Adding the ReadSharedUser Right

by

When implementing LAMS (LAPS at the MSP scale) a new Right has to be added to the Management Console to grant techs the right to read the shared user’s password. The name of the Right is “ReadSharedUser” and the type of the right has to match the type of the agent. The right type must match the type of the agent and will be “SharedLocalMachine” in almost all cases. To add the Right follow these steps.



  1. Login to the Management Console
  2. Click on “RIGHTS” on the menu on the far left.
  3. At the bottom of the page click on “Create New Right”
  4. Fill in the following information
    1. Name: ReadSharedUser
    2. Account Type: SharedLocalMachine
    3. Description: Read Shared User (LAMS)
  5. Click “CREATE” and there should be a right that looks like the screen shot. 

Now that you have created the right you need to grant the right to some techs. 

Create a Right Group, or use an existing Right Group, and put the new right in the group.

Create a Triplet, or use an existing Triplet, and grant some group of techs the new right on the LAMS agent(s). 

If there are any questions, please contact support@ruffiansoftware.com 

Our goal is to protect data and make technicians' access to remote domains, networks, and computers as safe and easy as possible.

Sales: 1-864-214-5049
Email: sales@techidmanager.com

Support: 1-864-414-2241
Email: support@techidmanager.com

Request a Demo

Quick Links:

TechIDManager

Pricing

Management Console

Install Today

How-to Articles

Trusted:

Supports:

Microsoft Azure logo
MacOS

© 2023 Copyright Ruffian Software Inc.

Privacy Policy