The article outlines the process for enabling / provisioning access to ConnectWise Control (formerly ScreenConnect) for an Information Systems team member or consultant.
- Provision user account in Active Directory / Azure Active Directory.
- Enable MFA requirements for user account in Azure Active Directory.
- Determine which Security Role the user should have access to.
https://teamlandmark.screenconnect.com/Administration?Tab=2- Assist - Allows access to the InfoSys - Dev & Test Session Group.
- C1st - Temporary Session Group used to grant access to consults from C1st Technologies. Grants access to the C1st Session Group.
- Meetings - Allows users access to use the Meetings functionality as a remote screen sharing / collaboration tool. This has been used for remote interviews although it is considered retired and not actively used.
- Netrio - Session Group used to grant access to technicians from the Netrio (Landmarks server MSP). Grants access to the Netrio Session group.
- SageConsultant - Session Group used to grant access to remote Sage Consultants (Jim Randall). Grants access to the Sage Session group.
- ServerConsultant - Session Group used to grant access to remote consultants supporting the EiDynamics application. Grants access to the EiDynamics Session group.
- Tier1 - Allows limited access to specific Session Groups. Not generally used.
- Tier2 - Session group for general Information Systems team member.
- WPE - Session group to allow users access to specific Session Groups. Allows Connectwise Control to be used in place of other Remote Desktop applications.
- Add the user to the ScreenConnect Enterprise Application registration in Azure Active Directory.
https://portal.azure.com/#view/Microsoft_AAD_IAM/ManagedAppMenuBlade/~/Overview/objectId/5135bd33-6001-4f44-b8e9-630f937ae4e4/appId/db980c63-1a3a-495c-a9db-3937d672a200/preferredSingleSignOnMode~/null/servicePrincipalType/Application
- User should be given the Role which matches the Screen Connect Security Role determined in step 3.