Feature Request

A Devolutions server-side option to enforce the setting Workspace app → Settings → Security and Privacy → Clipboard. The default setting is to never remove sensitive data from the clipboard. As a business application, this would be a good standard to have enabled and to be able to enforce on users. As a security-focused application, this should at least be enabled by default and preferably also be enforceable.

A Devolutions server-side option to enforce the browser extension compare type to a specific value. This setting is located on a website entry in RDM → Properties → General → Browser Extension tab. This one is less of a security-focused request and more about functionality. Our users gave feedback that the best compare type in their experience is “Compare regex with URL domain.” Currently, this cannot be enforced.

Bonjour, Je souhaite soumettre une demande de fonctionnalité concernant les rapports planifiés (Scheduled Reports) dans Devolutions Server / Remote Desktop Manager suivant une discussion avec vos techniciens au support. Actuellement, seuls les administrateurs peuvent créer ou gérer cette fonctionnalité. Il n’existe aucune permission système permettant de déléguer l’accès ou la gestion des rapports planifiés à d’autres utilisateurs ou groupes spécifiques. Dans plusieurs environnements, cette limitation complique les opérations puisque certaines équipes (support, sécurité, gestion des accès, audits, etc.) doivent pouvoir : créer leurs propres rapports planifiés ; modifier ou consulter les rapports existants ; recevoir automatiquement certains rapports ; gérer cette fonctionnalité sans devoir obtenir des droits administrateur complets. Demande : Ajouter une ou plusieurs permissions granulaires permettant de : autoriser l’utilisation des Scheduled Reports ; déléguer la gestion des rapports planifiés ; contrôler l’accès par rôle ou groupe d’utilisateurs. Cela permettrait une meilleure délégation des tâches et améliorerait la gestion des accès dans les environnements d’entreprise. Merci.

Hi! When installing DVLS updates there's two small things I noticed 1. When the update is installed and the scheduler service is stopped, admin users immediately receive alert notifocations (emails) with "Scheduler - Offline" and "Scheduler - No standby scheduler available". Could you add a delay to these alerts? Usually the scheduler will be up again within a few minutes during a update or a system reboot. I think the alert should only be triggered if the scheduler is unavailable for an extended period, like an hour for example. 2. I think the order of operations during the update installation process is wrong: Right now the application is stopped before the files are downloaded and extracted. Depending on bandwidth this could take some time. The files could be downloaded and extracted before the application is stopped, to reduce downtime. This would also improve error handling when the download fails for some reason. [image] Thank you! Best regards, Daniel

Hello, Here is our requirement: We need to allow authentication requests without MFA from within the company’s internal network. MFA should only be required when accessing from outside the organization or from unsecured networks. In Devolutions Server, it does not seem possible to create MFA rules based on IP ranges or subnets. Could you implement the ability to authorize IPv4 and IPv6 subnets in the MFA rules? Examples: 1.1.1.0/24 172.30.20.0/24 2001:67c:11c8::/64 Thank you in advance.

Hello, is there a way to use YubiKey offline (i.e. the server has no internet connection) as a second factor when logging in from the Remote Desktop manager.

Hello there, it would be great to allow DVLS Groups to be members of other DVLS Groups. It would help us to simplify a role based access control where one group is a permission-group and another group a role-group that is member of the permission-group. [image] Thank you very much!

Hi there Is there a way for getting notified by the action "Entry Export"? We have only a few admins which are allowed to export entries, but it would be nice when there is a way to get notified on entry export action. Thank you.

A few requests in order of importance to me I think it would be great to be able to enable "dynamic resize" in web RDP sessions by default: [image] Also, would it be possible to have the top bar be auto hiding and have it appear on mouse hover? I've seen other web RDP solutions implement something similar as a floating button that expands on hover. I think that extra bit of screen real estate on the top would make a huge difference, especially on smaller laptop screens. And finally, would it be possible to have an option to open the connection in a new tab? I think this would be a great for that extra screen real estate without having to go full screen. Thank you so much for the consideration. This is a great suite of products and I am a huge fan.

Hello all, Following a chat with support, it was suggested to create a feature request. This is something that you do with the Business Hub solution. Having an option where entries in a vault are "locked" behind some added security measure. In a SSO environment, using the DVLS Workspace, every entry stored in a vault (user or shared) is available. In some cases, mostly dealing with highly confidential credentials, we think it would be important to have an extra security step. Whether it's asking for the user password again, expiring/refreshing the MFA token or using a pin code. Thanks,

Hello. Our new group allows only delegated permissions on application registrations. We need to migrate to the group's tenant. Would it be doable for you to add authentication through Microsoft DELEGATED permissions ? [image] In the meantime, we will see how we handle that. Maybe we keep our tenant longer and go with guest from the group tenant and keep the app registration in our current tenant. Also, if the group search in the Microsoft authentication screen could be made to "search only" or load a subset of all the available groups that would be great. During our test, application permissions were added temporarily for testing, and the groups never loaded because after some minutes, it was still not completed. [image] Thank you and best regards. Marcel

Notification mails are english even if the settings tell german language. Are there a possibility to get the notification mail in german or maybe a template system do do it our self ?

