SQL questions for upcoming deployment in conjunction with license renewal
SQL questions for upcoming deployment in conjunction with license renewal
Hey all, got a few questions about RDM housed in a SQL DB.
So currently, we've been running a SQL RDM DB that our SQL admins set up some years back for a few folks including myself for a few years (I've only been on it for a year). We are looking to renew here by the end of this month. Being the main RDM contact guy, I am trying to write up some documentation for our IT folks that use it for this conversion. For years now, most of the folks who want to use RDM have been using the key to license their copies. We are instead moving to the SQL side so we can see how many licenses are being used rather than relying on KACE for user count. I also read that there are some additional administration options both globally and individually that may be useful in the future.
I am a little concerned with how this move is going to go so wanted to clear some things up.
- Am I correct in thinking that users not in SQL will need to export their personal DBs, link up with SQL and then import them? I don't remember how it was done with mine as I think I had my VDI redeployed at the time, so I had started fresh with a backup I made before the redeployment.
- What is the difference between the Vault and User Vault except for the shared session access I know we can create in the Vault if we wanted to? I want to make sure that users know the differences and are prepared for it. One of our SQL admins has it set up where his team shares their sessions in Vault but they keep their own personal creds in User Vault. Personally, I have my sessions and creds in the User Vault and since my team is diverse, we are not planning on sharing sessions. However, I can see our Developers sharing sessions so they probably would use the Vault. So what other differences are there between the two vaults and is there a recommendation of one over the other?
- How does the offline part work should we lose the SQL connection? Is that is personally set up per user or do the SQL admins handle that? Also, if changes are made there, would they be sync'd back to SQL once the connection is restored?
- How can I lock the User and Security Management part in RDM down so that only a couple of people in my team have access to manage it? I am guessing it's pretty much the User type in there but if I give user account access to everyone else, what can they do and what they are restricted from? Can I make it so that anyone who joins the DB starts out as a User first? (Actually, I think I see my answer for that last question. I noticed that I am the Admin and everyone who was testing including the SQL admins are listed as Users. Guessing that is because I applied the key last year?)
I'm sure there are some others, but I can't recall now. I do know these were the big ones I have been thinking about.
Thanks!
All Comments (7)
Hello,
Thank you for reaching out to us regarding this,
We have the following knowledge base article regarding data migration:
https://docs.devolutions.net/rdm/kb/rdm-windows/how-to-articles/data-migration/
The only difference is that the entries created in the User Vault can only be accessed by them, we have the following knowledge base article regarding this:
https://docs.devolutions.net/rdm/data-sources/user-vault/
We have the following knowledge base article regarding Offline Mode: https://docs.devolutions.net/rdm/data-sources/offline-mode/
If the user is granted Read/Write Permissions conflicts caused by offline modifications are managed when back online.
I'm not sure I understand your last point, are you looking to grant additional management permissions to certain user without granting them the Administrator status?
Best regards,
Samuel Dery
Hi Samuael,
Thanks for the info that answers a lot.
As for that other question, I'll try to explain but first I learned something yesterday.
So, all but one SQL Team members that set up this DB in our env. do not show up in the current Administration/Users view that I see, yet they have the same key in our environment. I am trying to figure out why they aren't. I assume that if they join using the key, they should have been automatically appearing in this list or is that not true? How do I get people to appear into this Users area so I can see them? If they aren't in here, we are not tracking their licenses and therefore I have no idea how many are being used on in our env.
As for my question, i want to get everyone in my company that uses RDM to show up in that Users screen. And I would like to give administrator access to a few people. But I currently do not know what the differences are between the Administrator, User, and Restricted User - User Types when you edit Users. So, if I grant a couple of users that User role, what can they and cannot do when using RDM. If I give them Administrator, I know they'll be able to manage all of RDM including User management which I do not want. I want that to be as small as possible so that we can track licenses more efficiently. Because knowing my luck, if everyone were Admins, we would have some wander in there, make a change, and break something we would have to recover from. I am also assuming they could see the license key which is something I do not want to do this time around. I want people to be connecting to RDM using SQL and as a User, so we know what we are using. Because right now, we don't know exactly the count other than pulling a report via KACE. And after speaking to your support last year, when I heard this was the only way with our current licensing to do this, I want to move to this option going forward.
Yeah, so a lot to digest there. the TLDR version:
- What are the differences in User types?
- Why are the other SQL guys not linking up in Administration/User and Security Management?
- If granted the User - User type, will they see the key?
Thanks!
Brian
Hello Brian,
Thank you for your reply,
We have the following article that gives some additional details on the User Types:
https://docs.devolutions.net/rdm/commands/administration/management/user-management/user-types/
Regarding your other issue, is it possible the User are connecting to a different database? All users accessing the database should appear under Administration -> Users
The license management is under Administration -> Licenses, regular users will not have access to this section and cannot see the license.
Let me know,
Best regards,
Samuel Dery
Thanks for the info Samuel. You were right about the database. And that leads me to my next question. If we create separate data sources per team, how can we track the total number of licenses used outside of having each admin report how many licenses are being used each of their DS's? Also, I was doing some testing with our SQL admin and we found that when he added my username to their DS, it increased the license count. Since I am already attached to another DS, does that remove my license from there or does this now count as 2 being used under my name?
Hello Brian,
Thank you for your reply,
I see, there would be no method to track this across multiple data sources.
Perhaps instead, using the same data source and having multiple vaults would work better in your case.
https://docs.devolutions.net/rdm/concepts/basic-concepts/vaults/
Let me know,
Best regards,
Samuel Dery
Thanks.
That will probably not work for us because our SQL Team who is managing the database, is using the main vault for sharing their RDP sessions amongst their team. What I think we'll have to do is go with each of the data stores and then just count the users on each. It is still better than pulling up KACE and having to count/compare all of the users to the various versions of RDM being reported.
Thanks for all of the info. That really helps us out!
Hello Brian,
Thank you for your reply,
No worries, let me know if you have additional questions regarding this,
Best regards,
Samuel Dery