this feature totaly breaks the consept of secure access, as a user can type-in any address the listens to remote desktop connections that he like and login to it.... where's the secuity here?
i'm a security audior and was very disappointed to to see that
please remove it ASAP
RDP access to the backend resource is still controlled by Resource Policies > Terminal Services > Access Control.
If ACL's are not allowing access to a given server the user is trying to access, then access will be denied.
So there is no compromise from a security point of view and administrators still have full control of what Terminal Server users can access or what not.
By popular demand:
In IVE OS 6.5R2, there is now an option in Admin UI to enable/disable the RDP launcher introduced in 6.5R1.
The option is found under the Role > Terminal Services > Options:
Enable Remote Desktop Launcher
6.5R2 is ready for download here
One of the nice features of the Terminal Services launch bar (at least in 6.3r1) is that it allows launching of the Java RDP client. This is a great feature...I'm just wondering why it didn't make it's way into the user created bookmarks functionality also...
So a user can use the TS launcher to launch a Java RDP session, but can't create their own bookmark that uses Java RDP. Bummer.