Support

Get help with Devolutions Server.

avatar

bbaranowski

Resolved

DVLS Upgrade Issue - Database Schema Error (from 2025.3 to 2026.2.11)

Hello, I am writing to request your assistance regarding an issue we encountered while upgrading our Devolutions Server (hosted via Docker with an MS SQL database). I recently attempted to upgrade our DVLS container directly from version 2025.3 to 2026.2.11. After starting the new container, we encountered the following database error: Invalid column name 'AccountExpirationDate' Additionally, as a result of this issue, all users were unexpectedly removed from their respective groups. It appears that there was a change in the database structure, but the schema migration did not execute properly. Could you please advise on how to proceed? To perform this upgrade correctly, is it necessary to upgrade step-by-step through all the intermediate versions, or should a direct upgrade handle the database migration automatically? Thank you in advance for your support. I look forward to your guidance.

Recommended Answer

2 days ago

Hi bbaranowski , From what you've described, you've actually identified the root cause. The Invalid column name 'AccountExpirationDate' error is what we expect to see when a 2026.x server starts against a database that hasn't been migrated yet. The 2026.x server expects schema changes (like the AccountExpirationDate column) that don't exist in a 2025.3 database, and the group membership issue is another symptom of the same schema mismatch. The missing step is the database migration. The server container doesn't perform schema upgrades automatically when it starts. Instead, the migration has to be run as a separate, one-time step before starting the new server. This is intentional so the upgrade is explicit and a database backup is taken first. To answer your questions: No , you don't need to upgrade through intermediate versions. You can upgrade directly from 2025.3 to 2026.2.11 . That's why trying 2026.1.22 produced the same error—the issue wasn't the version jump, it was that the database hadn't been migrated yet. No , a direct version upgrade doesn't automatically migrate the database. The migration container needs to be run explicitly. One important point: since you're upgrading an existing database, you'll want to use update mode (DVLS_UPDATE_MODE=true), not init mode. Init mode is only for creating a brand-new database. Update mode backs up your existing database, applies the schema changes, and then exits. DVLS_INIT and DVLS_UPDATE_MODE are mutually exclusive. The upgrade process should look like this: Restore your 2025.3 database snapshot so you're starting from a consistent state. Pull the 2026.2.11 image. Stop and remove the old server container. Run the image once in update mode (DVLS_UPDATE_MODE=true), making sure you've configured a backup path/volume. The container will back up the database, apply the migration, and then exit. Once the migration completes successfully, start the main server container normally. The complete procedure, including the required environment variables and a Docker Compose example, is documented here under Version updates : https://docs.devolutions.net/server/knowledge-base/how-to-articles/devolutions-server-docker-deployment/advanced-docker-configuration-for-devolutions-server/#version-updates I also noticed that your docker-compose.yml contains a commented-out dvls_init section. Could you confirm how you're currently running the migration container? For an upgrade of an existing database, it should be running in update mode , not init mode.

51

6

avatar

bbaranowski

avatar

rbruni

Resolved

Devolutions Server scheduled backup failed

I'm using Devolutions server release 2026.2.7.0 Schedule backup every day fail with message "Backup file not created" The true is that the sql backup file is presente on the selected folder but it is not zipped as expected from the backup task. When I execute the backupo task from the Bakup-manager web page within the server, the backup is done and zipped correctly. Only scheduled backup fails! Where is the problem?

