RDP Connections with Native Clients

This section describes how to establish RDP connections with native clients.

Users can connect to target hosts/accounts using the RDP clients installed on their workstations, without needing to use the PrivX GUI. Connections are authenticated against PrivX.

PrivX provides the following connection modes:

  • ​​Interactive​​: Access PrivX RDP Bastion to list and select possible targets.

  • ​​Direct​​: Specify your connection target directly to the native client.

📘

Note

PrivX RDP Bastion connections are verified against the PrivX RDP Bastion host certificate. You may verify the certificate from the ​Connections→Native Clients​​ page.

​​Connecting Interactively​​

To connect to targets with native clients interactively:

  1. Use your native client to connect to a PrivX server.

  2. Provide your PrivX credentials when prompted.

  3. You are shown the targets where you are allowed access. Select a target to connect to it.

​​Connecting Directly​​

To directly connect to a target you know, provide the native client with the following parameters:

  • Host: Address of a PrivX server.

  • User: Credentials and target identification in the following format:

    ​​<target_username>​​%​<extender_name>​​%​<target_hostname>​​%​<privx_username>​​

    Where the ​<extender_name>​​ is only required for target hosts behind Extenders.

    📘 Note
    ​​%​ characters in user names must be escaped with ​%%​​. For example, ​%example%user%​ becomes ​%%example%%user%%​​.

    Values may be separated using either ​%​ or |​ - The separator character can be escaped by doubling (​%%​ or ​||​​).

  • Password: Your PrivX-user password.

Direct-connection example with ​Windows Remote Desktop ClientDirect-connection example with ​Windows Remote Desktop Client

📘

Note

When MFA is enabled, users must connect using the interactive method.

RDP certificate authentication is only supported through the PrivX GUI.

RDP with native clients via PrivX does not support file transfers via drive redirection when session recording is enabled. In such scenarios users may copy-paste to transfer files.


Did this page help you?