The Devolutions Server Console Command Line Interface (CLI) is a Companion tool which allows administrators to interact with Devolutions Server instances, the scheduler, the recording server or a gateway with create, configure or delete operations. It is automatically available with the installation of the Devolutions Server Console. The DPS.Console.CLI.exe file is located in the Devolutions Server Console application installation folder.
The /help switch will list all available commands and parameters.
The /help switch can be used to list command parameters.
The following sample command launch the upgrade process from a zip file available in C:\temp folder.
.\DPS.Console.CLI.exe server upgrade --dps "Default Web Site/dps" --zip "C:\temp\DVLS.2020.3.17.0.zip" --accept-eula -quiet -verbose.
The following command will create a new Devolutions Server instance from a JSON response file (see below) that contains the required parameters. It can be used with any of the main commands of the CLI.
Sample of a JSON response file for creating a new Devolutions Server instance.
{
"acceptEula": true,
"adminEmail": "admin@mydomain.org",
"adminPassword": "AdminPassword",
"adminUsername": "admin",
"appPoolIdentityType": "Network Service",
"appPoolIdentityPassword": null,
"appPoolIdentityUsername": null,
"command": "server install",
"consolepwd": "MyConsolePassword",
"databaseHost": "SQLServer\SQL2017",
"databaseIntegratedSecurity": false,
"databaseName": "DVLS",
"databaseConsolePassword": "MyPassword",
"databaseConsoleUsername": "VaultDBOwner",
"databaseSchedulerPassword": "MyPassword",
"databaseSchedulerUsername": "VaultDBScheduler",
"databaseVaultPassword": "MyPassword",
"databaseVaultUsername": "VaultDBRunner",
"debug": false,
"disableEncryptConfig": false,
"disableHttps": false,
"disablePassword": false,
"dpsPath": "C:\\inetpub\\wwwroot\\dvls",
"dpsWebsiteName": "Default Web Site",
"installZip": null,
"keysPath": "C:\\temp\\DVLS_EncryptionKeys.bin",
"keysPassword": "MyKeysPassword",
"quiet": false,
"scheduler": true,
"serial": "XXXXX-XXXXX-XXXXX-XXXXX-XXXXX",
"serverName": "Devolutions Server",
"serviceAccount": "LocalSystem",
"servicePassword": null,
"serviceUser": null,
"webApplicationName": "/dvls",
"verbose": false
}
A break glass account is often used as a last-resort mechanism to ensure that essential IT operations or security functions can continue in the event of an outage, system failure, or security incident. With the Devolutions Server console command line interface, we can disable the custom authentication and enable it on demand if the main Identity Provider is out of service. The administrator custom account must have already been created in the Devolutions Server instance.
Please note that you should replace `dvls` (after ...`\wwwroot\`) with your own custom Devolutions Server IIS Application name.
In the CLI enter either:
server instance --instance=C:\inetpub\wwwroot\dvls --enable-custom-authentication=true
or
server instance --instance=C:\inetpub\wwwroot\dvls --custom-auth=true
When done with the necessary operations:
server instance --instance=C:\inetpub\wwwroot\dvls --enable-custom-authentication=false
or
server instance --instance=C:\inetpub\wwwroot\dvls --custom-auth=false