Yes, this would be amazing. Just the ability to run PowerShell directly on the Commands tab has been a godsend already, making it interactive would be even better.
I just got asked this very question today and agree that it would be extremely useful, given the licensing model.
I will second that, R.peters. We use an MSSQL as well now and the performance difference is quite large. SQLite was always a bottleneck as the DB grew to thousands of sessions, and frequently gave us problems during SC upgrades. Many of our clients require us to send them scheduled reports that tell them which of our admins has accessed their machines, when, and why. MSSQL has allowed us to easily create SSRS audit reports to meet this need, and having this officially built-in would be fantastic.
1. I would like to see a GetSessionHostPass permission to only allow certain security roles to use the Get Host Pass command.
2. I agree that there should be an interface to enumerate, configure, and/or revoke existing host passes, both at a session level or across the entire SC system.
3. A nice security feature would be to have the ability to require MFA or at least specify password protection for the host pass URL at the time of creation. Anything is better than a free-for-all URL.
Seconded. We plan to move to an AD/LDAP in the future for auth but for now, sorting the existing local users and roles would be much appreciated.
Customer support service by UserEcho