Recommended Answer

3 days ago

Hello, Thanks for the details — the fact that the .bak file is created but only manual backups get zipped is a strong pointer to account permissions rather than a bug. Devolutions Server backups involve a few different accounts. SQL Server always writes the initial .bak file on its own. From there, whichever account triggered the backup is responsible for reading that .bak, compressing it into the .zip, and deleting the original: for a manual "Backup Now," that's the IIS application pool identity; for a scheduled backup, that's the account running the Devolutions Server Scheduler Windows service. If the Scheduler service account doesn't have Modify permission (read, write, delete) on the destination folder, this step fails quietly — you get the .bak, but never the .zip. Could you check the following on the Devolutions Server machine: 1. Open Services (services.msc) and note the account the "Devolutions Server Scheduler" service runs under. 2. Open the Security tab on your backup destination folder and confirm that account has Modify permission — the same level your IIS application pool identity already has, since manual backups work fine. A very common cause here is the Scheduler service still running under a built-in account like Local Service or Network Service, which has very limited file and network access. Switching it to a dedicated account with Modify rights on the backup folder usually resolves this right away. Our documentation on backup account requirements has more detail: https://docs.devolutions.net/server/web-interface/administration/backup/backup-manager/#account-permissions-and-other-considerations Let us know what you find, and if it's still failing after adjusting the permissions we can enable Scheduler logging to look closer. Best regards, Stephan

29

2

avatar

rbruni

avatar

markusburkhardt

Resolved

Potential bug on 2FA-enforcement for new users in DVLS

Hello Devolutions community, yesterday i created three new users in DVLS and i discovered that my conditional access rule for enforcing 2FA stopped working. In the past new users got a prompt after the first login to configure 2FA, when the condition access rule got enforced. Currently i am using DVLS-Version 2026.2.9.0 and the mentioned prompt doesn`t show up and the user gets logged in instead. In my case its a domain user, but I also was able to reproduce the issue with an internal DVLS-user. Here are screenshots of the conditional access rule for enforcing 2FA and the 2FA settings on the DVLS. [image] [image] Unfortunally i cant remember the last time that mentioned prompt on first log was working, because i didn`t had to create new users for the past 6 months. As a workaround i manually enabled 2FA on each account. Please take a look at it let me know if this is a bug or a configuration error on my site. If you need further information let me know. Thanks in advance and best regards, Markus

Recommended Answer

4 days ago

We have released DVLS 2026.2.11.0 which fixes this issue and hardens the handling of default MFA values.

64

3

avatar

Sebastien Duquette

avatar

garrettm

Duo Prompt SMS button not working in DVLS

When the Duo prompt is presented the SMS button does nothing. The application has SMS an an allowed method. Phone call and push are working. The behavior is not tied to a single user, computer, or browser. Any ideas? Thanks, GM

36

2

avatar

garrettm

avatar

baehrm

Backlog

DVLS/DPM/RDM toggle inconsistency edit/ new entry window

Hi Devolutions-Forum, while rolling out DVLS/ DPM/ DRM I came across this GUI inconsistency in the edit/ new entry window DPM: [image] DVLS: [image] RDM: [image] In RDM it is okay but in DVLS and DPM it is a bit confusing. Best wishes

33

1

avatar

David Hervieux

avatar

waltergschwendtner

How to link a user credential of an Entra ID PAM vault as a session login?

Hi I created a new Entra ID PAM vault with password rotation for accounts in Entra ID. Connection test and password rotation works as expected. In RDM I have an existing "Default" vault, where we configured all connections to our systems. I'm struggling using the newly created Entra ID PAM vault as linked vault in existing system connections, e.g RDP to a Windows Server or portal website of Entra ID. In "Default" vault I created already a Devolutions Server cross vault entry. In this Entry I can see my Entra ID PAM vault. If I try to use this credential to link it to a session, I cannot see/choose any Entra ID credentials from Entra ID PAM vault. Can you help me please? Br Walter

60

5

avatar

Stephan Haupt

avatar

AlexMoucha

Resolved

Manually created permission sets are not displayed

Hi everyone, I think I've found a bug or an error. Or maybe I just didn't notice the changes. The day before yesterday, we updated the Devolutions servers from 2026.1.15 to 2026.2.7.0. Today I noticed that the permission sets I defined are missing. They aren’t displayed in the WebUI and can’t be selected in RDM. But I know they’re being applied because I have a clone of “Contributor (Default)” where I simply removed the “Delete” permission. All permissions are still as they should be, and “Delete” is still prohibited everywhere. This issue occurs in versions 2026.2.7.0 and 2026.2.9.0. 2025.1.15.0 [image] 2026.2.9.0 [image] Thanks und best regards Alex

