Hi ,
I wish to do RDP using the NC method.. Also I want to bind specific users to be bound to only specific systems for thier RDP session thru NC. Please help and guide on the same?
Thanks
Solved! Go to Solution.
Well if you are providing Terminal Services access to users on Windows machines then go to the Resources Profiles section and select Terminal Services Resource Profile. This will allow you to create the resource, the profile will handle the creation of the corresponding policy and it will also create the link to the role(s) that need access to the resource and the bookmark.
You have the option of enabling Java support also which requires loading in a Java TS applet like ProperJavaRDP. This allows you to provide TS access to non Windows based PC's.
NC does not give you granular control where you can restrict a user to an application and then to a specific object. NC provides open network access.
You should be using the Core access and providing RDP through the Web browser.
Hello..Thanks for your reply.
Can you help me with any tech notes or documents which which can assist me configure the same thru core access ?
Would be of great help ..
Well if you are providing Terminal Services access to users on Windows machines then go to the Resources Profiles section and select Terminal Services Resource Profile. This will allow you to create the resource, the profile will handle the creation of the corresponding policy and it will also create the link to the role(s) that need access to the resource and the bookmark.
You have the option of enabling Java support also which requires loading in a Java TS applet like ProperJavaRDP. This allows you to provide TS access to non Windows based PC's.
well you can control where the user is sent and on what port using the Access control policy for your Network connect profile but that is an over kill. So you can say this connection profile rdpserver:3389 this will only give this user access to the rdp server and on port 3389 that is the windows rdp port every where else the user will get access denied but Why let some one do a full tunnel but than limit them to just RDP when you can do that easily by what Kevin suggested above.
Thanks and truly appreciate your efforts in guding me on this.
I didn't read the whole thread, but in answer to your question, if you're using VIsta/Win7, they both use a ?more secure? version of RDP where your credentials are hashed and sent to the server prior to the desktop opening. Windows XP (and prior) open the desktop to present the logon gui, which is how the SSLVPN does it.
So if you need the additional security (for example: to make Snort stop complaining), then you'll want to use NC with restricted policies and use the Windows Vista/7 RDP client.
just my $0.02