Hi there We have quite a lot of users using a combination of Web/Launcher and they're quite often missing configuration options that are currently present in Remote Desktop Manager. Could more features please be allowed configurable via web? In this case, the Proxy tab from RDM is the most pressing one for us. Thank you

Hello, I am writing to request a feature enhancement for Devolutions Server. Currently, the system allows for exporting data in various formats, but I would like to suggest adding an option to export the data in JSON format with encryption. This feature would be incredibly valuable for users who wish to store their backups externally (e.g., in cloud storage or Blob storage) while ensuring that sensitive data is securely protected. By exporting the data in encrypted JSON format, users would be able to leverage both the flexibility of the JSON format and the security of encrypted backups, all within one solution. Moreover, having the ability to export backups in an encrypted JSON format would be particularly beneficial in emergency scenarios. If the entire system goes down, the backup could be quickly and securely loaded into Devolutions Hub for recovery, enabling businesses to resume operations with minimal downtime. The ability to export data in an encrypted JSON file would greatly enhance both the flexibility and security of backup management. It would also streamline the recovery process in case of system failure, ensuring that users can quickly access their critical data without relying on the entire Devolutions Server system being online.

It would be great to have Devolutions Send built in to DVLS so that we can't use our own branding and have a URL link with our own domain. https://send.devolutions.com/?utm_source=rdm&utm_medium=native&utm_campaign=default Pretty much this, but with our DVLS URL and our own internal company branding.

When using the PAM module in combination with password rotation it's very likely you will use the credential type DVLS privileged account for most of your assets in Remote Desktop Manager. This cedential type is not available/working in the web version of Devolutions Server. Because of this the web version of Devolutions Server is not usable. Can this be added in Devolutions Server?

Hi! After seeing the warning "This entry type is deprecated and will eventually be removed ..." I converted all legacy Website entries using advanced search in RDM (filter by connection type) Select all > Right click > Edit > Edit (special actions) > Web > Convert Website (legacy) to Website That worked for shared vaults in RDM, but it doesn't work for user vaults, and especially not for users that don't use RDM. So my feature request would be a way in DVLS web to be able to search all legacy entries and if possible convert them. Currently you can't select the legacy connection type for filtering entries. Or, just do the conversion automatically during a database update, if that's possible. Thanks! Daniel

Dear Devolutions team I was led here by one of your employees to submit the following two requests and feedback: View which template was used to create a password. Technically this is possible by using tags, but having the name displayed somewhere in the details would be nice Having a permission view within templates. This would be immensely beneficial to have. Currently, when looking at the permissions of a template, only the status of each permission is visible, altough as soon as there are exceptions made for a team, the status switches to "Custom". The passwords and vaults itself already have a clean view of the permissions, so this kind of view would suffice for the templates. The "Custom" status on permission within templates. Adding to the request from point two, not being to view the default and what exceptions were made from said default is a bit confusing. It would be nice if there could instead for example be a "Disallowed except for" status. Granted, as far as I know that's the only exception that can be made, since setting the default to "Allow" but deny permissions for certain teams isn't possible. If that is the case then that would be nice to have as well I thank you in advance for your time and wish you a pleasant day. Kind regards Nicola Rüegsegger

Hello, So we just recently started looking into reporting, trying to get data into Power BI. However, it turned to be a challenge. The PS command Export-DSPamAccountAccessReport did only dump the permissions on each PAM account, so we turned to the GUI with Reports - Scheduled reports . The content is what we are looking for, however, the only way of getting the data out is by e-mailing a file to mailbox. We would like to request either more of the GUI report content being available using PowerShell and/or if it's in the stars to add support for file share or Azure blob, for storing the Scheduled reports . Regards, Simon

Hi There, I use the VMware Dashboard in the RDM client. It would be nice if this were also available via the Devolutions Server web interface.

In the example below, I want to give a group full access to change permissions on all connections and subfolders, but not the "New Zealand" folder itself, but I can't seem to do this. Windows has a similar feature. Is this something that can be added as a feature? [image] [image]

Hi, Could you allow us to set an expiration for users please? It could even be better if we could do it based on user tag or groups. Here is my use case: I have to give access to our infrastructure to many MSP (managed service provider) but we don't want them to be able to connect without asking. Their users are synchronized from Microsoft and we can't set an expiration in the Active Directory (since they need the account for other purposes). As an example, if someone need access for one day I have to assign him a Launcher license then remind me to remove it the next day. It would be more convenient to just set expiration date (with license removal eventually). Thanks

Hi. Currently we can assign priviledged and external tags to users in DVLS. It could be nice to allow us to create custom tags too. For an example, we work with a lot of external providers that use our DVLS servers and we could use this to tag these users as from their company or a certain level of access.

Hello everyone I am integrating the Devolutions Server to our company. We have a lot of users we want to give access to this system. For that I would like to create seperate tags to get a better overview which department the user is part of. Maybe it could be also an option to show which rights the users have without editing the users.

Hi, Could you allow us to create multiple lists of forbidden password with their own verification mode? Actually there is only one list and we've to chose between exact match and contain parameters. It could be great to use both because it's different use case: Exact match is perfect for weak and very known password like Topsecret, 1234567890 etc. But contain need to be used to prevent people from using some bad pattern like Company@CurrentYear! / Devolutions@2022! Another great addition should be a strict restriction preventing the validating an entry with a forbidden password. So if someone try to type one of them, it can't validate the credential. It might sound exagerated but in our personal usecase it will force the engineer to set a good one on the target then in DVLS. Best regards, Arnaud