Feature Request

Description Currently, variables such as $USERNAME$ can only be used when the username is embedded directly in the session entry. Many environments use Linked (Vault) Credentials to centralize credential management. In these cases, the linked credential already contains the username, but variables like $USERNAME$ are not available for use in entry names or naming templates. It would be very helpful if Remote Desktop Manager could resolve and expose selected fields from linked credentials (for example $USERNAME$) so they can be used in entry names and other dynamic naming scenarios. Use Case We use linked credentials extensively to avoid duplicating usernames and passwords across multiple entries. For example, it would be useful to create entry names such as: Server01 - $USERNAME$ VPN - $USERNAME$ SQL - $USERNAME$ where the username is automatically pulled from the linked credential. This would improve consistency, reduce manual naming efforts, and make entries easier to identify when multiple accounts are used for the same target system. Expected Behavior When an entry references a Linked (Vault) Credential, variables such as $USERNAME$ should resolve to the corresponding value stored in the linked credential, just as they do when credentials are embedded directly in the session. Thank you for considering this enhancement.

Hello, I would like to request a feature that allows administrators or users to customize the naming convention used when duplicating entries in Remote Desktop Manager. Currently, when an entry is duplicated, RDM automatically appends the suffix "- Copy" to the entry name. While this behavior makes sense as a default, there is currently no option to modify or disable it. Suggested enhancement: Provide a setting that allows users to define how duplicated entries should be named. For example: Keep the current behavior ("Entry Name - Copy") Use a custom suffix (e.g., "- Template", "- New", "- Clone") Use a custom naming pattern with variables Do not append anything and keep the original name until the user changes it manually Benefits: Better alignment with company naming conventions Faster workflows when creating multiple similar entries Reduced need for manual renaming after duplication Greater flexibility for environments that rely on structured naming standards This would be especially useful for teams that frequently duplicate entries as templates when onboarding new customers, servers, VPN connections, or other managed resources. Thank you for considering this feature request.

Hi I wanted to use the embedded SCP feature to up / download files to and from Cisco routers and switches. However, all I get are empty navigation panes. CRT / SecureFX can do it, I thought RDM can do it too, but I just cant get it to work. Does anybody know any way to do this? Thanks

Hello Devolutions Team, I would like to submit a feature request regarding the Software License entry type. Currently, it appears that variables such as $SOFTWARE$ or $VERSION$ cannot be used within the entry name or related fields to dynamically generate the entry title. My original question was: Is there a way to use variables here as well, like $SOFTWARE$ or $VERSION$, to build the name of the entry more dynamically? As far as I can tell, this functionality is not currently available. It would be very helpful if Software License entries could support the same variable system that is available in other entry types. This would allow administrators to automatically generate consistent and meaningful entry names based on existing fields such as software name, version, vendor, or other custom data. Thank you for considering this enhancement.

Hi, would it be possible to allow to use mouse wheel to scroll tabs left and right ? Like in Notepad++ for instance. On this example: placing the mouse on 1 tab (without clicking) and scrolling the wheel Up would slide the tabs to the left, to access the first tabs. And moving the wheel Down would slide the tabs to the right, to access the tabs to the end. [image] Currently, when there are several tabs opened, it is not practical to access the first tabs, or the last. You could click on the little arrow at the right end, but the connections are sorted by name, so it is hard to identify recognize the order and find the first or last for instance. I know you can display the tabs on multiple rows, but then you lose a lot of space. Ideally, using the mouse wheel to slide to the left or right would be really helpful. Note: it would not switch to the previous or next tabs, it would only scroll the tabs list without changing the current connection. Thank you

We have a website connection that involves redirects to an IdP for authentication. Prior to version 2025, RDM would automatically submit an assigned credential using Basic Authentication to the IdP. This no longer works starting in RDM 2025. Per Devolutions (case 00120023): "In RDM 2025, the stored Basic Authentication credentials are only automatically applied for hosts that are considered “in scope”; when the 401 is received from a different host introduced by redirects, the browser shows the native Basic Auth prompt instead of auto-submitting the saved credentials." The Equivalent URL website connection option works to add the IdP hostnames to the credential scope. However, due to our scale and configuration, using a regex rather than exact hostname would be easier to support. The current regex equivalent URL "Compare Type" options are not applied to basic authentication. This feature request is to extend the regex option to also support basic authentication.