49

2

avatar

AlexMoucha

avatar

Fabian-Neidl

Resolved

Devolutions Send within RDM

Hey, when i try to send a password via Devolutions Send within RDM, the password does not appear in the secure message field. It works fine in the Devolutions Server Website and in RDM with a local database but not with the DVLS datasource. RDM Version: 2026.2.11.0 Best Regards, Fabian

Recommended Answer

17 days ago

Hello Fabian, This is a known issue in the current RDM version, and I assume it will be fixed in an upcoming version. Regards, Min

45

1

avatar

Min Destens

avatar

rbruni

Cannot recover a PIN of Certificate pfx entry

I have a vault with some certificate entries. I have added the certificate file and to save the keystore passphrase I used the Smart Card PIN field. Now I cannot get back the PIN, neither using clipboard function nor editing the entry. What am I doing wrong?

49

3

avatar

Marc Beausejour

avatar

rlitisi

User gets vault permissions automatically in RDM

Hello Devolutions Support Team, I am testing Devolutions Server PAM in a lab environment and I am having an issue with permissions. I created a new normal domain user and added him to Devolutions Server as a regular user, not an administrator. Then, when I log into Remote Desktop Manager with this user, he already has many permissions on a PAM vault/entry even though I did not explicitly give him those permissions. For example, in “My permissions” for the PAM entry, the user appears to have permissions such as edit, delete, view password, reset password, approve checkout request, force check-in, and grant checkout. What I want is simple: Technician user: only view/use the entry and request checkout. Approver user: approve checkout requests. Admin user: full control. Could you please help me understand where these permissions are coming from and how I can remove the inherited/default permissions so the technician user only has the minimum required access? Thank you.

