(Versions 7.5.2+, Enterprise+SSO)
RDP SSO Server allows users to access privileged machines through the standard Remote Desktop Connection client without sharing the username or password with the end user.
Note: An Enterprise+SSO license is required. Contact Us if you would like a trial license for testing purposes.
This page describes the steps needed to setup and use the RDP SSO functionality of Pleasant Password Server. In this scenario, we will assume that we want to connect to a computer called rdp1.
Document Sections:
Encryption Levels: RDP SSO attempts to use the highest level of encryption available when building the connections.
When using these machines are running the proxy, these higher levels are enforced by default.
The RDP SSO Service must be enabled on the machine hosting Password Server.
To start the RDP SSO process:
The RDP SSO Settings can be found on the SSO Server > SSO Settings page.
The RDP relevant fields under the Password SSO section are:
Password SSO RDP IP Address: This must be set to the IP Address clients will connect to the SSO Server to RDP into the target machines. It will default to the IP of the first network connection that the software detects, but this may not be correct if the machine hosting Password Server has more than one network connection.
Password SSO RDP Port: This is the port that the RDP clients will connect to the SSO server on. The default is 7070. If you change the port, restart the RDP SSO Server via the toggle on the SSO Server Status window.
Note the IP and Port will be visible to the end user.
By default, Access Levels allow SSO functions, however, you may wish to create an SSO Access Level to keep the permissions separate.
This Access Level (below) will allow an end user to Launch RDP SSO without having access to the Computer, Username, or Password. It illustrates the minimum access required to use SSO. If desired, you can add additional permissions.
In this configuration, the user will not have access to any information about the credential.
This is the information that RDP SSO with use when logging in to the remote server.
3. Click AddSave.
Before connecting to the RDP SSO Server, the end user must first download and install the SSO Root Certificate and the Pleasant RDP SSO Client.
Both downloads are on the SSO Server Status, which the end user can view so long as they have an Access Level permission with Use Via SSO enabled.
Both files can be installed with the defaults selected.
With the certificate and client are installed the end user can now navigate to a credential and select Actions > Launch RDP SSO to open a remote desktop session immediately.
Note: the user must have an Access Level with Use Via SSO enabled for the credential.
The first time Launch RDP SSO is selected from a particular browser...
You will see a popup asking if you would like to allow the RdpProxy application to open the URL:
Once allowed the client will launch and Remote Desktop Connection will open automatically, connecting to the target machine via the RDP SSO Server.
Note: Using RDP SSO Server is much slower than a standard RDP connection. Usability and latency issues will be improved upon in future releases.
(Versions 7.5.2+, Enterprise+SSO)
RDP SSO Server allows users to access privileged machines through the standard Remote Desktop Connection client without sharing the username or password with the end user.
Note: An Enterprise+SSO license is required. Contact Us if you would like a trial license for testing purposes.
This page describes the steps needed to setup and use the RDP SSO functionality of Pleasant Password Server. In this scenario, we will assume that we want to connect to a computer called rdp1.
Document Sections:
Encryption Levels: RDP SSO attempts to use the highest level of encryption available when building the connections.
When using these machines are running the proxy, these higher levels are enforced by default.
The RDP SSO Service must be enabled on the machine hosting Password Server.
To start the RDP SSO process:
The RDP SSO Settings can be found on the SSO Server > SSO Settings page.
The RDP relevant fields under the Password SSO section are:
Password SSO RDP IP Address: This must be set to the IP Address clients will connect to the SSO Server to RDP into the target machines. It will default to the IP of the first network connection that the software detects, but this may not be correct if the machine hosting Password Server has more than one network connection.
Password SSO RDP Port: This is the port that the RDP clients will connect to the SSO server on. The default is 7070. If you change the port, restart the RDP SSO Server via the toggle on the SSO Server Status window.
Note the IP and Port will be visible to the end user.
By default, Access Levels allow SSO functions, however, you may wish to create an SSO Access Level to keep the permissions separate.
This Access Level (below) will allow an end user to Launch RDP SSO without having access to the Computer, Username, or Password. It illustrates the minimum access required to use SSO. If desired, you can add additional permissions.
In this configuration, the user will not have access to any information about the credential.
This is the information that RDP SSO with use when logging in to the remote server.
3. Click Add.
Before connecting to the RDP SSO Server, the end user must first download and install the SSO Root Certificate and the Pleasant RDP SSO Client.
Both downloads are on the SSO Server Status, which the end user can view so long as they have an Access Level permission with Use Via SSO enabled.
Both files can be installed with the defaults selected.
With the certificate and client are installed the end user can now navigate to a credential and select Actions > Launch RDP SSO to open a remote desktop session immediately.
Note: the user must have an Access Level with Use Via SSO enabled for the credential.
The first time Launch RDP SSO is selected from a particular browser...
You will see a popup asking if you would like to allow the RdpProxy application to open the URL:
Once allowed the client will launch and Remote Desktop Connection will open automatically, connecting to the target machine via the RDP SSO Server.
Note: Using RDP SSO Server is much slower than a standard RDP connection. Usability and latency issues will be improved upon in future releases.
(Versions 7.5.2+, Enterprise+SSO)
RDP SSO Server allows users to access privileged machines through the standard Remote Desktop Connection client without sharing the username or password with the end user.
Note: An Enterprise+SSO license is required. Contact Us if you would like a trial license for testing purposes.
This page describes the steps needed to setup and use the RDP SSO functionality of Pleasant Password Server. In this scenario, we will assume that we want to connect to a computer called rdp1.
Document Sections:
Encryption Levels: RDP SSO attempts to use the highest level of encryption available when building the connections.
When using these machines are running the proxy, these higher levels are enforced by default.
The RDP SSO Service must be enabled on the machine hosting Password Server.
To start the RDP SSO process:
The RDP SSO Settings can be found on the SSO Server > SSO Settings page.
The RDP relevant fields under the Password SSO section are:
Password SSO RDP IP Address: This must be set to the IP Address clients will connect to the SSO Server to RDP into the target machines. It will default to the IP of the first network connection that the software detects, but this may not be correct if the machine hosting Password Server has more than one network connection.
Password SSO RDP Port: This is the port that the RDP clients will connect to the SSO server on. The default is 7070. If you change the port, restart the RDP SSO Server via the toggle on the SSO Server Status window.
Note the IP and Port will be visible to the end user.
By default, Access Levels allow SSO functions, however, you may wish to create an SSO Access Level to keep the permissions separate.
This Access Level (below) will allow an end user to Launch RDP SSO without having access to the Computer, Username, or Password. It illustrates the minimum access required to use SSO. If desired, you can add additional permissions.
In this configuration, the user will not have access to any information about the credential.
This is the information that RDP SSO with use when logging in to the remote server.
3. Click Save.
Before connecting to the RDP SSO Server, the end user must first download and install the SSO Root Certificate and the Pleasant RDP SSO Client.
Both downloads are on the SSO Server Status, which the end user can view so long as they have an Access Level permission with Use Via SSO enabled.
Both files can be installed with the defaults selected.
With the certificate and client are installed the end user can now navigate to a credential and select Actions > Launch RDP SSO to open a remote desktop session immediately.
Note: the user must have an Access Level with Use Via SSO enabled for the credential.
The first time Launch RDP SSO is selected from a particular browser...
You will see a popup asking if you would like to allow the RdpProxy application to open the URL:
Once allowed the client will launch and Remote Desktop Connection will open automatically, connecting to the target machine via the RDP SSO Server.
Note: Using RDP SSO Server is much slower than a standard RDP connection. Usability and latency issues will be improved upon in future releases.