You can define a Windows target to be used with an RDP Rotated Secrets. Akeyless Windows Targets use WinRM by default over TLS. While Windows Secrets Rotation is also supporting SSH targets, for legacy environments, you can work with Akeyless Windows Targets instead.

Create a Windows Target from the CLI

To create a Windows target from the CLI, run the following command:

akeyless create-windows-target \
--name <target name> \ 
--hostname <Windows Hostname\IP> \
--username <Windows Local Username> \
--password <Password>

Where:

• name: A unique name of the target. The name can include the path to the virtual folder where you want to create the new target, using slash / separators. If the folder does not exist, it will be created together with the target.

• hostname: The Windows Server Hostname or IP address.

• username: A local or domain Windows priviledge username.

• password: The password of the Windows user.

👍

WinRM TLS

By default, Windows targets are working with TLS. When using a self-signed certificate, you can either load the certificate to your Target, or mount the relevant certificate into your Gateway filesystem under etc/ssl/certs

You can find the complete list of parameters for this command in the CLI Reference - Akeyless Targets section.

Create a Windows Target in the Akeyless Console

1. Log in to the Akeyless Console, and go to Targets > New > Operating System >Windows Target.

2. Define a Name of the target, and specify the Location as a path to the virtual folder where you want to create the new target, using slash / separators. If the folder does not exist, it will be created together with the target.

3. Define the remaining parameters as follows:

• Hostname ,Port , Username and Domain to set up the connection.

• TLS- Check to work with TLS and load your CA certificate.

• Protection key: To enable Zero-Knowledge, select a key with a Customer Fragment. For more information about Zero-Knowledge, see Implement Zero Knowledge.

4. Click Save.