Hi. I'm still pushing to use this product internally, but I found an issue that maybe I just don't understand:

You have to 'save credentials' to have them available for jobs/tasks. If UserA saves their own credential for something, then it seems to me that anyone also has rights to create jobs can in fact reference and use that credential without having to know the password.

Given the range of things your application allows to happen, that means I could create a task that uses the stored UserA credential to delete all athe files in some directory. Audit logs woudl show that UserA did it.

With the normal Windows TAsk Scheduler model, you have to reenter the credential(password) each time you modify a task that uses a stored credential to ensure you should have access to that credential.

Am I missing a configuration that would keep these stored credentials safe? Or a way to not have globally saved credentials?

thanks

You are right. You do not have to re-enter passwords. Our way of configuring Tasks and Jobs are made to make configuration easy. I understand what you mean and of course such enforcement could be made but there are a lot of drawbacks with that in my eyes. First, even though you can select a username/password it does not necessarily mean that you know the password you are using - you cannot see the password you use. Second, I think focus should be laid on restricting who have access to VisualCron.

So, features have been created to make things easier for those who already have access. If you want we can move this request to the Feature requests forum.

---

We are discussing about audit functionality. Please look at the document and leave comments here:

http://www.visualcron.co....aspx?g=posts&t=2007 

---