Hello, I have noticed a strange behavior, which doesn't seem normal, and is not user friendly. In the following panel, which I have set to auto-hide, whenever I click on one of the "Close" icon on the right, the whole panel disappears, which makes it more difficult to close another tab right away. I then need to move the mouse again to "Tab list" on the left to get the panel back and then I can close another one. [image] In my experience, having used side panels in other apps, it shouldn't disappear unless the mouse either move away from the panel, or if a click happens outside the panel. But clicking anywhere in the panel, shouldn't make it disappear. Is it something you can fix/enhance ? This would be great and more consistent. Thank you

I am interested in selectively logging the terminal output (printable output) in Telnet/SSH sessions. I understand we can set the logging mode and path per session or using template. This works fine. But it logs all the time. There is no way to selectively turn on/off logging once it is configured. Please provide a feature to toggle the logging on/off per session. An example of this is in SecureCRT, there is a button "Log Session" to enable logging in an active session, which uses the pre-configured global path and filename that has been already set. [image] [image] The use case is, most sessions are uninteresting and do not require logging. However when working a project, a priority change or maintenance upgrades, we log the critical parts of the session for improvement and backtracking any issues. It is not reasonable to exit the session, edit the logging settings, then reconnect to the session, then exit the session and put the logging settings back the way they were.

Morning, Been meaning to raise this work a while but kept forgetting! Not sure if it related to this issue: https://forum.devolutions.net/topics/44494/template-groups--not-showing-any-templates-available#207916 I have a set of templates created and I want to link a them to a host session: [image] Specifically the ILO groups I have created. When I go to template list from with in the host session you can see here the folder and sessions do not appear: [image] Yet I know it worked in the past as I have some session configured to point to them: [image]

Hi there I have a suggestion for the entry overview: It would be very useful for us to see the IP-Address in the entry overview. So far, we use "Alternate host" to achieve this, but the field "IP-Address" would be right: [image] Thank you

Hello It's 2026 and we have databases which can handle millions of entries with no problem. In RDM when we have 4000 entries, we get messages, that the vault has a large number of entries and the performance is impacted. Is that something that could be enhanced in a next version, instead of bringing many new features. ;-) We think 4000 entries, are not to many today.

Hi, would it be possible to optimise the wasted space in the title bar like some other apps do ? For instance, to go from this: [image] to this: [image] This way, we could keep the menu (File, Home, Actions, Edit...) easily accessible and save ~30 pixels in height, to get more space for remote connections. Thank you :)

Currently, in the RDM config (and GPO) there is a setting for Application close on an idle timeout entry. I would like to request the ability to add the option of Application close at a specific time. We would like to have any open sessions of RDM close overnight before a scheduled password rotation, so accounts won't be locked out. Thanks, Michael Huggins

Hi We are currently deploying OTP authentication for our firewalls. The OTP token must be appended to the password. The auto-fill functionality works correctly when inserting the password including the OTP token. However, since the OTP changes every 30 seconds, the value in the password field is not updated automatically after it has been filled. Is it possible to implement a feature that updates the OTP value in the password field dynamically (e.g., in real time or before submission)? Thank you for your support. M. Giacalone

