+23
Completed

Provide simple utility for a guest to disable and re-enable SC Java and .Net client locally.

steinway 9 years ago updated by swhite (Product Manager) 7 months ago 32 13 duplicates

There is such a utility available for Windows. Some of our customers feel more comfortable deciding when they want our techs to have access to their computers. A simple toggle that can be placed on the Mac desktop that they can double-click on and off for Macs would be nice.

Duplicates 13

This is a feature we have planned for the 6.1 or 6.2 release barring any development delay.

Pending Review
Pending Review
+1

a timeout also would be handy to know when they've been inactive (stepped away from the computer).

Yes, a guest blocking feature is something we use quite a lot on GoToAssist.


Also, an inactivity flag would be less critical but also super useful.

Guest can kick host from a "Access" session is exactly what we need.

We need it for german law and concerne compliance against staff monitoring.

Our end user don't have permission to end or deinstall the service, so the "End" option in the tray icon is the only way for us.

wouldnt uncheck HOSTSESSIONWITHOUTCONSENT solve this issue as you would not be able to connect without a user clicking to allow access.

In our case to get PCI DSS Compliance requires 2-Factor authentication when logging into companies that process credit card transactions.

ok - so you are looking for individual groups or systems to have 2 factor along with the 2 factor to login to connectwisecontrol?

The 2-factor authentication needs to be done on the initial connection to screenconnect.com. After that the user clicks on the system they want which in this case is Windows and then they have to login to the PC with the PC's user name and password. I have the option set to force a PC lock so we are forced to login to the PC.

the system can already do that. you just change the OTP setting in security accordingly:

OTP (email, goog, yubi, linotp, duo):


so email:

     goog:

     yubi:

     linotp:

or  duo:

I was answering your question without looking at my request. I am aware that the software already has 2-factor authentication.

The feature I am looking for is to give the Host user the ability to enable/disable the service thru the ScreenConnect tray icon. There again we deal with financial institutions and they want extra control on who can access their systems. Currently we are using LogMeIn which has that option to enable and disable the service and since I am going to replace it with ConnectWise I was looking for the same behavior.

ok - i thought that was the original statement. but wouldnt the consent option work the same basically?you cannot connect to the financial system without someone allowing the access. kind of like turning the service off and back on.

They don't want any active connections coming from the outside. They would consider an active connect something that could be hacked. I sure you read about TeamViewer just having to issue an emergency fix for a desktop access vulnerability. (http://www.zdnet.com/article/teamviewer-issues-emergency-fix-for-remote-access-vulnerability/)

We have a few exceptions but most of our banks shut the service off.

ok - that makes sense now

If you're looking for the ability to kick a support guest then in 6.5 you'll be able to from the general tab.
If you want to disconnect an unattended machine then you can use the uninstall and end option.

Any reason this feature request hasn't gone through?


This is feature I asked for a long time ago for the same reasons. Please add this feature as soon as possible

Clearly ConnectWise have no interest in our opinions or requests. I am looking into alternatives.

Hello,

The team is working on an extension that'll give an admin the ability to restrict internal users from accessing the web application at certain set times. Will this solution work for you? 

Please let me respond with a scenario...

Assume that we have 20 ACCESS sessions configured


Does your proposed change allow me to disable 1 of the 20, during certain hours,  without affecting the other 19?



Do you want this to be configured on the guest side or would you like to configure this in the web application to block your internal (host) users?

Yes,  I believe this should be a feature if the client(host computer) not the admin.


This would give the client the ability to authorize connections during certain hours.  By default,  anytime,  but the ability to limit would be available.

Ah, okay, so you want this to be a guest side feature. In that case, this is a duplicate and will be merged with https://control.product.connectwise.com/communities/1/topics/415-provide-simple-utility-for-a-guest-to-disable-and-re-enable-sc-java-and-net-client-locally 

We are exploring the request now, and plan to get it on the roadmap soon :) 

+1

This should have been a programmed setting by now as this request is very old.  Other competitors have it and many end users, for privacy (even if they approved unattended access) would like the option to easily right click the system tray or similar to enable/disable the app when needed.


This takes two seconds to program such a menu item that essentially runs a batch or script command built-into Windows to disable / enable the associated screenconnect service (or similar tactic, but service disable/enable is perhaps quickest).

If desired as an extra option, it could and should be made a setting in the backend admin settings to enable or disable the ability for an end user system to have this option available to be used ....just like some other settings are similarly allowed/disallowed to be utilized ....either account wise entirely or even granularly by filter/group like many other settings.

Either way, bare min we need to get the enable/disable system tray option for security/privacy reasons if for no other one.

Thx.

As you can see users are desperate to get rid of techs, as they often forget to disconnect.

I see such messages more often than not.


Please finally allow users (guest) to close/terminate any session.

thanks,
Stefan

Where does this stand CW?  A simply RIGHT CLICK SYSTEM TRAY DISABLE/ENABLE is required for privacy and security -- period.  Competitors have it.  You don't.  Pls fix.

As an optional tangent of this, as prior stated, you can have an admin app.config or wherever setting that allows us the admin per instance or per group (better if possible) to decide to allow this right click disable/enable to exist depending on our customer type/contract with them/desired privacy vs always-persistent tech support.

As prior also mentioned, the literal programmatic solution is a DISABLE = stop the CW service command and ENABLE = start the CW service command.  That is literally 2 lines of code, whether dos command, powershell variant command, similar that triggers with a new menu item(s) you add to the right click menu of the LOCAL ON THE GUEST CLIENT system tray icon.

I may be wrong, but I believe your company is now the ONLY ONE that does not have this either as a right click system tray option or similar in the guest/customer side when they open up a remote control window or a admin side equivalent of it (not ideal as this should be GUEST/CLIENT SIDE, i.e. ON THE COMPUTER WHERE YOUR APP IS INSTALLED. ....you all may also call this "HOST" if memory serves, but it should be clear what we're talking about here or ask for clarity if not).

Thx.

Not sure why this thread was never updated, but this opt-in feature was added to the Windows guest client in v19.3 (4 years ago) - https://docs.connectwise.com/ConnectWise_Control_Documentation/Get_started/Knowledge_base/Enable_a_guest_to_require_consent