Stored admin credentials per user
Hi everyone!
We currently use RDM for our tech team of 10 engineers, with a central MSSQL database.
This works a treat and has enabled us to maintain one central repository of client remote access details so any client is only a few clicks away.
What we are finding now is the requirement for our engineers to have their own unique admin accounts across our client base, and not just use the one generic admin account. Our RMM tool can be utilized to create and manage the individual admin accounts on our clients sites which appears to be working well so far. The credential syntax created would be in the form of: <client domain name> \ XXX.<engineer username>
for example: CONTOSO\abc.bgates
The abc.bgates part will be common across all sites, but the CONTOSO domain will vary from site to site
The challenge is then saving these credentials so that we can maintain the convenience that RDM provides us. I have tested adding my credentials to my local data source, and changing some RDP connections to use My personal credentials (option from the drop down box).
But this doesn't allow me to somehow specify the domain name, and then append my username (and password) to the connection.
Has anyone else come across this, or know of any add-ins or something that can help? Surely we cannot be the only firm out there facing into the requirement to maintain multiple individual admin accounts, and still want the convenience of a centralised RDM tool.
Thanks in advance
Adrian
All Comments (7)
Hello,
I would recommend saving your personal credentials inside your private vault (https://help.remotedesktopmanager.com/index.html?view_navigation_privatevault.htm) and use the User Specific Settings feature (https://help.remotedesktopmanager.com/index.html?edit_userspecificsettings.htm) to override the admin credential saved inside the session already.
Best regards,
Jeff Dagenais
Hi Jeff,
That is similar to what I'm doing, however I still have the issue of the credentials in my private vault not containing the domain name :(
For example my credentials for some sites would be:
Site 1:
SITE1\abc.bgates (password: Pass1234)
Site 2:
SITE2\abc.bgates (password: Pass1234)
As you can see the username and password (made up obviously) is consistent across each site / company, but the domain name must change for each site / company. With 100+ sites / companies, I don't want to be updating them manually :(
Ideally I'd like the domain name to come from the company / site level in RDM, but the username / password to come from my private vault (and each of the engineers)
Hi Adrian
Do you really mean you administer multiple sites and/or customers and use the same username & password for multiple environments? There is not many people who'd consider that a good practice!
The solution Jeff proposed is working like a charm on our multiple environments, especially when setting all connections in a well -designed folder structure based on required credentials, with 'Edit - User Specific Setings' on those folders, to have each admin override his/hers personal credentials on each connection.
and you'll only need to add the new admin accounts in each personal vault.
if that is not enough you might want to look at variables.
Regards, Ben
@adrian05,
As I understand, you would like to have only one credential entry inside the Private Vault to reuse the same credential.
What can be done, it's to insert $COMPANY_MACHINE_DOMAIN$ in the domain field of your credential entry created in the Private Vault.
Then, on your Company folder(s) in the All Entries tab, in the Information section, in the Domain field, you enter the proper domain to perform the authentication.
When you will override the credential of the session or the folder with the entry located in your Private Vault, the proper domain should be inserted.
Best regards,
Jeff Dagenais
Thanks Jeff,
Just revisiting this, I'm not having any luck. I don't see an All Etrnies tab under my company folder.
I did see an Information section, where I entered the clients domain name, and set my private vault credential to have the domain $COMPANY_MACHINE_DOMAIN$.
But now it is trying to log me in as $COMPANY_MACHINE_DOMAIN$\xxx.engineername
All sorted now!
Changed my company folders from type "folder" to type "company" then used the variable $COMPANY_DOMAIN$ in my stored credential in the Private Vault.
Thanks!
@adrian05,
Glad that is now working as expected!
Thank you for your feedback.
Best regards,
Jeff Dagenais