Kaseya Community

Passing credentials through to the Remote Control executable

  • Hi everyone,

    We are using Kaseya 9.2.0.4 on premise. We have recently installed and deployed Thycotic Secret Server for password management - which is wonderful! Again, this is on-premise.

    With Secret Server, you can launch an executable from the web site, and have Secret Server pass parameters to it from it's database. E.g. "Kaseya Remote Control.exe -h $hostname -u $username -p $password"

    My question is, can I do anything to integrate Kaseya RMM and Secret Server? I'd love to be able to pass through the host and credentials so we can use Kaseya for remote access and Secret Server for the credentials. Failing passing parameters, is there a documented API I could use / look at?

    Anyone else have a similar request?

    Thanks - Steve

  • While it's possible that you may grow old waiting for an answer I'd still suggest you open a ticket with Kaseya support. I don't recall any threads here from anyone trying to do what you're wanting to do.

  • If I'm interpreting your query correctly as "I want to have Kaseya remote control automatically supply credentials to the system my technician/engineer is logging into" then I very emphatically support a public response to this from Kaseya.

  • I'm hoping the Scorpionsoft password server integration leads to this.  Meaning techs dont know passwords and they get auto changed with full audit trail. Pleas Please Please

  • You may want to look at Event Logging and scripting.  I do know when a KRC session is initiated an event log is created.  You can automate from there.

    Good luck!

  • I was on a conference call with one of the Scorpion tech guys (AuthAnvil) yesterday and there is going to be credential integration possible into agent procedures, however this feature will only be available with the "On Demand" (read: cloud) edition - on premise AuthAnvil.  

    You can integrate SS passwords into Kaseya (using their API you can query usernames and passwords) for passing to a managed machine, however we found that at some point in the process the credentials have to be stored unencrypted at rest.  Which was not acceptable for us.