1.3 KiB
RDP Remote Access with XRDP
The basic configuration in Hiera is:
xrdp::enable: true
This allows by default to create new virtual desktop sessions or to connect to a local desktop session which is shared over VNC using port 5900.
Some more details could be ajusted when needed:
To disallow access to a shared desktop do
xrdp::shared_desktop::enable: false
whereas to disallow virtual desktop sessions there is
xrdp::virtual_desktop::enable: false
Often you may not want the user to keep their desktop sessions open forever, so you may configure their sessions to be closed after they have been disconnected for some time (seconds). The default value is 0 which disables this feature.
xrdp::disconnected_session_timeout: 3600
Also you may choose the backend for the virtual sessions, either libxup.so (default) or libvnc.so:
xrdp::virtual_desktop::backend: 'libvnc.so'
If you want to allow the same user to be able to open in parallel a local and a remote session then you can enable the systemd nest feature:
xrdp::nest_systemd::enable: true
Notes
Users that are only allowed to login locally to the system (i.e. with an entry like this +:ebner-adm:LOCAL in /etc/security/access_users.conf) cannot use RDP virtual sessions.