Global settings based on organisations policies could be: Admin connection sharing ON Admin connection sharing OFF Admin connection sharing ON + Prompt on users machine to allow access
Personally I'd use the third option for my org, and will likely hold off upgrading to 1.1 equivalent if admin connection sharing is on and not able to be turned off (using Glyptodon) On Thu, 23 Apr 2020 at 21:50, ivanmarcus <[email protected]> wrote: > I was a little surprised by the inclusion of this in 1.1 at first, however > I since found it to be useful to assist people on several occasions and > believe it's a feature that should stay. > > That said I can see it could lead to issues for some people, so agree that > it would be useful to be able to configure. > > On the matter of configuration; perhaps this should be a separate thread > but I suggest it could also be useful to be able to globally set several > other parameters such as the menu sidebar keys, new connection initial > settings (eg default to 'ignore server certificate'), and similarly some > new user settings? > > > On 23/04/2020 1:48 p.m., Nick Couchman wrote: > > On Sun, Apr 19, 2020 at 12:03 AM Chris Misztur <[email protected]> > wrote: > >> This is worth bringing up again. As a Guacamole admin I have the ability >> to click on any connected user sessions and view/control without the user's >> permission. >> >> This is preventing us from completely eliminating MS RD Gateway for HR >> security reasons. >> >> > > I'll see if the other project folks want to weigh in on this - perhaps > implementing either a global setting (guacamole.properties) to turn off the > admin connection sharing across the board, or a per-connection parameter > that makes the connection exclusive - does not allow anyone, even an admin, > to join the connection - or both? > > -Nick > > >
