PDQ Inventory/Deploy use multiple credentials.

Hi Matthew,

Multiple credentials can be entered for both programs currently but there is no way to have it attempt as you've described.  In PDQ Inventory if you are using AD sync then the credentials for each container will be used for scanning purposes for those computers as well as the ability to right click on any computer in the console and choose the Scan User credentials.  The developers are also considering a way to have this kind of ability in Deploy or use the credentials from Inventory for deployments but that's still on the drawing board.

Thank you for your reply. I didn't realise you could set scan credentials per computer manually via console. That is a big help but not a full solution in my case. A huge thank you for the tip.

In a non-uniform credentialed environment the feature described would greatly enhance the practical functionality of PDQ Inventory/Deploy. Hoping it leaves the drawing board soon as a new feature. :)

 

I too, would like this option to try next set of credentials if first attempt fails. 99% of my computers I'm able to use one set of credentials but there is that 1% that use a different set of credentials and this is not something I'm able to change. Matthew, If you are able I would suggest you start using PDQ to try an unify everything. Use PDQ to setup either existing or new credentials across all of the machines. It may take you 5 deployments to get it all done but once you have that, you should have one set of credentials that will work across them all. After that you can deal with the miss-matched/old credentials. Hopefully this is something you can do, I was able to do it for most of my machines, but there is still that 1% that I'm not allowed to make the changes to.

Thanks. I have, I am, I do for most. The trouble is the source of new machines, also some I'm expected to support/administer but not have creds for (yes, really), others I like to retain the ability to help a colleague but won't reset (legacy) creds for him on systems he is "in charge" of. Long story short it is a sensitive unusual environment and I dare not impose uniformity on all I could. It should get a little easier now that I can set creds on each computer object for scanning. I can create collections I assume then tie in deployments to those collections with the correct creds. Roundabout and messy but it'll hold until PDQ Deploy picks on on the creds being used in PDQ Inventory or simply starts to try again.

I guess one concern would be it being abused to "brute force" a system. I'd happily take a max of 10 stored cred's limit. It'd only need to cycle through once or so to figure out and store the right credentials against the machine.

Yes I have pretty much the same environment you do. All of my own computers that I manage have the same credentials except for the 1% that I manage yet don't have credentials to (Yep, isn't that great)

I also monitor locations where I am a "Backup" tech and if they call me in I go to. In these locations I set the machines with the correct scan credentials so that Inventory is always up to date. Then if for some reason I get deployed to these locations and need to push something out, I select the correct credentials when starting the deployment.

 

Also note that I setup my Dynamic Collections with each location as a main collections and then have sub collections. All of my normal deployments target only the locations I'm 100% in charge of at all times.

yeah. Sensible set up. Little beats the PDQ Dynamic collections feature.

I have a large set of "Quick View" collections A folder like "Updates" with sub folders for Chrome, Firefox, HDD space free>30%, 20%, 15%, Active/Inactive, Non-standard admin accounts, etc. All drill down. Then when I'm interested in scoping out a building or temporary collection I simply drop this Quick View Collection into the buildings collection and watch them all sort themselves out into actionable groups with instant stats, figures at the ready. Can tie deployments into them and away we go. It really is a powerful solution. 

 

Only upgrade I can conceive and would wish for is an installable agent that would "phone home" and perform any queued actions and return the data. PDQ is excellent inside a LAN, but roaming users span external LAN's too. To avoid the security risk of opening up a windows server and PDQ to the wide world it could push/pull from a cloud solution perhaps. It'd bring PDQ closer to a RMM management solution.