Add Mateso Passwordsafe as Password Storage

Hello,
Thank you for the link It's the first time we get the information for this product. I will add this to our todo list.

Regards

Hello,

the Product itself exists a long time, but first with version 8 it have an API where the passwords can be written and read from the password safe.

The passwordsafe is in use a lot around Europe and in the most DAX30 companies (the biggest (german) companies listed at the stock exchange in Frankfurt)

But it is aalso used on bigger compynies around the wolrd :)

Indeed it's a good news that they now have an API

Regards.

Hi there,

we are currently looking to buy and implement the Remote Desktop Manager and have aswell Mateso Passwordsafe in usage. Because of we are very satisfied with this software this we do not plan to change the software for password handling.
So a integration via the API would be very nice.

Thanks in advance,
Constantin

Hello,
I cant give you a time frame but it's definitively on our list. We understand here are at Devolutions that it's not necessarily a good idea to change a product that you are satisfied and this is why we integrate so many other products.

Regards

Hello,

The beta of RDM 14 will have a Mateso Password Safe credential entry type.

Here are the requirements to use this entry :

The following image is what the entry will look like :



The next image shows what you will see when prompting the password list. The types of passwords we have decided to accept coming from the Mateso Password Safe's format are all shown in the list. If there are other types of passwords you deem important for your credential entries, please do let us know so that we can add them to our selection.

Hi,
we have enterprise plus license, i had fill in the required information.
I can't login to the mateso server.

Maybe anyone can help me in a remote session

Enviroment:

RDM 14.0.4.0
Mateso: 8.6.0.15386

@Marc,

Could you go in Help -> Profiler -> Debug Only tab and set the debug level to 1.

When this is done, reproduce the error message in PasswordSafe Mateso and post the result of the Profiler please.

Best regards,

Hi Jeff,

this are the the results of the debug process.
I send this result to support with subject "Issue Mateso Addon"

Silent: PsrApi.PsrServiceException: Die Eingabe ist keine gültige Base-64-Zeichenfolge, da sie ein Nicht-Base-64-Zeichen, mehr als zwei Leerstellen oder in den Leerstellen ein Zeichen enthält, das ungültig ist.
bei PsrApi.Internals.ServiceClients.PsrWebServiceClientBase.ParseResponseForServiceException(String responseString)
bei PsrApi.Internals.ServiceClients.PsrWebServiceClientBase.<Get>d__15`1.MoveNext()
--- Ende der Stapelüberwachung vom vorhergehenden Ort, an dem die Ausnahme ausgelöst wurde ---
bei System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
bei System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
bei PsrApi.Managers.AuthenticationManager.<PrepareWebService>d__13.MoveNext()
--- Ende der Stapelüberwachung vom vorhergehenden Ort, an dem die Ausnahme ausgelöst wurde ---
bei System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
bei System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
bei PsrApi.Managers.AuthenticationManager.<LoginInternal>d__10.MoveNext()
--- Ende der Stapelüberwachung vom vorhergehenden Ort, an dem die Ausnahme ausgelöst wurde ---
bei System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
bei System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
bei PsrApi.Managers.AuthenticationManager.<Login>d__7.MoveNext()
--- Ende der Stapelüberwachung vom vorhergehenden Ort, an dem die Ausnahme ausgelöst wurde ---
bei System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
bei System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
bei Devolutions.RemoteDesktopManager.Managers.MatesoPasswordSafeManager.cfafc71ae14ae20c28e22217c444dcd54.MoveNext()
5 - Connection States: Refresh : 0 ms
Silent: PsrApi.PsrServiceException: Die Eingabe ist keine gültige Base-64-Zeichenfolge, da sie ein Nicht-Base-64-Zeichen, mehr als zwei Leerstellen oder in den Leerstellen ein Zeichen enthält, das ungültig ist.
bei PsrApi.Internals.ServiceClients.PsrWebServiceClientBase.ParseResponseForServiceException(String responseString)
bei PsrApi.Internals.ServiceClients.PsrWebServiceClientBase.<Get>d__15`1.MoveNext()
--- Ende der Stapelüberwachung vom vorhergehenden Ort, an dem die Ausnahme ausgelöst wurde ---
bei System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
bei System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
bei PsrApi.Managers.AuthenticationManager.<PrepareWebService>d__13.MoveNext()
--- Ende der Stapelüberwachung vom vorhergehenden Ort, an dem die Ausnahme ausgelöst wurde ---
bei System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
bei System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
bei PsrApi.Managers.AuthenticationManager.<LoginInternal>d__10.MoveNext()
--- Ende der Stapelüberwachung vom vorhergehenden Ort, an dem die Ausnahme ausgelöst wurde ---
bei System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
bei System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
bei PsrApi.Managers.AuthenticationManager.<Login>d__7.MoveNext()
--- Ende der Stapelüberwachung vom vorhergehenden Ort, an dem die Ausnahme ausgelöst wurde ---
bei System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
bei System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
bei Devolutions.RemoteDesktopManager.Managers.MatesoPasswordSafeManager.cfafc71ae14ae20c28e22217c444dcd54.MoveNext()
XML.SaveConnection...
PrivateConnectionManager.Refresh : 29 ms
XML.SaveConnection : 175 ms
PrivateConnectionManager.Refresh : 30 ms
Tree view is loading 1 connections
TreeView.LoadConnectionList...
GetGroupInfos : 0 ms
BeginUpdate...
*** WARNING [Load Connections Detailed] Enabled ***
Loading Credential Mateso [84538eb2-42fa-437d-8ac5-a2b4b8319727]
LoadConnectionList : 0 ms
ApplyGroupCustomImages : 0 ms
LoadConnectionInTreeNode : 14 ms
PreCreateGroups : 0 ms - Count : 1
BeginUpdate : 55 ms
TreeView.LoadConnectionList : 91 ms
SelectionChanged...
LoadConnectionList : 0 ms
SelectionChanged : 34 ms

