Settings

 

In the Settings tab, you can configure the Domain level settings for your account. The following sections are available:

Overview

The overview section lists all the changed settings, allowing you to easily revert them to the default state.

General

Domain Administration

Domain Admin

Enable this to promote the user to domain admin. This grants the user access to the Administration Dashboard where they can edit users, computers, and settings for their domain. Using the permissions below, such as "Create, edit, and delete users (domain admin only)", you can grant/revoke access to certain settings. For example, you can create a read-only domain admin by enabling "Domain Admin" and revoking all the permissions below.

Create, edit, and delete users (domain admin only)

This setting grants access to the "Users" tab in the Administration Dashboard. There, the user can view a list of users in their domain, create new users, update their settings, and delete existing ones. If you disable this permission, the user will not have access to the "Users" tab. Please note that the user must be a domain admin to access the Administration Dashboard (see the "Domain Admin" setting). 

Create, edit, and delete user groups (domain admin only)

This setting grants access to the "Groups" tab in the Administration Dashboard. There, the user can view a list of user groups in their domain, create new groups, change their members, and delete existing ones. If you disable this permission, the user will not have access to the "Groups" tab. Please note that the user must be a domain admin to access the Administration Dashboard (see the "Domain Admin" setting).

Edit domain settings (domain admin only)

This setting grants access to the "Settings" tab in the Administration Dashboard. There, the user can update domain settings. Domain settings are applied to all users within a domain. If you disable this permission, the user will not have access to the "Settings" tab. Please note that the user must already be a domain admin to access the Administration Dashboard (see the "Domain Admin" setting).

 

Computer Groups 

Create computer groups

When this setting is enabled, the user can create new computer groups. To add computers to the group, the user will also need "Edit computer groups" permission. You can learn more about the benefits of groups here.

Edit computer groups

The user can edit computer groups (add or remove computers, rename group, share group with other users) when enabled.

Delete computer groups

When this setting is enabled, the user can delete computer groups.

 

Profile

Edit full name

When this setting is enabled, a user(s) can edit their full name in "Profile". Disable this setting if you wish to prevent the user from editing their full name.

Edit e-mail

When this setting is enabled, a user(s) can edit their e-mail in "Profile". Disable this setting if you wish to prevent the user from editing their e-mail.

Edit nickname

When this setting is enabled, a user(s) can edit their nickname in "Profile". Disable this setting if you wish to prevent the user from editing their nickname.

Change time zone

When this setting is enabled, a user(s) can change their time zone in "Profile". Disable this setting if you wish to prevent the user from changing their time zone.

 

Admin notes

Notes

Use this field for storing notes about users. The notes will only be seen here and do not affect any functionality of services.

 

License Usage

Max license usage (hard limit)

This setting limits the combined peak license usage of all users within the domain. It also serves as an upper limit for the "Max license usage" setting (see below).

Max license usage

This setting limits the number of licenses available to a user.
Note: This setting is limited (upper bound) by the "Max license usage (hard limit)" setting (see above).

 

ISL Light

ISL Light

Disabling this option will prevent the user(s) from starting any remote support sessions or connecting to unattended computers. The user(s) will also be unable to view the "Remote Support" tab on web pages.

IP Filtering

Desk code request IP filter

Limits session code generation based on IP or MAC address. For a detailed guide on how to use filters please see the Using Filters manual.

ISL Light - Permissions

Remote desktop

View Remote Desktop

When this setting is enabled, the operator can view the remote desktop (client). When the setting is disabled, the connection to the remote computer can be established, but the operator won't be able to see the remote desktop.

Control Remote Desktop

When this setting is enabled, the operator can control the remote desktop (client). When the setting is disabled, the operator will be able to see the remote desktop, but won't be able to control it.

Share My Screen

When this setting is enabled, the operator can share his screen to the remote computer (client). When the setting is disabled, the connection to the remote computer (client) can still be established, but the operator will be unable to share their screen with the client.

Control My Screen

When this setting is enabled, the remote computer (client) can control the operator's computer. If the setting is disabled, the client will enter the session in whiteboard mode. This will allow them to see your desktop (if the "Share My Screen" setting is enabled), but they won't be able to control it. For the client to control your computer, the client will need to request permission and the local (operator) side will have to grant it.

