Agents currently have 4 modes: Audit, Policy, Live, and Technician. https://support.autoelevate.com/hc/en-us/articles/115003709732-System-Overview-System-Agent
Technician Mode allows any of your Technicians with an AutoElevate user account to bypass the automatic approve/deny rules that have been established for your end users so that they can interact with the UAC manually and carry out tasks that require privilege elevation with the press of a button without creating any additional notifications or requests which would be also be sent to other technicians. By default, technician mode will timeout after 15 minutes.
Additionally if you have a supported PSA ticketing solution integrated you will be able to utilize Ticketing in Technician Mode https://support.autoelevate.com/hc/en-us/articles/360042307312-Technician-Mode-Ticketing which allows you to create and/or update tickets in your PSA automatically.
Technician Mode Has the Following Benefits:
- Allows your internal IT staff to do their administrative work on systems without being logged in with an account that has Admin Privileges and without having to know what the local Admin account/credentials are.
- Makes access to machines for administrative work faster and more convenient.
- Eliminates the need to maintain and rotate a local Admin password scheme at all your client sites for your technicians to use.
Please see this article on how to setup and configure Technician Mode for your Users: https://support.autoelevate.com/hc/en-us/articles/360042307312-Technician-Mode-Ticketing
How to Use Technician Mode:
From a machine with the AutoElevate Agent version 184.108.40.206 or greater do the following:
- Press “CTRL + Alt + A”(or use the Technician Mode link on any dialog window, or put the Computer into Technician Mode from the Action in the Admin Portal)
- A QR Code will appear
- Open the AutoElevate Notify application (version 1.3 or greater as seen above) on your mobile device
- Press the QR code icon in the top bar of the app
- Scan the QR code on the machine with the AutoElevate Notify App
Once Enhanced Technician Mode is active you will see a box appear in the lower right corner of the computer screen that looks like this:
While Technician Mode is active each action or application requiring Admin privileges will display the Windows UAC with the Command Tray attached:
Technicians can use the information provided in the Computer Security section and App Security sections to help make decisions on whether to use Admin elevation for each UAC prompt.
The “Copy Malware Check Link” will copy a customized weblink to the VirusTotal database reference for the action or application that has caused the UAC to appear. To view the VirusTotal information open a browser and paste the link in the URL field. Technician Mode only provides the customized link and doesn’t provide a button that automatically launches the website in this circumstance for security purposes.
The technician can elevate using Admin privileges by clicking either the “Admin Elevation” or “User Elevation” buttons. They can also manually enter a username and password into the UAC or click “No” to cancel.
User Elevation is only available if the logged in user’s credential has been previously stored in the Windows System Credential manager by AutoElevate. If the logged in user’s credential has not been previously stored then clicking “User Elevation” will produce a prompt which will allow the credential to be entered and confirmed (for use in this and future elevations), otherwise only Admin Elevation will be available.
To exit technician mode on the computer, click on the "Back to Live Mode" button (or whatever previous mode that the agent was in before entering technician mode). Once Technician Mode has ended, UAC events will be automatically processed according to the rules and mode that the agent is.