Not sure if this is the right spot to ask, We are taking over a customer in a few weeks and he has someone onsite who normally deals with anything minor and has asked if he could have a login to the remote control. We would be happy for this to happen but obviously don’t want him to see and be able to connect to other customers. I’ve created a user account for him under the RMM and then only given him access to the one company but I cannot login to the Remote Control application. Is this something that can be done?
In addition to what @Jimmy mentioned above, please make sure that you assign a custom role to this new ‘user’. A custom role solely for this ‘user’ which is most likely a variant of the predefined ‘Technician’ role.
What took me a while to grasp was that I had to make the user when I was on the RMM page and then users.
I then cheated slightly here and left everything turned on under role permissions (I’m sure most of this can be turned off but I was a bit pressed for time) then under access scope I switched off each customer apart from their own then installed the remote tools. Luckily with this customer I can trust that they will not try and login to the web and are only interested in the remote control side through the app.
I’ve attached an image with the customer names blacked out.
@Chris-VIVID Thanks Chris - The user is able to login to the portal fine and see only their systems. They just can’t login using the remote software. I am confused by what you said about making the user when you are on the RMM page and the users. I created the user under Applications > RMM > Users > User List. Then assigned the user under Role Management with the customer specific Role that I created. I went into the new Role that I created and allowed everything, just to see if I could get the login to the remote software to work. However that didn’t help.
@Chris-VIVID So I attempted a password rest from the remote control software and it is saying the user is not found. So I assuming that I missed a setup in setting up the user. I guess there is something to what you said about the new user setup. Do you mean set the user up as a Technician?
@dhaysley I’ve attached a snip of the part I mean. I found it’s almost like you have to create 2 logins. One when you are in the service desk then under staff and then if they’re not there under RMM, then you can assign them a role under the RMM user. Sorry for the crudeness of the images
Clearly this is a use case that could be useful for many out there.
Can you tell us exactly how this should operate, include screenshots/hand drawings/explanations so that we can get it done for you please.
Glad to say it works already!
needs lots of understanding of the permissions so only experience people should do this else you open up your entire MSP client base to every user.
We use @dittoit as our Disaster, backup and recovery provider. We install Endpoint Manager on all our devices and grant them access via a user account in our portal which ties into Service Desk meaning they have access to the ticket information about restores and backup issues and then able to login to the servers to do anything required.
You need the following permissions to work (See attachments)
Once the permissions are done you need to make the correct selections in access scope to allow them on to the right company or group.
OK guys, I must be missing something, I have set up the user I want to have access, through rmm users page, and set role management as stated in this forum. The user can not log in, I have tried their email address, I have tried the username that shows in the user management section, still tells me that the username or password is wrong. I even sent a password reset to the user, and they got it and changed that password, but still can not log in. I know I likely missed something simple, but do not know what it is. Thanks in advanced.
I tried it like you said, and I followed the link, and read all of that. It still does not work for me. First off, I set the user up through Endpoint manager, and as far as I can tell I have granted the only permissions I want them to have, that is remote access. When I toggle the remote access permission slider, it opens some others also, so I assume those are dependencies?? But, when I try to log in through the Endpoint Manager side of the Itarian remote control, when I put in the domain like you have suggested in the article, it says invalid domain. I can by pass that by typing in the whole domain, all the way through comodo.com, but still does not work. So, I guess I am back, trying to figure out what I have missed?? I even went to the website, using my full address for the xxxxxxxxxx-msp.cmdm.comodo.com, and try to log in. Then I get an error that says No Access Permissions. I have looked back through all the stuff, and thought I have followed the information correctly, but still can not get it to work. Thanks!!
OK, I think I finally got it, the very bottom to allow user access to sign into the portal. I did not really want them to sign into the portal, just mainly use the remote control app. I am getting closer, and will likely get it figured out now. Sorry, I missed that one setting, as I figured I had missed something. Thanks.
It seems that after the last update. the customer that was logging in can not longer log in. I tried to remove two factor authentication, but the customers user is no longer in my staff page, and I can not see how to disable two factor authentication?? I guess I need to know how to remove the tfa, and know where the account went, so I can get the customer logging back in.