59

1

avatar

Michel Audi

avatar

agennari

Postfix issue

Hello, we are having issues when we try to configure email sending with a postfix email relay. This is the detailed report created with Devolutions Server 202.1.16.0: ================================================================================ BUG REPORT — DEVOLUTIONS SERVER FREE 2026.1.16.0 SMTP / TLS — SSL ALERT 42 (bad_certificate) AFTER SUCCESSFUL TLS HANDSHAKE ================================================================================ Date: 2026-05-21 Reported by: Alessio Gennari — Senior Systems Engineer, Trigano Servizi S.r.l. Product: Devolutions Server Free 2026.1.16.0 Component: Administration > Server Settings > Email (SMTP client) Severity: Critical — email functionality completely non-functional -------------------------------------------------------------------------------- 1. ENVIRONMENT -------------------------------------------------------------------------------- Devolutions Server host: Hostname : TGRP-SRVDVLS.domain.local IP address : X.X.200.57 OS : Windows Server 2019 Domain : domain.local (Active Directory domain-joined) SMTP relay host: Hostname : testsmtp.domain.local IP address : X.X.201.162 OS : Debian GNU/Linux 12 MTA : Postfix 3.7.x Port : 587 (submission / STARTTLS) Devolutions SMTP configuration (Administration > Server Settings > Email): Host : testsmtp.domain.local Port : 587 Username : devolution Password : (configured) Connection security: Automatic based on port number Send email as : devolution@trigano.it -------------------------------------------------------------------------------- 2. CERTIFICATE DETAILS -------------------------------------------------------------------------------- The SMTP relay presents an X.509 certificate issued by an internal Active Directory Certificate Services Enterprise CA (caravansinternational-CA). Subject CN : testsmtp.domain.local Issuer : caravansinternational-CA SANs : DNS:testsmtp.domain.local, DNS:testsmtp, IP:X.X.201.162 Key usage : Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment EKU : TLS Web Server Authentication (1.3.6.1.5.5.7.3.1) Valid from : 2026-05-21 Valid to : 2036-05-18 Key size : RSA 4096-bit The issuing CA certificate is automatically deployed to all domain-joined machines via Group Policy (Trusted Root Certification Authorities store). TGRP-SRVDVLS is domain-joined and has the CA in its trusted root store. -------------------------------------------------------------------------------- 3. OBSERVED BEHAVIOR -------------------------------------------------------------------------------- When Devolutions Server attempts to send email via the configured SMTP relay, the connection always fails with: "Error sending email — Unexpected exception. Please see server logs for details." The Postfix server logs show the following sequence on every attempt: 1. TCP connection established from X.X.200.57:ephemeral to X.X.201.162:587 2. EHLO command sent by Devolutions — acknowledged by Postfix 3. STARTTLS command sent by Devolutions — acknowledged by Postfix ("220 Ready") 4. Full TLS 1.2 handshake completes successfully (Postfix logs: "Anonymous TLS connection established ... TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)") 5. Immediately after the handshake, Devolutions sends TLS alert 42 (fatal: bad_certificate) WITHOUT reading any post-STARTTLS SMTP data 6. Connection is dropped Postfix log excerpt (representative, from a clean full handshake): postfix/submission/smtpd[12109]: connect from TGRP-SRVDVLS...[X.X.200.57] postfix/submission/smtpd[12109]: SSL_accept:SSLv3/TLS write certificate postfix/submission/smtpd[12109]: SSL_accept:SSLv3/TLS write key exchange postfix/submission/smtpd[12109]: SSL_accept:SSLv3/TLS write server done postfix/submission/smtpd[12109]: SSL_accept:SSLv3/TLS read client key exchange postfix/submission/smtpd[12109]: SSL_accept:SSLv3/TLS read change cipher spec postfix/submission/smtpd[12109]: SSL_accept:SSLv3/TLS read finished postfix/submission/smtpd[12109]: Issuing session ticket, key expiration: ... postfix/submission/smtpd[12109]: SSL_accept:SSLv3/TLS write finished postfix/submission/smtpd[12109]: Anonymous TLS connection established from tgrp-srvdvls.domain.local[X.X.200.57]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits) postfix/submission/smtpd[12109]: SSL3 alert read:fatal:bad certificate postfix/submission/smtpd[12109]: warning: TLS library problem: error:0A000412:SSL routines::sslv3 alert bad certificate: ../ssl/record/rec_layer_s3.c:1601:SSL alert number 42: postfix/submission/smtpd[12109]: lost connection after STARTTLS from TGRP-SRVDVLS.domain.local[X.X.200.57] postfix/submission/smtpd[12109]: disconnect from TGRP-SRVDVLS...