Forum

Posts by IvanMarshall (IvanMarshall)

IvanMarshall
IvanMarshall
Posts: 67

Thanks ..

From what I see, you can create as many 'custom' fields as you like.

So I am taking a wild guess that they're probably using something like JSON, YAML or XML in the background.

Therefore it should not be a big stretch to accept it, and I don't care if I have to have it a specific way for RDM to parse.

10 mths 1Password : Domain field
IvanMarshall
IvanMarshall
Posts: 67

Hi,

Just to update this.

I was playing around with 1Password, and it allows you to create a custom field in your entry.

So .. you could in theory create a field called 'Domain', and then enter in the Windows Domain to that field.

Now, looking at your 'Microsoft RDP' (which is essentially the main place people will use this) session type, if you manually enter the details (and not use a Credential stored) "Domain" is one of the fields.

Therefore, when you guys read the 1Password item in the Credential type; can you pull a custom field ?
And can we pass that to the RDP session as the DOMAIN field ?

Like I mentioned, there are plenty of things that use your DOMAIN user without the DOMAIN in the username.
And while most of those won't mind if you pass it anyways, some (like Cisco ASA AnyConnect) will refuse; probably as it has no clue about the domain.

Thanks

10 mths 1Password : Domain field
IvanMarshall
IvanMarshall
Posts: 67

Yup. It's a policy driven from the VPN device (ASA).

Basically, with VPN, you can either have a cfg where the client uses their own Internet connection for outside traffic; or you fully take over the networking (and the internet routes through the VPN instead).

These guys have gone with the second option, and there isn't a hope in hell that I will get them to change their policy.
So .. I was trying to think of a way around it, but I can't.

I'm manually going back & forth to their machine, but it's a lot of mucking around.

10 mths Cisco Any Connect : RDP restriction
IvanMarshall
IvanMarshall
Posts: 67

Hi ..

I have an machine I need to RDP to, in order for me to establish a VPN connection.

Unfortunately, the VPN provider has turned on a setting on the Cisco AnyConnect to prohibit RDP sessions establishing the connection.
(I guess it's because they're encapsulating all network traffic, rather than allowing your personal internet connection to ride).

At the moment, I have to switch back & forth working on that desktop with my primary desktop.

The VPN provider isn't going to just change their VPN setup for me, can anyone think of a way to workaround the problem ?

Thanks

10 mths Cisco Any Connect : RDP restriction
IvanMarshall
IvanMarshall
Posts: 67

Hi ..

It's common that when connecting to a VPN connection I will have to use some sort of 2FA to gain access.

Either :
Enter my password, then get prompted for a code from the 2FA (Old RSA Token, Google Authenicator, etc etc.)
Enter my passcode with the 2FA from the system tacked onto the end
etc. etc.

What kind of mechanism's does RDM have for using a 2FA with a VPN ?

Is there a way for it to either prompt you for the password, and it prefills the known part; waiting for you to enter the 2FA.
Or allow for a 2FA challenge after you've inputted the stored password, with some sort of question before connecting.

Please advise.

BTW .. I have a CheckPoint VPN connection to add, and your documentation on the settings is non-existant.
Is there something I can refer to, to know what to put in what field ?
(There's no point asking the person providing the VPN, as they'll just say to use the VPN client as they've installed).

10 mths VPN 2FA Code
IvanMarshall
IvanMarshall
Posts: 67

Nope ..

1Password is (and some could say always been) a 'personal' password manager.
So the concept of 'domain' to them is kinda alien, and they've never really moved into the business area of things.

Devolutions have started to roll out their own 'Password' series of products for business users (taking on things like CyberArk).

Therefore, I don't expect to see either one of them getting together to sort this mess out.

Me, I am just a small time consultant using RDM, and I find having something like 1Password useful; and end up working around the quirks.
I have two entries for AD passwords, one with domain; and one without. And I attach the Credential item appropriately.

10 mths 1Password : Domain field
IvanMarshall
IvanMarshall
Posts: 67

OK .. That kinda works .. But I see that RDM only has either PowerShell version 1 or 2 listed.

PowerShell is already upto version 5 now, and the newer version of PowerCLI needs at least version 3.

