I would like the ability for pasting HTML text to retain it's formatting on the guest machine once pasted.  If I copy an HTML signature in Outlook it will not paste the HTML correctly on the guest machine.

I ran into an issue the other day that caused a lot of concern for myself and my client. My client got on an unmanaged laptop and logged in to my Control portal in order to view his work computer. Since he doesn't have Control installed on this laptop, the portal offers up a downloadable access exe to connect to his work computer only. As we know, this exe only connects to his work computer and has an expiring token built in, but there is no user/pass or other auth needed to use this exe. You run it and it connects. Once the token expires, the exe is useless.

This access exe was picked up by the unmanaged laptop's AV software. It was uploaded to a cloud testing service and was run as part of the testing. Since the token hadn't expired yet, the access exe connected a session from the client's work computer to the dummy VM that the AV scanner was using. It ran for a minute and then quit, ending the session.

While no human viewed that session, the implications are still pretty bad: Anyone with that exe can connect to the host computer without authentication until the token expires.

You could shorten the token life, but that would negatively impact the UX for clients who want to work on their work PC all weekend and not have to reauthenticate all the time. It also doesn't prevent remote access from someone who quickly exfiltrates that exe another way.

We propose that the access exe provides a fingerprint of the machine that runs it to the Control server. The Control server then stores this first access fingerprint, probably in the same place it stores the expiring token. On subsequent launches, if the fingerprint that the access exe provides matches what the server has, then it connects the session. If the exe has been launched from a different computer, the fingerprints won't match, and it won't be able to connect without reauthenticating. This would solve the exe exfiltration issue while not affecting token life or other UX.

Would like a report that lists users and their roles for audit reasons.

change the Reporting API (Report manager) from UTC To other time Zone

We have some cases when we connect, clients don't want the screen to be locked when exiting or hiding the connection bar, what ever the case may be.

Would it be possible to apply a different web.config to different client groups/filters? I know the app.config can be modified but will be reset if updated but there is no way to do this for the web.config. It would be great to have both the web.config and app.config settings be configurable for certain groups rather than just global.

Right now we can only send HTTP and SMTP events based on triggers. It would be nice to run commands automatically on machines when certain criteria are met, this seems like this would fit in fine within the existing 'trigger' framework.

As a use case, we have Labtech and Screenconnect, and sometimes the Labtech agent fails when the ScreenConnect agent doesn't. We can remedy this by running a 'net start LTService' command from the ScreenConnect Host command window. It would be nice if we could automate this somehow.

OKTA Integration with ScreenConnect (ConnectWise).

Curretly using OKTA multifactor authentication and would like ability to use it with ScreenConnect.

OKTA Support has offered to open dialogue with ScreenConnect support in facilitating the integration of services.

I'd like to see the ability to grab a screenshot from the client computer. Ideally:

• it could be configured to happen with our without end user knowledge.
• It would transfer the file to my (host) computer.
• Optionally it could have a date/time stamp.
• It could capture one or all screens in a dual-screen environment.
• Bonus points if it could be scheduled.

This would be different from relying on the thumbnail and transferring the thumbnail via the existing work-around of increasing the thumbnail size and using a secondary tool to download the thumbnail. The work-around has some drawbacks, most notably needing to be a global change that increases bandwidth across an installation that occurs (at scale) during thumbnail periodic updates.

Thanks!

In an effort to make our servers more secure we have decided to disabled TLS 1.0 and 1.1. We made sure to check with support before making this change so we didn't break anything. We were told to use IIS Crypto 2.0 to easily make the change.

After disabling TLS 1.0 and 1.1 our product still fully functions, except for the fact we can't see the status of multiple checks. Is it possible for that feature to work with TLS 1.2?

It would be nice if the Linux installation could use Active Directory for authentication. I was told by support that the limitation is mono. It appears that mono has supported this for 6 years now!!!!

http://monox.mono-software.com/blog/post/mono/92/MonoX-Active-Directory-integration/