Jump to content

Fabian Näf

  • Content count

  • Joined

  • Last visited

About Fabian Näf

  • Rank
    Advanced Member
  1. Improve Bad Passwords feature

    Just an idea: You (clickstudios) could host this datas (with a powerfull method, like suggested above) and publish it by an API to the internet. So the users webbrowser could then directly access this API... just an idea :-)
  2. Unable to send Self Destruct Message

    Hi I did my testings above with smtp from Outlook.com (smtp-mail.outlook.com). I just tested again with smtp.gmail.com and I was not able to reproduce the issue anymore. When using gmail, all emails were sent from the email address I have specified on the Email Server Settings screen. I already tested some days ago with gmail.com, but then I got the failure. This time, I did a logout/logon to Passwordstate after every change, probaly this makes a difference, but I don't know. Best regards, Fabian
  3. Hi I'll send you an email with further informations about our environment. Best regards, Fabian
  4. Hi I', referencing to this post. It would be glad, if we could set the options under User Preferences -> Password Tab by User Account Policies. Specially "Limit the number of displayed Nodes (Password Lists and Folders) in the Navigation Tree to" and the new feature "Use Load On Demand Feature for faster loading and expanding of Nodes in the Passwords Navigation Tree" would be great, if it could be configured by User Account Policy. As described in the referencing post, we have a lot of nodes. Currently every user needs to set this settings by hand (or we have to set it in the database for them). So I thought it would be the best option, if we could set this by User Account Policy by default for all users. Best regards, Fabian
  5. Unable to send Self Destruct Message

    Hi Unfortunately I don't have another email server to test, because I run Build 8037 in my testenvironment. But I think I got where the issue is comming from: When I send a Self Destruct Message I assumed, that it's sent from the users email-address wo's creating the Self Destruct Message. My email-settings are using a Exchange-Server, which needs authentication, for what I'm using my own email-account. This Exchange-Server doesn't allow sending emails from another account then the configured one. This explains, why sending Self Destruct Messages works from my Security Administrators account (this accounts uses the same email-address as configured for authentication on the Exchange-Server). I just tested this: 1. When I change a users email-address to the email-address configured for authentication on the Exchange-Server, I'm able to send Self Destruct Messages from this user. 2. When I change my Security Administrators email-address, the Security Administrator is not able to send Self Destruct Messages anymore. Best regards, Fabian
  6. Redirect to HTTPS not working

    Hi As I understand this setting, when I use HTTP, I should be redirected if I use a browser (Web Tier?) and I should get a 403-Error, if I use the API. Did I understand that wrong? Best regards, Fabian
  7. Redirect to HTTPS not working

    Hi I configured "Force the use of an SSL Certificate (HTTPS) - the Web Tier will redirect to HTTPS, and the API will return a 403 Forbidden message if HTTPS is not used" to Yes under System Settings - Miscellaneous. Under "Specify the Base URL for your site" I specified my site like "https://passwordstate.****.com". When I access "http://passwordstate.****.com" with Internet Explorer, I get an 403 Error, with Firefox and Edge I get a page with the text "You do not have permission to view this directory or page.". When I access "http://passwordstate.****.com" with Chrome I get redirected to "https://passwordstate.****.com" (as it should). Best regards, Fabian
  8. Unable to send Self Destruct Message

    Hi I just sent you an email with further informations. Best regards, Fabian
  9. Hi I'm using Build 8037. When I create a Self Destruct Message and click to "Send Email" it doesn't work. The message "Sending Email - please wait..." appears, but then I got stuck and nothing happens. I get the following error in the browser console: Uncaught Error: Sys.WebForms.PageRequestManagerServerErrorException: An unknown error occurred while processing the request on the server. The status code returned from the server was: 500 at Function.Error.create (Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:6) at Sys.WebForms.PageRequestManager._createPageRequestManagerServerError (Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:15) at Sys.WebForms.PageRequestManager._parseDelta (Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:15) at Sys.WebForms.PageRequestManager._onFormSubmitCompleted (Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:15) at Array.<anonymous> (Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:6) at Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:6 at Sys.Net.WebRequest.completed (Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:6) at XMLHttpRequest._onReadyStateChange (Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:6) Error.create @ Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:6 _createPageRequestManagerServerError @ Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:15 _parseDelta @ Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:15 _onFormSubmitCompleted @ Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:15 (anonymous) @ Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:6 (anonymous) @ Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:6 completed @ Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:6 _onReadyStateChange @ Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScri…:6 As I just tested, my email-configuration seams to work, I'm able to send test-emails. If I use a Security Administrator-Account for sending Self Destruct Messages I don't get this error and it works. Best regards, Fabian
  10. Importing from KeePass into Passwordstate

    Hi Matt Thanks for your feedback! I just updated my post above with a little example for the username. (domain\username) Hopefully I'll find some time next week to make a new version, which uses the new WinAPI. Then you will not need to specify an username if you like to use your own account. Best regards, Fabian
  11. Certification/Compliance Reports

    Hi Sachaed First, I'm not an employee from Clickstudios, so this is not an official answer to your question As you can read under this link, they use OWASP Development Methodology, they have FIPS Support and they also do Application Penetration Testing with externals companies. Best regards, Fabian
  12. Thanks a lot for your explanation. Exclude Users I totaly agree with you, that a domain admin should never use his own account for running scheduled task. But you know ... they do it just temporary, just for testing... and then they forget it to change Use of Password Generator I just used the Windows Local Admin Accounts Discovery Job before and immediatly after discovery my passwords got changed. So I thought the same behaviour would processed with the Windows Dependency job. But the passwords got changed, because I set "Upon discovery, perform an immediate Password Reset for the account, based on the value of the password setting above: Yes". I'm absolutly agree with you, that this isn't a security risk. So I like to whitedraw my feature request for that :-) Thank's a lot for your explantions and fast support as always! It's highly appreciated! Best regards, Fabian
  13. Hosts: Can't find "host & remote session launcher"-Tab

    Hi Thanks a lot for your help! After I inserted this record, I was able to configure my API Key for the Remote Session Launcher. Now everything works great!! Best regards, Fabian
  14. Hi If I open a folder in the new Hosts-Tab and click "Add Hosts to Folder" I can't scroll down to click "Add selected host". Workaround: Zoom out with the browser. Best regards, Fabian
  15. Hi I've two feature requests for Windows Dependency Discovery Jobs: Exclude Users We considered about the following scenario: A Domain Admin creates a new Scheduled Task or Windows Service and use his own Domain Administrator-Account for this (just temporary for testing). If then the Windows Dependency Discovery Job would run, his Domain Administrator-Account would be added to Passwordstate and his Password would be reseted. The prevent this, it would be great, if we could include/exclude accounts for the Windows Dependency Discovery Job by using matching-patterns e.g. ==> exclude "doa-*". Use of Password Generator In Windows Dependency Discovery Job there is an option "When new accounts are discovered, set the initial password in Passwordstate to be". There I have to enter a password. If I understand it right, every discovered account will then use this password until it's expired. In my optionen this is a security issue. When I configure a Windows Local Admin Accounts Discovery Job, I can choose, that a new password will be generated randomly (I guess it uses the password generator policy). It would be great if you could add this option for Windows Dependency Discovery Job as well. I'm aware, that it will take some time until version 8 is released and you only afterwards will be able to work on my feature request. So don't hurry Best regards, Fabian