Access session guest ability to kick host from session

It is required that the EXIT option is enabled in user sessions, this is imperative for sessions for security reasons

We are currently unable to deploy the client as the business demands they be able to have control over the session. We are trying to stop the practice of sending links to users. Access sessions take care of this part as we can also require consent. We just need them to be able to opt out of a session at any time if the need arises without killing services or uninstalling the client. Would be of great help if this could be added. 

Thanks,

Oliver Walker 

Yes there needs to be an option for the customer to kick out the session.  I chatted with these guys and they said there's an option to make it so that the customer has to let someone in to the session.  But this wouldn't work if access is needed all the time.  So how about a way for a customer to be able to kick out the session for a certain number of minutes, so if someone is working they can be sure nobody will gain access for that amount of time?

Ideally it would be best for the Admin to be able to turn this feature on or off. The guests ability to not end a session is part of the reason we moved to SC. Previously when we were with GoToAssist the guest could kick us out at any time and they would even when we were running maintenance on the computer.  People have a tendency to believe what they are doing is far more important that what we are doing so they kick the technicians out of the session. So having them not able to end the session is helpful for what we are doing. 

We are migrating to ConnectWise Automate and realized the user does not have the ability to disconnect the tech in ConnectWise control.  This appears to be an important feature which was missed and we hope it will be implemented soon.

This feature is greatly needed and could prohibit the use of this product for many customers. I highly recommend adding this in as an enhancement and allow the administrator to decide whether it gets enabled or not. It should at least be an option.

We need this feature too and we need a date for the feature !!

Logmein - Teamviewer have already this feature. It's not a big deal for to implement this feature.

Thanks

Hello...  Yes this should be a must have as it poses a security issue with management.  Please give the end users the ability to close the session once connected if

This is a need. Original submission for this was 3 years ago and it is pending review. What is the timeline for review?

There are many reasons why the host may not have disconnected, the client has very little recourse to drop the connection, Task manager to kill the session is not acceptable method for a client to disconnect.

Kick host from session, but leaves the guest alive on the host page. We need this feature too. Is this on your road map? When can the community expect the introduction of this feature? (Now since three years unter pending review.)

This is a requirement for us for compliance for some customers. They work with data only they are allowed to see. This is an absolute must for us to have.

For us it is a requirement as well, also based on german labor and dataprotection laws.Please add the functionality for the end-user to disconnect a technician from his or her computer.

This is exactly what we need. We work in Switzerland and need this feature by law. Also it common sense... How can it be that an end-user working on a Terminal Server is not able to kick out the support person at the other end???!!

We were about to commit to Connectwise but the lack of this necessary feature may well be a deal breaker for us.

Our EU company is also now in this as well..Previous because our customers were outside EU it wasnt a concern with permission but not the case now.. Please can this be made a feature? It doesnt need to END the Access Session but just be able to kick off the technician.

Maybe it helps others here. We have for now declared it as a security feature, since it prevents users from kicking out a technician while the technician has for example an admin-prompt open over remote.

If the user were to kick them out in that time, they could do whatever they want and get access to sensitive information or systems. Without that option its in the responsibility of the technician.

Nevertheless it would be great to have the option to enable it upon request.

Hi, Is this in development yet?

4 years and not implemented? This seems so basic to have.  Once in a Zoom meeting, I am not beholden to the meeting organizer to leave it, or stop sharing my screen.  Even having the ability to blank out the screen on the host-side would be a good half-measure to hide private information while on a support session.

This is what I'm paying for?

I'm supposed to be able to connect up to three simultaneous remote-control sessions and I only have two open sessions, so this shouldn't even matter - but I have no free sessions left, and the only way I can get in to end the existing Control sessions right now is to... launch Control. Except that that doesn't work because I allegedly have no licenses left. I was the person who kicked off the original sessions when I was at the client's place, 30 minutes from here (one way); I can't go out there now, I'm not going to ask the client to go to his office at almost 10pm, and I'm irritated. 

