Remote Desktop Connection Manager auto login Chi tiết

Mẹo về Remote Desktop Connection Manager auto login 2022

Cập Nhật: 2022-03-09 23:05:14,You Cần biết về Remote Desktop Connection Manager auto login. Bạn trọn vẹn có thể lại Thảo luận ở phía dưới để Mình đc lý giải rõ ràng hơn.

This topic describes transparent connections to target systems using a standard RDP client application.

Tóm lược đại ý quan trọng trong bài

• Requirements
• Connect to a target
• Specify a reason for accessing accounts

Connect to target systems directly from your desktop using any standard RDP client application, such as MSTSC, to benefit from a native user experience.

Requirements

• The PSM server must be hardened. For details, refer to PSM Hardening Tasks.

• Connections can be made from Unix / Linux / Mac / Windows end user machines.

• To connect using a smart card:
  • Smart card drivers must be installed on the PSM machine
  • The smart card must include a valid certificate
  • The Vault must be configured with LDAP integration

Before using your standard RDP client application to connect through PSM to your target system, review the following considerations:

General

• Settings for drives, printers and clipboard redirection specified in the connection component level are enforced, and platform level configurations are ignored.

   

  If the End User connects through PSM without providing the target system details and selects a connection component (other than PSM-RDP) with those settings enforced, the user cannot connect using that connection component. The drives redirection setting is enforced only for the PSM-RDP connection component .

• Connections that require additional information from the user when the connection is established (user parameters) cannot be initiated using an RDP client application.

• Dual control and ticketing integration are not supported. Instead, use the PVWA.

   

  If your request to use the account is approved, you are able to connect to this account using an RDP client application.

• One-time passwords are supported. For details, see Change Password

• Connections made from an RDP client application are Remote Desktop connections, and not RemoteApp connections.

Remote Windows Server (RDP)

• The built-in connection component for RDP connections via PSM is PSM‑RDP.

• Connections that require prompting for user parameters are not supported. To avoid prompting for user parameters, when connecting to Windows machines, ask your Vault administrator to set any user parameters, such as the LogonDomain, in the account details.

• To connect to your target machine using a domain account, append the domain name to the username used to log in to the target machine.

Remote SSH Device

• The built-in connection component for SSH connections through PSM are PSM‑SSH and PSM-Telnet.

• To connect your target machine using a domain/NIS account, append the domain name to the username used to log in to the target machine.

Databases

• The built-in connection components for databases connections via PSM are PSM-Toad, PSM-SQLPlus and PSM-SQLServerMgmtStudio.

• Connections with Toad or SQLPlus connection components with the SYS user or any other privileged user that require selection of the role that will be used to connect to the remote database, cannot be initiated using an RDP client application. Use PVWA for such connections.

VMWare Administrative Tools

• The built-in connection component for VMWare connections via PSM is PSM-VSPHERE.

• You can connect to VMWare machines through PSM in any of the following ways:

  • Connect to a VMWare ESX machine transparently – The user is automatically logged onto the remote ESX

  • Connect to a vCenter transparently using a Personal Account – The user is prompted for their user and password and is then logged onto the remote vCentre machine

  • Connect to a vCenter transparently using a Shared Account – The user is logged onto the remote vCenter machine with the shared account.

Supported connection components

Type of Connection via PSM Supported Connection Component RDP SSH Device SSH Devices with X-Forwarding

Note:  In addition to using SSH protocol, users can connect to remote Unix devices through PSM with PSM-SSH using X-Forwarding.

WinSCP Databases ■ PSM-SQLServerMgmtStudio VMWare Administrative Tools Mainframe Cloud Services Management CyberArk Administrative Interfaces PSM Universal Connector ■ ID of your Universal Connector

Connect to a target

Use one of the following methods to create a connection through PSM to the target system.

Configure a Connection Manager

You can configure a Connection Manager to connect through PSM without providing the target system details, or configure a Connection Manager that includes the target system details in advance.

To configure a Connection Manager to connect through PSM to the target system without the target system details:

 

• To use this option with NLA, you must use a username that contains the login pattern configured by your Administrator under the PSMLoginPattern parameter. For details, see PSM basic parameters file .
• When connecting with PKI authentication in NLA, authentication is performed with the smart card certificate, but you still must include the login pattern in the usename field to tư vấn this capability.

