Is it possible to prevent Contributors from using the administrator credentials to connect?
I have a SharePoint server setup and I need to allow several people to develop or diagnose issues. When I invite them, the web interface allows them to RDP and it uses the administrator credentials by default. Is there a way to prevent that and force them to use an Active Directory account on the server to RDP?
-
Hi Matt,
Excellent question and yes, we do have a few ways to limit this type of access.
Firstly you can create the AD accounts your users require in the OS, then add them to the CloudShare UI for their reference. Check out our full guide on adding users and setting auto-login.
Next you will want to disable auto-login as below. This will force your end user to enter their credentials each time they access the VM.
If your users only need to access SharePoint, you also have the option to use Web Access which will completely bypass their direct access to the VM and route them to your SharePoint site.
Thanks!
-
Thank you.
My environment for e.g., has 2 VMs 1 Sharepoint server and 1 SQL Server. I created a user in SharePoint VM with access to Sharepoint server and setup that user to have access to SQL Server. But inviting them as a contributor gives them access to the both the VMs, in addition to do pretty much anything to the whole environment except deleting it(including viewing and changing the admin password, editing hardware configuration, etc). Is there a way to limit access to just 1 VM in the environment?
-
Basically something like this, I create a DevAdmin user in the VM, setup the user in Cloudshare, send invite, users registers and login and see just the 1 VM, but doesn't have anyother ability on the cloudshare or other VMs in the Shared environment.
In Summary, for e.g.,
DevAdmin user just limited access (can only see) to SharePoint Server VM
DBAdmin user just limited to SQLServer environment
Neither of them can see other VMs or able to edit the environment. -
Hi - unfortunately there is not a built-in function for what you describe. You could however provide each user with the External Address (pubNNN.env.cloudshare.com) for a specific machine and they could RDP directly to that machine with the credentials you provide them - using Windows Remote Desktop.
Please note, that each time they need to connect, you would need to resume the environment and provide them with the new External Address as this is recycled each time the environment Suspends and Resumes. Also, as this is outside of CloudShare, we wouldn't be able to detect activity and the environment may suspend while they were in the middle of using it.
If your SharePoint user needed access to the SharePoint site alone, you could provide them with the Web Access URL and assign it to which ever web application they are working on.
If you think this is a vital functionality, feel free to open a feature request.
-
Thank you, at least that answers the question, but unfortunately doesn't help my situation. I guess, I don't understand this restriction as this doesn't require a static ip, as the external address is a subdomain, why that is not maintained in a table internally by cloudshare and keep the external subdomain address static. Guess, that is what the feature request is for. :)
Please sign in to leave a comment.
Comments
8 comments