[X.X.200.57] ehlo=1 starttls=1 commands=2 Note: "commands=2" confirms only EHLO and STARTTLS were sent — Devolutions aborts before sending any SMTP commands after TLS is established. -------------------------------------------------------------------------------- 4. PROOF THAT THE ISSUE IS NOT A CERTIFICATE TRUST PROBLEM -------------------------------------------------------------------------------- A PowerShell SslStream test was executed directly on TGRP-SRVDVLS to verify whether Windows SChannel trusts the server certificate. The test manually performed the SMTP STARTTLS upgrade and authenticated via SslStream with the same hostname Devolutions uses. PowerShell script executed on TGRP-SRVDVLS: $tcp = New-Object System.Net.Sockets.TcpClient("testsmtp.domain.local", 587) $stream = $tcp.GetStream() # [EHLO / STARTTLS exchange omitted for brevity] $ssl = New-Object System.Net.Security.SslStream($stream, $false, { ... return $true }) $ssl.AuthenticateAsClient("testsmtp.domain.local") Result: Certificate errors : None Cert subject : CN=testsmtp.domain.local, ... TLS OK : Tls12 / Aes256 Windows SChannel successfully validates the certificate with zero errors. The CA is trusted, the hostname matches the SAN, and TLS 1.2 negotiates correctly. This conclusively rules out any certificate trust issue on the Windows side. -------------------------------------------------------------------------------- 5. WHAT HAS BEEN RULED OUT -------------------------------------------------------------------------------- The following have been investigated and eliminated as root causes: - Certificate not trusted by Windows : RULED OUT (see Section 4) - Certificate chain incomplete : RULED OUT (chain verified OK by both openssl and SChannel) - Hostname mismatch (SAN) : RULED OUT (SAN contains the exact hostname Devolutions uses) - TLS version mismatch : RULED OUT (TLS 1.2 negotiated successfully by both sides) - TLS downgrade sentinel (DOWNGRD) : RULED OUT (TLS 1.3 disabled on submission port; no sentinel present in server hello) - Postfix requesting client certificate : RULED OUT (no smtpd_tls_req_ccert or smtpd_tls_ask_ccert configured; Postfix logs show "Anonymous TLS") - SASL user missing : RULED OUT (devolution user added to sasldb after investigation; failure unchanged) - IP not in mynetworks : RULED OUT (X.X.200.57 added; failure unchanged) - AUTH advertised before STARTTLS : RULED OUT (smtpd_sasl_auth_enable disabled globally, enabled only in submission override; failure unchanged) - Postfix misconfiguration : RULED OUT (identical Postfix setup works correctly with other SMTP clients on the same network) -------------------------------------------------------------------------------- 6. ROOT CAUSE ASSESSMENT -------------------------------------------------------------------------------- The evidence indicates a bug in Devolutions Server's SMTP client implementation. After a fully successful TLS 1.2 handshake (confirmed by both Postfix logs and independent SChannel verification), Devolutions sends TLS alert 42 (bad_certificate) to the server without reading any post-STARTTLS SMTP response. Alert 42 (bad_certificate) in this context is being generated by Devolutions' application-layer SMTP/TLS code, not by Windows SChannel — SChannel itself reports no errors when performing the identical handshake independently. The pattern suggests that Devolutions' SMTP client performs an additional certificate validation step after the TLS handshake (possibly using a different certificate store, trust policy, or validation API than SslStream) and aborts when that secondary check fails, before the application has read any data. Possible areas to investigate in the Devolutions codebase: - Custom certificate validation callback rejecting the cert despite SChannel accepting it - Use of a different trust store or certificate pinning mechanism - An exception thrown during post-handshake processing that causes the connection to be closed with alert 42 rather than a clean error - Difference in behavior between .NET SslStream and the SMTP client library Devolutions uses internally (e.g. MailKit, SmtpClient, or custom) -------------------------------------------------------------------------------- 7. SUGGESTED DIAGNOSTIC STEPS FOR DEVOLUTIONS TEAM -------------------------------------------------------------------------------- 1. Enable verbose SMTP/TLS logging in Devolutions Server and capture the full exception stack trace at the point where alert 42 is sent. 2. Identify which certificate validation API is used in the SMTP client (e.g. RemoteCertificateValidationCallback, X509Chain.Build, etc.) and compare its behavior against SslStream with the same certificate. 3. Test against an SMTP relay using a publicly trusted certificate (e.g. Let's Encrypt) to determine if the issue is specific to internal/private CA certificates. 4. Test with Connection Security set to "No encryption" to confirm the SMTP client itself functions correctly when TLS is not involved. 5. Test with Connection Security set to "Use SSL or TLS immediately (SMTPS)" on port 465 to determine if implicit TLS (no STARTTLS negotiation) works where STARTTLS does not. -------------------------------------------------------------------------------- 8. CONTACT -------------------------------------------------------------------------------- Reported by : Alessio Gennari ================================================================================ END OF REPORT ================================================================================ Anyway there is the same error also with version 2026.2.4.0 just installed. Can you please help us? Very kind regards. Alessio

