Devolutions ForumDevolutions Forum

Security issue

Security issue

avatar
(user deleted)
Disabled

Hi,

We experiencing security issue authentication with RDM.

If my co-worker use my computer on my session and open RDM with his credential, RDM will open my RDM account (same account is use for windows session on the computer) and he will be able to access to my private vault also see all session as me.

Exemple:

Log into my computer domain\reniera

Open RDM with co-worker RDM account domain\coworker (picture 1)


RDM will open domain\reniera account see picture 2


The account domain\reniera is the administrator of RDM so the co-worker will be able to do many things!

Do you have a solution to resolve this security issue?

Thanks for you help

2.jpg

1.jpg

All Comments (8)

avatar
Maurice Côté

Hello,

How is your datasource configured? The prompt we see may be only the logon required to launch the app.

File - Data sources, select your data source and look at the credentials that are in there. Each user MUST use their own.

Best regards,

Maurice

avatar




Is the Integrated security causing this problem?

4.jpg

3.jpg

avatar
Maurice Côté

Integrated security is using the current windows session security. How are you logged in Windows?

Maurice

avatar
Maurice Côté

Sorry, reread your original reply and you do say IN YOUR SESSION

thats the issue, you should not share a RDM to other users from within the same windows session WHILE using integrated security.

Maurice

avatar

ok......

That's will be a problem for us... we are working on terminal server that's will be use to work and manage servers. But we'll need to use a different user account to log into the terminal server.

So I'll need to recreate user than they'll lose all user specific setting and all private vault....?

avatar
Maurice Côté

I will check to see if we can work with you to migrate the private vault and user specific settings.

Sharing a windows session should not be done lightly, the Windows Credential Manager stores credentials, as well as a few of our features that go in the windows profile.

Maurice

avatar

Hi,

I know that about share session is not a good idea, but i've use this exemple to explain the context of our enterprise.

We use privilege account to log into the terminal server then user another account for others applications install on the terminal server. We use RDM since 2 years and at this time we were using our workstation to use RDM with the same credential for RDM and windows.

thanks for you help. Let me know if there's any solution or how to migrate.
edited by reniera on 8/26/2015
edited by reniera on 8/26/2015

avatar
Maurice Côté

The only way to preserve the user specific settings and the private vault would be to rename the user account that you were currently using. We encrypt these things with a user-unique salt and passphrase.

You would need to to this in the database directly, just let us know by contacting us at support@devolutions.net if you want to proceed.

Best regards,

Maurice