[SOLVED] Windows login WAPT console

Share your tips or issues concerning the WAPT Console or WAPT Agent here
Forum Rules
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Locked
Mikael_S
Messages: 26
Registration: Apr 25, 2023 - 11:57

April 25, 2023 - 2:16 PM

Hello,

We have the WAPT console on a Windows 10 VM. The console opens with the single account created during installation.
When another person opens a new Windows session and logs in with this account, the console prompts them to configure the prefix, certificate, etc. If I cancel this screen, we can still access the console (we can see the packages, inventory, etc.), but the settings are then missing.
I don't know if that's clear. :)

Windows 10 22H2
WAPT Console: 2.3.0.13516
Last edited by Mikael_S on Apr 27, 2023 - 2:15 PM, edited 1 time.
High
User avatar
dcardon
WAPT Expert
Messages: 1932
Registration: June 18, 2014 - 09:58
Location: Saint Sébastien sur Loire
Contact :
Contact dcardon

April 26, 2023 - 09:02

Hello Mikaël,
Mikael_S wrote: Apr 25, 2023 - 2:16 PM We have the WAPT console on a Windows 10 VM. The console is opened with the single account created during installation.
Yes, in the Discovery version only the "admin" account is available. In the Enterprise version, you can connect the server to Active Directory to use Active Directory accounts so that each administrator has their own account.
When another person opens a new Windows session and logs in with this account, the console prompts them to configure the prefix, certificate, etc. If I cancel this screen, the console still opens (packets, inventory, etc. are visible), but the settings are then missing.
Indeed, the settings are stored in the file C:\Users\dcardon\AppData\Local\waptconsole\waptconsole.ini and are not stored on the server. The prefix could be stored on the server for automatic retrieval, but the private key is necessarily local to the machine (this is part of WAPT's security model, see the documentation). And the best practice is to have a private key per administrator, because it is the private key, more so than the console login/password, that secures everything.
I don't know if that's clear. :)
Yes, that was clear. I hope I was clear in turn. :-)

Sincerely,

Denis
Denis Cardon - Tranquil IT
Share your experiences on WAPT! Send us your blog and article URLs in the "Your Opinion of the forum, and we'll feature them on the WAPT
High
Mikael_S
Messages: 26
Registration: Apr 25, 2023 - 11:57

April 26, 2023 - 10:24

Hello,
thank you for these answers. I reread the documentation.
To be more precise, we are testing the Enterprise version.
Regarding certificate generation, if I understand correctly, we need to repeat the "Tools - Generate a certificate" procedure for each console user?
Another point: can the WAPT console be installed on multiple machines?
High
User avatar
dcardon
WAPT Expert
Messages: 1932
Registration: June 18, 2014 - 09:58
Location: Saint Sébastien sur Loire
Contact :
Contact dcardon

April 26, 2023 - 10:52 AM

Hello Mikaël,

the waptconsole.exe binary is integrated by default into the WAPT agent, so if the client machine has the WAPT agent installed, the console is available. However, there is no icon in the Start menu. Your colleagues can find and launch it directly from the directory c:\program files (x86)\wapt\waptconsole.exe.

Regarding signature keys, it is strongly recommended to have one per system administrator, but if you are still learning, you can start with just one key. Indeed, many of the problems that first-time WAPT users encounter are related to certificate mix-ups.

Once you're comfortable with the process, you can create a certificate for each admin. Then you need to deploy these certificates to the machines that each person will administer (for example, the server admin's certificate is deployed to the servers, the workstation admin's certificate to the workstations, but not the other way around).

Note: I'm referring to a key and a certificate because there are actually two: a private key that remains on the admin's machine (remember to make a backup :-) ), and a public certificate that goes with the key and is deployed to all the machines that will be managed with that key.

Sincerely,

Denis
Denis Cardon - Tranquil IT
Share your experiences on WAPT! Send us your blog and article URLs in the "Your Opinion of the forum, and we'll feature them on the WAPT
High
Locked

Return to "WAPT usage (Console, Agent) / WAPT usage (Console, Agent)"


  • To go further with WAPT