Uploaded new version 1.0.0.18 of the Automate DLL plugin. This allows to IP filter for extra security.

Can you confirm if one of the users logs into the control center they can in fact see and/or edit passwords? @automationGuy This is under tools->RMM Password Link

So does the manage plugin or any other plugin that offers 2-way communication. I could implement a OTP type 2FA but I don't believe I can easily tie into the automate 2FA because that is a plugin itself. The helper is completely unaware of the server installation on control so I can't use that for 2FA so I am stuck with either creating my own or finding another way to secure or minimize risk. If you have other ideas I am all ears!

The hard part about 2FA is that really the only attack surface is during the login to get the token. If you enable 2FA on control and automate that helps but the API is still there so there is an attack surface present. Not sure how I would even do it if I wanted to but it would have to be separate from the Automate or Control 2FA implementations. Maybe as an alternative would be to limit exposure in different ways like IP filtering or other methods.

I don't have any plans for SSO. There is just no way that Control is aware of the user that is logged into Automate and definitely no way to validate it. If they ever add that then sure we can look at SSO but for now it has to stay separate. If you don't care about security just create a Super Admin user with basic user/password and set your tokens to never expire. You would very rarely get prompted to login then. - I DO NOT SUGGEST DOING THIS.

New version 1.0.0.17 posted of the dll plugin for automate that corrects an issue with permissions that was only looking at client level permissions and not computer level permissions. This allows the group permissions to work under user roles where "All Clients" isn't selected.

Not sure what you want me to say. Free product and you can decompile the exe to see what it does..... Audit the code or pay someone to audit the code if you are concerned. The only thing sent off-site are stats which are just integers.

not at this time. I wish they would add this to mobile....but out of my control.

Want to hit me up on MSPGeek slack? bigdessert is my name there.

I use fontawesome and it loads that remotely for the plugin. Seems all the icons are missing so is a firewall or DNS filter blocking fontawesome?

That is odd, maybe text scaling? I have seen them look strange with scaling but never completely gone like that. Is this only on one particular host machine?

I had someone else have a similar issue...not sure what is broken with the control extensions as that versioning is all controlled on their side.

version 1.0.14 waiting for approval adds IdleTime function to get the last activity time of a guest machine. This is useful if you want to run scripts only if customers are using machines and want to display items to them.

This has been changed back to have the automate url in the login field as they now tie the helper to the signature file.

Please note that version 1.0.22 of the control extension is waiting to be approve. When you upgrade make sure you add your Automate url in the extension settings as it is now hard coded there instead of being changeable. Automate URL is no longer in the passwords helper. Please set by going to Options->Edit Settings in the control extension.