Your comments

I think the part that bothers me the most is that the bitmask settings are optional. Meaning they are controlled on the client end not the server end.. These are not really permissions and seem optional at best. 

What's worse is that a tech savvy user could just reenable the any bitmask settings they want if they found the app.config file..

bingo everyone gets access to the audio and any other features you turned off.. NICE.. 

We just tried changing the bitmask settings and every thing looked fine but users that used the clickoncerun app will have the bitmask settings cached meaning they can still access the microphone and users that have not reinstalled the screenconnect client can still access the microphone... 😕  while other users won't be able see or mute their microphone. 

Here's an example of what most of the redhad systems we connect to look like.... big black nothing. 😥

So, we control into a windows box and then SSH into these machines and or control them from vsphere (if possible). Now once someone has connected to vsphere and pressed the ctrl+alt+F2 then anyone can remote into the server again until its next reboot.


Would be cool if we could go direct and send the CTRL+ALT+FUNC key. 

I know some of you (like me) are just looking for progress or maybe a hint of progress. I wanted to give you some insight on this as CW had posted on a forum a couple months back asking for feedback on setting the resolution from control. I was going to post the URL but it has already expired. 

This may or may not relate to the following post but i hope it helps. 
 

Image 1031

That was super helpful. - Thank you!


I've made other tweaks to the appearance in the past and never thought about altering the password appearance. This won't tell our users specifically what the cause is but hopefully will get them much closer. 
 

I also altered what happens when the tokens stops working. This better aligns with what is really happening. 

I'm going to add a note to this since connectwise spent the time building the security alerts but didn't provide a way to reference the users email in the alert. 

I stand by my comment above. What is the purpose of notifying just the admin?

I agree on account lockouts but in reality you want to notify the end user in some of these instances. i.e  

Example -

System: hey user, your password was changed. 

User: Wait, i didn't change my password... Hey admin, what's going on?

System: Hey user, new login detected...

User: Wait, i didn't login.... Hey admin, what's going on?

Let the end users be our eyes and ears.. I don't mind CC'ing the admins but let the end user assist us in detected malicious activity. 

    https://docs.connectwise.com/ConnectWise_Control_Documentation/ConnectWise_Control_release_notes/ConnectWise_Control_2021.15_Release_notes

    Sorry if I didn't fully read your comment.  It seems as if you were asking for it in the thick client and not the Automate web interface? 

    I know this doesn't help, but i think their plan is to decommission the thick client once all the features have been implemented into the web. Sorry if I led you down a rabbit hole.  

    This is customizable in the web. You could probably set it super high if you wanted. 


    But it's up to your admin to configure. 

    Advanced > System Options

    Hi Chris,

       It's a permission in Automate. I have it turned off for all our techs.