Wayk Den: Connection vs machine?

Hi,

You are correct, Register-WaykNowMachine still requires a user login just like when using the Wayk Now application, so it is not suitable for automation. We have a prototype of a an API in Wayk Den that would enable machine registration/enrollment using a pre-generated enrollment token, but we have yet to complete the integration in the cmdlet + finalize this specific Wayk Den API.

I can describe how this feature will look like, so maybe you can comment on it, and tell me if it would be suitable:

1) An authorized user will be able to manage (create/edit/delete/renew) enrollment tokens in the Wayk Den Web UI. The token will be a signed JSON Web Token with an expiration and other properties, but for the sake of simplicity we've decided to make it possible to refer to a given JWT by its unique id, such as ccf7bc9d-7d7b-4b2d-8b0f-f406446f14e8.
2) An updated Register-WaykNowMachine function will be able to use the token id as a parameter (ccf7bc9d-7d7b-4b2d-8b0f-f406446f14e8) to automate the machine enrollment to a given Wayk Den, without a user manual login.

The token id should be small enough to be added to scripts for automation without having to save files somewhere. If the token expires, you will be able to renew it without changing the id, such that old scripts using an old token id can keep working. If the token gets leaked somehow and you want to prevent unauthorized enrollment, you will be able to simply revoke the token from the Wayk Den Web UI.

I don't have a timeline for when this will be ready, but it's a feature that somehow slipped through the cracks and we would like to bring it back onto the table in the next month. We agree that the current way of enrolling machines to Wayk Den is not suitable for automation, so we put some thought into it.

As for the two other comments/suggestions:

1- adding search boxes in the Connections and Machines pages would help greatly
I totally agree, we'll add it to our todo list, but I suppose it should be lower priority than improving the machine enrollment process as described above.

2- add Connect to machine link in the Connections page
About that, here's what the current "Connections" and "'Machines" pages mean, and how it is about to change. The "Connections" includes the connections to Wayk Den by Wayk Now for both clients and servers. "Machines" currently only includes machines enrolled for unattended access. We are preparing an important release with a new underlying Wayk Den protocol (Den V3) where clients will no longer have a persistent WebSocket connection to Wayk Den. This means the clients will no longer be in a "connected" or "disconnected" state, all we'll know is when they have last been seen. As for servers, we will put them in the same page, both enrolled and not enrolled for unattended access.

Best regards,

"enrolled for unattended access"
although at least to me it is not entirely clear what that means in the end because last time I checked at least on the normal wayk den unattended access works no matter whether it was registered or not.

judging by the name (and what others do) registering for unatteded access should either
a) make it possble in the first place to connect to a machine unattendedly (which is not what happens as anyone can connect provided the client is enterprise and the server has bg service installed and the client knows admin credentials to a machine)
b) instead of using some more or less random login data, to use an online account from the provider (so in this case the den account) to connect to the machine using that account as authentication (which also does not happen as wayk has 3 specific ways to get in and that's it)

but the only thing that does happen is to add the machine to a list and aside from giving clients a license, a purely logged in state does not seem to change much either.