>From system PowerShell


PS C:\Users\Ivan> $PSVersionTable.PSVersion

Major Minor Build Revision
----- ----- ----- --------
5 1 17134 407


> Trying to use the PowerCLI 10 Module


PS C:\Program Files (x86)\Devolutions\Remote Desktop Manager> Import-Module C:\Users\Ivan\Documents\WindowsPowerShell\Modules\VMware.PowerCLI\10.2.0.9372002\VMware.PowerCLI.psd1
Import-Module : The version of the loaded PowerShell is '2.0'. The module 'C:\Users\Ivan\Documents\WindowsPowerShell\Modules\VMware.PowerCLI\10.2.0.9372002\VMware.PowerCLI.psd1' requires a mi
nimum PowerShell version of '3.0' to execute. Please verify the installation of the PowerShell and try again.
At line:1 char:14
+ Import-Module <<<< C:\Users\Ivan\Documents\WindowsPowerShell\Modules\VMware.PowerCLI\10.2.0.9372002\VMware.PowerCLI.psd1
+ CategoryInfo : ResourceUnavailable: (C:\Users\Ivan\D...e.PowerCLI.psd1:String) [Import-Module], InvalidOperationException
+ FullyQualifiedErrorId : Modules_InsufficientPowerShellVersion,Microsoft.PowerShell.Commands.ImportModuleCommand

2 yrs PowerCLI session
IvanMarshall
IvanMarshall
Posts: 67

Hi,

Need some help ..

I use RDM to admin a bunch of VMware systems, and it's really good at putting all the 'tools' in one place.
SSH to the vCenter appliance, Web browser to the vCenter interface, SSH to the ESXs .. etc etc ..

Quite a lot of the time I need to open up a PowerShell session (with the PowerCLI add-ins) to the vCenter.
So ... the usual procedure is:

1. Open PowerShell (as of new version of PowerCLI, they no longer ship a client/app as per se; just the add-in).
2. Connect to the vCenter with Connect-VIServer
3. Run my commands as neeeded.

Now, the computer I am on is not joined to the domain the vCenter is connected to, and I've found the easiest way is to cache a Credential.
i.e. $Cred = Get-Credential ; Connect-VIServer -Server <vCenter> -Credential $Cred

Is there a way I can create a PowerShell/PowerCLI 'session', and use a Credential from my Credential Repository ?

I could write an initialization script to take variables etc, I just need to know how to make the 'session' part work.

Thanks

2 yrs PowerCLI session
IvanMarshall
IvanMarshall
Posts: 67

Hi ..

I too have been having this bug also.

And I confirm that the version of the VPN client mentioned above, does solve the issue.

Thanks for posting it.

2 yrs Cisco Anyconnect VPN not typing full password
IvanMarshall
IvanMarshall
Posts: 67

From what I understand, it's basically following the same functionality as the Windows version.
It opens a VMRC link to an object.

https://www.virtuallyghetto.com/2015/04/standalone-vmrc-now-available-for-mac-os-x.html

I just tried running an 'open' on a VMRC link, and it worked.
So .. I guess you could capture that somehow, dunno .. never tried it on your Windows implementation.

2 yrs VMware Remote Console : Mac
IvanMarshall
IvanMarshall
Posts: 67

Hi ..

Was looking through the Mac version of RDM, and I noticed 2 missing things.

1. There's no entry for a VMware Remote Console session, even though there is one in the Windows version; and VMware has a Remote Console app for Mac.
2. The Mac RDM doesn't seem to have an 'Add-On Manager', so I don't see where we can add other connections/session types.

Any comment ?

2 yrs VMware Remote Console : Mac
IvanMarshall
IvanMarshall
Posts: 67

Hi .. Been giving the Mac version of RDM a go, to connect to some local Windows boxes.

Even though they're on the LAN, I am getting moments where the graphics engine isn't as 'smooth' as I would like it.
(It obviously redraws the screen in block pattern, and the cursor a tad sluggish).

From checking the active processes, RDM is using FreeRDP for a connection.

Are there some 'best' settings to getting nice performance from this ?
I know dropping the colour down to 16bit, and stopping Windows doing it's fancy window effects.

But I see a bunch of settings, and I wonder which of them is going to improve or slow the connection.

2 yrs RDM Mac : FreeRDP : Performance Best Settings
IvanMarshall
IvanMarshall
Posts: 67

Hi .. There's been a handful of updates to this plugin since I asked about this.
But none of them contain this option.

