Jump to content
bigdessert

RMM+ Passwords: A password syncing tool for ScreenConnect and Labtech

Recommended Posts

I worked directly with tcampbell and determined the issue was not with the Labtech plugin but with my 1.0.8 plugin for ScreenConnect. We found the bug and release 1.0.9 now. Thanks again tcampbell.

 

After updating to 1.0.9, we no longer have any passwords showing up.

Share this post


Link to post
Share on other sites
I worked directly with tcampbell and determined the issue was not with the Labtech plugin but with my 1.0.8 plugin for ScreenConnect. We found the bug and release 1.0.9 now. Thanks again tcampbell.

 

After updating to 1.0.9, we no longer have any passwords showing up.

 

I lied. There are some where passwords are showing up, but majority are not displaying. -- EDIT: Believe I have it narrowed down; if there is a Location password, Client + Location display. If there is only Client level, nothing displays.

Share this post


Link to post
Share on other sites

Please note that 1.0.9 has not yet been approved. You installed 1.0.8 that has this nasty bug. I have fixed this in 1.0.9 and hopefully it will be up soon...just waiting on the approval from the ScreenConnnect team.

Share this post


Link to post
Share on other sites

We are trying out this plugin and like it very much so far. I'm wondering though if it's possible to make the permissions more granular? you mention that if the userclass has read password permissions, then it will read them. I have a use case however where we want the password to be visible for only some clients (set under the client location, permissions). The plugin currently ignores this.

 

Is it possible to respect this restriction in LT?

Share this post


Link to post
Share on other sites

Those are the exact permissions i'm talking about. In my installation, it's not being respected at all. I've verified the user account has not been granted the permission and i've tested on a virgin computer to make sure it's not a token issue. yet clearly the passwords for the blocked clients is available.

 

I'm going to apply the latest LT patch and see what that does.

Share this post


Link to post
Share on other sites

I know there is some lag time from modifying the permission setting to it actually getting applied to a user internally in LT. Have you given it a bit of time before testing?

Share this post


Link to post
Share on other sites

I have.. the one client that we want to block, they have never had permission to see the passwords.

 

As a test, i created a new security group assigned it to a test account, with no password permissions to any client. As soon as i checked the "Allow Passwords" in the plugin rights, all client passwords where visible.

Share this post


Link to post
Share on other sites

I am not able to reproduce this. I can give and take away rights to read passwords on a per customer level and it is working as intended. So that lag time I mentioned. I am not sure what schedule it is on but I know for sure it forces a permission update when you login as a user to CC. Can you try to login as this test user to control center then try again?

Share this post


Link to post
Share on other sites

There must be a permission being missed somewhere on my side of things. it may be asking a lot, but would you mind sending me the query you are using to pull the password? I want to try it in SQLyog to see what might be going on?

Share this post


Link to post
Share on other sites

it is not that simple as the permissions used with LT are stored as bits so we have to pull the number then get the bit location and determine if it is 1 or 0. I can give you the query but it will just return an integer to you.

Share this post


Link to post
Share on other sites

FWIW, if Eric has permissions such that client level passwords are not visible to the sample user, his permission settings would be of interest to BigD since the permissions BigD has tested are working correctly, vs. the knowledge of the specific query used.....

Share this post


Link to post
Share on other sites

I'm running into a similar situation as Eric; users that are members of NOC Users group do not have Read access to passwords on a couple of clients, but I add the Show/Hide passwords permission via the User Class manager, they get passwords for the clients despite not having permissions at the client level. I have tested additionally creating a new class with just the show/hide permissions. User has no access to the passwords tab under Client in CC, but if they have Read permissions they get the passwords in RMM+P. When I add Show/Hide, CC does not show the Passwords tab for clients where they do not have Read access, but RMM+P loads them.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×