Way to add local admin via Bot + rescind after timer?

​@amarosi_mpi - I am not understanding your question. Are you asking whether the on-premises agent can be used to access a user’s machine?

I was assuming that would be the only way to reach it...as it would to have to run the following Powershell command:

Add-LocalGroupMember -Group "Administrators" -Member "Username"

I see, I understand what you are trying to do better now. 

The Moveworks on-prem agent only acts as a gateway between Moveworks Services and your on-prem services. Meaning it cannot run PowerShell commands on demand. However, if you have an on-premise application that can run PowerShell commands, you could leverage the on-prem agent to allow Agent Studio to connect with that on-premise application.

Any examples of an ‘on premise app’ that the agent studio could work with?  We have PDQ for instance that can run stuff...

What I meant by 'app' is a REST API server, whether written in Python, JavaScript, etc. This server would have endpoints to execute powershell scripts that would be triggered from Agent Studio through HTTP Actions. 

I don’t think we have any example applications, I believe if you ask an LLM (such as ChatGPT or your preferred) it can spin up a Python server that allows this, but I am sure it is more involved than that and would require a developer to help you set it up.

Got it.  Only issue I see here is that would require exposing something to the internet that would be connected to machines in order to accomplish if we used the non-on premise bots….Any way to leverage the ‘secure’ path between MW and us?

The app would live in your on-premise network, and Agent Studio would leverage the Moveworks Agent to connect to it, so it would not be exposed to the internet.

Ahhhh perfect!  So we would give it an internal URL to call; and it would fire from our on prem agents - correct?

Yeah, you will also need guidance from your Customer Success team, since you need to modify the Moveworks agent configuration so it can hit that app.