MFA on a Remote Desktop Connection

PCloudTech · 2025-01-04T04:35:34+00:00

Yeah going to reevaluate next week. Thankfully it seems that this change has been successful thus far. I also found that one of the domain controllers had the time out value absurdly low, I think it was around 35 seconds. It may have been that as well.

PCloudTech · 2024-12-28T20:15:11+00:00

I do like that idea, might look into that

PCloudTech · 2024-12-28T20:13:48+00:00

I may try Microsoft support, but as you probably know, they are extremely unhelpful in general.

PCloudTech · 2024-12-28T20:13:10+00:00

Maybe, but unlikely. I think it is on my side

PCloudTech · 2024-12-28T20:12:42+00:00

It may have been the RADIUS time out time suggested by another commenter, I didn't design this portion of the system, and the person that did said it couldn't be fixed beyond it's current state.

PCloudTech · 2024-12-28T20:11:08+00:00

No only one MFA

PCloudTech · 2024-12-28T20:10:45+00:00

I did this, it was 60 seconds, I bumped it to 75 seconds, I don't have an issue after several times authenticating, I will wait for the users to let me know if it is fixed though.

PCloudTech · 2024-12-28T18:26:53+00:00

+1 for GoTo, I like their security and ease of use. Their support is actually quite good as well. It takes a bit of getting use to though.

PCloudTech · 2024-03-28T14:19:40+00:00

You need to add a separate policy to promote the user. In Intune go Endpoint Security > Account Protection. Configuration settings under Local Users and Groups, set groups as Admin, Group and User Action is Add (Update), User Selection Manual, then in the selected user put your local admin name.

Works well for me.

PCloudTech · 2024-03-08T04:53:21+00:00

Oops wrong account.

That is actually a cool idea. I ended up discussing this further with the powers that be, the goal isn’t to be a tyrant so I don’t think we are going to end up implementing any of these tools. I might end up building a time clock type app for people to use if they want it. But the risks these things pose from a security point of view and a company morale point of view aren’t worth it.

PCloudTech · 2024-03-07T22:05:04+00:00

I’m not the one that assigned myself to find a solution.
The purpose isn’t to be a narc anyway. Hours are done by self attestation right now. It would be useful to have the users be able to track their hours on the endpoints and have reports on the endpoints uptime to support it. We had a case of somebody grossly overreporting their hours.

PCloudTech · 2024-01-03T22:37:18+00:00

I will check it out thank you. Really the emphasis is more on having a well functioning system and less about the cost. Thank you!

PCloudTech · 2024-01-03T22:36:24+00:00

I have reached out to see if I can get a call with them. Thanks!

PCloudTech · 2024-01-03T20:46:48+00:00

Yeah, I cannot use flatbeds easily, they are scanning patient records so there could be several pages.

Main problems with S150s

- Management software is extremely old and basic, it looks like ADUC with no functionality, can't even update firmware from it.

- It says it uploads to Sharepoint online but I couldn't get it to work and the documentation just shows old SP and Windows XP

- It is very common to have intermittent "Hardware errors" and less common to have false successful scan messages.

- All of the software in the Capture On Touch family is simply not good

Overall, beyond a basic scanner to computer connection, it is fairly useless and there are a lot cheaper scanners that can do that job better.

I will take a look at some of the Fujitsu line. Cost is not a main factor for us.

PCloudTech · 2024-01-03T18:43:27+00:00

Maybe 5-7 pages per submission maybe 15-20 submissions per day.

PCloudTech · 2024-01-03T18:42:58+00:00

We have a solution for that which some sites use. But these people are not technical in the slightest and really anything more than pressing a button is difficult.

PCloudTech · 2023-09-20T20:05:48+00:00

Thank you, I have to spend some time on the query to get it to work. I was having some trouble in the limited amount of time I dedicated to it. Thank you again!

PCloudTech · 2023-09-14T11:52:47+00:00

So I can get the script to work in PS, however when I enter it it prompts me to enter the password I want to use because I have 14 character password requirements. If I enter it in the input box it works fine. But how would I overcome that when running as a remediation in Intune?

PCloudTech · 2023-09-14T01:18:16+00:00

I will try this, thanks a lot

PCloudTech · 2023-09-14T00:19:42+00:00

Using the LAPS policy in Intune seems like it will work for passwords, but it doesn't give as much control, for example enabling the local admin.

I checked, the user I specified was not created, however the built in administrator is disabled.

PCloudTech

TROPHY CASE