83

4

avatar

Michel Audi

avatar

thomasprovin

Resolved

LDAP Authentication to the wrong Domain

We are using Devolutions Server v2025.3.19.0 and are experiencing the following issue. It has already happened three times this month that suddenly no login with a domain user was possible. The Devolutions Server is a member of Domain A. The user accounts are located in Domain B. When the problem occurs, we observe that the LDAP account configured on the Devolutions Server (Administration > Server settings > Authentication > Domains) for the domain suddenly authenticates against Domain A instead of Domain B. We can clearly identify this because we see audit failure events (Event ID 4625) for the ldap account on the domain controllers in Domain A. This state persists until we restart the server. When the issue occurs, it always happens at the same time of day. In the Windows Event Log, we consistently see the following events. It is clear that these events can trigger this issue: (These events occur daily but do not always lead to the problem.) [image] [image] [image] [image] [image] Is this behavior a known issue? Are there any configuration options to resolve this problem?

105

2

avatar

thomasprovin

avatar

alakkadmayar

How unique are the Entry ID field

Hi there, I want to create a fully automated workflow using Devolutions RDM using the PowerShell module. This workflow will use the entry ID as input. This same workflow will be also implemented within the same data source but on a different vault. My question is, is the Entry ID field unique on the data source level or on the vault level? I know, the field is 16 bytes long field and getting the same two IDs is very unlikely, but I want to make sure to eliminate this risk completely by understanding the uniqueness of the Entry ID within a data source. Thanks!

92

2

avatar

Stephan Haupt

avatar

dsi1

Resolved

Unable to create a FileZilla/SFTP entry with Devolutions.PowerShell for DVLS

Hello, I am currently migrating automation scripts from Remote Desktop Manager PowerShell to Devolutions.PowerShell for DVLS. I managed to create SSH and Web entries using New-DSEntryBase. Now, I am trying to automatically create FileZilla SFTP entries using New-DSEntryBase. I successfully create the entry in DVLS, but when opening it from the Web UI or from RDM app, the entry is incomplete. There is no host, no username, no password... What I already tested: Creating entries manually in DVLS Exporting existing entries using Get-DSEntry Rebuilding the JSON payload manually Using: connectionType = "FTP" or "9" connectionSubType = "FileZilla" protocol/host/port/username/password fields Cloning existing entries However, exported FileZilla entries seem incomplete: host is missing username is missing provider-specific settings are not visible only minimal data is returned I also tried using New-DSEntryBase -FromRDMConnection and integrate the input configuration that is used in my functional RDM PowerShell script but it fails because the cmdlet expects: Devolutions.RemoteDesktopManager.Business.Entities.ConnectionInfoEntity while New-RDMSession returns: RemoteDesktopManager.PowerShellModule.PSOutputObject.PSConnection My goal is to fully automate the creation of FileZilla SFTP entries in DVLS from PowerShell. Could you please provide: The correct JSON schema for FileZilla SFTP entries The required connectionType / connectionSubType values The recommended way to automate FileZilla entry creation in DVLS Whether some provider-specific data is intentionally hidden from Get-DSEntry Thank you. Here is my non-functional JSON configuration : $body = @{ name = "SFTP - Test 01" group = "FOLDER01" vaultID = "00000000-0000-0000-0000-000000000000" connectionType = "9" data = @{ host = "10.1.1.1" username = "sftpuser" protocol = 1 passwordItem = @{ sensitiveData = "MyPassword123!" } } }

143

6

avatar

dsi1

avatar

micheleschelfi

Configure session recording without gateway

Good morning, I am currently working on a POC to migrate from RDM + SQL to a Devolutions Server + RDM solution (Devolutions Server will be used solely as a data source; web access is not planned, and everything will go through the RDM client). I would like to configure session recording for RDP and SSH. While reviewing the documentation, I noticed that using Devolutions Gateway is required. Are there any alternative solutions? At the moment, I am working on deploying DVLS in a Kubernetes infrastructure. I have already configured the environment with 3 separate pods and an external SQL Server hosted on a Windows server. Deploying the Gateway could be problematic because the company needs to connect to dozens (or even hundreds) of segregated customer environments. Our current operating model relies on dedicated VPN connections, and introducing an additional agent like Devolutions Gateway would be difficult. My question is the following: Is it possible to configure a recording service that saves session data to a specific network path without necessarily going through the Gateway? (for example, a path within the database server environment) Additionally, is it possible to configure a retention policy with automatic deletion for the recording files? Thank you in advance for your support.

