bbclou07
  • bbclou07
  • 50.6% (Neutral)
  • Nestling Topic Starter
2008-08-26T12:31:55Z
RD Tabs is great; it allows you to work on multiple platforms at the same time. The downside is that the sessions tend to idle out when working on larger groups of multiple platforms. I would recommend an option to send a wake up any session that was in the background. Obviously this would have to be a option that could be toggled on or off to support secure environments.
Timothy
  • Timothy
  • 100% (Exalted)
  • Flock Leader
2008-08-26T21:09:43Z
I'm not exactly sure how I would implement that. I suppose I could send a subtle mouse movement for keystroke (shift down then up), but one thing to keep in mind is that this can be easily controlled by group policy. The areas you need to look in are the screen saver timeout and the terminal services idle disconnection timeout. By increasing either of those, you can prevent background sessions from disconnecting / screen locking (depending on your problem). I'll have to look to see if it's something I can implement in RD Tabs, but it will probably have to wait a while since I'm really far behind in 2.2 development and absolutely swamped with work and consulting. :-)

Thanks for the suggestion though!
Krash_Control
2008-08-31T06:58:09Z
I agree with Tim that you need to look at your group policy and screen saver timeout. We use these on our network to prevent our guys from leaving a session open and walking away from their desks. I completely understand your frustration becasue we also have short timeouts and random passwords for each of our sites, so everytime it locks, you have to either look up the password, or disconnect and reconnect (if you have the password saved in your favourite). Unfortunately for the sake of security, this is an inconvenience that we accept.

I can't see too many admins allowing a software to access their servers, that bypasses the security restrictions they put in place and is part of the company's IT Security policy. Having a toggle on/off switch is not enough normally as you have no guarantee that someone won't enable it.

Personally I hope this feature is never implemented as I'd like to carry on using RD Tabs.
Timothy
  • Timothy
  • 100% (Exalted)
  • Flock Leader
2008-08-31T10:42:49Z
On the subject of security, in the next version of RD Tabs, you will be able to set an option to tell RD Tabs to forget the username and/or password upon disconnection. Essentially, what this does is prevent the scenario you described above where a screen lock is easily bypassed by disconnecting and reconnecting using the cached password stored in the reconnection settings and/or the "Connect Properties" dialog. This will be completely optional (and not enabled by default), but if you do not save your passwords in favorites for security reasons, you may not want RD Tabs to remember the password you entered in the dialog after you have connected.
kasper4lyf
2008-09-03T23:52:59Z
First off this is an awesome tool. I would just like to second bbclou07's request. I understand that Group Policy is what is causing the timeouts and subsequent log offs. The problem that both he and I suffer is that we use RD Tabs to connect to customer boxes and therefore have no control over group policy.
Timothy
  • Timothy
  • 100% (Exalted)
  • Flock Leader
2008-09-04T09:05:51Z
I'll look into it, but I just don't know how easy it would be to essentially "sendkey" stuff to a remote desktop. I'm not sure the API has that capability. If I find anything out, I'll let you know.
Krash_Control
2008-09-12T05:25:48Z
kasper4lyf wrote:

The problem that both he and I suffer is that we use RD Tabs to connect to customer boxes and therefore have no control over group policy.



But that's exactly my point, you are connecting to a site where it has been deemed that the screen should lock after a certain amount of inactivity. By bypassing this, you are exposing the network to unnecessary risk and could even be breaking certain regulations (for example if the server is running credit card processing then it's critical). Granted that the machines you are connecting to may not need high security and the admin might not mind you bypassing his policy, but I still think it's wrong. But that's just my opinion.
Timothy
  • Timothy
  • 100% (Exalted)
  • Flock Leader
2008-09-12T11:54:42Z
krash - that's a good point. I'm not sure there aren't other ways to circumvent this (outside of my adding support to RD Tabs directly I mean, because some media players can, for example, prevent the screen saver from locking), but legally that's a very sticky area.

Contracted network admins need to pay very close attention to these things because legally they may be in violation of acceptible usage agreements, which (at a minimum) might get them terminated and (at a maximum) may get them a law suit. Other than credit card processing servers, medical records servers are also very, very regulated, especially since HIPAA.

Most clients may not care (or may not even know), but Krash, you really bring up a good point.

No matter where I go with this in the future with RD Tabs (I'm leaning towards not going down this road right now), I would advise users to be very aware of what they are doing and the legal risks involved. Remote Desktop in general is a very powerful tool, but it does expose a very large attack surface and therefore needs to be closely guarded.
full film