I'd like this as well, not to have the accounts bypass MFA but allow login at all from a defined set of IPs (with MFA as well)

Caitlin,

David's one of my guys so as a point of clarification...

The problem with the side dock is that you can't go full screen with the remote session and keep it docked on the side.  As soon as I maximize the window the helper dock goes away.  

I just discovered I can go back to the top and it pops back up, but maybe an option to just have those stay present even when full screen along with the ability to take the helper pod and pop it out to a full browser window when needed.

It would be nice to be able have the IPs from the Cloud tenants pushed out to the clients as well -- so the primary connection can be via DNS, but if for some reason DNS resolution isn't working it could still connect via IP.  

I understand that the IPs on the cloud side can change from time to time and that I believe as things stand now, the config in question would only be refreshed when the client is installed... so understand that this might not be as simple of a change, but I think it would provide a great value.. 

At a minimum the ability for the client to try to connect to the last known IP if for some reason DNS isn't working

I assume Chris is referring to the "thumbprint" or signature that the antivirus products use to identify the client on the workstations.  I assume that would change anytime there is a client-side upgrade though -- so every time there is an update right?

I think you'll discover that bitlocker code entry is needed before any of the real OS has loaded thus SC isn't going to be usable at that time either.

We've standardized on making sure our client workstations have TPM chips in them moving forward to prevent this from being a problem.

However, in the interim you can suspend bitlocker protection until a machine is rebooted if you execute a command before you reboot it -- which you could do via the SC commands window or manually on the machine -- take a look at: https://www.isumsoft.com/windows-10/enable-suspend-or-resume-bitlocker-protect-for-drive.html

Something as simple as using the domain name from the user's login name to determine which authentication source to use would be a big plus over a drop-down with every domain listed.

There are numerous times that we want to know why a machine is offline... did the user shut it down against instructions when they left, did it just go to sleep or absent any provided reason -- did it just lose Internet... was a reboot initiated and it just hasn't came back online yet, etc.

Check with the Automate team as I'm pretty sure they do it -- or at least used to.  I can't find it in the new interface.

If a machine went to sleep for example vs. shutdown it would show "Standby on date / time" as "Uptime" in in the legacy computer screen.

I know there are system events called before a machine can sleep or shutdown that can be trapped.

Last time I used it they could still see you moving the mouse around but the screen itself was black.. caused more problems than it solved.

Expanding on the business case for this... 90% of our clients now have multiple monitors and about 30% have more than two... this is becoming more and more of an issue even with 4K monitors. :(  It's please hold while we connect.. ok give me a few minutes while I split out monitors and find what you are talking about..