Jump to content

All Activity

This stream auto-updates     

  1. Past hour
  2. Yesterday
  3. Synopsis of Feature Request: Provide a restriction method either via user and/or group that allows assigning more granular permissions to users. Allowing restriction similar to client access where a user can only see one site, but extend that functionality to licensed users so you could have teams or users responsible for certain hosts, or client sites (MSP remote-site Locations) while still allowing them access to write, update and all other functions. Current Behavior: All licensed users can view all hosts When creating passwords and in various areas in the site, drop downs or selections allow users to select any site (internal, client 1, client 2) from menus Internal is the default for all licensed users and can not be removed Requested Behavior: Restrict users access to one or more sites User permissions can be set like currently, read, write, discover hosts, but all functions restricted only to site(s) they have access to. (internal, client 1, client 2, etc) Can only view or connect to hosts at sites they have permission for. No evidence or ability to view, see or access any other sites. - Won't be even able to see Client 2 as a drop down if they don't have permission for that site. Set different site as default, removing permission from internal and assigning to say Client 1 and Client 2, but not Client 3 or Internal. - Use case, help desk or third-party NOC you don't want in internal systems Benefit of Implementing Feature Request: MSPs or others managing passwords for clients or multiple offices would purchase additional licenses so that "end-users" or "client-admins" could add and edit records, providing additional revenue for passwordstate. While the free client licenses are an added benefit, there would be the ability to upgrade a client to a full user just for their site(s). This would reduce the time of the MSP updating records by allowing their clients to directly access, save or edit passwords. It would also allow them to provide Remote Session Launcher to end users reducing the cost of providing a third-party remote connection tool for clients to access their workstations / pc's remotely.
  4. Last week
  5. We are using the Passwordstate Mobile website but would like to control access to this website as only staff members within IT will be needing access to the external mobile website. I would like to feature request the ability to enable/disable access to the mobile website on a per user basis in a similar way to the new 'Send Self-Destruct Message Permissions'. Thank.
  6. Hello TTumbler, Sorry, but we have not implemented this yet - you can vote on this feature request here if you like - https://www.clickstudios.com.au/community/index.php?/topic/2489-api-search-for-documents-by-name/ Regards Click Studios
  7. Hi Everyone, Today we have release build 8670, which includes 13 new updates, and 5 bug fixes. Full changelog can be found here - https://www.clickstudios.com.au/passwordstate-changelog.aspx. Regards Click Studios
  8. support

    Plugin documentation & test

    Hello tester22, Just letting you know that we have released build 8670 today, with the changes above. If you are yet to perform any upgrades of Passwordstate, you can use one of the methods described in this document - https://www.clickstudios.com.au/downloads/version8/Upgrade_Instructions.pdf. Probably section '5. Manual Upgrade Instructions' will be the quickest for you. We might also contact you directly to see if we can help you develop these scripts, with proper error capturing - if that is okay with you? Regards Click Studios
  9. Ferry Knol

    Secondary Radius server

    We would like to see that we are be able to add multiple Radius servers instead of just one. Hopefully this can be arranged easily and asap. kind regards, Ferry Knol
  10. support

    GET/PUT methods for Hosts

    Excellent, Glad this is all sorted now:) Regards, Support
  11. Hi ParrishK, We've just updated this in one of the latest builds, and the secret is no longer visible to Security Admins. Please see screenshot below. Security Admins can now clear the key, which will generate a new QR code the next time the user logs into Passwordstate. We've made this change to YubiKey, One Time Password and Google Authenticator authentication types. If you can perform an upgrade this issue will be fixed:) Regards, Support
  12. We are beginning to store system specific SSH keys in passwordstate for accounts were we use keys instead of passwords. We can search and find the password record via the api but I don't see any way to find the documents that are associated with that password record. Is there any way to do this still something we are waiting on as a feature (we are on 8.4 build 8449)?
  13. While looking through the HTML source I noticed that each user's "HiddenGoogleSecretKey" is displayed in plain text. Sure the admin already has privileged access to the system and "could" change/reset this value but I think it would be best practice for only the end-user to ever have access to the secret value. Was this intended or is there not a concern for this value being visible to administrators?
  14. tester22

