Product Ideas Portal

Got an idea for a new feature? Maybe a tweak to make something work even better? Wish there was an integration with another product to make you even more productive? You've come to the right place.

The Product Ideas Portal lets you submit whatever product feedback you have, good, bad, ugly, and anywhere between.

Want to stay anonymous? Don't worry, no email address or name fields are shared on the public portal. You can create an account which lets you vote on other people's ideas and receive updates when your idea's status changes.

To learn more about how an idea becomes a feature, check out this infographic.

25 Vote

Team membership restriction to jump group

We have User1 who is a team member in TeamA and TeamB. A second user, User2 is a team leader in TeamB but he doesn't belong to TeamA.

When User1 accesses an endpoint in a jump group that belongs to TeamA, User2 will see his session in the active sessions section and he may join him or take over his session although he does not have access to that endpoint in the first place.

User2 shouldn't see what User1 is doing in TeamA and he shouldn't see the ongoing sessions to endpoints in TeamA because he is not responsible for endpoints in TeamA jump groups.

  • Guest
  • Jul 15 2020
  • Released
  • Attach files
  • Guest commented
    4 Nov, 2020 03:42pm

    The issue is that the Team Manager privileges, including joining a session, completely ignore access rights.

    The way we've designed it:- on Site 1, Site Manager 1 (SM1) is in charge of authorizing/supervising access.Users A and B have access to some machines on this site, so they're all part of a Team managed by SM1

    - Similarly, Site 2 is managed by SM2Users A and C have access to some machines on this site.

    When user A connects to a machine on site 2, because A is in a team managed by SM1,SM1 can join the session and potentially impact site 2 even though they are not authorized to access site 2.

    So we need:- either a setting that associates a Team with one or more Jump Groups / Jump Items, and lets the team management features apply only to them (that would be the cleaner solution design-wise IMO)- or a setting that forces the solution to verify that the Team Manager has access to a target machine before letting them join.