Devolutions ForumDevolutions Forum

Enforce Policy of “Clipboard copy method” to Paste once (secure) in RDM for all users

Enforce Policy of “Clipboard copy method” to Paste once (secure) in RDM for all users

1 vote

avatar
dromano

A way to set via GPO (I don’t see it) or another way (reg key) to force RDM Settings > Application > Clipboard > Advanced > “Clipboard copy method” to Paste once (secure)
 

All Comments (6)

avatar
Hubert Mireault

Hello,

Thank you for the request, we will open a ticket to add a GPO to force this.

Regards,

Hubert Mireault

avatar
Jafran Majeau

Hello,

We've added a new GPO named ClipboardCopyMethod, which will have the following settings:
0 - Inactive
1 - Legacy
2 - Paste once (secure).

This should be available for the upcoming 2024.2.15 version.

Regards,

Jafran Majeau

avatar
sebastianbayer

Hello,

This feature is working as expected, but the UI does not represent the set value and instead always shows "Legacy"

regards,

Sebastian

avatar
Jafran Majeau

Hello,

Are you referring to the option located in File - Settings - Application - Clipboard - Advanced? When the GPO is active, it should highligh these settings, and a tooltip should inform you of its status.

We do not modify the actual saved value of the options, so as to not interfere with user configuration should the GPO be removed, and we have no plans to change this. but you should have enough information to know that a GPO is in effect, as well as what settings it is currently set to.

Regards,

Jafran Majeau

3415f872-0b22-4774-8365-6c59bffad98b.png

avatar
dromano

Jafran, I have found a problem with this in use...If a user had their clipboard paste method set to legacy prior to policy being enforced, the UI for them is greyed out to allow setting process exclusions (my guess is because legacy does not use this feature, so the app greys it out)...so setting the Paste Once secure method via GPO then prevents the user from properly adding process exclusions (sine the app UI shows legacy is selected still just orange to show its being set by GPO).

I think this should be possible to allow users to still add process exclusions when they had legacy set, then policy enforces Paste Once secure...or give admins control of excluded processes settings via GPO itself, I think it would be better to allow the UI to function but would like at least one of those to be true.

Let me know if you need further clarification.

-Derek

avatar
Jafran Majeau

Hello dromano,

You are correct. This was missed when implementation was done. I've fixed the issue. While the option itself will still be locked, the settings below will take into account the GPO, letting you change the settings (or not, if the GPO is set to legacy).

You can expect this to take effect with the upcoming 2025.3.21.

Regards,

Jafran Majeau

11