Jump to content

RMM+ Passwords: A password syncing tool for ScreenConnect and Labtech


Recommended Posts

Please try to donate if you can. A lot of time went into this plugin - DOWNLOAD HERE

Thank you to my donors:

Mendy Green

Gavin Stone

Matt Navarette

ITLogix, LLC

Derek Leichty

Kevin Bissinger

DataServ Corporation

NeoLore Networks Inc

 

IMPORTANT CHANGES FOR CONTROL VERSION 20.11+

If you upgrade to control 20.11+ you need to make sure your extension is updated to 1.0.32+ and Automate extension is 1.0.0.25+ and you need to set the "AllowedOrigin" setting on the extension page. This setting can be anything but must also be passed in commands and requests sent to the plugin. You must also set the Origin in the Automate plugin settings page. For instance if you set "AllowedOrigin" to abcd1234.com then you would need to set the Automate origin field to https://abcd1234.com

 

What this plugin does:

This plugin will display your passwords that are on client and location levels in labtech and present them for sending in screenconnect sessions. Gone are the days of copy/pasting passwords.

 

Requirements:

Labtech 11+

ScreenConnect 6.1+

 

How to install:

First, head over to the extensions section in ScreenConnect and install the RMM+ passwords extension.

ScreenConnect 6.1 or greater is required

 

ffRbzDi.png

 

Second, install the attached Labtech plugin.

RMM+ Password Link

 

Third, go and configure some timeout settings.

 

BWLWlXx.png

 

hG7XvHD.png

 

A. Token Valid For How Many Minutes: This setting is an absolute token timeout in minutes. set to -1 to make tokens last forever.

B. Token Idle Expire Minutes: This setting is an idle timeout so if the plugin isn't used or a password isn't queried or passed for this many minute it will invalidate the token.

C. Only Allow One Token Per User: This setting will allow users to only have passwords on one computer(checked) or any number of computers(unchecked)

Fourth, set permissions for the plugin.

 

MeC2FZ6.png

 

C4mvpdG.png

 

Fith, Activate by doing the following in Screenconnect

Fill in your Labtech server url(please only use SSL or you will be sending passwords in clear over an unencrypted connection),Labtech username and Labtech password. Decide what items you want to show and login.

As of 1.0.22 the automate URL is no longer in the passwords helper. Please set by going to Options->Edit Settings in the control extension.

 

dQPmo8o.png

 

Sixth, Enjoy saving time!!!

 

 

NOTE: If you are having issues logging in and getting blank screen when trying to login verify DownloadURL value in the config table and make sure it is the same as your server so if your login Automate URL is https://rmm.domain.com DownloadURL should be rmm.domain.com.

Changelog:

ScreenConnect/Control Plugin
1.0.5 - Initial Release
1.0.6 - Graphical Updates
1.0.7 - Added ability on login form to save username. Fixed issue where command section would lose access key used to send commands.
1.0.8 - Fixed bug that wouldn't allow brackets in script names, password names or password values.
1.0.9 - Fixed a bug that was introduced in the regex in 1.0.8 that would not allow it to detect empty results. Added ability to type "wake" into the command line and send the ScreenConnect version of wake to computer.
1.0.10 - Corrected issue with wake command not being recognized if case was not all lower.
1.0.11 - Corrected issue to properly escape strings sent in commands.
1.0.12 - Updated command to not wait full timeout if data returns quicker. Also prepends !#timeout to the command for SC.
1.0.13 - Updated script list to contain actual folder structure as appears in LT. Added a password filter box. Now allows to show/hide sections on demand and includes a client/location picker that allows you to change locations or clients so if you have generic passwords stored on your internal client location for instance. Added ability to hide passwords per user to get rid of the extra clutter that isn't needed.
1.0.14 - Various CSS fixes(thanks Andrea). Added filter box to auto highlight top match in password list and enter key will send highlighted match.
1.0.20 - Added ability to send carriage return after password.
1.0.21 - Updated methods for Control version 19 compatibility
1.0.22 - Added optional dark theme to match Control version 19. Automate URL is no longer in the passwords helper. Please set by going to Options->Edit Settings in the control extension.
1.0.24 - Moved Automate URL back to login form because Control now ties the helper to the signature file.
1.0.25 - Fixed broken commands from 1.0.22.
1.0.27 - Added code to allow MFA for login. Uses same MFA code as /automate login.
1.0.28 - Added checkbox to always show MFA box so that login can be single step instead of 2 step.
1.0.29 - Changed the way you can execute commands to require a shared key between Automate and Control. This must be set in the plugin settings to use commands in the helper.
1.0.30 - Forced reading token from settings file on every function that needs it to prevent old tokens from being used(with multiple windows)
1.0.31 - Fixed issue where shared key was not getting saved for reuse in session for commands.
1.0.32 - Added "AllowedOrigin" setting that must be configured to receive commands. You must also have at least version 1.0.0.26 of the Automate plugin and set the same origin in that plugin.
1.0.33 - Moved ExecuteCommand to Automate plugin side to control the origin header.
1.0.34 - Fixed bug in ExecuteCommand routine.

