Devolutions ForumDevolutions Forum

URGENT - All Connections' Credentials Overwritten

URGENT - All Connections' Credentials Overwritten

avatar
aparrish

Hey guys,
Yesterday, we upgraded to 11.1.0.0. I don't know if this upgrade is responsible or not (but the timing is suspicious).

We have setup a "generic" credential, <Your Admin Account> where multiple users each edit their local user settings to input their own password. This <Your Admin Account> is set as the parent credential for all of our folders, and each connection object in that folder inherits from the parent.

This morning, we noticed that every single object in every single folder (hundreds of them), are now set with Credentials = Default, with an explicit username, password, and domain for the Logon Settings (in the lower half of the object's properties).

At first, I was unconcerned, because we are very protective of this database, and have weeks of maintenance plan full backups of it (this is in an MSSQL 2014 Environment). When I restore the database, however, no matter how far back, this "corruption" remains. I can't imagine that information about connection properties is stored somewhere besides the database. I have also made sure I am NOT in offline mode in my client. Our next move is to install the RDM client to a fresh machine to see if that makes any difference.

Please help!

--Andrew

I am my own subnet ::1/128

RDM-Credential-FAIL.PNG

All Comments (7)

avatar
aparrish

Update: I suspect the rollback of the database was actually working. Once I installed a client on a new system, connection properties were correct. Of course, this pointed me to some kind of caching issue, and upon clearing my client cache the correct settings were back in place.

So the lingering question is how something like this could have happened (but the answer to this is not nearly as urgent now).

Thanks,
Andrew

I am my own subnet ::1/128

avatar
David Hervieux

Hi,
Do you still have the backup of the old database? You could verify the Edit session history.

David Hervieux

avatar
aparrish

I do have a copy of the database before it was restored. Where do I look for this?

I am my own subnet ::1/128

avatar
David Hervieux

Could you restore it somewhere and check this:

http://help.remotedesktopmanager.com/home_sessionhistory.htm?zoom_highlightsub=entry%2Bhistory

David Hervieux

avatar
aparrish

Ok, I have looked at it. It shows the same user whose account was used to replace all the connections with his account credentials explicitly. I know he didn't go through hundreds of entries and manually update each and every one. Is there some kind of batch process he could have accidentally done via the client?

I am my own subnet ::1/128

RDM-Edit-Log.PNG

avatar
David Hervieux

He could have used the Batch Edit maybe?

David Hervieux

avatar
aparrish

I suppose it is possible, and have no evidence against that theory (although he claims he did no such thing). I just wanted you guys to be aware should this issue pop again elsewhere. Thanks for the help.

I am my own subnet ::1/128