Remote Desktop (RDP) and VDI Over SealedTunnel Setup

Exitpoint Setup

TIP

STLink includes RDP Agent functionality, so installing the RDP Agent is not required.

• Provision an Exitpoint for the machine that you'd like to have remote access to and return to these instructions before adding a Mapping.
• Ensure that STLink is installed on the Exitpoint.
• On the Edit Exitpoint screen for the Exitpoint you just provisioned, click the Add RDP Mapping button located under the red "Back" button.
• Near the top of the Edit screen for the Exitpoint, check the Unattended mode checkbox and then click the SAVE button.

RDP over Standalone SealedTunnel Entrypoint Setup

Provisioning and Configuration

• Follow the SSO SealedTunnel Entrypoint Provisioning instructions, and return here before enabling SSO access, as we'll need to modify a few things to use the Xiid RDP Agent.
• Ensure that STLink is installed on the Entrypoint.

Application Setup

DANGER

Never allow the sole administrator account for the machine to be the RDP Agent's User.
Since the RDP Agent automatically rotates user passwords, subsequent use of the RDP Agent could cause the administrator to become permanently locked out of the machine.

• Navigate to the Applications tab in the Agent Configuration Portal.
• Find the SealedTunnel RDP or SealedTunnel RDP App cards listed under the available applications and click the purple Choose button.
• On the Applications List screen, click the + Add Application button in the top right corner.
• On the Add ST RDP Application screen, select the SSO Portal that you would like to add this RDP Application to.
• For the STRDP Agent dropdown, select the Exitpoint you just set up.
• In the User input, you can enter a static user that everyone will sign in as, or you can leave it blank to use individual usernames.
• You may check the Legacy checkbox to enable standard .rdp file downloads from the Single Sign-On Portal.
  • Without the Legacy checkbox selected, end-users will need the Xiid RDP Wrapper installed on the client machine.
• Enter a Description for the RDP Application that will be visible to end-users in the Single Sign-On Portal.
• If you're only granting access to a single RDP App rather than the full machine:
  • In the Application Path field, enter the full path on the local drive to the application you wish to allow end-user access to.
  • You can also specify any application command-line parameters you would like to include in the Application Params field.
• Specify any Security Groups from your directory that you would like to include or exclude from access.
• Check Custom Configurations to edit specific configurations of the .rdp file if you wish.
• Click the purple Save button at the bottom.

RDP over SSO SealedTunnel Entrypoint Setup

TIP

This section is coming soon – stay tuned for updates!

Advanced Configuration

See here for advanced configuration options, including a list of special variables that can be used to customize your RDP application.