We work with many business applications supported by a variety of external vendors. These vendors occasionally need remote access to provide technical support. However, the current monthly user‑subscription model is not an effective fit for support contractors for a couple reasons: • Most contractors would only use Devolutions Workspace or Remote Access once or twice per year, typically during troubleshooting or upgrade activities. In some cases, for certain vendors/contractors, access is not needed at all in a year. • For security and auditing purposes, we maintain named accounts for each contractor. A single vendor may have 10 or more individual contractor accounts as part of their support team, even though only one contractor provides support at any given time. Because of this, maintaining long‑term monthly subscriptions for 100+ rarely used accounts is not cost‑effective and more users than our actual IT team. A limited pooled or concurrent‑use licensing model—where licenses can be checked out automatically as needed—would be far more practical and aligned with our usage patterns. While we could manually assign and remove licenses to vendor users before each support session as a workaround, this becomes inefficient at scale, especially when managing hundreds of vendor accounts or handling urgent support situations. We are open to alternative solutions that would better accommodate these infrequent and unpredictable vendor access requirements. Thank you.

Hi, Would it be possible to add a dedicated password list entry type for SNMP credentials? The goal would be to document SNMP-related information in a single entry, including the SNMP version, allowed hosts, authentication/privacy protocols, and related passwords. For SNMPv3, the fields could be: Name Username SNMP version: v3 Authentication protocol: MD5, SHA1, SHA256, etc. Authentication password Privacy protocol: DES, AES, etc. Privacy password Allowed hosts Description For SNMPv1 and SNMPv2c, the fields could be simplified since authentication and privacy protocols do not apply: Name SNMP version: v1 or v2c Community string Allowed hosts Description If supported, dynamic fields based on the selected SNMP version would be ideal. For example, selecting SNMPv3 would show authentication and privacy options, while selecting SNMPv1 or SNMPv2c would only show the community string field. Thanks!

Hi we are desingning a new structure in our RDM Setup and what to made some customer fields like "CustomerCode" and then it should be posibel to write the customer code in the navigation filter bar and get the customer folder.

For an SSH connection under Terminal -> Advanced -> SFT settings one can configure Home directory Starting location Zmodem download directory None of these settings will in anyway allow you to change in which folder the local side (where RDM runs) will startup. It makes no sense to have the above 3 settings if none of them is able to change where I will start on my local filesystem. That said it also makes no sense for me to have the Entire "SFTP settings" within the Terminal Tab. It should have its own tab "SFTP" or "Filetransfer". I did not even recognize that there is an SFTP option in there for a very long time. Thanks in advance [image]

Hello Devolutions Support, I would like to request an enhancement regarding the CyberArk integration in Remote Desktop Manager. Example : - Connection type: RDP entry - Entry settings: Advanced -> CyberArk - “Connect on double click” = Yes - “Preferred component” = PSM-RDP [image] Issue If the CyberArk Dashboard (in RDM) is not connected/logged in, double-clicking the RDP entry triggers a generic Microsoft RDP error message (e.g., “Remote Desktop can’t connect…” / “Remote access to the server is not enabled…”). This message is misleading because the real cause is that RDM is not authenticated/connected to CyberArk, so it cannot properly initiate the PSM-RDP flow. [image] Steps to reproduce 1) Ensure the CyberArk Dashboard in RDM is disconnected (not logged in). 2) On an RDP entry, set Advanced -> CyberArk: - Connect on double click = Yes - Preferred component = PSM-RDP 3) Double-click the entry. Actual result - RDM shows a generic RDP connectivity error (Windows/RDP), which suggests network/RDP configuration issues. Expected result - RDM should detect that the CyberArk Dashboard is not connected and display a clear message such as: “You are not connected to the CyberArk Dashboard. Please connect/login to CyberArk before starting this session.” Attachments - I attached screenshots showing the entry configuration and the misleading error message. Environment - RDM version: [2026.1.14.0 and 2026.1.19.0] - CyberArk integration/plugin version : PVWA 14.2 - CyberArk component: PSM-RDP but same issue with Web connector Could you please confirm if this behavior is expected today, and if an improvement like the above could be considered in a future release? Thank you, Brice Boyer

Hi currently looks we only can sync whole nextbox info into RDM, is any way can set a filter (like ROLE/ TAG/SITE etc...) in Netbox sync?

