Devolutions ForumDevolutions Forum

Disable/hide "request vault access"

Disable/hide "request vault access"

avatar
gpunktschmitz

hi,
we are using solely Microsoft Entra groups to manage vault ownership and membership. Yet some people occassionally request vault access using DPS internal tooling.

Can this feature be disabled completely somwhere in the Administration settings so that we don't have confusion on this topic?

KR
G.

https://www.gpunktschmitz.com

All Comments (7)

avatar
Min Destens

Hello Guenther,

It is possible to disable it on vault level (or globally) by configuring the vault visibility to Private.
https://docs.devolutions.net/server/web-interface/vault-access

Regards,
Min

avatar
gpunktschmitz

hi Min,
thanks for pointing this out but the vaults all where set to private (and also this is the default global setting).

I did not yet talk back to the colleague how he managed to create the requests. I myself failed in doing so - both using the web and with the Windows client - I could not see/find the way he achieved it.

KR
G.

https://www.gpunktschmitz.com

avatar
Jacob Lafrenière

Hello,

Thank you for the follow-up.

Could you please confirm with your colleague how they are attempting to request access? This information will help us further diagnose the issue.

I look forward to your reply.

Best regards,

Jacob Lafrenière

avatar
gpunktschmitz

hi @Jacob Lafrenière
I talked to the colleague today but unfortunately he doesn't remember the steps to re-create the issue.

Can I configure DPS to send out an email if a user manages to send an "access request"?

KR
G.

https://www.gpunktschmitz.com

avatar
Jacob Lafrenière

Hello,

Thank you for your patience.

I wasn’t able to find a notification type that matches the one you’re trying to set up. In your case, I believe the access request should be directed to an administrator or all administrators.
Please ask the user who submitted the request how they were able to initiate it. With that information, we’ll be better positioned to assist you in stopping those requests, if possible.

In the meantime, you can check whether the request was sent via the Temporary Access feature, which can be configured at the root of any vault under Properties > Security Settings > Temporary Access. It’s possible that one of these settings is allowing the request to be sent.

I look forward to your response.

Best regards,

Jacob Lafrenière

avatar
gpunktschmitz

hi Jacob,
temporary access is set to 'Default (Denied)' for the vaults in question 🤷🏻

Users don't recall how they requested it.

KR
G.

https://www.gpunktschmitz.com

avatar
Jacob Lafrenière

Hello,

Thank you for your follow-up.

This is quite unusual. I recommend monitoring the situation closely, and if a new request arises, please let us know the steps that were taken.

Best regards,

Jacob Lafrenière