generic Credential object which may only be edited "user specific"

Hello,

They could set up their credentials in File - My Account Settings - My Personal Credentials
From there, on your session(s), you can set the credential to "My Personal Credentials" without choosing any entries.

When you will launch the session, you will be prompt to choose from your Personal Credentials.

Best Regards,

hi Etienne,
this does not work as expected.
as how i understand "File - My Account Settings - My Personal Credentials" can only store one credential - and if it is set any session with the credentials set to "My personal credentials" will use this very (one) credential

setting it to "Private vault search" however (and leaving the search text empty) does show up the list of my private vault credentials.

however for a simpler user experience for the not so tech savvy users it would be best to have the feature as follows.

instead of a new credential object type you could also extend the user/password credential type settings with "write protected" and "save credential in personal vault" (can only be set if "write protected" is active).

so we create one "generic credential" per client with these two options checked should result in the following:

1. user tries to connect for the first time to the client and has not setup the personal credential
   1. popup "new credential entry" which will be stored in the private vault and linked to the "generic credential" as "user specific setting"
2. user tries to edit the credential object which was linked to a personal vault stored before
   1. popup message "this item is linked/overwritten by your private vault credential "XYZ" edit this instead
      1. [yes]->edit personal vault credential entry
      2. [no]->edit generic credential entry
3. user tries to delete credential entry with option "write protected" checked
   1. error message: cannot be deleted as option "write protected" is checked

I also did some tests using "Edit > Status > Locked" but this seems to do nothing but change the font colour and append '[Locked]' to the credential name.

please let me know what your thoughts are.

my idea is to have RDM play nice with multiple sessions/credentials/inheritances for the novice RDM user (and prevent users to set their personal credentials in a "generic credential" object).

KR
G.

one more thought:
as i said - we create generic credential object with no username, domain and password - now, if a connection (e.g. RDP) with such an empty credential object associated to it is initiated/opened (and the credential object is not user specific overwritten) it would be great to show the private vault credentials to make the user select from it (just like if the credential for the entry was set to "Private vault search" with no search text).

maybe this is easier to develop/integrate? also, a checkbox "show private vault entries if no username/password given" would be nice - and still an option to make it "read only" (which might simply result in a custom warning message if a user tries to edit it)

the next iteration of this idea is to add a checkbox "always use this credential for [NAME OF CONNECTION]" on the list of private vault entries and a "+" button to easily add a new personal credential (right where the user would need it to be).

please let me know your thoughts on this - maybe you have another approach (and i'm just using RDM "wrong").

we provide our staff via RDM with connections to several clients and would love to have a solution which prohibits accidental password leaks and is also easy to use for them.

KR
G.

Hello,

Thank your for the details, I will check with the engineering department!

Best Regards,

Hello Guenther,

Thanks for the detailed explanations and the ideas on how RDM could be improved to ease your workflow. This is a scenario where there's a lot of friction to having a working setup, and I don't think there's currently a better way to achieve this in RDM.

We've opened a feature request ticket in our internal system. We'll update this thread once we have an update on the progress.

Regards,