Product Ideas Portal

Thanks all for your input on this feature! While we're working on this and many other new features for you, we also want to make you aware of a survey that you might be interested in.

If you are a remote support customer with perpetual licensing, would you consider giving us 10 minutes of your time? We're even offering an added incentive - completing the survey enters you for a chance at $300 for you or a charity!

Click here to start the survey, or email the UX research team at uxresearch@beyondtrust.com if you have any questions.

We have servers organised by system type for each individual system supplier. But other support engineers such as as our database monitors only need access to the database server from each jump group. At the moment I am having to give them access to a lot more servers than required.

Would like to know if any there has been any action on this "Planned" idea. Looks like a game changer for many installations.

I have also customers which needs the functionality to have a jump client in multiple jump groups without installing several Jumpclient on one system

This seriously needs to be supported already.

Currently working with an MSP in France that would benefit massively from this feature, it would drastically reduce administrative overhead. 

This would be a tremendous help to our org. Being able to carve out subsets of Jump Groups for various employees is often requested.

Had this issue in my PRA deployment, the client was seeking to give access to the same jump client to two different vendor groups.

This came up in one of my colleagues’ implementations and would be of great benefit if introduced. 

I was onsite with another customer in EMEA and this functionality was requested 

Currently, we experience admin overhead. Too often, an entity will need access to this one device that belongs to this other jump group that contains items irrelevant to the new scenario.

levimacansh@yopmail.com

Our company continues to be impacted by this shortcoming on an almost weekly basis.  If I need to grant access to an individual user to a small group of 3 machines there is no mechanism to easily do this without effecting other jump groups and group policies. 

Making any new subset of systems requires creating a new jump group, which would then remove those systems from another jump group.  So then I have to create/update a new group policy that would give access to both jump groups for those that need it.  Every small change creates a small domino effect that is very clunky and highly inefficient.  

There should be a mechanism to create "collections" or "scopes" of computers that does not affect the actual client.  Then you limit the permissions of a user by assigning them remote access only to the scopes that they should have access to.   I understand this is somewhat vague when trying to describe with text, and may sound like something that Bomgar already offers, but it isn't.  At least not in the manner it should be.  

Every endpoint management suite (SCCM, Ivanti, Kace, etc) provides a simple way to define a set of systems, and then assign a user(s) to that set of systems - without impacting the system agent (Jump client) or its group memberships at all.  The collections/scopes and the permissions to them exist independently of the client. 

Again, I know this is hard to visualize when trying to describe it, so I encourage the developers to look at how the EPM suites above manage remote access to different collections/groups of machines to gain a better understanding of what everyone is voting for in this request.  

Has any progress been made on this idea?  I would like the ability to keep computers in a specific jump group but also assign them to specific users.  Problem is, once I assign it to a specific user, it's no longer in the jump group that our department has access to so I would have to give everyone access to system jump items which seems unacceptable.  Is there another way to handle this?  I like the tags idea below from 2017...

Customers keep asking when this will be possible.  Customer had over 5000 jump clients and is having to install multiple clients on pc's to organize it for their best use case.   Having the ability to assign a jump client to more than one group would solve this.

I am onsite at another customer with 30 RS licenses and 1000 PA licenses, in both workshops it was asked if this was possible. 

I have a customer who has over 1000 PA licenses that would make use of this immediately as they have over 200 vendors, do we know if this is still in consideration?

I have had several customers ask about this so they can delegate permissions to the client via more than one Jump Group.

This could be accomplished with "tags" similar to how McAfee ePO works.  Systems can have multiple tags associated with them, so you can find systems based on those tags.