Hello, I would like to make a small feature request, or I'm also open to suggestion if there already is a way. I'm aware of sealed entries, but they are slightly impractical to my purpose as they need to be re-sealed after use. We would need a "Sensitive entry" or something checkbox in any entry. Then we would need that checkbox logged into the syslog message when the entry is accessed/viewed/used. Meaning something similar as the sealed entries which log for example "Entry sealed - MessageType: Entry sealed" in the log. It would be enough if any access log of an entry included sensitive=yes parameter in the syslog message which could be filtered on the logging system. The purpose of this would be to trigger log alerts when specific breakglass accounts are used, but without the hassle of re-sealing them.

Small feature request: I cannot find a way to override credentials for SSH Gateway when connecting to an SSH host entry, and I assume there is no such way. Could you please add that at some point in the future?   SSH Gateway doesn’t seem to honor the “VPN/Tunnel/Gateway” credentials override configuration in the User-specific settings, and that would be quite important for us. Now it just asks for credentials even if I set all the overrides in the User-specific settings. The actual host credentials are overridden just fine, just the gateway ones not. This would be crucial for us to have, as we are using personal credentials also to the customer-specific SSH gateways. To clarify, I mean this SSH Gateway configuration in a host item. Basically we would use that to connect to a customer environment via one of the customer servers to only have SSH port open to one host, using the same personal credentials to log into the gateway host and to the actual target computer. [image]

Hi, when you have many entries that request a Jump Host to connect, RDM focus pointer always on the Jump Host on the navigation pane on the left. This is very annoying, especially when you have to scroll up/down through many entries. It should be better to stay on the selected entry because you can see the Jump Host on the right in the main part. Another annoying behavior is that when the login in the entry fails, for example because it doesn't exist anymore or it is not reachable or the password is wrong, RDM jump into the Jump Host and you have to re-search again to find the entry you need. Please try to improve this annoying behavior.

Hello, when is there a way to be able to integrate the new Microsoft LAPS to the RDM? The older Legacy-Version, which works very well in RDM, isnt no longer supoorted by Microsoft and our newer Systems / Domains only have the newly implemented native Windows LAPS, which we need to have in RDM. it would be very great if you can find a way for implementing asap.