113

3

avatar

Michel Audi

avatar

Jimmy P

Implemented

User Creation Slowness

Team, Is it common when creating usernames that it takes 30 to 120 seconds to process? It'll pinwheel until complete, naturally. [image]

199

5

avatar

Maxim Robert

avatar

john34

Implemented

DVLS Notification User modified

Hi there Since updating DVLS to 2026.1.7, I get user modification notification every night for nearly all users, but I don't see any value which has changed wether in Entra or within DVLS. Please assist for trouble shooting this. Backgroud for this notification is to get informed as soon a new account has been created. [image] Thank you. Best regards, John

160

2

avatar

Maxim Robert

avatar

benjaminbendel

Resolved

Missing HostAddress in Api response

Hi, what do I have to do get the host information within the api response from the devolutions server? Username, password and name are there but the addresses are missing. Kind Regards

139

7

avatar

Patrick Ouimet

avatar

dsi1

Resolved

Unable to create SSH entry via API

Hello, I'm currently working with the Devolutions Server API (version 2026.1.14.0) and running into an issue when trying to create entries via the /api/v1/vault endpoint. Specifically, I am unable to create entries of type SSH or WebBrowser . Each attempt results in the following error: "The specified entry type is not supported for creation." The main difficulty I’m facing is that the available documentation at /dvls/api-documentation is quite limited. I couldn't find: Concrete examples of request payloads for creating entries A list of valid values for fields like type, subType, or the structure of the data object Clear guidance on which entry types are actually supported for creation via the API Given this, I have a few questions: Is there a more complete or detailed API documentation available somewhere? Is it currently possible to create SSH or WebBrowser entries via the API? If direct creation is not supported, is it possible to create entries using templates (e.g., via a template endpoint)? Any clarification or guidance would be greatly appreciated. Thank you.

Recommended Answer

3 months ago

Hello, Thank you for your feedback. In this version of the API, it is not possible to create SSH entry types or any entries other than credential entries. The best method for creating entries with DVLS is to use the Devolutions PowerShell module and its DVLS cmdlets (Verb-DSxxxx cmdlets). You can find some sample scripts in the following section of our GitHub repository. https://github.com/Devolutions/DevoSamples-ps/tree/main/DVLS Let us know if that helps. Best regards,

181

2

avatar

dsi1

avatar

MR

Resolved

Error "Could not find any recognizable digits" when updating database

Hello everyone I've updated from Devolutions Server 2024 to 2026.1.12.0 and while the update was successful, i couldn't get rid of the error message i was receiving when updating the server which stated "Could not find any recognizable digits". I then found out, i could trigger the error just by clicking on "Update database" in DVLS.Console under Edit < Database: [image] I've tried to do some research, however i have not been able to find any information regarding Devolutions, since its a common .NET error, not directly linked to Devolutions Server itself. I tried to regenerate the encryption keys under Tools < Key management without success, the error persists. Any help is appreciated!

Recommended Answer

2 months ago

Update from my side: I have been able to solve the issue by getting in touch with service@devolutions.net and they sent me an SQL Query which resolved the issue entirely: DELETE dbo.AppSettings WHERE Name = 'AuthenticationTrustedDomains'

229

8

avatar

MR

avatar

pvansluisveld

Resolved

Automatically new web application are added in system dashboard

In my Devolutions Server setup my devolutions server docker containers every 5 minutes automatically duplicating a new (same) docker container in the web application in system dashboard. Is there a way to stop automatically duplicating web application in system dashboard overview inside Devolutions Server? [image]

283

12

avatar

pvansluisveld

avatar

rbruni

Yubikey MFA not working

When I try to add a Yubikey MFA device to a user form both Devolution Server and RDM application it fails with the message "Yubikey is Invalid". The key I'0m using is a Yubikey 5 NFC with firmware 5.2.4. The key has OTP interface enabled and configured with Yubico OTP. By following the enroll procedure from your documentation I cannot add the key neither from RDM nor Devolution web server.