i have ivolved the Mateso support as well.
Do you have contacts to the mateso developer ?

Hello,

Our engineering department is in contact with Mateso and they are investigating this issue.

Thank you for the logs by the way.

Best regards,

Are there any updates because of this problem?! There are 3 month since the latest post ant today i had the same problem with the latest software from RDM & Mateso Passwordsafe.

Thanks
Frank

Hello Frank,

We have not received any news about this issue as of yet. I have sent another email this morning to ask about the progress.

We will keep you updated on how this develops.

Regards,

Hello Michaël,

are there any updated because of this issue?! Because we want to made a mass rollout of Passwordsafe in the next 1-2 Month and give training courses for it and the API interactionand configuring Passwords from the Mateso Passwordsafe is an importent part of the training.

Thanks
Frank

Hello Frank,

I still haven't received any news about this issue from my Mateso contact. This error seems to happen when trying to login to your Mateso account through the API. I'm guessing there is an issue in the code when it comes to understanding some sort of special character in your password.

There isn't much we can do until we receive more information from the Mateso developers. I would recommend asking them for support again while providing them the profiler's result shown in the previous posts.

If you get an answer about this issue from Mateso's support please let us know.

Regards,

Hello Michaël,

I talked to Mateso andas I can "read between the lines" there are no open questions on the side of Mateso. Can you please contact Mateso again. I opend a case on the Mateso tickest system and they will know that you will contact Mateso again.


My Username/Password has no german special chars, only lower and upercase, numbers and an ascii special char. But the error message looks like that the string itself will not be utf8 conform?!

It is important for us because we had internal trainings for the Mateso Passwordsafe and RDM and the API interconnect to get Passwords from Passwordsafe in RDM ispart of this training.

Thanks
Frank

Hello Frank,

Another mail has been sent. I have also linked this forum thread so they can ask questions or see the details of the conversation if need be.

Regards,

Hello,
we have the same issue as Frank.

Could it be possible that RDM doesn't like the underscore in the database name? Since we have the same issue and we also have an underscore in our Passwordsafe Database name.


Edit: We created an empty Passwordsafe DB without an underscore and it looks better - no "unknown error" message. It rather says now "No Passwors found" even if I create a new entry in the empty Database.

