Author Topic: Per User Tool Authentication  (Read 171 times)

gammy69er

  • Newbie
  • *
  • Posts: 4
    • View Profile
Per User Tool Authentication
« on: August 10, 2020, 08:09:19 am »
Hey Peeps.

Looking for a way to have it so as my tools will be able to pull access details from current user session.

Am looking to use RADIUS to auth all techs - and then have that same RADIUS server give them access to the managed Devices.

Can populate tools with a %U for the unique username - however can see no way to use the password from the current session in a tool (as a macro or otherwise)

Can add Custom Attributes to the Nodes/Templates and use those - but as using radius - will be a per user password.

Is there any way to pull and assign the current session's password to a required tool - or is there a place where I can put per user attributes to pull from with an object Tool macro/script

I found the info about Input fields - but this will not do.  I am not at all adverse to the team having to do a password change in XMS and RADIUS (if they want) - but having to enter the password every time is no good)

Any Script examples or ideas of where to go appreciated.  If no such thing is available - I'll put in a request

Cheers in advance

Filipp Sudanov

  • Global Moderator
  • Sr. Member
  • *****
  • Posts: 285
    • View Profile
Re: Per User Tool Authentication
« Reply #1 on: August 10, 2020, 05:10:05 pm »
Hi!

There is no such thing in netxms - we do no cache the password entered by user so we do not have it anywhere after user logs in. And it seems to be not good idea from security viewpoint to keep any passwords plaintext and enter them somewhere.

Staj

  • Jr. Member
  • **
  • Posts: 58
    • View Profile
Re: Per User Tool Authentication
« Reply #2 on: August 11, 2020, 09:36:49 am »
Is PowerShell an option in your environment?

gammy69er

  • Newbie
  • *
  • Posts: 4
    • View Profile
Re: Per User Tool Authentication
« Reply #3 on: August 12, 2020, 01:01:35 am »
Hey Guys - Cheers for the Current Replies.

Hi!

There is no such thing in netxms - we do no cache the password entered by user so we do not have it anywhere after user logs in. And it seems to be not good idea from security viewpoint to keep any passwords plaintext and enter them somewhere.

Filipp - TY for the Info.  The current issue faced is that with trying to automate the tools as it stands - the only way is Clear text Custom Attributes - which is obviously no good, or manual entry every time - which takes up 2-10 seconds every connect to type/find password.  This adds up over a day/week/month/year and am just looking to increase productivity and reporting with XMS.
The thought I had was that if the obscured field used to login was held in memory (an possibly encrypted) - then a call could be made to that whenever it was required

Is PowerShell an option in your environment?

Staj. Powershell is available I suppose - as to whether it's and option or not would come down to what Powershell would be used for.  If you have an Idea - I am all ears.  Would be happy to run external script if it means that overall (for everyone else not using in this way) XMS is a little more robust and secure.

In the meantime - I have a couple of Ideas for what XMS could do to lessen my issue - so might just put in a feature request and see where it gets to.

Cheers