Hey everyone, I’m back!
This time I’m showing off my latest utility called AAM CCP Harden. This is built using PowerShell and is accompanied by an executable in the “Releases” section which I’ll link to below.
In order for it to work, it assumes you are a human user running the utility and that it is being run on the same host as an installed Central Credential Provider.
It will ask for your PVWA address, authentication method, then relevant credentials and OTP, if needed.
Authentication Methods Supported:
CyberArk
LDAP
Radius Challenge/Response
Radius Push
Radius Append
After your input is complete, it will take care of creating the AIMWebService App ID, if not already created. Then, it will add Path, OSUser, Hash (yes, automated hashing!), and Machine Address authentications to the App ID.
Enjoy and please provide feedback here if you give it a shot!