Add Password policy to folder entry
Hello Devolutions Team,
I've observed a strange behaviour while using the password management with password-policies.
Our setup:
- Devolutions Server in the currently recent version: 2025.3.10.0
- RDM Remote Desktop Manager in the currently recent version: 2025.3.35.0
In the system configuration in the section password management, I've configured five password policies and definied one of them as default policy (enforce default policy is NOT activated).
In the Web-UI I have configured for the global vault itself the password management as "inherited". Here the configured default policy (FGPP-User) is correctly shown.
For a dedicated folder, I have overriden the default with the concrete "FGPP-Technical".
But here the problem arose: when I create a new password entry and prepare a new password value using the password generator, the globally configured default policy "FGPP-User" is selected.
The password mode "advanced" and the values for length etc. is properly filled, but the selectbox shows the wrong default policy instead of the defined overriden "FGPP-Technical".
So far for the WebUI.
In the Remote Desktop Manager desktop application (Windows), I'm encountering a different behaviour:
Also here the behaviour is wrong, but different.
When creating a new password entry in the dedicated folder (with the oerriden default policy with the concrete "FGPP-Technical"), the correct policy is pre-selected, but the values are completely wrong.
In the folder properties in password managenent for the dedicated folder (with the oerriden default policy with the concrete "FGPP-Technical"), the correct policy is pre-selected, but the values are completely wrong.
As you can see, the symbol characters is active with a minimum of two, which is not the configured setting for the FGPP-Technical.
And when creating a new password using the generator, the selectbox shows "Entry's configured password policy", basically stating the for this entry an unnamed overriden policy is defined, but as previously stated I just selected the different pre-defined FGPP-Technical.
Additionally the mode is defined as "Default", but should be "Advanced", the symbols definition is wrong and the exclude/include lists are missing/wrong.
Nevertheless, the password length, description and expiration setting is correct according the defined "FGPP-Technical" definition.
Am I misinterpreting the intended behaviour or is this a bug ?
Kind regards
Alex
26c71058-b793-42a4-b0fa-823b4aa7d077.png
23f69a40-1de8-4c02-aeaf-966f4de62cc1.png
d395f38e-0788-4ebc-b0cf-42a819e27b53.png
a3d00fba-34b7-4ac1-8e24-56fbe1623706.png
7f2d4311-0566-4ecd-8ecc-d2d04b237ece.png
Recommended Answer
Hello,
Thank you for your patience.
I have some good news from the development team. The issue with the password generator, specifically with the "Exclude the following characters," "Mode," and "Minimum symbol" fields, has been resolved. This fix will be included in the upcoming RDM 2025.3.26 release.
Regarding the issue in the DVLS web interface, a case has been opened on the development side to address it.
I’ll keep you updated on the progress of the DVLS web interface issue.
Best regards,
Jacob Lafrenière
All Comments (4)
As a follow-up, I just updated the Devolutions server to 2025.3.11.0. The problem remains unchanged here as well.
Hello,
Thank you for reaching out to Devolutions Support.
I’ve moved your forum topic to the DVLS section, as I believe it’s a more appropriate fit.
Regarding the web interface, I tested the behavior and was able to reproduce the same issue. When opening the password generator from a new entry in a folder with an overridden password policy, it still uses the default policy instead of the overridden one. I’ll check with our development team to see if this behavior can be adjusted, as it differs from how it works in RDM.
For Remote Desktop Manager, please note that the "Minimum symbol" field reflects the total number of all symbol-related settings combined. This may cause the "Minimum symbol" field to show up differently between the web interface and RDM (under Properties > Security > Password Management).
DVLS password policy setting:
RDM (under Properties > Security > Password Management):
Additionally, in RDM, I was also able to reproduce the issue where the "Exclude the following characters," "Mode," and "Minimum symbol" fields are incorrect in the password generator when the policy is set to Entry’s configured password policy. I’ve reported this to our development team as well.
I’ll keep you updated on their progress.
Please let me know if I missed anything, or if you have any further questions.
Best regards,
Jacob Lafrenière
9b3916af-96ff-4219-8c43-14659e47488b.png
e5c656b7-ffb8-479a-ad22-1f84a5063743.png
Hello,
Thank you for your patience.
I have some good news from the development team. The issue with the password generator, specifically with the "Exclude the following characters," "Mode," and "Minimum symbol" fields, has been resolved. This fix will be included in the upcoming RDM 2025.3.26 release.
Regarding the issue in the DVLS web interface, a case has been opened on the development side to address it.
I’ll keep you updated on the progress of the DVLS web interface issue.
Best regards,
Jacob Lafrenière
Hello Jacob,
Thank you very much for your support.
I can hereby confirm that the problem/bug has been fixed in version 2025.3.26.0, or more precisely 2025.3.27.0. The display and password generation are working as expected.
Best regards,
Alex