Device Properties

1min

Custom device properties are explained below:
Property
Definition
aws.public.ip
When devices are imported from cloud platforms, the Management ip is set according to the values of the tag.DiscoverInterfaceType device group property.
If an AWS device is imported via public IP, the property is set in the device properties automatically.
aws.private.ip
When devices are imported from cloud platforms, the Management ip is set according to the values of the tag.DiscoverInterfaceType device group property.
If an AWS device is imported via private IP, the property is set in the device properties automatically.
azure.public.ip
When devices are imported from cloud platforms, the Management ip is set according to the values of the tag.DiscoverInterfaceType device group property.
If an Azure device is imported via public IP, the property is set in the device properties automatically.
azure.private.ip
When devices are imported from cloud platforms, the Management ip is set according to the values of the tag.DiscoverInterfaceType
device group property.
If an Azure device is imported via private IP, the property is set in the device properties automatically.
gcp.public.ip
When devices are imported from cloud platforms, the Management ip is set according to the values of the tag.DiscoverInterfaceTypedevice group property.
If a GCP device is imported via public IP, the property is set in the device properties automatically.
gcp.private.ip
When devices are imported from cloud platforms, the Management ip is set according to the values of the tag.DiscoverInterfaceType device group property.
If a GCP device is imported via private IP, the property is set in the device properties automatically.
portNum
This property is set automatically when a new device is created by defining the port number. If it is empty, Kron PAM uses the default port number, according to the access protocol.
remoteDesktop.color-depth
The color depth to request, in bits-per-pixel. This parameter is optional. If specified, its value must be either 8, 16, or 24. Regardless of what value is chosen, if a particular update uses less than 256 colors, the Kron PAM Remote Desktop Client will always send that update as a 256-color PNG.
remoteDesktop.disable-audio
Audio is enabled by default in both the client and in
libguac-client-rdp. If you are concerned about bandwidth usage, or the audio is causing problems, you can explicitly disable the audio by setting this parameter to true.
remoteDesktop.domain
The domain to use when attempting authentication, if any. This parameter is optional.
remoteDesktop.dpi
The desired effective resolution of the client display, in DPI. This parameter is optional. If this value is not specified, the resolution and size of the client display will be used together to determine, heuristically, an appropriate resolution for the RDP session.
remoteDesktop.enable-audio-input
If set to true, audio input support (microphone) will be enabled, leveraging the standard AUDIO_INPUT RDP channel. By default, audio input support within RDP is disabled.
remoteDesktop.enable-drive
File transfer is disabled by default, but when enabled, RDP users can transfer files to and from a virtual drive, which persists on the Single Connect server. Enable file transfer support by setting this parameter to true.
remoteDesktop.enable-printing
Printing is disabled by default, but when enabled, RDP
users can print to a virtual printer that sends a PDF containing the printed
document to the Kron PAM Remote Desktop client. Enable printing by setting this parameter to true.
remoteDesktop.enable-sftp
Enabling/disabling file transfer: If set to true, the user will be allowed to upload or download files from the specified server using SFTP. If omitted, SFTP will be disabled.
remoteDesktop.height
The height of the display to request, in pixels. This parameter is optional. If this value is not specified, the height of the connecting client display will be used instead.
remoteDesktop.ignore-cert
If set to true, the certificate returned by the server will be ignored, even if that certificate cannot be validated. This is useful if you universally trust the server and your connection to the server, and you know that the server's certificate cannot be validated (for example, if it is self-signed).
