Online Help > Support/Resources > Best Practice

Credential Management for Teams

Description

 

Remote Desktop Manager allows for multiple ways of handling credentials in a team environment. This brings flexibility, but at the cost of creating difficulty when you need to choose an implementation for a particular requirement.

 

Below are multiple methods to handle credentials, you may choose one or many depending on your requirements. We often see scenarios where our client manages his own infrastructure, as well as their customers'. Group entries below groups/folders depending on the kind of credential management that you must use. Each of these groups/folders could use a different scheme.

 

Preamble

 

Here are a few notions that you must know prior to getting to the scenarios, they are at the core of Remote Desktop Manager's usage.

 

Inherited Credentials

 

Credentials can be set using many schemes, be it on the sessions themselves, or even on the groups/folders. This allows for setting the credentials for an entry to inherited. Whenever this is used, the credential resolver will simple go up a level and use the credentials set on the parent entry. If this is a folder, and you also set this to set inherited credentials, it indicates to the resolver to simply continue up to the next parent.

 

User Specific Settings

 

User Specific Settings allow you to override some settings of the entries in the data source. One of the most typical use for this is to override the credentials. It can be done on credentials, sessions, groups/folders, etc.

 

Scenarios

 

All devices are accessed with a common set of shared credentials

 

The common set of credentials are set on the sessions themselves in the navigation tree view. If the credentials are the same for certain devices, store the sessions under a group/folder to which you've assigned the credentials, and set the child sessions to use inherited credentials.

 

Every user must use their own credentials for all of the devices

 

All of the entries and intermediate groups/folders are set to inherited credentials. At the top level folders, use the User Specific Settings to fill in your credentials. You can type them in directly if you have only one set of credentials, but if you have many we suggest you create them in the Private Vault and link to them.

 

Most users use a common set of shared credentials, admins must use different credentials

 

The common set of credentials are set on the sessions themselves in the navigation tree view. Admins must use the User Specific Settings in order to override the credentials.