Devolutions ForumDevolutions Forum

Delinea Secret Server "keep in memory" invalid password issue in RDM

Backlog

Delinea Secret Server "keep in memory" invalid password issue in RDM

avatar
kevin_hallaian

Hello, we use the Delinea Secret Server integration and our Secret Server instance uses MFA to authenticate with it. When the "keep in memory" option is enabled in RDM > My Account Settings > Delinea Secret Server, users are prompted to enter their Secret Server credentials followed by the MFA prompt the first time they connect to a device that has a Secret Server entry linked. The creds stay in memory and are reused for the rest of the time the RDM application remains open. This is the expected functionality, it works great.

I'm seeing an issue where if the RDM user enters a bad password when prompted to authenticate with Secret Server for the first time after opening RDM and initiating a connection with a device linked to a Secret Server entry, RDM won't re-prompt for the password, and instead continues re-prompting for the MFA code.

The issue I'm seeing is reproduced using these steps:

  1. Launch a fresh instance of RDM
  2. Initiate a connection (RDP, SSH, whatever) to a device linked to a Secret Server credential
  3. RDM prompts for the user's credential to authenticate with the Secret Server DB.
  4. The user enters in a bad password or no password and hits enter.
  5. RDM prompts for the MFA code
  6. The login fails because the password was bad
  7. RDM continues re-prompting for the MFA code. It never prompts again for the password until RDM is closed and steps 1-3 above are repeated.


Happy to provide more info or test.

Thanks!

All Comments (4)

avatar
Maxim Robert

Hello Kevin,

Thank you for getting in touch with us! To better assist you, could you kindly provide us with the following information:

  • Your current RDM version.


  • The operating system you are using and its version.


  • The data source you are utilizing.


  • What are the settings set for "Credentials" under the entries?


  • A recording showing the steps that led to the issue and the configuration without any sensitive information. This will allow us to investigate and try to reproduce the issue. I will send you the information to provide us with the recording in a direct message.


Also, thank you for the step-by-step instructions on reproducing the issue. Unfortunately, I could not reproduce it, but until you provide us with the information, I will continue to try.

Best regards,

Maxim Robert

avatar
kevin_hallaian

Hi Maxim,

Thank you for the quick response. I've sent you a direct message with the requested information.

-Kevin

avatar
Maxim Robert

Hello Kevin,

Thank you for your response!

I'm investigating and trying to reproduce your issue with the information you sent me, and I will let you know with more information as soon as possible.

In the meantime, If you have any other questions, feel free to let us know.

Best regards,

Maxim Robert

avatar
Maxim Robert

Hello Kevin,

Thank you for being this patient, and sorry for the delay.

Unfortunately, I was unable to reproduce your issue. Still, I opened an internal ticket and sent you a link to schedule a session with me so that we can perform further investigation.

Please let me know if you haven't received our email.

Best regards,

Maxim Robert