The apview.exe program has several run time parameters, one of which allows the target system to be specified. It is /h followed by the Fully Qualified Domain Name or IP address of the target system. This skips the need for the interaction with the first 2 screens, and TL is able to inject the credentials and log into the AP Automation Point Client. This required that apview.exe be a published application, with /h<target system address> specified as the parameter always to be used. For example, /hmytargetsystem.broadcom.net.
It may also be possible to use "Allow any command-line parameters", but this is less secure, and it is recommended that this be avoided.
The steps for configuring the Windows server to publish applications may be found here if the PAM Admin does not know how to do so:https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-privileged-access-management/privileged-access-manager/3-4/implementing/configure-policies-to-provision-user-access-to-devices-and-applications/configure-devices/setting-up-transparent-login/set-up-transparent-login-for-rdp-servers.html
Once the Windows server is set up PAM must be set up to launch the published application. To launch this application an RDP Application must be configured, to match the configuration of the published application. This includes the specification of the /h parameter:
It is also necessary to configure the Transparent Login Tab. It is necessary to check the Transparent Login box and provide the Window Title and the Transparent Login Configuration to be used. This helps Transparent Login to know when the window into which the credentials must be inserted has appeared. The TL Configuration specifies the script to be used to locate the fields into which the UserID and Password will be inserted, along with the button to be clicked to submit the credentials.
The general instructions for configuring a TL script in Learn Mode may be found here:https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-privileged-access-management/privileged-access-manager/3-4/implementing/configure-policies-to-provision-user-access-to-devices-and-applications/configure-devices/setting-up-transparent-login/set-up-transparent-login-for-rdp-servers/configure-windows-transparent-login.html
This RDP application must be configured for the appropriate device in PAM, then the Target Application and Target Account, in order to vault in PAM the credentials to be used. The RDP application must then be configured as a service for the Policy connecting the User and the Device. To this must be attached the credentials just vaulted.
The Target Account used the Generic Target Application, so those screens are not included. The PAM Sys Admin should use whichever Target Application meets the needs of the environment.