How to integrate Local Security Solution password disclosures in a Symantec workflow

Arellia Local Security Solution (LSS) exposes a web service that can be used by Symantec Workflow to disclose user passwords in plaintext.

There is a minor issue with the webservice in 7.1 preventing it from working out of the box. Copy the attached file LocalSecurity.asmx to Program Files\Altiris\Arellia\LocalSecurity\Web on the SMP server to address this. You can then integrate this web service into the Workflow solution using the "Web Service Caller Generator".

The WDSL source URL is: http://localhost/Altiris/LocalSecurity/LocalSecurity.asmx?WSDL.

There is only one method available, which is GetManagedPassword. It takes the GUID of the Local User resource to disclose as a parameter.

Authentication should not be set in the webservice definition. Instead the "Create SMP Credentials" task should be used to populate [[Global].NSAuthenticationToken].
Use this token as the Security Token for the Get Managed Password task.

For an example of how to implement approval based password disclosure take a look at this Run_Arellia_Task.package Workflow package.