2FA also with e-mail

Hello,
This is the kind of feature we can do in Devolutions Server. The service you are describing is exactly Devolutions Server. Perhaps it could be interesting to do with you a discovery call?

Regards

Hello,

sorry - this is not an option as we use Delinea Secret Server as PAM solution and changing it is not an option...

Brgds Andreas

The PAM is an optional module in Devolutions Server.

Regards

Ok - this answer was unexpected... ;)

So what does DVLS Enterprise do? I tried to find out on your website, but I am still not sure as it says "full-featured shared account and password management solution". And that sounds like what Secret Server is doing for us at the moment...

I understand, that it adds some additional layer of security, but when I want to spend some money I need a good reason...

Brgds Andreas

You right, I think that we need to improve our DVLS messaging. Like you mentioned you get access to a web based version of your vault like Secret Server. You can also use Devolutions Workspace if you don't need to open a connection. Here are some other features:

• Role based access with AzureAD (Entra ID). We have this with SQL Server but only for the login. This is a real integration
• MFA support server side with email and SMS support
• Approval and temporary access within the product
• You also get the Devolutions Gateway integration including the session recording
• Email notification, alerts and reports
• Security is improved since nobody has a direct database access

In term of cost, we will offer 10 user license for Free in DVLS 2024.1. If a user contacts sales@devolutions.net they can request the free license for 10 users, in advance of the next release.

We will update our web site soon.

Regards

Hello David,

If we need to do HA with DVLS - is this possible with a single Enterprise license? Or do I need to license every server (which makes it more expensive)?

Is there a migration path from RDM with central MS SQL to DVLS, without rebuilding everything?

If you think it makes sense, we can do a Teams call about this topic.

Brgds Andreas

Hello Andreas,

It is possible to do HA/Load Balancing with a single Entreprise license of Devolutions Server. For more information on HA, please refer to https://docs.devolutions.net/kb/devolutions-server/knowledge-base/deploy-high-availability-load-balanced-env/

You can migrate your SQL Server data source to Devolutions Server directly. When creating your Devolutions Server instance, you will have the option to migrate it:


Once this is done, you can configure your authentication method and use the authentication migration tool - https://docs.devolutions.net/kb/devolutions-server/how-to-articles/authentication-migration/

The support team is available if you would like to do a session to install the Devolutions Server; reach out to service@devolutions.net

Best regards,

Hello Richard,

thanks for the additional info!

About the SQL migration - can I setup a server, import the current SQL data source and then play around with DVLS while my users still connect to the old RDM SQL database. If I think everything works and we can migrate to DVLS, can I then re-import the RDM SQL database again and re-point my users to DVLS and they continue working as if nothing has happened?

Brgds Andreas

Hello Andreas,

You must recreate a new Devolutions Server instance with the SQL Server in that scenario. There is a data migration during the initial import; you cannot simply point it to the a "new" SQL database and update it.

Best regards,

Hello Richard,

now we must be clear on words. Do I need to REINSTALL the whole system (OS and DVLS), or can I use the installed server and DVLS after my test, and just need to create a new "configuration"?

Is it possible to get a enterprise trial key where I can import my RDM database with all users?

Thanks a lot for your help!

Brgds Andreas

Hello Andreas,

My pleasure!

You do not need to reinstall the server hosting the Devolutions Server; only create a new Devolutions Server instance in the console with the "new" SQL database.

I will send you a trial key for the Devolutions Server via private message.

Best regards,

Hello Richard,

thanks a lot for your help!

Brgds Andreas

Hello Andreas,

I am delighted to help you in any way I can. Please do not hesitate to reach out if you require any additional support.

Best regards,

Hello Richard,

is ASP .NET 6 required (Download .NET 6.0 (Linux, macOS, and Windows) (microsoft.com)), or is the latest version (Download .NET 8.0 (Linux, macOS, and Windows) (microsoft.com)) also possible?

Brgds Andreas

Hello,

Both version 6 and 7 are compatible, but not 8.

Please make sure to use the Windows Hosting bundle.

Best regards,

Hello,

Thanks - then I stick with 6 as it has LTS. That I need the hosting bundle I already figured out.

Brgds Andreas

Hello Richard,

I am reading the documentation at the moment and a few questions came up...

The account which I use for the installation of the instance - this is the account I use to upgrade later and which is called VaultDBOwner in the manual. As we generally use personalized Accounts, how hard/easy is it to transfer this role later to another account?

VaultDBRunner - can this be a Group Managed Service Account?

VaultADReader - can this be a Group Managed Service Account?

VaultDBSchedulerService - can this be a Group Managed Service Account?

And what I also don´t know so far because I found no documentation about it - if I want to migrate my RDM database, do I have to do an advanced install first and then migrate the database, or how does this work? I only found that I should contact you for the migration process...

Brgds Andreas

Hello Andreas,

The DBOwner account simply needs to be a db_owner for the database used by the Devolutions Server, and it is easy to modify.

The VaultDBRunner and VaultDBScheduler account can be a gMSA, but not the VaultADReader. You would need to set the credentials in IIS - https://docs.devolutions.net/kb/devolutions-server/how-to-articles/configure-server-use-integrated-security/ - but put a $ at the end of the username; it will not prompt you for a password. Same for the Scheduler account. Once both are set, you can generate the SQL scripts for the permissions in the Devolutions Server console - https://docs.devolutions.net/kb/devolutions-server/knowledge-base/generate-script-database-permissions/

To migrate the SQL database, you can follow this KB - https://docs.devolutions.net/kb/remote-desktop-manager/how-to-articles/sql-server-database-migration/

Best regards,