Managing role-based security in ConnectWise Control, formerly ScreenConnect

| By: Jeff Bishop

Looking for ways to better manage your users? Try organizing them into different roles. Each role has a set of permissions that can affect the visibility of the Host page and define a user’s in-session experience.

For example, you may want to set up a Tier One Support group that can only conduct support sessions, a Server Team that can only join server sessions with Access agents installed, and a Desktop Team that can connect to both Access and Support sessions. This article will discuss the revamped role-based security feature within ConnectWise Control (formerly ScreenConnect).

The role-based permissions have been reorganized into two categories:

Firstly, global permissions are not related to a session grouping, but instead encompass more broad functionality like the ability to access the Administration page, manage the shared toolbox, create session groups, create support and meeting sessions, and build access installers.


Secondly, scoped permissions are specifically related to grouping, or organizing sessions into groups. The configurable permissions include the ability to view, join, and end sessions within the group, as well as access to specific features like run tools, run commands, and add notes.


Since these configurable permissions inherit from the parent group, you could set up a group that has a base set of permissions that allow users to view, join, edit, and end sessions in any support session group.  You could then add items like add and remove notes, transfer files, and run tools in specific support session groups.


The clone feature allows an administrator to make a copy of an existing role.  Using the cloned group makes it simple to create a role with some basic permissions, and then add additional roles that have more specific permissions. (See Figure 4)


Help page. Just visit our website to discover what unmatched remote control technology can do for your business!