Technician Mode - 2FA Authentication & Command Tray

Description:

Technician Mode 2FA Authentication & the Command Tray was released on 1/13/2020 with version 2.2.0 of the AutoElevate Agent software and version 1.3 of the AutoElevate Notify mobile apps.

Technician Mode allows any or your Technicians with AutoElevate user accounts to bypass the automatic approve/deny rules that have been established for your end users so that they can interact with the UAC manually and not generate a request.

The Technician Mode Command Tray displays the basic Machine Security disposition information and Application Security information to your technicians and allows them to fill in each UAC using either the built in ~0000AEAdmin credential or using the currently logged in user’s credential.

Note: Technician Mode is not supported for machines with multiple session such as Terminal servers and will not activate.

Technician Mode Has the Following Benefits:

• Allows your internal IT staff to do their administrative work on systems without being logged in with an account that has Admin Privileges and without having to know what the local Admin account/credentials are.
• Makes access to machines for administrative work faster and more convenient.
• Eliminates the need to maintain and rotate a local Admin password scheme at all your client sites for your technicians to use.

What You Will Need:

• AutoElevate Agent Version 2.2.0 or greater
• AutoElevate Notify Mobile app on your Android or iOS device version 1.3 or greater

All agents will attempt to update automatically, but to check the AutoElevate Agent Version on your computers do the following from the Admin Portal (https://msp.autoelevate.com ):

• Go to the “Computers” screen
• Expand the groups in your view so you can see the data in the column entitled: “Agent Version”
• If the Agent Version is not at version 2.2 or greater they will need to be updated by reinstalling using the most current version manually with your RMM or other installation method.

To check the AutoElevate Notify mobile app, open the app on your mobile device:

Android versions - If you have the latest version of AutoElevate Notify you will see the new QR Code Scan Button at the top right hand side of the app:

iOS version - If you have the latest version of AutoElevate Notify you will see the new QR Code Scan Button in the top left hand side of the app:

To install/update the mobile apps search for "AutoElevate Notify" in Google Play or the App Store from your device or use the following links:

How to Use:

From a machine with the AutoElevate Agent version 2.2.0 or greater do the following:

• Press “CTRL + Alt + A” (or use the Technician Mode link on any dialog window, or put the Computer into Technician Mode from the Action in the Admin Portal)
• A QR Code will appear
• Open the AutoElevate Notify application (version 1.3 or greater as seen above) on your mobile device
• Press the QR code icon in the top bar of the app
• Scan the QR code on the machine with the AutoElevate Notify App

Once Technician Mode is active you will see a box appear in the lower right corner of the computer screen that looks like this:

While Technician Mode is active each action or application requiring Admin privileges will display the Windows UAC with the Command Tray attached:

Technicians can use the information provided in the Computer Security section and App Security sections to help make decisions on whether to use Admin elevation for each UAC prompt.

The “Copy Malware Check Link” will copy a customized weblink to the VirusTotal database reference for the action or application that has caused the UAC to appear. To view the VirusTotal information open a browser and paste the link in the URL field. Technician Mode only provides the customized link and doesn’t provide a button that automatically launches the website in this circumstance for security purposes.

The technician can elevate using Admin privileges by clicking either the “Admin Elevation” or “User Elevation” buttons. They can also manually enter a username and password into the UAC or click “No” to cancel.

User Elevation is only available if the logged in user’s credential has been previously stored in the Windows System Credential manager by AutoElevate. If the logged in user’s credential has not been previously stored then clicking “User Elevation” will produce a prompt which will allow the credential to be entered and confirmed (for use in this and future elevations), otherwise only Admin Elevation will be available.

To exit technician mode on the computer, click on the "Back to Live Mode" button (or whatever previous mode that the agent was in before entering technician mode). The session will automatically timeout after 15 minutes by default, but this time can be modified under the new multi-level Settings screen. Once Technician Mode has ended, UAC events will be automatically processed according to the rules and mode that the agent is.