Addition Grant Temporary Access

Hello Marcel,

I want to confirm with you, in this case you want to grant temporary membership of a user to a user group, is that correct?
If that is the case, that would be different from what the Temporary Access feature currently allows, but I see the usefulness.

Regards,

Hi Hubert,

That's indeed the case/request ;-)
Grant Temporary membership for a user to a User Group.

Regards,
Marcel

We discussed this internally and I have a few other questions for you.

• Could you confirm what datasource you're using? Are you using Devolutions Server?
• The user groups you're interested in giving access to, are they ones you're creating manually, or ones synchronized from your provider like Entra ID?

If your user groups are synchronized with Entra ID/Active Directory, then you might be interested in the Just-in-time elevation feature: https://docs.devolutions.net/pam/server/just-in-time/
This might be able to already achieve what you need.

Regards,

Hi Hubert,

The data-source we use for Remote Desktop Manager is Azure SQL and the User Groups we create manually.
Structure is that there are User Groups (e.g. Customer team A, or b, etc.) linked to different Main Folders (customers) where the underlying sub&sub folders can contain a number of other User Groups (e.g. view/access Technical consultant group, view/access Functional consultant group, etc.ect). By now having the option to make a user a temporary member of a User Group (e.g. Customer team A), the User Groups already linked to that user are then auto included for the underlying subfolders of the Customer folder.
Also there will be no need to look or think further for which specific roles should be given to the consultant when making a member of a User Group coupled to a main map/customer. The subfolder(s) and Entry access, rights are then already linked to the user via its default coupled user groups/roles.

If you have any further questions about this, please let me know.

Regards, Marcel

Thank you for the additional information. We have noted this and we will see what we can do to support this.

Regards,

Hi Hubert,

Have you had time to discuss this internally yet?
I'd love to hear from you, and if you need any further information, please let me know.

Gr. Marcel

Hello Marcel,

At the moment this is not something that's scheduled for development, but we're keeping an eye on this thread to see if additional users would be interested in this feature.
For now we're seeing this more as a PAM-related feature, which is the Just-In-Time (JIT) access that I mentioned in my previous message. It doesn't mean we won't consider adding a similar feature to the "temporary access" functionality in the future, but right now, it's not a priority, especially because it's not a simple change to the existing feature, it would be more complex.

I would also encourage you to consider Devolutions Server and seeing what our PAM offering could add to your environment and workflows. If you need a demo or any additional information we can contact you to help out.

Regards,