Open a Connection Manager application on your desktop and create an entry for the target machine.

Give each entry a meaningful name to indicates the target system details.

Set the Remote machine address to the address of the PSM server through which you want to establish your connection. The PSM address can be entered either as a DNS name, or an IP address in IPV4 format.

In an environment with load balanced PSMs, specify the address of the PSM load balancer.

To connect using a smart card, enable smart card redirection in the connection manager setting.

Configure the logon credentials by entering “psm ” followed by your Vault or LDAP username, according to the authentication process required in your environment.

 

• It is not recommended to save your Vault password locally.
• There must be a space after psm.

For authentication details, see Authentication

If you do not configure the logon credentials, you will be prompted for them when the connection is made.

When you connect to the target, after you enter your authentication details, you are prompted for your connection details. For more information, see Connect and configure.

To configure a Connection Manager to connect through PSM to the target system with the target system details:

Open a Connection Manager application on your desktop and create an entry for the target machine.

Give each entry a meaningful name to indicates the target system details.

Set the Remote machine address to the address of the PSM server through which you want to establish your connection. The PSM address can be entered either as a DNS name, or an IP address in IPV4 format.

In an environment with load balanced PSMs, specify the address of the PSM load balancer.

To connect using a smart card, enable smart card redirection in the connection manager setting.

Configure the logon credentials by entering your Vault or LDAP username, according to the authentication process required in your environment.

 

It is not recommended to save your Vault password locally.

For authentication details, see Authentication

If you do not configure the logon credentials, you will be prompted for them when the connection is made.

Configure an RDP File

You can configure a single RDP file to connect through PSM without providing the target system details, or configure separate RDP files that include the target system details in advance.

To configure an RDP file to connect through PSM without providing the target system details:

 

• To use this option with NLA, you must use a username that contains the login pattern configured by your Administrator under the PSMLoginPattern parameter. For details, see PSM basic parameters file .
• When connecting with PKI authentication in NLA, authentication is performed with the smart card certificate, but you still must include the login pattern in the usename field to tư vấn this capability.

Create an RDP file.

Configure the following RDP settings as described below:

Setting RDP Parameter Type Description full address s

The address of the PSM server through which you want to establish your connection.

The PSM address can be entered either as a DNS name, or an IP address in IPV4 format.

In an environment with load balanced PSMs, specify the address of the PSM load balancer.

alternate shell s

Only value the PSM parameter (“psm “).

 

There must be a space after psm.

username s

Enter your Vault or LDAP username, according to the authentication process required in your environment.

If you do not configure your username, you will be prompted for it when the connection is made. You will also be prompted for your password.

 

It is not recommended to save your Vault password in the RDP file.

For details, see Authentication

Following is an example of a single RDP file that was configured to connect through PSM:

To connect using a smart card, add redirectsmartcards:i:1 to the RDP file.

When you connect to the target, after you enter your authentication details, you are prompted for your connection details. For more information, see Connect and configure.

To configure an RDP file with the target system details to connect through PSM:

Create an RDP file.

Configure the following RDP settings as described below:

Setting RDP Parameter Type Description full address s

The address of the PSM server through which you want to establish your connection.

The PSM address can be entered either as a DNS name, or an IP address in IPV4 format.

In an environment with load balanced PSMs, specify the address of the PSM load balancer.

alternate shell s

The connection details including the target user, target machine and connection component.

For details, see Configure an RDP Start Program.

username s

Enter your Vault or LDAP username, according to the authentication process required in your environment.

If you do not configure your username, you will be prompted for it when the connection is made. You will also be prompted for your password.

 

It is not recommended to save your Vault password in the RDP file.

For details, see Authentication

To connect using a smart card, add redirectsmartcards:i:1 to the RDP file.

Repeat for each target system to which you want to connect.

Following is an example of an RDP file that was configured to connect through PSM:

Connect with MSTSC

To configure MSTSC to connect through PSM to the target machine using the Programs tab:

Open MSTSC. The Remote Desktop Connection window opens.

