• Tyson Navarre
    0
    I have been trying out Remote Assistant through the MSP 360 console. I set up unattended access on a couple of endpoints along with custom passwords and encryption. When I attempt to access the two systems through the Remote Management console, The remote management window on my machine opens, attempts to connect and then prompts for a password. I would have expected that it would have just connected without prompting.

    Should I disable the custom password? What will it take to just connect to a machine straight from the console without sacrificing security?

  • Tyson NavarreAccepted Answer
    0
    I disabled the custom password option on the endpoint agent and found that I could get right in from the console. So now my question is, by disabling the custom password option, have I made the remote control agent less secure? We do have encryption enabled on the connection.
  • David Gugick
    78
    You are still having to log into Windows when using Unattended Access, correct?
  • Tyson Navarre
    0
    That is correct, when I remote in I see a windows lock screen and then have to log into windows on the endpoint. Is there a way to have it act more as a shadow session where we can see whomever is logged in at the time? I am thinking about remote support scenarios where users could get annoyed if our connection forces them to unlock their workstation every time.
  • David Gugick
    78
    No, not with unattended access - designed to give a technician access to a remote computer when no one is there at the receiving end. If you know someone is there and want to share the session, when you log in, RA will tell you someone is logged in and give you the option to use the PIN connection method, which would enable the interactive session for support or other remote guidance.

    Regarding your initial question: Enabling the Password is the safest option. I realize being on the login screen doesn't provide account-level access without valid credentials, but having access to the login screen would be considered a security issue for many as it can expose critical data like account names and also allow the machine to be logged off if that option is enabled via a local security policy.
  • Tyson Navarre
    0
    Ok that makes sense. It would just be a process adjustment on our end but overall better for the client as they would be knowingly granting session shadow access each time.
bold
italic
underline
strike
code
quote
ulist
image
url
mention
reveal
youtube
tweet
Add a Comment

Welcome to MSP360 (CloudBerry) Forum!

Thank you for visiting! Please take a moment to register so that you can participate in the discussions!