How to create rule for RDP login access control
Release : 14.1
Component : PAM SERVER CONTROL ENDPOINT WINDOWS
RDP login has 2+ login event, remote host login with Terminal Services and itself login with lsass.exe.
So, customer should create for these rule.
er TERMINAL server defacc(a) owner(nobody) audit(f)
er TERMINAL RDP client defacc(a) owner(nobody) audit(f)
This rule is needed all version of PIM or PAMSC.