Hello Sebastian,

It's great that you found that the issue is linked to having an underscore in the database name. There isn't much we can do about this on our side as all we do is pass the login information to the API.

I would recommend sending the information to their support department and see if they can have it fixed for their next API release.

About the issue of finding no passwords, have you made sure that the entry you created has the "Description" and "Username" fields filled in?

We have added this restriction when searching for password entries since the "Description" field is considered as being the name of the entry. As for the reason we added the "Username" as a required field to be filled in for an entry to be found, it is to avoid receiving entries which aren't suitable to being used as a credential in RDM.

Please do let us know if the "Description" and "Username" fields not being filled in was the issue.

Regards,

Hello Michael,

we have exactly the same problem.
I already checked the fields. There is noch missing entry.
Is there any other option to check?

Regards,

Patrick

Hi Michael,
as Patrick already mentioned, we also checked the fields. There is no missing entry for us, too.
I also tried other templates than AD-User (I created a Database account entry) but still no joy.

What else can we check now?

Hello,

It is not the undescore, because we have no underscore in the name. The Name für The Passwordsafe itself is only ASCII: "PwdSafe" (and no special chars) and the Database for this is the same name. Only the config Database für the PasswordSafe Server is with a hyphen (but the API or RDM has no setting or is not in contact with this database!)

Hello,

Our Mateso license is currently expired.

We have asked for a new trial license today so that we can test again and see if we can reproduce your issues. We'll let you all know if we can reproduce / fix your issues as soon as possible.


Regards,

Hello,

We have been informed that some users who are experiencing issues connecting to their Password Safe server could be users using the "Master Key" mode. This issue should be fixed in the latest version of the API. We have updated the version of the API and this should hopefully fix all login issues.

We haven't been able to reproduce the issue of "No passwords found" experienced by Sebastian but we've made some changes to our code which may or may not fix the issue.

These changes will be available starting from the next release of RDM scheduled in March. Please do let us know how everything works out after having the opportunity to test the next version.

Regards,

Hi,
any plans to support TwoFactor authentication for Mateso PasswordSafe?
We are using Google Authenticator.

It is supported for Pleasant but we moved now to Mateso.
Thanks!

Hello,
I don't know if it's possible with their SDK but I will add this to our todo list.

Regards

Hello Tobiass,

Could you please let us know which version of RDM you are using?

If I'm not mistaken this should have been implemented to RDM around December 2019 and should be included in the latest release.

Regards,

Hi,
I just saw your answer.
You are right, in the new version I'm able to use TwoFactor.

But it seems that for every new Session I do to a server I need to enter TwoFactor again. The previous login to Mateso is not being used.
With Pleasant Password Server I just needed to put the Token one time per day (lifetime setting was 10hours)

Is it by design? Does Mateso not offer possibility right now through API?

Thanks!

Hello Tobiass,

We will create a ticket to investigate if the behavior can be changed. We'll keep you updated on the progress.

Regards,

Do you have an update?

Hello,

This is currently on our list of things to check, at the moment the issue is we don't have a working setup so we have to check with the Mateso team to get us back on track again. If this is supported through their APIs we're hoping to have this available for RDM 2020.3 which is planned to come out in september.

Regards,

Hello,

Improvements have been completed internally as to avoid getting prompted repeatedly for your MFA. The changes should be included in RDM 2020.3.0.0.

Regards,

Hello

We are looking for a new Password Managersuite and got Mateso recommended. As we use RDM, what are user saying about the implementation?
Lastpass is working, but it is very slow as it gets the passwords via the online API which takes about 4-6 seconds when connecting to a server.

We also think about the Devolutions Password HUB. But we also need sharing with other people outside our organisation, where we give them a license from us at the moment.

So looking forward to hear some thoughts about it from you guys.

Best regards
Patrick

@mad,

Since you are already a RDM user, Password Hub would be the ideal solution for you.

Password Hub can be use as a datasource in RDM, so all your connections and passwords will be stored directly in Password via RDM since you will use it as your datasource. Also, since Password Hub offers a web interface, the people of your organization who doesn't use RDM will use this interface to save their sessions and passwords.