Yeah, this situation was my fault; guilty as charged - but the fact that FOR YEARS, you've basically ignored requests to create a feature that would ALLOW ME TO FIX IT MYSELF, is a huge problem. And *that* ISN'T my fault.

Why hasn't this been implemented yet, and why should I continue to pay ConnectWise for this service?

I don't think any ConnectWise employee will ever read this forum. How else can a feature request after FOUR YEARS! still have the status "pending review". There are also never any statements from any ConnectWiese Admins to this request.
That's really sad, because I truly like ConnectWise Control.

I agree. ConnectWise should be embarrassed. Such a basic function which we shouldn't even have to talk about. Every other player in the remote control market has this functionality. I can't understand why CW doesn't do anything about this, at least explain why they aren't implemeting it, but as David G. said, most probably they aren't paying any attention to the community and/or their users.....

So, it turns out you CAN kill live sessions. This isn't really documented anywhere useful. And I don't know if my "I pay for three concurrent sessions but can only use two" problem was fixed. I should probably check.

I know that guest sessions can kill the session, but how can a host kill an access session?

There is no option to end the session when right clicking on the tray icon (when the Control Agent has been installed on the host) except by uninstalling the Agent (which requires admin privileges which our users do not have and which leaves the end-user (host) without an agent and therefore no more remote support is possible!)

I also get more and more requests from clients that have this wish. They don't mind us to acces the host session, but they want to be able to stop it at any given time.

I believe it should be an option.  I also agree with the post above that we should be able to turn it on and off.  The reason I say to be able to give or take away that option is because What if you are logged into the person computer with your account which has domain admin rights and the user just disconnects you now they have a computer that now has full access to everything. including changing your password or just creating an admin user for themselves If they are smart enough.

Exactly. The part where the user disconnects the supporter with elevated permission is what we currently use as reasoning why the user can't close the session on their own...

What I really would like which maybe it is possible and if someone can tell me how to do it.  I am the admin in control but I can't seem to figure out how to kick another technician that is remote using the webstie on a computer I can't access and they have a session going and they walk away from the computer.  I can't seem to figure out how to disconnect him from the host.

As far as I know the only way to do that is to reset all open sessions. 

JBody, You can click on the X next to a users active session and end their connection. 

Giving end users on an Access session the ability to kick the host whenever they want should be an available feature. This is a security risk that really should be handled. I strongly request this feature be added.

I have a customer who just told me today that I have to uninstall control off of all machines unless he has the ability to kick an agent off. Why is this not an option?

I'm wondering how many releases there has been in FIVE YEARS of software development as to this not being an option for an administrator by now. NO excuse on this one guys. GET ON IT. Or at least have the courtesy to say why you won't. I can only imagine the response if I told any of my clients to wait 5 years for a fix. (this IS a fix).

Don't get me wrong, you've done a great job with Connectwise overall. 

And, if I've missed something, my apologies in advance - but otherwise this is honestly pathetic.

I'm wondering how many releases there has been in FIVE YEARS of software development as to this not being an option for an administrator by now. NO excuse

This, along with the pathetic, complete lack of branding/customization features for people who use ConnectWise Control in the cloud... those are the two primary reasons I'm ditching Control at some point soon (when it's practical to do so).

Don't make a forum available for customer feedback if you're not going to listen, ConnectWise.

From a technical standpoint, Control is pretty awesome, but I can't allow a company that refuses to address security issues to have any kind of access to my computers, or my clients'.

Pathetic.

Any update on this being on the roadmap, this is sorely needed. Has anyone found a workaround for this?

Why not just not use access? and instead, just use the support function? 

We may have to go that route. This was a consideration, but a lot of times we need to access the system after hours, and the convenience is appreciated by our clients to be able to connect as needed. The issue is that the CEO of the company does not want access installed at all if they have no way to kick a host from a session. To be quite honest I do not understand why this is not a core feature of Access...

