Depending on your organization's security policies, there are multiple ways of handling credentials. We can manage a wide range of scenarios; the most popular are listed below. It is critical to understand that these are the credentials used to connect to remote hosts, not the ones you use to launch Remote Desktop Manager macOS.
Most of these selections do not exist in the Free edition of Remote Desktop Manager macOS as they depend on features offered by an Advanced Data Source.
Below are a few key points that the administrator of the solution must be aware of:
|You can store passwords in a credentials entry (username/password entry), which, by default, makes the password usable but not visible by the end user. We provide multiple credentials entry types. You should always consider carefully which type you are using based on your administrative and security needs.|
|Credentials set on folders||Our folders can have defined credentials. This is useful because, in most cases, the same credentials are reused for an entire branch of the network infrastructure. To use credentials defined in a folder, child sessions must be adjusted to use inherited credentials.|
|Entry location||When storing entries in the tree view, users with the View permissions on that entry (or folder by inheritance) will be able to use them. This is how you would share credentials with other members of your team. A User vault exists for users to store personal information that should be seen by no one else. Credentials stored in this manner can still be accessed in the public area of the system by referencing them or through the User Specific Settings feature described below.|
|User Specific Settings||User Specific Settings are partial overrides for your entry settings, including credentials. When you apply such an override, you can choose the type of credentials directly in the override or you can choose to instead link to credentials stored elsewhere, such as the User vault.|
Here are the most common scenarios and ways to resolve them. In the majority of cases, we prefer sessions to use inherited credentials, which means they climb the tree until they have access to a set of credentials, whether defined, linked, or overridden in an entry.
|One set of credentials is used by all of the staff, be it for the whole system or for a branch in your tree view (customer, department, etc.).||Set the credentials on the Vault Settings. All children use inherited credentials.|
|Each user has their own credentials for many different branches (often corresponding to customers/departments, etc.).||Make use of the User Specific Settings on each branch. All children use inherited credentials.|
|Each user has its own credentials managed by an administrator.||This solution involves a little more work. The administrator must create a folder for each user, then grant permissions only to that user. The user will then use User Specific Settings to specify that the credentials stored in that folder are used to override what is defined in the entries.|
|Each team uses the same credentials.||As above, but all team members have access to the folder. They all have to use the User Specific Settings.|
|Each user uses their domain account.||Configure sessions to use My Personal Credentials. Each user will be prompted to define them once per workstation that they use.|