remoteDesktop.remote-app
Specifies the RemoteApp to start on the remote desktop. If supported by your remote desktop server, this application, and only this application, will be visible to the user.
remoteDesktop.resize-method
The method to use to update the RDP server when the width or height of the client display changes. This parameter is optional. If this value is not specified, no action will be taken when the client display changes size.
Usually, the display size of an RDP session is constant and can only be changed when initially connecting. As of RDP 8.1, the "Display Update" channel can be used to request that the server change the display size. For older RDP servers, the only option is to disconnect and reconnect with the new size.
Possible values are: 
display-update: Uses the Display Update channel added with RDP 8.1 to signal the server when the client display size has changed.
Reconnect: Automatically disconnects the RDP session when
the client display size has changed, and reconnects with the new size.
remoteDesktop.security
The security mode to use for the RDP connection. This mode dictates how data will be encrypted and what type of authentication will be performed, if any. By default, standard RDP encryption is requested, as it is the most widely supported.
Possible values are:
Rdp: Standard RDP encryption. This is the default and should be supported by all RDP servers.
Nla: Network Level Authentication. This mode requires login information and performs an authentication step before the remote desktop session actually starts. If the username and password are not given, the connection cannot be made.
Tls: TLS encryption. TLS (Transport Layer Security) is the successor to SSL.
Any: Allow the server to choose the type of security
remoteDesktop.server-layout
The server-side keyboard layout. This is the layout of the RDP server and has nothing to do with the keyboard layout in use on the client side. The Kron PAM Remote Desktop client is independent of the keyboard layout.
Possible values are:
de-de-qwertz: German keyboard (qwertz)
en-us-qwerty: English (US) keyboard
fr-ch-qwertz: Swiss French keyboard (qwertz)
fr-fr-azerty: French keyboard (azerty)
it-it-qwerty: Italian keyboard
ja-jp-qwerty: Japanese keyboard
sv-se-qwerty: Swedish keyboard
tr-tr-qwerty: Turkish keyboard
failsafe: Unknown keyboard - this option sends only Unicode events and should work for any keyboard, though not necessarily on all RDP servers or applications. If your server's keyboard layout is not yet supported, this option should work in the meantime.
remoteDesktop.sftp-directory
The default directory to upload files when they are simply dragged and dropped. The SFTP user must be authorized to use this directory. This parameter is optional. If omitted, the default upload location of the SSH server providing SFTP will be used.
remoteDesktop.sftp-password
The password is to be used when authenticating with the specified SSH server for SFTP.
remoteDesktop.sftp-username
The username to authenticate with when connecting to the specified SSH server for SFTP. This parameter is required.
remoteDesktop.width
The width of the display to request, in pixels. This parameter is optional. If this value is not specified, the width of the connecting client display will be used instead.
sql.proxy.bind.port
This property only applies to SQL proxies connecting to target databases.
When a database, except for Oracle, is added as a new device to the
device inventory, the property must be set with the desired value. The value is used during connection.
sshKeyName
This property only applies to SSH proxies for devices integrated from AWS. To use an SSH key for AWS devices, this property must be defined.
webAppUrl
When an HTTP/S device with a URL such as http://www.testdomain.com/pam is added to the device inventory, the extension after the hostname “/pam” should be added as the webAppUrl property in the device properties. This enables Desktop Client to open this full URL.
winrm.port
The port number for WinRM access to the device.

