as we work with multiple 3rd parties giving us support on several machines, we find it hard to prove sometimes that they are causing issues with the settings/patches/actions they did while connected.

we would like to be able to enforce session recording based on specific Role or cw tech User. I.e. when a cw tech user assigned that role connects to a client, then it should record the session (and tech should not be able to disable that).

we do not need to record all sessions of other cw users - as is now the enabling is global and we do not have this option.

Example of implementation:

Utilize wmic os get installdate to display the OS's install date to get an idea of how long a PC has been deployed. 

I find myself on a daily basis sending custom PowerShell scripts or CMD commands from the "commands" menu option without connecting to a computer.

some of my commands / scripts keep repeating themselves like checking mapped drives, enabling RDP, or even a restart command.

I think it would be awesome if under the "commands" menu there will be a repository just like the "toolbox" option that I could add my scripts and commands and just by clicking it will be sent to the computer just like if I would have typed it under "commands" menu

Thanks

David

We'd like to use the web-based API for various scripting purposes. Currently, we need to maintain an account without MFA enabled in order to authenticate and perform these tasks. The down-side is that all of our administrators are constantly prompted to enable MFA for this account. Can a method to use certificate-based authentication for web requests be implemented? Thank you!

I love the backstage option, but the fact that you can get in with no authentication is absolutely scary.  I dont necessarily want to turn this off, but I feel like an additional 2FA code requirement, would at least provide some level of authentication.  

I also feel like the same should apply to running commands from the machine's page.  

When remotely controlling a machine, there is likely some form of login prompt required to access the machine.  Providing command access and backstage access without any authentication seems like a massively exploitable security hole.  

Please consider this.

In a corporate environment, we have firewall rules to allow only specific outbound traffic for things such as ScreenConnect. Currently, ConnectWise randomly and without warning changes the IP addresses for the ScreenConnect instances, making ScreenConnect unusable for secure environments.

At this moment the deployer can only be used at one subnet. To deploy I must be in that subnet. In large companies there are a lot more subnets or VLAN's.

It would be nice if I can fill in different subnets at the deployer and deploy the agent 

As raised in ticket 14827333, need to have system log of admin activities (creating/amending security groups, account creation, etc) for both ScreenConnect and Automate.

We often see those blue dots appear for messages sent to technicians from end users, but have to hunt and scroll around to find the machine with the unread message.

It would be great if we could have an "unreadMessages" filter for Session Groups, that would contain a list of only machines that have an unread message (blue dot).

This seems to be a bit of an oversight, but there should be a way to remove Access sessions idle for a certain time from the console. We are constantly adding new devices, re-imaging, etc. and the fact that the old sessions need to be manually removed makes keeping the console clean a bit of a nightmare. There should be an option within the database maintenance plans to remove idle devices > set number of days from the tenant. Our company automatically removes devices from the domain if they are idle for 90 days and I would love the ability to be able to remove the thousands of devices from our tenant that are not actual devices any longer.