Would you be interested in a live demo of Password Hub?

Best regards,

Hi Jeff

Thanks a lot. I have few question to Password HUB:

-Can we import the lastpass credentials?
-Can the current mappings of credentials in RDM somehow be moved into the new structure of Password HUB, so we don't need to select all of them from scratch for hunders of entries?
-Can we also import from another data source like an exported excel?
-Can we share certain credentials or forlders with people outside of the company? (what licesnes are needed)
-Can we share certain credentials from the business account into Personal accounts from users?
-How are the local (offine) credentials stored /encrypted?
-Is the access via Password Hub much faster than Lastpass?

After that we can arrange for a demo and the details.

Thanks and best regards.
Patrick

Hi, @mad

-  Yes, it is possible to import Lasspass exported file

- Actually If you are using RDM, You can Export your existing Data structure in Password Hub Business since RDM does connect to
Password Hub as a Datasource. Not sure if it answer but as mention we can Show you all the possibility in a Demo Session

- Yes, you can import a CSV file   that gives lots of possibilities.
https://help.remotedesktopmanager.com/importcsv_strategies.html

-  Users need to be Invited to your Hub.  So it will be calculated base on the type of License. After you need to manage the access base on permission. on special vault.

-  No.  Password Hub business and Hub Personal are 2 different products.

-  Offline mode (read) is available only with RDM
https://help.remotedesktopmanager.com/datasource_offline.html

-  I think performance is very hard to compare. Size is really a big point. I suggest you to Create your Password Hub Business and do this comparison after your Import. 
Create your Hub. First 30 days free https://password.devolutions.net/business/sign-up

If you would like to go further with a Demo Session, please request one with this link https://password.devolutions.net/home/requestdemo

For any other post regarding Password Hub I invite you to post here: https://forum.devolutions.net/product/password-hub

Best regards,

France
User experience coordinator

Good Morning,

with RDM 2022.2.26.0 and PasswordSafe 8.15.0.28705 same issue come again.



so can you please Check in the new RDM Version was Change that produce the issue?

I opend a Ticket @Mateso/Ntwrix and they says from Devolutions RemoteDesltopManager the API was too old an they know the issue!!

Hello DLRG,

There indeed seems to be an issue with the current implementation of Mateso Password Safe in RDM as many users have reported it. However, with the change of management going from Mateso to Netwrix, we have lost contact with them for a while and we no longer have a working license and environment.

We have just recently managed to get in contact with them and scheduled a meeting. Following this, we will hopefully be able to get a working environment for us to test any changes that we are required to make. Once we have a proper Mateso environment up and running, we should be able to bring back our integration of Mateso Password Safe to a working status.

Best Regards,

Hello DLRG,

There indeed seems to be an issue with the current implementation of Mateso Password Safe in RDM as many users have reported it. However, with the change of management going from Mateso to Netwrix, we have lost contact with them for a while and we no longer have a working license and environment.

We have just recently managed to get in contact with them and scheduled a meeting. Following this, we will hopefully be able to get a working environment for us to test any changes that we are required to make. Once we have a proper Mateso environment up and running, we should be able to bring back our integration of Mateso Password Safe to a working status.

Best Regards,

Hello Michael,

is there an update regarding the integration of Mateso/Netwrix Password Safe with Remote Desktop Manager?
We would like to use both products in conjunction with each other. Are there still problems?

Hello,

We have managed to get in contact with their company but have had more pressing matters to attend to first.

Simply put, they have made some changes with how their API works and our integration only supports older Mateso servers and databases. Anything that is newly created will not work in RDM.

We will increase the priority of the ticket we created for this issue and will let you know once the API is updated.

Best Regards,

Hello,

We have managed to get in contact with their company but have had more pressing matters to attend to first.

Simply put, they have made some changes with how their API works and our integration only supports older Mateso servers and databases. Anything that is newly created will not work in RDM.

We will increase the priority of the ticket we created for this issue and will let you know once the API is updated.