Property	Definition
aws.public.ip	When devices are imported from cloud platforms, the Management ip is set according to the values of the tag.DiscoverInterfaceType device group property. If an AWS device is imported via public IP, the property is set in the device properties automatically.
aws.private.ip	When devices are imported from cloud platforms, the Management ip is set according to the values of the tag.DiscoverInterfaceType device group property. If an AWS device is imported via private IP, the property is set in the device properties automatically.
azure.public.ip	When devices are imported from cloud platforms, the Management ip is set according to the values of the tag.DiscoverInterfaceType device group property. If an Azure device is imported via public IP, the property is set in the device properties automatically.
azure.private.ip	When devices are imported from cloud platforms, the Management ip is set according to the values of the tag.DiscoverInterfaceType device group property. If an Azure device is imported via private IP, the property is set in the device properties automatically.
gcp.public.ip	When devices are imported from cloud platforms, the Management ip is set according to the values of the tag.DiscoverInterfaceTypedevice group property. If a GCP device is imported via public IP, the property is set in the device properties automatically.
gcp.private.ip	When devices are imported from cloud platforms, the Management ip is set according to the values of the tag.DiscoverInterfaceType device group property. If a GCP device is imported via private IP, the property is set in the device properties automatically.
portNum	This property is set automatically when a new device is created by defining the port number. If it is empty, Kron PAM uses the default port number, according to the access protocol.
remoteDesktop.color-depth	The color depth to request, in bits-per-pixel. This parameter is optional. If specified, its value must be either 8, 16, or 24. Regardless of what value is chosen, if a particular update uses less than 256 colors, the Kron PAM Remote Desktop Client will always send that update as a 256-color PNG.
remoteDesktop.disable-audio	Audio is enabled by default in both the client and in libguac-client-rdp. If you are concerned about bandwidth usage, or the audio is causing problems, you can explicitly disable the audio by setting this parameter to true.
remoteDesktop.domain	The domain to use when attempting authentication, if any. This parameter is optional.
remoteDesktop.dpi	The desired effective resolution of the client display, in DPI. This parameter is optional. If this value is not specified, the resolution and size of the client display will be used together to determine, heuristically, an appropriate resolution for the RDP session.
remoteDesktop.enable-audio-input	If set to true, audio input support (microphone) will be enabled, leveraging the standard AUDIO_INPUT RDP channel. By default, audio input support within RDP is disabled.
remoteDesktop.enable-drive	File transfer is disabled by default, but when enabled, RDP users can transfer files to and from a virtual drive, which persists on the Single Connect server. Enable file transfer support by setting this parameter to true.
remoteDesktop.enable-printing	Printing is disabled by default, but when enabled, RDP users can print to a virtual printer that sends a PDF containing the printed document to the Kron PAM Remote Desktop client. Enable printing by setting this parameter to true.
remoteDesktop.enable-sftp	Enabling/disabling file transfer: If set to true, the user will be allowed to upload or download files from the specified server using SFTP. If omitted, SFTP will be disabled.
remoteDesktop.height	The height of the display to request, in pixels. This parameter is optional. If this value is not specified, the height of the connecting client display will be used instead.
remoteDesktop.ignore-cert	If set to true, the certificate returned by the server will be ignored, even if that certificate cannot be validated. This is useful if you universally trust the server and your connection to the server, and you know that the server's certificate cannot be validated (for example, if it is self-signed).
remoteDesktop.remote-app	Specifies the RemoteApp to start on the remote desktop. If supported by your remote desktop server, this application, and only this application, will be visible to the user.
remoteDesktop.resize-method	The method to use to update the RDP server when the width or height of the client display changes. This parameter is optional. If this value is not specified, no action will be taken when the client display changes size. Usually, the display size of an RDP session is constant and can only be changed when initially connecting. As of RDP 8.1, the "Display Update" channel can be used to request that the server change the display size. For older RDP servers, the only option is to disconnect and reconnect with the new size. Possible values are: display-update: Uses the Display Update channel added with RDP 8.1 to signal the server when the client display size has changed. Reconnect: Automatically disconnects the RDP session when the client display size has changed, and reconnects with the new size.
remoteDesktop.security	The security mode to use for the RDP connection. This mode dictates how data will be encrypted and what type of authentication will be performed, if any. By default, standard RDP encryption is requested, as it is the most widely supported. Possible values are: Rdp: Standard RDP encryption. This is the default and should be supported by all RDP servers. Nla: Network Level Authentication. This mode requires login information and performs an authentication step before the remote desktop session actually starts. If the username and password are not given, the connection cannot be made. Tls: TLS encryption. TLS (Transport Layer Security) is the successor to SSL. Any: Allow the server to choose the type of security
remoteDesktop.server-layout	The server-side keyboard layout. This is the layout of the RDP server and has nothing to do with the keyboard layout in use on the client side. The Kron PAM Remote Desktop client is independent of the keyboard layout. Possible values are: de-de-qwertz: German keyboard (qwertz) en-us-qwerty: English (US) keyboard fr-ch-qwertz: Swiss French keyboard (qwertz) fr-fr-azerty: French keyboard (azerty) it-it-qwerty: Italian keyboard ja-jp-qwerty: Japanese keyboard sv-se-qwerty: Swedish keyboard tr-tr-qwerty: Turkish keyboard failsafe: Unknown keyboard - this option sends only Unicode events and should work for any keyboard, though not necessarily on all RDP servers or applications. If your server's keyboard layout is not yet supported, this option should work in the meantime.
remoteDesktop.sftp-directory	The default directory to upload files when they are simply dragged and dropped. The SFTP user must be authorized to use this directory. This parameter is optional. If omitted, the default upload location of the SSH server providing SFTP will be used.
remoteDesktop.sftp-password	The password is to be used when authenticating with the specified SSH server for SFTP.
remoteDesktop.sftp-username	The username to authenticate with when connecting to the specified SSH server for SFTP. This parameter is required.
remoteDesktop.width	The width of the display to request, in pixels. This parameter is optional. If this value is not specified, the width of the connecting client display will be used instead.
sql.proxy.bind.port	This property only applies to SQL proxies connecting to target databases. When a database, except for Oracle, is added as a new device to the device inventory, the property must be set with the desired value. The value is used during connection.
sshKeyName	This property only applies to SSH proxies for devices integrated from AWS. To use an SSH key for AWS devices, this property must be defined.
webAppUrl	When an HTTP/S device with a URL such as http://www.testdomain.com/pam is added to the device inventory, the extension after the hostname “/pam” should be added as the webAppUrl property in the device properties. This enables Desktop Client to open this full URL.
winrm.port	The port number for WinRM access to the device.

Device Inventory - Device Option Menu

Device Auto Discovery