Fallen off the radar ?

2 yrs Cisco AnyConnect : PIN after initial password
IvanMarshall
IvanMarshall
Posts: 67

Hi ..

I've been using 1Password as a password manager for my login credentials repository, and there's one part that always had me baffled.

How do I use a 'domain' field in 1Password that RDM will recognise to use if a domain is requested.
Now .. before you say the obvious .. (i.e. in the username field do .. DOMAIN\USER or USER@DOMAIN) .. let me float you this.

There are some VPNs that use the AD as their credential repo, but they only require the username; not domain\username.
But, when you login to Windows via RDP, you need to specify the domain.

I know that you can add fields to 1Password (and hence why I am not posting this in their support forum), but how do we make it so that RDM picks this up?

Right now I have a workaround ..
I create 2 separate 1Password entries, one with and one without the domain; but it's a PTA having to maintain 2.

Any advice or input ?

2 yrs 1Password : Domain field
IvanMarshall
IvanMarshall
Posts: 67

Hi Xavier ..

Yeah, this is what I had a feeling it was going to be.
RDP isn't a console screen, so it derives it's resolution at connection time; rather than the size of the window (like an actual screen).
I'll give it a try when the new monitor turns up.

Thanks for the quick response.

2 yrs RDP : Mac : Resolution Adjust to Window size
IvanMarshall
IvanMarshall
Posts: 67

Hi ..
I'm using RDM on OSX, the latest version available (5.4.0.0).

I've created an RDP session to a Windows VM, and I've set it to be 'undocked'.

Is there a way that once the RDP session is initiated, that if I resize the window; the RDP session auto-adjusts the resolution of the desktop ?
I know I can do this with VMware Fusion, but I also know that it's using the console of the VM; not RDP.

I'm looking to buy a nice wide monitor, and I would like to be able to stick 2 RDP sessions side by side.
But I'd rather not have to figure out what the resolution would be for the window.

I see the option 'smart sizing', but it doesn't seem to do this.
And when I set the other settings, I either get a squeezed looking interface or the scrollbars appearing.

Many thanks.

2 yrs RDP : Mac : Resolution Adjust to Window size
IvanMarshall
IvanMarshall
Posts: 67

Hi Jeff ..

Is there an update or at least a roadmap for when you guys will be fixed with 1Password ?

I know it's not your issue, as it seems AgileBits decided to take a complete left-turn and then do a U-turn kinda.
But we (the people whom use both your products) need some sense of where things are going.

I'm currently on 13.6.6 and the 1Password web is still busted, and even still it's not really the way to go IMHO.
I like the multiple vaults with the nice cloud interface, but there are times when I VPN into someone; and it won't work because they web filter.

A nice local 1Password vault (like above) is a great solution, and it's a right royal PTA that they changed the database format.
But I would hope you guys have some sort of 'relationship' with AgileBits that you guys can at least work together.

This is where the 'blog' would actually be handy, rather than chasing down stuff in the support forums.
Just a 2 cents.

So </rant> over .. when can we reliably expect a resolution ?

2 yrs 1Password - new DB format
IvanMarshall
IvanMarshall
Posts: 67

Hi,

No changes to the 1Password entries, and it's just as you have in your screenshot.

2 yrs 1Password : Web : Stopped Working
IvanMarshall
IvanMarshall
Posts: 67

Hi .. Problem is back again this morning.

Same exact error message.

I'm running 13.5.8.0

2 yrs 1Password : Web : Stopped Working
IvanMarshall
IvanMarshall
Posts: 67

Yeah, I tried that one; it didn't work.

The cisco plug-in only 'senses' the After Connect event when the session has complete (i.e. After I've had to type the PIN manually).

It needs to be something in the same sequence as sending the user/pass.

Any clue from the developer when they will have this 'feature' added ?

2 yrs Cisco AnyConnect : PIN after initial password
IvanMarshall
IvanMarshall
Posts: 67

Hi ..

Do you have some sort of workaround I can do while I am waiting for the update ?

I'd rather not have to keep typing the PIN after the initial user/pass challenge (which is currently automated).

Is there a macro combo I could create ?

2 yrs Cisco AnyConnect : PIN after initial password
IvanMarshall
IvanMarshall
Posts: 67

Thanks .. If you need some logs or diag info just let me know an email address or an upload.