Labtech Plugin
1.0.0.1 - Initial Release
1.0.0.2 - Added permission requirement to Read Passwords for client. If a userclass doesn't have the Read Passwords permission it will not let them go to the SC plugin.
1.0.0.3 - Added the ability to show username instead of display name as password identifier.
1.0.0.5 - Corrected issue with incorrectly determining permissions(Thanks Eric Besserer for the help). Added ability to block/allow script scheduling per location.
1.0.0.7 - Fixed issue where login token was set for more than 24 hours would invalidate each night. Various other bugfixes.
1.0.0.8 - Added regex include and exclude options for selectively showing passwords.
1.0.0.9 - Added auditing of passwords sent, passwords copied and scripts sent to the Dashboard Audit section.
1.0.0.11 - Added ability to regex include or exclude password from view globally. Security update to only show clients in client selector that someone has access to.
1.0.0.13 - Fixes to regex include/exclude and superadmin permissions.
1.0.0.14 - Added ability to send carriage return after password.
1.0.0.16 - Corrected permission issue that was only looking at client level permissions and not computer permissions therefor allowing group permissions to work correctly.
1.0.0.17 - Corrected permission issue that was only looking at client level permissions and not computer permissions therefor allowing group permissions to work correctly.
1.0.0.18 - Added security feature for IP filtering. The IP address that is captured on requests is whatever IP the HOST client of ConnectWise Control is running on.
1.0.0.20 - Added MFA login using the same code that you use for /automate. REQUIRES Control plugin 1.0.27 or higher.
1.0.0.21 - Added shared key that must match the control plugin settings key in order to execute commands from helper.
1.0.0.22 - Fixed issue with stats reporting giving error on TLS.
1.0.0.25 - Allowed %computerid% to be used in regex include and exclude to allow filtering by computerid of passwords. Added additional logging functionality seen in C:\Windows\Temp\RMMPasswords.txt.
1.0.0.26 - With Control 20.11 need to set "AllowedOrigin" setting in Control extension and the setting must also be set in this extension settins. If you set "AllowedOrigin" in control setting to abcd1234.com you need to set the Automate setting to https://abcd1234.com. Commands will not work on 20.11 if you do not set this.
1.0.0.27 - Moved ExecuteCommand to Automate plugin side to control the origin header.
1.0.0.31 - Set userid of the user that executes a script. Added new logic for Automate 21+ user password validation.
1.0.0.32 - Small tweak to new logic for password validation.

Please try to donate if you can. A lot of time went into this plugin - DOWNLOAD HERE

Thank you to my donors:

Mendy Green

Gavin Stone

Matt Navarette

ITLogix, LLC

Derek Leichty

Kevin Bissinger

DataServ Corporation

NeoLore Networks Inc

 

EDIT: as of the labtech version 1.0.0.5 permissions need to be enabled on a client basis for users to have access to passwords and scripts.

Edited by bigdessert
  • Like 1
  • Thanks 6
Link to post
Share on other sites
  • Replies 218
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

Please try to donate if you can. A lot of time went into this plugin - DOWNLOAD HERE Thank you to my donors: Mendy Green Gavin Stone Matt Navarette ITLogix, LLC Derek Lei

Your wish is my command 1.0.0.9 - Added auditing of passwords sent, passwords copied and scripts sent to the Dashboard Audit section!

Please note that version 1.0.22 of the control extension is waiting to be approve. When you upgrade make sure you add your Automate url in the extension settings as it is now hard coded there instead

Posted Images

I cant seem to get the textboxes to show. I've tried it on two different SC servers, same results. Am I missing a step?

 

All I see is:

To send a password to the screen click it.

To run a script on the machine double click.

To run a command type the command and timeout and hit enter.

Link to post
Share on other sites

Ok, what the issue was... I was playing around with another website on my LT server and had set the LT website to use a specific IP address, well that broke the Patch manager and must have affected this as well. Since putting that setting back to all unused IP's this plugin as well as other are a whole lot happier.

Link to post
Share on other sites

Literally three days ago, I was speaking with my boss about ScreenConnect/LabTech/ConnectWise and how it would be SO sweet if they could make this work... and tonight, I landed on this thread. Thanks for taking the time to pull this together.

 

That said, I'm having an issue getting the extension to work on the ScreenConnect side. The extension is installed, but when I go to the helper icon, there is no password button there. Any ideas on what I might be able to try to fix that? I've verified user classes are set properly and the plugin is configured and working on the LabTech side.

 

We are running LabTech 11, patch 10 and ScreenConnect version 6.0.11622.6115.

Link to post
Share on other sites

Did you enable the plugin? You need to install and enable it. Please note that if you are running anything pre 6.1 on the ScreenConnect side you will have to login every time. ScreenConnect added persistent variable storage in 6.1 for helper functions.

Link to post
Share on other sites

Yep, the plugin is enabled and working. I was able to get to Tools, RMM Plus Password Link in LabTech and configure those settings.

 

I figured our version of ScreenConnect might be a concern, so I just upgraded it. We are at the latest stable 6.1 release, but still, no password button under the helper menu.

 

Are there any logs stored on the ScreenConnect side that I can review? The extension doesn't know anything about our server yet because I've never gotten to that point, so the LabTech ASP logs won't do me any good.

nopasswordlove.PNG.d79fc5b238d5f8f1d7592398ae430913.PNG

Link to post
Share on other sites

I thought I'd add that when I download plugins, I always have to extract them, right click the DLL, click on properties and Unblock them at the bottom of the dialog box

 

If you've already tried installing the plugin before you do this, you might have to close the Control Center and reopen it and attempt it again after you unblock the DLL.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...