 

You can also execute MSTSC through the command line using:

MSTSC /v:

In the Computer field, enter the address of the PSM server, through which you will establish the connection. The PSM address can be entered either as a DNS name, or as an IP address in IPV4 format.

In an environment with load balanced PSMs, specify the address of the PSM load balancer.

Open Show Options.

In the User name field, enter your Vault or LDAP username, according to the authentication process required in your environment.

If you do not configure your username, you will be prompted for it when the connection is made. You will also be prompted for your password.

 

It is not recommended to save your Vault password locally.

For details, see Authentication

Click the Programs tab, and select Start the following program on connection.

In the Program path and file name field, enter the connection details to PSM.

For details, see Configure an RDP Start Program

If you are using smart card authentication, click the Local Resources tab, and select Smart cards.

Click Connect. An authentication window is displayed.

To connect to other target machines using MSTSC, repeat this procedure for each target machine.

To configure MSTSC to connect through PSM to the target machine without using the Programs tab:

 

You cannot use this option if NLA is enabled in your environment.

Open MSTSC. The Remote Desktop Connection window opens.

 

You can also execute MSTSC through the command line using:

MSTSC /v:

In the Computer field, enter the address of the PSM server, through which you will establish the connection. The PSM address can be entered either as a DNS name, or as an IP address in IPV4 format.

In an environment with load balanced PSMs, specify the address of the PSM load balancer.

Open Show Options.

In the User name field, enter “psm ” followed by your Vault or LDAP username, according to the authentication process required in your environment.

 

There must be a space after psm.

If you do not configure your username, you will be prompted for it when the connection is made. You will also be prompted for your password.

 

It is not recommended to save your Vault password locally.

For details, see Authentication

If you are using smart card authentication, click the Local Resources tab, and select Smart cards.

When you connect to the target, after you enter your authentication details, you are prompted for your connection details. For more information, see Connect and configure.

Connect with any RDP client application

To connect to your target system through PSM using any standard RDP client application, configure your RDP client to use the following parameters:

Setting Description PSM address

The address of the PSM server through which you want to establish your connection.

The PSM address can be entered either as a DNS name, or an IP address in IPV4 format.

In an environment with load balanced PSMs, specify the address of the PSM load balancer.

RDP Start Program setting

If you want the End User to specify the connection details, only value the PSM parameter (“psm “). When you connect to the target, after you enter your authentication details, you are prompted for the target details. For more information, see Connect and configure.

 

There must be a space after psm.

Or, you can specify the connection details in advance, including the target user, target machine and connection component. For details, see Configure an RDP Start Program.

Username

Enter your Vault or LDAP username, according to the authentication process required in your environment.

 

It is not recommended to save your Vault password locally.

For details, see Authentication.

To connect using a smart card, add redirectsmartcards:i:1 to the RDP file.

Specify a reason for accessing accounts

A rule in the Master Policy determines that users can only retrieve passwords or SSH keys after they specify a reason that explains why they need to retrieve them. You can override the Master Policy rule for specific platforms. For details, see Exceptions.

When you connect through PSM for Windows you are prompted to provide a reason for connecting.

 

• PSM installed on Windows Server 2012 r2: The reason can contain up to 127 characters only.
• PSM installed on Windows Server năm nay: If the reason exceeds 2048 characters, it is truncated.
• PSM installed on Windows Server 2019: If the reason exceeds 2048 characters, it is truncated.
• Copy-paste is not supported.

PSM for Windows retrieves the password or SSH key, and the reason you specified is stored in the audit log.

Reply
0
0
Chia sẻ

Video full hướng dẫn Share Link Down Remote Desktop Connection Manager auto login ?

– Một số Keywords tìm kiếm nhiều : ” Review Remote Desktop Connection Manager auto login tiên tiến và phát triển nhất , Share Link Down Remote Desktop Connection Manager auto login “.

Hỏi đáp vướng mắc về Remote Desktop Connection Manager auto login

Bạn trọn vẹn có thể để lại Comment nếu gặp yếu tố chưa hiểu nhé.
#Remote #Desktop #Connection #Manager #auto #login Remote Desktop Connection Manager auto login