This feature request is not limited to RDM but this seemed like the right place to post this. There are currently 32 different types of `credential` entries. For example; Dashlane, Keepass, Keeper, Lastpass et cetera Some make a lot of sense to have special integration for. It helps people getting started without having to write their own implementation. What seems to be lacking is a basic "Custom credential" entry. On Windows, RDM does offer a credential type called "Custom". However, this forces the use of Powershell. In the Linux client this type of credential entry is not offered, despite Powershell being available for Linux. While enabling this type of entry on Linux (requiring pwsh) technically would make anything possible (you could spawn any other process from pwsh) it would still not be ideal. Powershell is incredibly slow to start, even without any profile. In the time it takes pwsh to just start and exit, without any profile, I can launch bash , which additionally calls my password manager to list all available passwords 100 times. It would be hugely annoying to have to constantly wait for a pwsh process to start. And I don't even have to launch bash in order to start my "pass" command. $ time pwsh -NoProfile -Command "exit" real 0m0.738s user 0m1.222s sys 0m0.156s $ time bash -c exit real 0m0.003s user 0m0.002s sys 0m0.001s $ time bash -c "pass ls >/dev/null" real 0m0.019s user 0m0.009s sys 0m0.014s $ time pwsh -NoProfile -Command "pass ls >/dev/null" real 0m0.672s user 0m1.081s sys 0m0.171s In DVLS this feature is missing entirely which would make it impossible to retrieve (add or update) credentials when just using DVLS. I propose to have a "Custom" credential entry which would launch any arbitrary process, with variable substitution and capture STDOUT. Use-case in general would be to allow anything to be run, to return credentials, without having to provide specific integration. For example: If using Linux Pass ( https://www.passwordstore.org/ ): CREDENTIAL_NAME="websites/devolutions/forum" pass show $CREDENTIAL_NAME | head -n1 pass show $CREDENTIAL_NAME 2>/dev/null | grep -e "^Username:" | cut -d' ' -f2 pass otp $CREDENTIAL_NAME Anything could be used to get credentials, secrets, otp et cetera. As long as you can write something for it, like a bash or powershell script, python code, or just a binary, you would be able to launch a process which returns anything. This custom credential entry would (should) have the following fields: Command to run, examples: /usr/bin/myvaultprogram get password $SESSION_ID$ c:\Users\Timmy\Myapps\myvaultprogram.exe get username MyUsernameForDevolutions Returns: (define what does the command returns) One of: Username, Password, OTP, Secret, URL, Domain, Email, UPN, Mnemonic Maybe even arbitrary, any other info field that may be useful (see below) Platform: Linux, Windows, DVLS RDM would pick the Linux or Windows command depending on platform This allows us to store two different commands, useful in Teams with mixed usage DVLS option would mean to run it on the DVLS server (see below) A "Custom credential" entry could have 3 tabs; Windows, Linux and DVLS Each tab would have one or more rows, with each row representing the command to run and the thing it returns Instead of a command, you would also be able to select "use command for <OtherPlatform> so someone could write Windows scripts to run and DVLS scripts to run, but for Linux choose the option "Run the DVLS command on Linux systems" Selecting "DVLS" as the platform on which to run the command, would mean the DVLS is instructed to run the command. If someone wants to use this, they could either change the base image if using a container, to include their code (or use a bind mount) or if running DVLS on a Windows Server they could make sure their code is available there. The option to run a command in the DVLS environment would be a fantastic addition because then clients do not have to have any local code at all. Which means if credentials are located somewhere else, clients would not require network access to that other location. A broader use would be to make RDM/DVLS run a command to get any type of info, for example a hostname Say the network team uses their own device and IPAM tool (could Netbox, phpipam, could be anything else) and we want to give more (support) people read-only access to switches. Having the ability to call an arbitrary command with variables, which could also return IP, Hostname, Documentation URL, whatever, from any external tool, would mean this networking team would not have to touch or use RDM/DVLS in any way. This would be good for adoption as it will not require everyone to completely switch their toolset. I am aware of the "Netbox synchroniser", but that is specific to Netbox, is only available on Windows clients and is limited in its scope. What I am proposing is much more middleware which would not be application-specific and means: "To get the IP for this device call: programX --get_ip --device_id=$SOME_UUID$" , where "$SOME_UUID$" could be a custom variable RDM session interface. Such a "Custom credential" entry would technically only have to exist once per repository and everything in that repository could link to it. Whatever program or script someone chooses to put in there could potentially make use of $SESSION_ID$ or any other available Variable. In case there are any concerns about adding programs to the DVLS server, instead of running a local binary you could also include the option to send an HTTP request which would return credential information. This should be kept simple and general. So just send GET to a provided URL, with basic token, custom request with variable substitution and potentially a template for the response, or option to specify json keys. It would be up to the customer to write their own simple webserver to act as proxy between DVLS and their own system. I understand that some of what I propose may invoke the question: "Why not use RDM for that, instead of external tools?" And the answer to that is that it would help transition, it would make more people open to the idea of using RDM in their team and allow them to make use of existing (credential) infrastructure and keep using their own tools. Also, think about what this could mean for the existing integrations and that it would open up the possibility for others to contribute code in a pluggable manner. You could write a small spec, and let people add a github url to extend the available (credential) integrations. This feature would be for "advanced" users, meaning you won't have to provide much in term of support, documentation or maintenance. Just run whichever process the user provided, the rest is up to the end-user.