Clipboard

This setting enables clipboard sharing between the local and remote computers. The operator can utilize the Copy (Ctrl-C) command on the remote computer and Paste (Ctrl-V) it on the local computer or vice versa. This eliminates the need to send snippets of text via the text chat, or any other means of communication to the remote desktop (client).

 

Files

Send Files

If this setting is disabled, the operator won't be able to send any files to the remote computer (client). The operator will still be able to receive files (if the "Receive Files" setting is enabled).

Receive Files

If this setting is disabled, the operator won't be able to receive any files from the remote computer (client). The operator will still be able to send files (if the "Send Files" setting is enabled).

File Manager

Enabling this setting allows the operator to use the File Manager functionality. Please note that when this setting is disabled, file transfer can still be performed unless the "Send Files" and "Receive Files" settings are also disabled.

 

RDP / SSH

Enable Jumpbox functionality

This setting enables the possibility to include tunnel endpoints, other than localhost, on either the operator side or the client side. The setting also requires the "Enable operator-side tunnel creation" setting to be enabled (the "Enable client - side tunnel creation" setting should also be enabled if using a reverse Jumpbox tunnel). Read more about Jumpbox functionality here.

Enable client-side tunnel creation

This setting enables the client to create tunnels to the operator side. Please note that when this setting is disabled, tunnels can still be created from the operator to the client unless the "Enable operator-side tunnel creation" setting is also disabled.

Enable operator-side tunnel creation

This setting enables the operator to create tunnels to the client side. Please note that when this setting is disabled, tunnels can still be created from the client to the operator unless the "Enable client - side tunnel creation" setting is also disabled.

 

Plugins

Desktop plugin

This setting controls the desktop plugin. Please note that this setting is deprecated and only affects ISL Light Desk (on Windows) and ISL Light Client (on Windows). Please use ISL Light Permissions instead.

File transfer plugin

This setting controls the file_transfer plugin. Please note that this setting is deprecated and only affects ISL Light Desk (on Windows) and ISL Light Client (on Windows). Please use ISL Light Permissions instead.

Video plugin

This setting controls the video plugin. Please note that this setting is deprecated and only affects ISL Light Desk (on Windows) and ISL Light Client (on Windows).

Audio plugin

This setting controls the audio plugin. Please note that this setting is deprecated and only affects ISL Light Desk (on Windows) and ISL Light Client (on Windows).

Printing plugin

This setting controls the printing plugin. Please note that this setting is deprecated and only affects ISL Light Desk (on Windows) and ISL Light Client (on Windows).

Recording plugin

This setting controls the recording plugin. Please note that this setting is deprecated and only affects ISL Light Desk (on Windows) and ISL Light Client (on Windows).

 

ISL AlwaysOn

Basic

ISL AlwaysOn

Disabling this option will prevent the user(s) from adding or connecting to unattended computers. The computers are not permanently deleted, so the setting can be reverted. The user(s) will also be unable to view the "Remote Access" tab on web pages.

 

License Usage

Max number of owned connections (hard limit)

This setting limits the combined number of owned ISL AlwaysOn computer connections for all the users within the domain. It also serves as an upper limit for the "Max number of owned connections" setting (see below).

Max number of owned connections

This setting limits the number of owned ISL AlwaysOn computer connections for the user. Attempting to add more ISL AlwaysOn computer connections will result in an error message explaining that the maximum number of licensed connections has been reached. Computers that are shared with the user do not count towards the limit.

Note: This setting is limited (upper bound) by the "Max number of owned connections (hard limit)" setting (see above).

If the limit is reached, the following error is displayed when trying to grant access to the user:

 

Access Management

Scheduled access (in UTC)

This setting specifies the days of the week and times when the user is allowed to connect to ISL AlwaysOn computers. Outside of the schedule, new connections to remote computers will be rejected, however, existing connections will remain active.

The schedule can be set for individual days of the week (1=10:00-14:00, 4=15:00-17:00) or a range of days (5-7=11:00-12:00). Please note that day 1 is Sunday and day 7 is Saturday. For each day, multiple schedules can be specified with different time ranges (00:00-23:59) in UTC time standard.

When the setting is in the wrong format, all new connections to remote computers will be rejected and an error log will be appended to the server log file.

