Jump to content

Fabian Näf

  • Content count

  • Joined

  • Last visited

About Fabian Näf

  • Rank
    Advanced Member
  1. Color theme not saving?

    Hi jack I think you need to select a color in the fields "Base Color" and "Page Background Color". The "Color Palette" changes just the choosable colors in the color picker at the bottom and you need to pick a color from there. Regards, Fabian
  2. Redirect to HTTPS not working

    Hi I just wannted to ask, if you got some news about this issue? Best regards, Fabian Edit: Propably I need to mention, that I have Windows Authentication enabled, if this matters...
  3. Improve Bad Passwords feature

    Just an idea: You (clickstudios) could host this datas (with a powerfull method, like suggested above) and publish it by an API to the internet. So the users webbrowser could then directly access this API... just an idea :-)
  4. Unable to send Self Destruct Message

    Hi I did my testings above with smtp from Outlook.com (smtp-mail.outlook.com). I just tested again with smtp.gmail.com and I was not able to reproduce the issue anymore. When using gmail, all emails were sent from the email address I have specified on the Email Server Settings screen. I already tested some days ago with gmail.com, but then I got the failure. This time, I did a logout/logon to Passwordstate after every change, probaly this makes a difference, but I don't know. Best regards, Fabian
  5. Hi I'll send you an email with further informations about our environment. Best regards, Fabian
  6. Hi I', referencing to this post. It would be glad, if we could set the options under User Preferences -> Password Tab by User Account Policies. Specially "Limit the number of displayed Nodes (Password Lists and Folders) in the Navigation Tree to" and the new feature "Use Load On Demand Feature for faster loading and expanding of Nodes in the Passwords Navigation Tree" would be great, if it could be configured by User Account Policy. As described in the referencing post, we have a lot of nodes. Currently every user needs to set this settings by hand (or we have to set it in the database for them). So I thought it would be the best option, if we could set this by User Account Policy by default for all users. Best regards, Fabian
  7. Unable to send Self Destruct Message

    Hi Unfortunately I don't have another email server to test, because I run Build 8037 in my testenvironment. But I think I got where the issue is comming from: When I send a Self Destruct Message I assumed, that it's sent from the users email-address wo's creating the Self Destruct Message. My email-settings are using a Exchange-Server, which needs authentication, for what I'm using my own email-account. This Exchange-Server doesn't allow sending emails from another account then the configured one. This explains, why sending Self Destruct Messages works from my Security Administrators account (this accounts uses the same email-address as configured for authentication on the Exchange-Server). I just tested this: 1. When I change a users email-address to the email-address configured for authentication on the Exchange-Server, I'm able to send Self Destruct Messages from this user. 2. When I change my Security Administrators email-address, the Security Administrator is not able to send Self Destruct Messages anymore. Best regards, Fabian
  8. Redirect to HTTPS not working

    Hi As I understand this setting, when I use HTTP, I should be redirected if I use a browser (Web Tier?) and I should get a 403-Error, if I use the API. Did I understand that wrong? Best regards, Fabian
  9. Redirect to HTTPS not working

    Hi I configured "Force the use of an SSL Certificate (HTTPS) - the Web Tier will redirect to HTTPS, and the API will return a 403 Forbidden message if HTTPS is not used" to Yes under System Settings - Miscellaneous. Under "Specify the Base URL for your site" I specified my site like "https://passwordstate.****.com". When I access "http://passwordstate.****.com" with Internet Explorer, I get an 403 Error, with Firefox and Edge I get a page with the text "You do not have permission to view this directory or page.". When I access "http://passwordstate.****.com" with Chrome I get redirected to "https://passwordstate.****.com" (as it should). Best regards, Fabian
  10. Unable to send Self Destruct Message

    Hi I just sent you an email with further informations. Best regards, Fabian
  11. Hi I'm using Build 8037. When I create a Self Destruct Message and click to "Send Email" it doesn't work. The message "Sending Email - please wait..." appears, but then I got stuck and nothing happens. I get the following error in the browser console: Uncaught Error: Sys.WebForms.PageRequestManagerServerErrorException: An unknown error occurred while processing the request on the server. The status code returned from the server was: 500 at Function.Error.create (Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:6) at Sys.WebForms.PageRequestManager._createPageRequestManagerServerError (Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:15) at Sys.WebForms.PageRequestManager._parseDelta (Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:15) at Sys.WebForms.PageRequestManager._onFormSubmitCompleted (Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:15) at Array.<anonymous> (Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:6) at Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:6 at Sys.Net.WebRequest.completed (Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:6) at XMLHttpRequest._onReadyStateChange (Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:6) Error.create @ Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:6 _createPageRequestManagerServerError @ Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:15 _parseDelta @ Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:15 _onFormSubmitCompleted @ Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:15 (anonymous) @ Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:6 (anonymous) @ Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:6 completed @ Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:6 _onReadyStateChange @ Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:6 As I just tested, my email-configuration seams to work, I'm able to send test-emails. If I use a Security Administrator-Account for sending Self Destruct Messages I don't get this error and it works. Best regards, Fabian
  12. Importing from KeePass into Passwordstate

    Hi Matt Thanks for your feedback! I just updated my post above with a little example for the username. (domain\username) Hopefully I'll find some time next week to make a new version, which uses the new WinAPI. Then you will not need to specify an username if you like to use your own account. Best regards, Fabian
  13. Certification/Compliance Reports

    Hi Sachaed First, I'm not an employee from Clickstudios, so this is not an official answer to your question As you can read under this link, they use OWASP Development Methodology, they have FIPS Support and they also do Application Penetration Testing with externals companies. Best regards, Fabian
  14. Thanks a lot for your explanation. Exclude Users I totaly agree with you, that a domain admin should never use his own account for running scheduled task. But you know ... they do it just temporary, just for testing... and then they forget it to change Use of Password Generator I just used the Windows Local Admin Accounts Discovery Job before and immediatly after discovery my passwords got changed. So I thought the same behaviour would processed with the Windows Dependency job. But the passwords got changed, because I set "Upon discovery, perform an immediate Password Reset for the account, based on the value of the password setting above: Yes". I'm absolutly agree with you, that this isn't a security risk. So I like to whitedraw my feature request for that :-) Thank's a lot for your explantions and fast support as always! It's highly appreciated! Best regards, Fabian
  15. Hosts: Can't find "host & remote session launcher"-Tab

    Hi Thanks a lot for your help! After I inserted this record, I was able to configure my API Key for the Remote Session Launcher. Now everything works great!! Best regards, Fabian