Jump to content
MrRat

MSP Accounts Plugin - Free

Recommended Posts

Hi - I really like the idea behind this plugin.  Having an issue trying to push out a user.  Using ver 2.18.1.10

 

Getting an email with:

Change log for RMMUser.

Error: : The given key was not present in the dictionary.

 

Thanks in advance,

Carlos.

Share this post


Link to post
Share on other sites
13 hours ago, Kristuba said:

anyone who is not an admin user goes to "Change Password" the plugin locks up their Automate session

I've never seen that.  Can't even think of why that would happen.

 

Share this post


Link to post
Share on other sites
13 hours ago, carlosmp said:

Error: : The given key was not present in the dictionary.

Is there anything unusual about the user's name? 

I've only ever tried this with simple alphabetic characters in the name.  Never tried with accents or numbers or anything.

Share this post


Link to post
Share on other sites

This is a great idea for a plugin, but I am having an issue with implementation. The minimum user password length always changes to 60 no matter what value I enter. I have reloaded the plugin and restarted the plugin DB with the same results.

 

I also have a feature request: obfuscation for the new password field on the "My Account" tab.

 

Thanks in advance and I can't wait to get this implemented.

Share this post


Link to post
Share on other sites

Just a heads up to all that use this plugin that as this code has now been posted online , the encryption key that is used to encrypt the passwords into the database for all of your administrative users, is now on the internet at https://github.com/mspgeek/MSPAccounts/blob/master/Globals.vb

Admittedly it's not easy to get access to SQL but with this code you can reverse engineer all of your tech's admin passwords across every domain.

I guess you could say this is a good thing as you can audit your techs password complexity (and hopefully it's not a password they use elsewhere) but imo an admin can now see everyone's password with no audit log.

 

Share this post


Link to post
Share on other sites

And if you study the code you will see the simple scheme that ConnectWise uses to encrypt all passwords in the database and be able to decrypt them.

  • Thanks 1
  • Haha 2

Share this post


Link to post
Share on other sites
On 7/25/2019 at 4:56 AM, absoblogginlutely! said:

I'm not a professional programmer but even I know that the encryption should be one way.

Yeah, the default scheme is lame, but you do realize that one-way encryption (the term is “hashing”) would be useless right? The product must use reversible encryption to recover the raw password for you to be able to use it. 

Share this post


Link to post
Share on other sites
1 hour ago, DazzaFitzy said:

Is there any chance this can still be downloaded? 

The links don't appear to work

Sorry, Geo-fencing got turned on again.  The link in the original post should work now.

 

Share this post


Link to post
Share on other sites
Posted (edited)

Hi Mr Rat & All,

ignore this post I have managed to get the sorted. I had not unblocked the file when attempting to install.


Is it possible to use this on the online automate version or only those hosting Automate? I have tried to add the plugin System > Solutions > Plugin Manager. "There was an error uploading the new plugin: Could not load file or assembly. Operation is not supported.

I like the idea of creating a single local admin account and a single domain admin account for our team. (Rapid Fire tools downgrades the score if there are multiple admin accounts on the system).

Also Reading: absoblogginlutely is it still advisable to use the "Automate" password generator?

 

Edited by Jas

Share this post


Link to post
Share on other sites

@MrRat Looks like there's a 'bug' with the account creation for the LOCAL admin accounts if the generated password is >14 Characters (due to legacy windows 2000 compatibility check net user command does) leading to accounts not being created.

Could you alter the command that gets issued by the plugin to include a "/y" at the end of the net user command, this should fix long min password length settings?

right now its generating something like: 
cmd!!!/C net user /add /fullname:"MSP_Name mspadmin" /comment: "MSP Local Service Account - 56" "MSP_admin" "Thisrandomlongpassword" && net localgroup Administrators SD_sdadmin /add

Output:
No valid response was provided.
The password entered is longer than 14 characters.  Computers
with Windows prior to Windows 2000 will not be able to use
this account. Do you want to continue this operation? (Y/N) [Y]:

Share this post


Link to post
Share on other sites
On 1/16/2020 at 8:48 PM, gibsurfer84 said:

Is this addin still supported? Will it work safely on LT 2020.1?

Seems to working ok on ours.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...