Full Remte Desktop for Read-only devices

[Martin Stevnhoved]

If a user (in a team) only has Read-only access to a system, the user also only have view-only Remote Desktop access.

We would like read-only users to have full access to Remote Desktop. Application supports should not be able to manage the server

If you don't like to change that behaviour,  you could implement a setting on the Remote Desktop module to allow read-only users full access to user-accepted Remote Desktop access sessions

 

[Martin Stevnhoved]

How does others work around this limitation for application support teams?

[Martin Stevnhoved]

What are you thinking about this @Paul?

[Paul]

Hey Martin,

I can see the more requests showing up about implementing custom levels for sending various other commands like access to screenview or file browser only for certain teams so we'll consider extending the team access to certain features.

-Paul

[Martin Stevnhoved]

Hi @Paul

Are you even considering this.

We are really interested in using the Remote Desktop feature for more people, to assist our customers. But they should not have (write/full) acces to managing the devices.
Is it possible to do some workaround to allow users with readonly-access to control a remote session. We already requires the end users accept.

This would really be great, and extend you tools from being only used by administrator, to also include supportteams.

Best Regards, Martin.

Edited September 15, 2020 by Martin Stevnhoved
Spell checking

[Paul]

Hi @Martin Stevnhoved,

This is already supported in our Remote Control feature. If your Pulseway user has read only access for a machine, remote control sessions will be in a view-only mode where they will not be able to send inputs, just view the screen in read-time.

-Paul

[Martin Stevnhoved]

Hi @Paul.

I think we misunderstand each other. Perhaps I am not make myself clear enough.

I would like to make a group of users with only read access to managing devices, but being fully able to control sessions via Remote Desktop.
The application support people should not be able to manage the servers, but should be fully able to support the remote desktop users.

Best Rebards, Martin.

Edited November 1, 2019 by Martin Stevnhoved

[Paul]

I understand it now, thanks for the clarification @Martin Stevnhoved. We'll consider it for sure when we'll be adding more granular access controls.

-Paul

[Martin Stevnhoved]

Hi @Paul

I cannot find it on the roadmap. Is it just a tiny improvement, that could suddently popup without any notice. Or is it a major feature, that should be on the roadmap.

We are waiting for that improvement. It will be sweet...

Br, Martin.

[Martin Stevnhoved]

/ping @Paul

[Paul]

Hi Martin,

I don't have an update to your feature request just yet. We do have it on our todo list to support more granular controls but at this moment it's not part of our Roadmap.

-Paul

[Justin]

I would like to get updated on this as well. Why not let policies modify Teams as well. 

[Martin Stevnhoved]

Hi @Paul.

This is really becoming a deal breaker.
It is really critical that we cannot let our support personal assist the end users by remote desktop, without granting full write access to the servers.

It would be so simple for you to implement an ekstra checkbox, and it would really enhance the security.
I would go so far, as to say that it currently is a mayor security risc.