Kaseya Community

Interim Password Injection Tool

  • Inspired by the F3 tool made by Aspect ICT - https://automationexchange.kaseya.com/products/346#details -  we have taken this on a stage and wanted to see if anyone wants to be involved in what I think could be a very useful product.

    We have completed the following and are testing internally but wanted some feedback from the community to see if this could be a product.

     

    Password Secure Lookup Tool (PSL Tool)

    • Runs in your system tray and in the background on your techs computer
    • Engineer uses his 2fa credentials once per day to launch it - securing access to the tool
    • The tool watches for Kaseya remote control sessions generated by your techs
    • Goes to the on premise AuthAnvil password vault and seeks the CMIADMIN password and stores in the memory (aka PASTE)
    • Warns the user if the password was not found via a popup screen
    • When the login screen appears the engineer simply presses the F3 key on their keyboard
    • The engineer is then logged into the server
    • The tool then purges whats in memory
    • An agent procedure will then reset the CMIADMIN password once a day to something new and complex and update the password vault for the next use

     

    We wrote this tool while waiting on Kaseya completing their full integration with the password vaults and Kaseya remote control which I understand will be done via AAOD but not sure when it will be ready.

    This helps us with some efficiency's and lets us confirm with customers that our techs don't know the passwords for long as they are reset at the end of each day or whatever schedule we want.

    So I suppose I want to task if anyone wants to BETA test it with us with no obligations or commitments on both party's at this stage.  Obviously you need to use the password server function of AuthAnvil and have a common admin account across all your customers but we have scripts to assist with that if you don't.

    If your interested please email me - mike@newcmi.com and we can discuss it further.

     

    Some screenshots below if it helps - not sure board will show them properly

             

  • quick update - we have now added a feature to allow multiple passwords for when the techs have multiple customer remote control sessions going.

    Also added some extra protection for storing the passwords in memory