Search the Community
Showing results for tags 'rdp'.
Purpose: This post outlines the process you need to follow, to grant someone access to the Remote Session Launcher, without them having the need to know the password. An example could be you have a contractor coming on site, and you want them to connect to machines and perform work, but you do knot want them knowing the password they are using to connect. If you are not familiar with how to set up the Remote Session Launcher, please see this in depth Forum Post - https://www.clickstudios.com.au/community/index.php?/topic/2110-how-to-set-up-the-remote-session-launcher-passwordstate-8/ 1. Under the Passwords tab, add a new Password Record that has an account that has permissions to connect into machines on your network. The following example is an Active Directory account which can connect to any Windows Server or Desktop. **Note, you do not grant the contractor permissions to see or use this Password Record: 2. Under Hosts tab -> Hosts Home, create a new Remote Session Credential, and link it to the existing Password Record you just created: 3. Grant your Contractor access to the remote session Credential you have just created in step 2 above: 4. Under the Hosts tab, grant the user access to the Folder of your choice, which has the machines added into it: 5. The user will now be able to choose a Host of their choice, and click the Auto Launch button. This will use the Remote Session Credential to establish a connection to the remote host, and the contractor will not have access to the password that they have connected in with: Regards, Support Click Studios
We use RDP to connect to a selection of our servers via Passwordstate. Unfortunately, we have applications running on the server desktops, so all have to connect as the same domain user account per server. For example, to connect to mydomain\server1.com server we use the mydomain\server1.user account to RDP onto this server. This works fine. We can RDP, and we all see the same desktop, with the apps running onscreen. The issue is that this latest connection bombs the last one out (without warning for that existing user). So, if someone was doing something on there, they are disconnected. This is just the way RDP works when you connect as the same user. This request is to ask if you could add an option to run a quick script displaying the last known RDP logon to that server (and date/time) with a continue yes/no button. This information could be pulled from the passwordstate audit log. For example, the following is recorded in the audit logs, so could be used for the prompt: Fred Smith (mydomain\fsmith) initiated a Remote Session connection to Host 'server1.mydomain.com' (server1 (mydomain server1.user)) using credential '\mydomain\Server Logon Users -> server1.user'. at 21/10/2019 15:05:15 Whoever is connecting can then message the listed user separately, to make sure they've finished what they were doing. If Passwordstate tracks when an RDP session is disconnected, then that info would be useful too, but I don't believe that is tracked. This feature would be of massive benefit to us, rather than looking at 3rd parties to get around the issue. Thanks