Weblogin additional features
0 vote
Hi guys,
we are using the Devolutions web Login combined with a Devolution Password Server and we were testing this solution for the last couple months. While doing the tests, we found 3 things that could improve the user experience a lot if they were adjusted.
1) After a fresh Plugin Installation the user h as to manually select the vault to sync, only the private vault is automatically selected. Is it possible to automatically assign the correct vault that is already linked to the user in the configuration? (role is linked to vault, user is linked to role)
2) When you undock a laptop (LAN/WLAN switch) you need to relogin into the DWL/DPS solution (probably because of ip address change!?). Is it possible to avoid that?
3) Sometimes it feels like there is a very short session timeout. Let's say you leave the browser open for 2-3 hours and do other work in the meantime. Your DWL session gets logged out and you have to relogin. Is it possible to adjust the timeout time?
It would be great if you could consider these/one of these changes, our users would appreciate it . FYI, we're using DPS 2020.2.9.0 with the newest DWL addon in Microsoft Edge Chromium.
Thanks,
Hermann
All Comments (4)
Hello,
1) Just for the linking the vaults, we do have customers that have hundreds, I do not think its feasible as a default setting.
2) what authentication model do you use?
3) depending on your authentication model again, but you should have full control by tweaking a few default timeouts. I will look for the proper KB, but in the mean time I will move this topic to the DPS forum as it mostly pertains to that product.
Back to you soon
Maurice
Hello,
This KB is a bit light, but the two key settings are on that page
https://kb.devolutions.net/rdm_auth_dps.html
The inactivity timer is significant in your case
Maurice
Hello Maurice,
thanks a lot for the link, i almost forgot that there was an internal configuration site apart from the DPS Console configuration window. We will tweak the settings to find the best value for our users. Regarding the vaults I didn't think that there would be that much vaults per user/role, but if that's the case you're right it might be a bad idea to link i.e. > 100 vaults at startup. Since we are using only one vault per department i didn't see that problem.
Best regards,
Hermann
Hello!
I'd like to see all three of those changes too!
1) This has been the number one confusion for our users. It would be great if you could have an "auto connect" option per vault or even as a permission entry. Connecting hundreds of vaults automatically is not good but if you only have 1, auto-enable would be useful!
2) Yes I've seen that the session is no longer valid when the client IP address changes.
3) I'd also like to see the session timeout automatically refresh or not time out at all. Typing a password every day is less secure that having a device specific session with no timeout imo. (assuming your device is secured). There could still be 2FA without entering a password, using biometrics on the device you're logged or with an authenticator app)
I'd like to add another request. When you set up Web Login with DPS (DS?) for the first time, you have to enter the URL. It would be nice if you could just type the hostname without the "https" and the "/dps" etc. Our Webserver has redirection enabled, so just typeing "dps.example.com" into the browser works fine and redirects you to https://dps.example.com/dps. This should also work when configuring the Add-On.
Thanks for reading :)