IBM Security Privileged Identity Manager, Version 1.0.1

Logging on with the Microsoft Remote Desktop Connection (RDP) client

You can log on to a remote desktop with shared privileged identities with Remote Desktop Connection.

Before you begin

Configure the managed resource that you are going to access from the RDP client for shared access.
Upload the AccessProfile for the Microsoft Remote Desktop Connection RDP client to the IMS Server. See Uploading AccessProfiles to the IMS Server.
Configure a group policy to always prompt RDP clients for a password before making a connection.

Note: The IBM® Security Privileged Identity Manager AccessProfile for Microsoft Remote Desktop Connection (RDP) client does not support injection of shared credentials at the RDP lock screen on the computer to where the user did a remote desktop connection.

Procedure

Start the Microsoft Remote Desktop Connection client by clicking Start > All Programs > Accessories > Remote Desktop Connection.
Specify the target host name or IP address.
Click Connect.
When prompted to log on with shared access credentials, choose Yes.
When prompted with the Shared Access Selection window, select one of the credential pools.
Enter the AccessAgent authentication credentials.
When prompted to provide consent to be recorded, choose Yes. Session recording is started.

Results

The AccessProfile checks out the credentials from IBM Security Identity Manager, and injects the logon credential in the remote desktop logon prompt.

Feedback