Not going to post anything like that on a public website.

2 yrs 1Password : Web : Stopped Working
IvanMarshall
IvanMarshall
Posts: 67

Hi ..

RDM 13.5.6 (Enterprise)

I've been using the 1Password Web Edition integration for the past couple of weeks, and it was all looking great till last night.
For some reason, RDM now tells me "Unable to retrieve 1Password credentials!" when looking at a credential item.

When I look in the logs ( C:\Users\i<username>\AppData\Local\Devolutions\RemoteDesktopManager\RemoteDesktopManager64.log ), I find this:

64-bitOnePassword.ClientException: GET request to 'https://my.1password.com/api/v2/auth/<username w/ key info>' failed with HTTP status code 445 ---> System.Net.WebException: The remote server returned an error: (445) status code 445.

I've tried the 1Password app on the machine, and all is good; can connect and see my 'entries'.
And I can browse to the web just fine.

Any ideas ? Right now I have to connect manually (prompting for credential), and typing in the details.

2 yrs 1Password : Web : Stopped Working
IvanMarshall
IvanMarshall
Posts: 67

Well, this is where things have been 'confusing' as of late; when using your product.

When I started using RDM many years ago, all my SSH were via PuTTY; and it seemed (correct me if I am wrong) to be bundled in.

Then recently, I found that PuTTY disappeared (i.e. when I tried to use a connection it would ask me where the binary was).
So .. I either had the choice of maintaining another app, or just go with what was bundled.
I chose to convert my PuTTY entries over to "SSH Shell", just to keep things going.
And that is when I started to notice this "lag" of sorts.

When the system is happy, then the lag isn't really noticeable; a slight drag on the cursor.
When my system is running high (many VMs at once, wanting some kind of I/O), then the drag makes it kinda syrupy.

Does that help ?

If you think it could be the 'in-built' app, then I might switch back to PuTTY.

2 yrs Weird Behaviour : SSH Window : Slow Cursor
IvanMarshall
IvanMarshall
Posts: 67

Hi,

I have no clue if this is a problem with RDM or with the Windows VM I am running it in.

But when I move my cursor over a window with an SSH connection, there is a definite "drag" in the speed.
I can't for the life of me think why (as this is basically a black screen with while writing, so how much "redraw" can Windows be doing).

I thought I would mention it, as you may have seen it before.

No real way I can send you a log etc or anything, but it's strange none-the-less.

2 yrs Weird Behaviour : SSH Window : Slow Cursor
IvanMarshall
IvanMarshall
Posts: 67

Thanks Mark ..

As ever .. I love the fact you guys are open to changes, and that it's not some long winded process.

I'll look out for an update in the add-on, any 'rough' ETA ?

2 yrs Cisco AnyConnect : PIN after initial password
IvanMarshall
IvanMarshall
Posts: 67

OK, thanks.

I think it just needs a choice.

Rather like the one to 'Connect Anyway', either 'Before' or 'After' authentication.

Right now I can just type it (as the window is open), so it's not a showstopper.

2 yrs Cisco AnyConnect : PIN after initial password
IvanMarshall
IvanMarshall
Posts: 67

Nope.

All that appears to do is insert a pause before it carries on with the Group, User & Pass.

Right now, I am looking to do .. Group, User, Pass .. then PIN.

Thanks

2 yrs Cisco AnyConnect : PIN after initial password
IvanMarshall
IvanMarshall
Posts: 67

Hi,

I have a Cisco AnyConnect that I am connecting to.

It follows all the normal sequence ..

>Prompt for Group
>Prompt for Username
>Prompt for Password

But then it prompts for a PIN, which is static and never change.

I see there's an option for PIN in the Cisco AnyConnect plug-in, but it puts it at the start of the sequence above.

How do I make RDM copy-paste that in after the initial auth (Group, User, Pass) is done ?

Thanks

2 yrs Cisco AnyConnect : PIN after initial password
IvanMarshall
IvanMarshall
Posts: 67

Hi David ..

What about this ?

https://blog.agilebits.com/2018/01/11/1password-command-line-tool-0-2-tims-new-toys/
https://support.1password.com/command-line/

Isn't that enough to get 'inside' as per se ?

Thanks

3 yrs New feature - 1Password online