Self-hosted data source for Devolutions RDM
Centralize connections, credentials, and privileged access—without
sacrificing usability.
Store RDM connections and credentials in Devolutions Server
Devolutions Server acts as a self-hosted data source, adding identity and access control to the Devolutions Remote Desktop Manager (RDM) experience technicians already know and trust.
RDM reads directly from Devolutions Server, allowing teams to work in RDM while Server securely manages data storage and security policies in the background.
Enable single sign-on for RDM by using Devolutions Server as the data source, backed by identity providers such as Microsoft Entra ID and Okta.
Enforce role-based access in RDM by defining roles, groups, and permissions in Devolutions Server; technicians only see and use the entries that match their responsibilities.
Allow RDM to access an offline cache of Devolutions Server data when enabled by administrators.
Open sessions with RDM with one-click credential injection using entries stored in Devolutions Server. No context-switching, no copy-pasting.
See Devolutions Server in action
Deploy PAM on-prem with Devolutions Server
When your organization is ready to go beyond remote connections and credential management, Devolutions Server integrates with Devolutions PAM to deliver self-hosted privileged access management. Discover privileged accounts, enforce checkout workflows, rotate passwords automatically, and record sessions without heavy infrastructure or long deployment projects.
Account discovery
Automatically discover privileged accounts from identity providers, and bring them under centralized governance to reduce risk and eliminate unmanaged credentials.
Automated password rotation
Apply automated rotation policies to privileged credentials to ensure passwords are changed regularly, reduce credential exposure, and meet security and compliance requirements without manual effort.
Checkout, approval, and session access
Enforce just-in-time access to privileged accounts with request and approval workflows, secure session brokering through Devolutions Gateway, and full visibility into who accessed what, when, and why.
Monitoring and auditing
Record and review privileged sessions with detailed activity logs and audit trails to support investigations, demonstrate compliance, and satisfy regulatory requirements.
Centralized password management for your entire organization
Devolutions Server from every angle
See how Devolutions Server fits alongside Devolutions Remote Desktop Manager, Devolutions PAM, Devolutions Gateway, and Devolutions Workspace in real deployment scenarios. The gallery highlights common setups and workflows.
Resources
For teams that need deeper technical details, these resources cover Devolutions Server's security and encryption model, technical specifications, and more.
Devolutions Server FAQ
Use cases
What sets Devolutions Server apart from other solutions, and where does it fit in the Devolutions ecosystem?
Self-hosted, budget-friendly, and easy to deploy, Devolutions Server is a comprehensive credential management solution designed for IT professionals. While it can serve as merely a data source or basic credential manager, its advanced features make Devolutions Server an excellent gateway for organizations looking to evolve toward privileged access management (PAM). Core to the Devolutions ecosystem, Devolutions Server integrates deeply with Remote Desktop Manager, Devolutions Workspace, the PAM module, and Devolutions Gateway to deliver powerful capabilities including role-based access controls, just-in-time privilege elevation, password rotation, and web-based remote sessions.
- Approving requests on-the-go using the Devolutions Workspace mobile app;
- Role-based access controls, logging, and more when used as an advanced data source with Devolutions Remote Desktop Manager;
- Approving requests on-the-go using the Devolutions Workspace mobile app;
- Just-in-time privilege elevation and password rotation via the PAM module;
- Access to remote network segments through Devolutions Gateway, and enabling contractor RDP access through web-based sessions.
Devolutions Server provides an accessible starting point while paving the way for enhanced security and control as organizations scale their PAM initiatives.
Deployment and compatibility
What environments are compatible with Devolutions Server?
Devolutions Server supports physical and virtual servers (such as Azure or Amazon Web Services). A Devolutions Server instance can be installed on a Windows Server, and supports managed MSSQL databases. Linux support is currently in beta.
How easy is it to install Devolutions Server?
- Back up encryption keys across Devolutions Server instances to ensure data accessibility. Licenses are stored internally in the database and are accessible upon restoration.
Does Devolutions Server support high availability (HA)?
HA support is available but depends on your environment and technologies. Currently, it is limited to Windows-based deployments.