    GET/PUT methods for Hosts

    Great found it now. At first I tried https://passwordstate:9119/api/hosts/<HostName> and I received all hosts. But https://passwordstate:9119/api/hosts/?HostName=<HostName> is working as expected. Thanks
  15. support

    Single password / password list recovery

    Thanks - we've been meaning to work on this for quite some time now, but it does require updating several hundred calls to the database, and testing them all, across all tiers and modules in Passwordstate. There just seems to be a lot more other request that seem to take up our time. Maybe we could improve the delete process here, so the user is well aware this is an irreversible process - we could make them acknowledge it by forcing them to tick a checkbox. Regards Click Studios
  16. support

    GET/PUT methods for Hosts

    Hi tester22, You can certainly do GET requests for Host records (your example above is searching by Host Name with a GET request), but we do not have the ability to do PUT (Update) requests at this time. Regards Click Studios
  17. Hi, Based on the documentation is ts not possible to make GET/PUT requests to Hosts. Preferably the hostname would be the input parameter for these requests: # PowerShell Request $PasswordstateURL = 'https://passwordstate/api/hosts/<HostName>' Invoke-Restmethod -Method Put -Uri $PasswordstateURL -Header @{ "APIKey" = "<apikey>" }
  18. tester22

    Plugin documentation & test

    Great, thanks. Thats exactly what I was after. I already made some changes on my end but will revert back. Will add plugins for SAP NW as soon as this ABAP version is done,
  19. Valentijn Scholten

    Make audit log read only / append only

    A feature requeset to have a recycle bin for password lists is (more or less) here: https://www.clickstudios.com.au/community/index.php?/topic/2311-single-password-password-list-recovery/&tab=comments#comment-5900
  20. Valentijn Scholten

    Single password / password list recovery

    +1, especially because deleting a password lists currently also deletes all associated audit logs.
  21. Valentijn Scholten

    Make audit log read only / append only

    Hi, Recently I noticed that when removing a password list all associated audit log records are also deleted. My opinion is: - An Audit log should be append only. I understand that at some point it might get truncated. - The message currently being displayed when deleting a password list is not making clear the audit log is being deleted as well. I understand that "all related records" is very broad, but in my experience users don't expect audit logs to be deleted. - I will also raise a recycle bin feature request (if not already present). A recycle bin could help if can only be 'cleared' by passwordstate admins. Valentijn
  22. support

    Plugin documentation & test

    Hi tester22, We've made some changes for our Test Script screens today, and hopefully below is what you are requiring - this will be available in the next build, which should be tomorrow?
  23. support

    Plugin documentation & test

    Hi tester22, Are you referring to our 'Test Script Manually' feature in the UI? If so, if you specify the parameters in the following format, then the Generic Field will show on the test script screen -GenericField1 '[GenericField1]' If you like we can change this so -Client '[GenericField1]' also works, but on the screen the field name would be called Generic Field 1 - maybe we can see if we can name this Field properly, based off -Client (we'd need to somehow extract this name from the script, and rename it). Let us check if this would be possible at all. Regards Click Studios
  24. Hello, Yes, this article is definitely old now. You can no longer select an option for this, and instead you will return to the last selected Node in the tree prior to you logging off Passwordstate. Regards Click Studios
  25. I am working on a couple of plugins during our PasswordState trial. The problem I am facing is that the test tools for plusings does not support attributes from the account. Is there any setting I can make to have those fields available. My plugins so far are here: https://github.com/tester22/PasswordState
  26. I think this article is out-of-date, because I have the same question now and my recent version does not have this tab in my preferences. Where do we go now to set the startup home page preference?
  27. Earlier
  28. for exemple, instead of Passwordstate - Password viewed I want to use Passwordstate - Password '[Password]' has been viewed by [UserName] so I don't need to open the mail to get details
  29. On the remote session credentials There is an option once the permission has been granted to a user to modify the expiry time – we will always be setting this, but it is dependant upon us remembering to set it. Could you incorporate somewhere you can set a default option of say 1 day to automatically expire as I notice currently the default is never ?
  1. Load more activity
×