Indeed PAM Gateway
Indeed PAM Gateway component is installed on the Remote Desktop Session Host server. If there are several RDSH servers, then Indeed PAM Gateway must be installed on each one. Make sure the RDS role is preinstalled and configured. The Indeed PAM Gateway component should be installed last. |
core URL example: https://pam.domain.local/pam/core |
Indeed PAM IdP URL should be allowed to automatic logon with current username and password, for example, by adding an address to the Local intranet security zone. |
Go to C:\Program Files\Indeed\Indeed PAM\Gateway\ProxyApp folder and edit appsettings.json file:
Core
Url - Indeed PAM Core URL address
"Core": { "Url": "https://pam.domain.local/pam/core"
Auth
IdpUrl - Indeed PAM IdP URL address
GatewaySecret - Secret for Indeed PAM Gateway component authentication
"Auth": { "IdpUrl": "https://pam.domain.local/pam/idp", "IdpRequiresHttps": true, "GatewaySecret": "70OQ7d6B7pGOpVNtctA7EAUIvD4lVVtWr73ECeXqZh91fZPYFDJ2Fhmh4xB3upZHpTxXHPFMI/nU2BcYaHNrSw==" },
Session
- AgentConnectionTimeout - waiting time for a response from Indeed PAM Agent until the session is aborted
AgentHeartbeatTimeout - interval for checking Indeed PAM Agent operation
"Session": { "AgentConnectionTimeout": "00:01:00", "AgentHeartbeatTimeout": "00:00:20" },
Media
VideoTempPath - folder for temporary video files, default is C:\ProgramData\Indeed\Pam\VideoTemp
"Media": { "VideoTempPath": "" },
FileCopy
Conditions for copying files from a mapped drive to shadow storage:
- MaxPercentToIgnore - skip the file if no more than the specified percentage of the file size is read
- EnoughPercentToSave - save the file if read at least the specified percentage of the file size
MinBytesToSave- save the file if the specified number of bytes are read
"FileCopy": { "MaxPercentToIgnore": 1, "EnoughPercentToSave": 50, "MinBytesToSave": 1048576 },
Rdp
UseMultimon - support for multiple monitors in an RDP session
"Rdp": { "UseMultimon": true }