What alerting, monitoring, and logging options are available in Devolutions Server?
Devolutions Server includes built-in notifications and comprehensive logging options. Alerts can be configured for specific server actions and user activities. Logs can be generated and sent to syslog, Slack, Windows Event Viewer, or Microsoft Sentinel. The System Dashboard provides a centralized view to help monitor server health, activity, and alerts in real time.
How often is Devolutions Server updated, is it automatic, and what support is available for upgrades?
Updates are released regularly, with three major updates per year. Upgrades are performed manually to give customers control, and remote session support is available for paid subscriptions. Deployment is straightforward using the Devolutions Console, and can typically be completed in under an hour. A Devolutions Server instance can operate entirely on a single IIS server, with an MSSQL Express or higher database on the same system, or distributed across multiple servers as needed.
Security and access
What identity providers are available for authentication?
Devolutions Server integrates with Active Directory, Microsoft Entra ID (formerly Azure Active Directory), PingOne, and Okta for user authentication. Internal users are also supported for scenarios involving contractors, disaster recovery, or other external users.
What multi-factor authentication (MFA) options are available?
Devolutions Server supports MFA through TOTP apps, YubiKey, email, SMS (via Twilio), Duo, or Radius.
For organizations using Active Directory, Microsoft Entra ID (formerly Azure Active Directory), Okta, or PingOne for authentication, MFA options are available through the external identity provider.
Integrations and automation
Does Devolutions Server offer an API?
Yes, Devolutions Server offers a REST API for operations like retrieving a password for down-level systems, and an extensive PowerShell module for further entry and management options.
Administration and reliability
How can I organize entries in Devolutions Server?
Entries can be organized in vaults, and into tree-like folders within vaults, offering logical separation. Inheritance at the vault and folder levels simplifies management, and entries can be linked for streamlined updates.
Is there a limit to the number of entries that Devolutions Server can handle, such as credentials and sessions?
Devolutions Server does not impose a limit on the number of credentials, folders, or sessions you can create. For optimal performance, we recommend limiting each vault to a maximum of 4,000 entries, and creating multiple vaults to logically separate sessions as needed.
How many users can concurrently access an entry in Devolutions Server?
There is no limit to the number of users who can view an entry.
How many users can concurrently access an entry?
There is no limit to the number of users who can view an entry. To preserve the integrity of entries being edited, editing access is restricted to one user at a time.
How does Devolutions Server support business continuity and disaster recovery?
Devolutions Server offers several tools for managing disaster scenarios and outages affecting infrastructure and/or Devolutions Server:
- Export entries on a schedule using PowerShell (we recommend storing them encrypted at rest in a physically secured location);
- Use an internal Devolutions Server user in an authentication outage, such as losing Active Directory or Microsoft Entra ID (Azure);
- Perform scheduled database backups for rapid restoration;
- Back up encryption keys across Devolutions Server instances to ensure data accessibility. Licenses are stored internally in the database and are accessible upon restoration.
Does Devolutions Server support high availability (HA)?
HA support is available but depends on your environment and technologies. Currently, it is limited to Windows-based deployments.
What alerting, monitoring, and logging options are available in Devolutions Server?
Devolutions Server includes built-in notifications and comprehensive logging options. Alerts can be configured for specific server actions and user activities. Logs can be generated and sent to syslog, Slack, Windows Event Viewer, or Microsoft Sentinel. The System Dashboard provides a centralized view to help monitor server health, activity, and alerts in real time.
How often is Devolutions Server updated, is it automatic, and what support is available for upgrades?
Updates are released regularly, with three major updates per year. Upgrades are performed manually to give customers control, and remote session support is available for paid subscriptions.
To facilitate safe client upgrades to Devolutions Remote Desktop Manager, Devolutions Server can be set to an offline state.
What technical support is offered?
Standard technical support is included with all paid licenses. Extended and premium support is also available, offering phone support and dedicated customer success managers.
Join our newsletter
Stay up to date on everything Devolutions, from security news to upcoming events, product updates, tips and tricks, and more!