152

3

avatar

Jacob Lafrenière

avatar

davidyates

Resolved

Unable to De-select "is Administrator" in DVLS for an Entra-Synced Group

We currently have 2 Entra-synced groups into DVLS, one for Administrators and one for Users. We since then found out that Administrators have access to all entries in PAM vault, so I tried moving myself from Administrators to Users, but doesn't seem to have made a difference. So my next step was to de-select "Is administrator" tickbox within the group and then specifically assign permissions to the group. However when deselcting and trying to save settings we get the following errors: TypeError: Cannot read properties of undefined (reading 'netbiosName') at i.onSave (https://<SERVERNAME>/dvls/chunk-YGRHIQBO.js:1:91037) at https://<SERVERNAME>/dvls/chunk-YGRHIQBO.js:1:83874 at Tf (https://<SERVERNAME>/dvls/chunk-4HFZZ7HS.js:7:74231) at Object.o [as next] (https://<SERVERNAME>/dvls/chunk-4HFZZ7HS.js:7:74400) at Ui.next (https://<SERVERNAME>/dvls/chunk-4HFZZ7HS.js:3:3484) at be._next (https://<SERVERNAME>/dvls/chunk-4HFZZ7HS.js:3:3208) at be.next (https://<SERVERNAME>/dvls/chunk-4HFZZ7HS.js:3:2935) at https://<SERVERNAME>/dvls/chunk-4HFZZ7HS.js:3:5944 at zt (https://<SERVERNAME>/dvls/chunk-4HFZZ7HS.js:3:2326) at ya.next (https://<SERVERNAME>/dvls/chunk-4HFZZ7HS.js:3:5783) I've replaced our server URL with <SERVERNAME> just to clarify that it's now actually saying that/using that variable

Recommended Answer

3 months ago

Hello davidyates , Thanks for reaching out. The system seems to snag on reading 'netbiosName' from the currently configured group. I could not replicate in my environment; the check box does the trick. I'm using DVLS 2026.1.12. Maybe you have a different version? Thanks for confirming Given that this was an admin group, is it safe to assume it doesn't have specific permissions on Vault/Folders/entries? If that's the case, I think we could try deleting and re-importing it. Thoughts? Best regards,

159

3

avatar

Alexandre Bélisle

avatar

IT

Implemented

Reveal button reveals a different password than intended in the webapp

Hello, We are currently facing an issue where an entry with 3 passwords stored in it reveals the "wrong" password on the webapp. [image] If you press the top button the bottom password gets revealed, if you press the middle button the top password gets revealed, and if you press the bottom button the middle password gets revealed.

241

5

avatar

Maxim Robert

avatar

it77

Invalid license (Launcher) after refresh - users cannot authenticate via Microsoft

Hello Devolutions Support Team, we are currently experiencing an issue with our Devolutions Server after refreshing the license. Issue description: After clicking “Refresh License” , all users were logged out of the Devolutions Launcher and are no longer able to authenticate using Microsoft (Entra ID). We are receiving the following error message on the login screen: Invalid license (Product: Launcher) Current situation: Licenses are displayed as fully assigned (e.g. 9/9 users) AD groups are still correctly assigned No changes were made to authentication configuration The issue started immediately after refreshing the license Additional observations: When attempting to re-add the product license, the “Add” button is greyed out This suggests the license cannot be validated or re-applied Users are completely blocked from accessing the Launcher Environment: Devolutions Server version: 2025.2.5.0 Authentication: Microsoft (Entra ID) License type: Remote access management package (9 users) Remote desktop management & IT operations (5 users) Troubleshooting already performed: Verified license is still valid and not expired Confirmed AD group assignments are intact Attempted to re-add license (button disabled) Issue persists across all users Kind regards Omar

142

1

avatar

Erica Poirier

1 - 25 of 888 items