I did to confirm if this was new / expected behaviour now and was basically told it must be and if I wanted an option to revert it I would need to raise a enhancement here.
Does this also function that way when launching it from LabTech / Automate because I have that enabled but LabTech still is prompting for Consent.
I am not sure if this was implemented or because the way the LabTech / ConnectWise Automate integration works but I just found out that when using Backstage on a machine which requires Consent through LabTech also requires Consent for Backstage and there doesn't appear to be a way to disable that.
Being able to configure (separately) if you want a Login Successful / Login Failed / Accounted Locked Out on a user would be good to know if someone is accessing / trying to hack into the in-build Administrator account.
Or if the Service account for say ConnectWise Automate gets locked out which will break the integration etc.
We need a way to restrict the Internal Administrator account and any service accounts such as for ConnectWise Automate to IP address / CIDR ranges since all our other users are using external SAML / 2FA.
Mainly around the ConnectWise automate service account since the Administrator account can have the inbuilt 2FA enabled ofcource.
Additionally this may be able to used to restricted logins you may have provided to external vendors or employee's so only their known IP's can be used to login to their account.
Enable a CONSENT if not Console session or a Consent when switching session from VIEW drop-down option.
Also please allow the CONSENT pop-up to work for user sessions but bypassed for the Console session.
Have 1 number input field and a drop-down for "Minutes/Hours/Days" which allows the user to specify how long the consent is granted for, it would default to the defaults on the ConnectWise Control server configuration.
Have a configuration option to be able to hide this field.
Please log the request for and the result of a Consent request in the Audit log and the user account that clicked the button !
This way when someone advises that an Engineer was on their computer and they didn't Consent / press the Consent dialog there is proof they did. (Not just having it as "implied")
Audit Log would be like:
Consent Requested by ConnectWise Control User
Consent Granted because User DOMAIN\firstName.lastName consented.
Consent Granted because no user process not runnin.
Consent Granted because Auto Consent after x Seconds.
Consent Denied because User DOMAIN\firstName.lastName rejected the request.
Customer support service by UserEcho