That doesn't work at all if you need unattended access, which I often do.

I already have plans to replace Control with Remotely, a relatively new, open-source remote control product that addresses all of my concerns with Control. I'm not just an IT professional, I'm also a developer, and my plans are to contribute code to the project at some point.

I have quite a few computers running on Support that I use the sessions for unattended access. The only difference is that the end-user can end the session if they chose. 

Do you have the ability to filter computer by criteria like client and location?

Honestly, I'm dumping Control anyhow... for me personally, the ridiculous lack of any decent amount of branding (including the fact that you have only two or three options to customize YourNameHere.ScreenConnect.com) is the big deal breaker. But this issue with Access is also ridiculous, and ConnectWise could fix it if they wanted to, but all indications are that the don't care.

My company has set organization filters and we have enforced a proper naming scheme so we have no issues finding computers on either Access or Support. Connect Wise offers quite a bit for the low cost they charge. 

As for the customization, there are some you can set, colors, logo, etc. The URL really isn't a bother since we set up our own reroute URL under our domain. 

if they implement it they do have to have the ability for it to be turned off and on by the msp. Because if they just implement it that anybody can just kick the host off what about the times that you log into a computer with your admin privilege's and then the guest kicks you off of the computer now they have access to the computer and whatever your user has access to.  Now said user starts deleting things or looking at files they should not have access to because said user got wind that they were going to get fired soon. now the company sues you because you gave that person administrator permission to things they should not have access to. You then turn around and sue connectwise because their software caused all this trouble.

So truthfully I can see why Connectwise is so Leary at doing this. You may say oh that would never happen to us or we would not sue connectwise if this happened.  But you have to remember this software is used throughout the world not just in one country and their are sleaze balls everywhere that are looking to sue big companies for money.

Just my .02 cents

This is exactly why I don't want this function just flat enabled. It's an extremely slippery slope and the primary reason we left GoToAssist is because end users constantly just kicked us out.

They should give us the option to enable it, or not.

Agreed and as always a company could just make you agree to terms that say if so and so takes control of a PC we are not liable. I hope this gets some attention or at least a response from Connectwise. If this is a security risk in its own right then all I want is for Connectwise to say they are not doing it and this is why.

True, but again I could play devil's advocate and say the same goes for the MSP itself. What if an engineer knew they were being let go at the MSP and so they remote into a finance PC and start stealing data and block client input and the client has no way to kick or block the host from connecting.

There are always measure that can be taken, such as if a user does kick you off the PC then the PC itself logs out or locks.

It could also give a 10 second wait to actually kick you off so IF you are logged in with admin priv somewhere.. and a user tries to kick you off, you have 10 sec (adjustable in settings) to say no.. but if this still would allow a rogue sesion that you forgot to log off from to be ended remotely...

There is already a timeout function on sessions if you leave them unattended for too long. 

I feel like this conversation is still moot because as the SC user you can just disable end-user inputs which would prevent them from ending the session anyway lol. Admittedly I don't like function however if I'm in the middle of a delicate update and  I don't want the end-user just exiting out of what I'm working on I'll enable the disable inputs function. 

I have done this and they end up holding the power button down thinking something is wrong with their keyboard :(

It's not something I use frequently and I'll inform the client that I'm enabling that function so that unware staff don't try and use the computer I'm running maintenance on. 

Luckily I've been cautious with my use of it so I haven't had anyone just shut down the computer like that. 

I too would like to give my clients the option of diconnecting a session if they feel uncomfortable 

I too would like to give my clients the option of disconnecting a session if a tech forgets.

As you can see users are desperate to get rid of techs, as they often forget to disconnect.

I see such messages more often than not.

Please finally allow users (guest) to close/terminate any session.

thanks,
Stefan

Would like to bump this as 8 years is a long time for an exit button...