5.13 Remote Desktop Protocol Relay

The Remote Desktop Protocol Relay (RDP Relay) feature offers Single Sign-on capability and remote access to desktops through a secured connection.In a privileged session, an administrator user who is allowed to access various devices can sign on to many managed devices from a single workstation without knowing the authentication passwords of those devices. In addition, the user can remotely view the desktops of the managed devices and work on them.

You enable privileged sessions for an administrator user with the user's user group information. Then you associate the privileged session with a rule that controls the commands that the user can run on permitted devices and applications.

5.13.1 Configuring the Windows Machine for the RDP Session

You can configure a RDP Relay for Windows machines to allow users to remotely access these machine without the privileged account credentials.

Before configuring an RDP relay, you need to create a host. For detailed information on creating a host, see Section 3.2.1, Adding a Host.

Configuring a machine for an RDP relay involves the following:

• Creating a Privileged Account Domain

• Adding a Rule

Creating a Privileged Account Domain

For information on creating a privileged account domain, see Creating an Account Domain for Windows Systems.

Adding a Rule

After creating an account, you need to set up the rules using the RDP session command for the user to log in with a credential. For detailed information on adding a rule, see Section 5.6.1, Adding a Rule.