre-10.0 | The password on the xthsecret on the RPC tab for use in custom password changing commands and scripts. |
|
|
pre-10.0 | The value of the field with the same name on the xthsecret on the RPC tab for use in custom password changing commands and scripts. |
| $DATABASE | pre-10.0 | The value of the Database field from the dependency. Only valid for SQL dependencies unless added as a field by the scan item template (see below). |
| $PORT | pre-10.0 | The value of the Port field from the dependency. Only valid for SQL and SSH dependencies unless added as a field by the scan item template (see below). |
| $SERVICENAME | 10 | The value of the Service Name field on the dependency. Service Name may have a different name based on the dependency type but is always the first part of the dependency title ( "________ on ________" ) |
| $MACHINE | 10 | The value of the Machine Name field on the dependency. This is always the second part of the dependency title ( "________ on ________" ) |
| ${scan item field name} | 10 | The name of any scan item field (defined on the scan item template) that is visible in the dependency edit dialog. If a scan item field is derived from a parent field, you may also use the parent field name as a parameter that translates to this field's value. |
| $CURRENTPASSWORD | pre-10.0 | The password currently on the secret (context-sensitive to whether script is run before or after password change). |
| $NEWPASSWORD | 10.2 | The new password that is being set on the secret. |
| $PRIORPASSWORD | 10.2 | The password that was set on the secret before the current password change. |
| $PASSPHRASE | 10.2 | The passphrase used to encrypt the private key in a public/private key pair on this secret. |
| $PRIORPASSPHRASE | 10.2 | The passphrase that was set on the secret before the current passphrase rotation. |
| $PUBLICKEY | 10.2 | The public key on the secret. |
| $CURRENTPUBLICKEY | 10.2 | The public key currently on the secret (context-sensitive to whether script is run before or after key rotation). |
| $NEWPUBLICKEY | 10.2 | The new public key that is being set on the secret. |
| $PRIORPUBLICKEY | 10.2 | The public key that was set on the secret before the current key rotation. |
| $DEPENDENCYPRIVILEGEDUSERNAME | 10.3 | The user name on the privileged account assigned to the dependency. |
| $DEPENDENCYPRIVILEGEDPASSWORD | 10.3 | The password on the privileged account assigned to the dependency. |
| $DEPENDENCYPRIVILEGEDPRIVATEKEY | 10.3 | The private key on the privileged account assigned to the dependency. |
| $DEPENDENCYPRIVILEGEDPASSPHRASE | 10.3 | The private key passphrase on the privileged account assigned to the dependency. |
| $DEPENDENCYSSHKEY | 10.3 | The new SSH key to set on the dependency. |
| $DEPENDENCYSSHKEYPASSPHRASE | 10.3 | The new passphrase of the SSH key to be set on the dependency. |