Can Royal Server be enhanced as a repo for Connections, Accounts, Credentials, etc?
After quickly examining Royal Server I know there is a ton of potential; unfortunately the way it is now, it has limited value in our use case. I'm aware you've mentioned you have big plans for Royal Server, so here is something that would enhance the software for us.
We currently use shared connection files on a file system, which works ok. We would prefer if we had an option for a central repo of connection files. If Royal Server was that repo, you could integrate user priv's as far as read/write for certain files, who accessed connections, credentials, SSH keys, etc. In addition, would/could there be an API for the credential store? We use an enterprise level solution for our credentials and if we had a method to "link" that to Royal Server, it would be absolutely amazing.
With the current beta versions of Royal TS V4 (for Windows), Royal TSX V3 (for OS X) and Royal Server V2 we support Royal Server as a repositor for Royal Documents
I give this 3 votes,
Al though it would be nice if we could access the file even when we aren't in our corporate network. It would be nice to see an offline implementation like windows does this with offline files on network drives.
So that if we aren't connected to the network that is running the royal ts server, we can still access the file that contains all of the credentials and use them.
Also integration with AD would be very nice. Now we just use credentials based on our credentials files stored locally.
Giving this 3 votes for integration with CyberArk.
Noah Helterbrand commented
This gets 2 votes:
1 vote is to have accessing the repo be protected by 2 factor authentication. You would perform 2FA each time the application is opened. Google Authenticator would work great, Azure's MFA, Yubikey, RSA SecureID, etc are options. Need to allow multiple options for 2FA as different organizations may want to keep with a particular method they are already using.
The other vote is for Active Directory integration. Access to reveal passwords, access to sets of sessions, etc. need to be based on AD users and groups. This way a new employee in a department can come in, be given RoyalTS, connect to Royal Server, and be already populated with exactly the servers under his responsibility, saving a lot of time and management cost.
Ryan Flagler commented
Here is an enterprise level credential management solution. Interfacing with something like this would be extremely useful.