+6
Completed

Give temporary access to other contractors or guests

MrEastwood 4 years ago updated by anonymous 4 years ago 6

There is an old post in the forums HERE that addresses it. My LogMeIn pro license through another RMM vendor allows me to grant temporary access to a third party for up to 90 days.


Examples where this would be used:

- give a software vendor temporary access to a server to install and configure their software

- give a developer temporary access to a web server to configure it for new development

- give an end user access to their computer temporarily for those emergency calls where they're on the road travelling and need something back at the office


I *could* go through the motions of creating a new SC user, then creating a special Role for them to access a particular server but it's a lot of work I think. Would be nice if there was an interface under Security where we could do this simply from a checklist: add a temporary user, add the length of time the credentials are valid for, then choose from a list what machines they can access. There could be a new default role called "temporary" or "contractor" just for this.


Not only that, but it would only give them access to the Host page with only the machines that were selected for them.




Available in Version:
Completed

A form of this was implemented in 5.6, but the max time is listed at 1 day. We were looking for a true temp solution. This fits most of your use cases. The 90 day pass would be only outlier. Can the voters here give me more feedback on if a 90 day or configurable option is needed?

My last 3 use cases for this situation happened to be 1 day, 4 days and ~10 days. I agree a 90 day would be an outlier. Although I would personally find it a little annoying having to re-issue a temporary pass on a daily basis first thing for 10 days straight, it would be workable. My own preference would be to reduce that a little by a few more days.

I think to have an option at least 3 to 5 days would be good when dealing with vendors. Also it seems that the options are either VIEW ONLY or MY PERMISSIONS. Would be nice to have where we can control what options the temp user has. like i want them to be able to interact with the system, but not run any of our tools. or to not be able to send and receive files.

Agree with Mhighsmith - the point is to offer a temporary way to remote in, so automatically deny the ability for them to run tools, send files etc. Simple as possible.

I captured your request in a new FR so we can try to compile any other suggestions for the host pass feature for a rev 2. http://screenconnect.userecho.com/topics/313-/ Thanks as always for the feedback. You guys have been awesome supporters of the product.

Depending if ShouldRevalidateAccessToken is set to true or the default of false will also control how long the user can stay connected to the system. if the setting is FALSE and you do not have a timeout on a connection then the user can stay connected as long as they want to the system. we have a 9 hour limit, so 1 hour of connectivity could equal 9 hours. but with the setting to TRUE then the connection time is limited to 1 hour of connection.

Commenting disabled