For more details and examples, please refer to the Scheduled access manual.

 

 

 

 

ISL Pronto

Basic

ISL Pronto

Disabling this option will prevent the user(s) from logging into ISL Pronto. This means the user(s) will be unable to answer client chats. The user(s) will also be unable to view "Live Chat" tab on webpages.

 

File Transfer

Send files in chat

If this setting is disabled, the operator won't be able to send any files to the client. The operator will still be able to receive files (if the "Receive Files in chat" setting is enabled).

Receive files in chat

If this setting is disabled, the operator won't be able to receive any files from the client. The operator will still be able to send files (if the "Send Files in chat" setting is enabled).

 

ISL Groop

Basic

ISL Groop

Disabling this option will prevent a user(s) from starting online meetings. The user(s) will also be unable to view the "Web Conference" tab on web pages.

 

Security - Authentication

Two-factor Authentication

Login without configured Two-Factor Authentication

Disabling this option will force Two-Factor Authentication for the user(s). This will require the user(s) to configure Two-Factor Authentication on their next login attempt if they do not have at least one Two-Factor Authentication method set.

"Don't ask again on this device" option for 2-Factor authentication

Disabling this option will remove the "Don't ask again on this device" checkbox from the GUI, and the user(s) will no longer be able to skip Two-Factor Authentication on any device.

 

Password

Change password

When this setting is enabled, user(s) can change their password in "Profile". Disable this setting if you wish to prevent users from changing their password. 

Minimum password length

User passwords shorter than selected value will be rejected by the system. This requirement can be disabled by setting the value to "0". Changing the setting value does not affect any existing user passwords and is only applied on a user's next password change.

Maximum password length

User passwords longer than the selected value will be rejected by the system. This requirement can be disabled by setting the value to "0". Changing the setting value does not affect any existing user passwords and is only applied on a user's next password change.

List of custom special characters

The value for this setting is a string containing special characters that should appear in a user's new password. The number of required special characters is set by the "Minimum number of custom special characters required in passwords" setting. Setting this to an empty string will disable the special characters requirement. Changing the setting value does not affect any existing user passwords and is only applied on a user's next password change.

Minimum number of custom special characters required in passwords

This setting specifies the minimum number of special characters required in users' new passwords. The list of special characters can be set using the "List of custom special characters" setting. This requirement can be disabled by setting the value to "0". Changing the setting value does not affect any existing user passwords and is only applied on a user's next password change.

Minimum number of uppercase characters required in passwords

This setting specifies the minimum number of uppercase characters required in users' new passwords. This requirement can be disabled by setting the value to "0". Changing the setting value does not affect any existing user passwords and is only applied on a user's next password change.

Minimum number of lowercase characters required in passwords

This setting specifies the minimum number of lowercase characters required in users' new passwords. This requirement can be disabled by setting the value to "0". Changing the setting value does not affect any existing user passwords and is only applied on a user's next password change.

Minimum number of digit characters required in passwords

This setting specifies the minimum number of digit characters (0, 1, 2, ..., 9) required in users' new passwords. This requirement can be disabled by setting the value to "0". Changing the setting value does not affect any existing user passwords and is only applied on a user's next password change.

Allow passwords to start or end with whitespace

When this setting is enabled, users' new passwords may start or end with a whitespace character (" ", "\n", ...) otherwise they are rejected by the system. Changing the setting value does not affect any existing user passwords and is only applied on a user's next password change.

Allow passwords from password_blacklist.txt

When this setting is disabled, users' new passwords are checked against a database of blacklisted passwords (which is set by the system administrator) meant to prevent passwords that are too common/basic. If a user's new password is blacklisted, they are shown the following message: "Password considered too weak. Please choose a stronger password.". Changing the setting value does not affect any existing user passwords and is only applied on a user's next password change.

 

User Sessions

View own session

When this setting is enabled, the user can list and query their own sessions.

Control own session

When this setting is enabled, the user can terminate their sessions. Please note that the "View own sessions" setting also needs to be enabled.

Domain Sessions

View domain sessions

When this setting is enabled, the user can list and query sessions in their domain.

Control domain sessions

When this setting is enabled, the user can terminate sessions in their own domain. Please note that the "View domain sessions" setting also needs to be enabled.

Was this article helpful?