Best Regards,

Hello Michaël,

do you have an update for us regarding this matter?
Right now we get an error in rdm that the login to the mateso server failed.
The Mateso/Netwrix Password Safe integration was a key feature, which is why we chose the Remote Desktop Manager.

Hello luggz,

No updates yet but it has made it's way to the top of the TODO list. As long as we don't face any blocking issues we should be able to fix the issues soon.

Best Regards,

Hello luggz,

We have completed a fix for Mateso internally and the changes should be available starting from the next minor release of RDM.

Please let us know if you still experience issues once the update is out.

Best Regards,

Hi Michaël,

thank you for your support.
We are now able to connect both applications.

Is it possible for you to expand the password search in the Remote Desktop Manager a little? Ideally, we would like to be able to filter passwords from the password safe through the tags of the passwords.

Hello luggz,

When talking about the "password search" I assume you are talking about search textbox in the following window?



If so, we might be able to search the entries by tag depending on if it is returned by the Mateso API or not.

Please let me know if this is what you wish for or if it's something else.

Best Regards,

Yes exactly.

For example, if your Entry1 has the tag 0001, then it would be great if this is shown to me when I search for 0001 in the searchbox.

Hello luggz,

As long as the mateso API provides the tags of the queried passwords we should be able to add this easily. We will create a ticket for this feature and keep you updated.

Regards,

Hi,
we cannot access the Netwrix Password Secure Server from the Remote Desktop Manager. The error message appears that the login failed, but in our opinion the login details match and we also tried different username syntax (username; domain\usermane; UPN).
We are using RDM v2023.2.30.0 and Netwrix Password Secure 8.16.1.29875. Is this a known issue?

Regards,
Chris

Hi @mit

I tested RDM against our Test-Passwordsafe Instance which is the latest version from Yesterday and it's working well :)
but our RDM Version is a few month old.. 2023.1.28.0 64-bit

Frank

Hi Frank,

thx for letting us know. Do you use Netwrix Password Secure Enterprise or Enterprise Plus?

Regards,
Chris

As I know we are using enterprise plus... because of the api access this version is needed. But we are an longer Mateso customer and we bougt it at a time where this license model are not exist. But the full license we have, are able to connect to the API. We also have about 1200 light client lizenses and this are not able to use the api.

Frank

Hello Frank,

I have just tested with the latest version of RDM and our own Netwrix setup which is on 8.15.4 and everything works perfectly.

Would it be possible to do the following as to help us figure out the issue?

1. Open the profiler (Help>Profiler) and go in the "debug only" tab and set the debug level to 1. Keeping this window open, try to use the Netwrix entry. It might output logs that could help us.
2. Send us the application logs (Help>Application logs) after using the Netwrix entry.

Best Regards,

Hi Michaël,

I think, there is a little confusion... I have absolutly no Probelm... I tried to help another User ;)
@mit hat the problem ;)
But I think it's a lizense Problem ....


Best Regards,
Frank

Frank
Hello Frank,

I have just tested with the latest version of RDM and our own Netwrix setup which is on 8.15.4 and everything works perfectly.

Would it be possible to do the following as to help us figure out the issue?

1. Open the profiler (Help>Profiler) and go in the "debug only" tab and set the debug level to 1. Keeping this window open, try to use the Netwrix entry. It might output logs that could help us.
2. Send us the application logs (Help>Application logs) after using the Netwrix entry.

Best Regards,

Hello Chris,

Sorry for the confusion. The following message I had sent to Frank was meant for you. On top of that could you provide us with the type of Netwrix license you are using?

I have just tested with the latest version of RDM and our own Netwrix setup which is on 8.15.4 and everything works perfectly.

Would it be possible to do the following as to help us figure out the issue?

1. Open the profiler (Help>Profiler) and go in the "debug only" tab and set the debug level to 1. Keeping this window open, try to use the Netwrix entry. It might output logs that could help us.
2. Send us the application logs (Help>Application logs) after using the Netwrix entry.

Best Regards,

Hello,

We will open a feature request for this but it will all depend on what the API allows us to do. We will keep you updated when there is progress on this issue.

Best Regards,