Configuring Kryon Terminal Server Robot
The Nintex Terminal Server Robot Tool supports a session scheduler feature. When enabled, the tool automatically maintains configured RDP sessions active. If a session is canceled – the tool brings it back.
Nintex RDP Installation
-
Download and install .NET Core 3.1 Runtime (v3.1.16) - Windows x64 Installer
-
Download and install ASP.NET Core 3.1 Runtime (v3.1.16) - Windows x64 Installer
-
Confirm that the KryonRDP works properly by running:
dotnet Kryon.RDPService.API.dll --console
Open your internet browser and navigate to http://localhost:5000 - you should get the Swagger UI page.
EXAMPLE
-
In the same CMD window, run:
sc create KryonRDP binPath="C:\Kryon\KryonRDP\Kryon.RDPService.API.exe" type=own start=auto displayName="Kryon RDP service"
-
Open the Services console window and confirm that Nintex RDP service is installed.
-
Run the service.
Service Configuration
To get Nintex RDP SERVICE integrated with the Console credential vault for the Terminal Server
-
Go to C:\Kryon\KryonRDP and open:
-
appsettings.json file
Add the DB connection string as shown below:
Update the screen resolution if required
-
scheduled_rdp_session.json file
Update the fields:
-
MachineAddress: This is the host name or FQDN of the terminal server
-
CredentialId and TenantId: Query the database
SELECT * FROM LeoCredentialsVault WHERE CredentialType = 4
Credential type = 4 (it is for robot machine OS credential)
-
-
-
Restart Nintex RDP Service
-
Observe:
-
Logs started populating under C:\Kryon\KryonRDP\Logs folder and it will look like below:
-
Check under Task Manager > Users tab
Robot1 & robot2 user sessions started
-
Go to the Kryon Console > Robots Menu
-
Make sure the below settings are ON:
-
Enable the Nintex robot in STARTUP APP list and check below boxes to start the robots automatically
-
Terminal Robot Application Configuration
To change the Terminal Robot application configuration, you only need to edit the AppSettings.json file and restart the application, i.e., rerun the console or restart the windows service.
If a relevant windows service is running you need to stop it before changing the application configuration.
Web API Configuration
If needed, you can edit the parameters of the AppSettings.json file as following:
Container/Block |
Parameter |
Description and Usage |
---|---|---|
|
LogFilePath |
Set the path where the text log files should be stored.
Read more here. |
AppSettings |
RdpScreenWidth |
Screen width of the RDP session window |
AppSettings |
RdpScreenHeight |
Screen height of the RDP session window |
AppSettings |
DefaultRdpPort |
|
AppSettings |
DefaultRdpWindowTitlePrefix |
Optional. If provided, will be used as an RDP window prefix. |
AppSettings |
StartupAppPath |
|
AppSettings |
StartupAppCmdParams |
See Extended RDP tool configuration with ‘StartupAppCmdParams’ settings |
AppSettings |
MstscRdpFilesPath |
|
AppSettings |
APITitle |
API title to be used on swagger UI |
AppSettings |
APIDescription |
API description to be used on swagger UI |
Kestrel.EndPoints |
Http.Url |
|
Kestrel.EndPoints |
Https.Url |
|
Session Scheduler Settings: |
||
AppSettings |
RdpSessionSchedulerEnabled |
|
RdpSessionSchedulerSettings |
IntervalSec |
|
RdpSessionSchedulerSettings |
StartDelaySec |
|
RdpSessionSchedulerSettings |
RdpSessionsFile |
|
Session Scheduler Configuration
The Session Scheduler is an application support feature. When enabled, the application automatically maintains the configured RDP sessions active. If a session is canceled – the application brings it back.
You can configure Scheduled RDP Session in the dedicated JSON file. See JSON file example in NintexRDP service folder - scheduled_rdp_sessions.json
.
The JSON file contains a collection of RDP sessions to be maintained active. Each session is represented by a JSON object with properties as described in the table below:
Property |
Description |
---|---|
MachineAddress |
Address of the machine to start RDP session on
|
UserName |
User name for an RDP session
|
UserPassword |
User password for an RDP session
|
RdpPort |
TCP/IP port to be used for an RDP connection
|
RdpProtocol |
RDP protocol to use
|
ScreenWidth |
Screen width to use for an RDP session window
|
ScreenHeight |
Screen height to use for an RDP session window
|
WindowTitle |
Title to use for an RDP session window
|
WaitBeforeStartSessionInSeconds |
The timespan in seconds to wait before the RDP session start
|
SessionStartupRegistryValues |
The collection of Registry keys and values to modify for Current User hive (HKEY_CURRENT_USER).
|
To enable Session Scheduler, make sure to set the relevant parameters in the AppSetting file, see Session Scheduler Settings. |
|
Additional Technical Details
Logging
To configure log file location, change the following appsettings.json parameter:
-
Absolute path:
LogFilePath: "C:\\Kryon\\KryonRDP\\logs"
-
Relative path: (relative to exe file location)
LogFilePath: "./logs"
Log file entries format can be configured in NLog configuration files: nlog.Production.config
.
In particular log entries format can be changed be editing ‘Layout
’ variable in nlog.Production.config
The following is an example of the log file:
How to verify that the session-scheduler works
To verify that the session scheduler is working after setting it up, check the log file to verify there is an entry per each scheduler run:
EXAMPLE:
Extended RDP tool configuration with ‘StartupAppCmdParams’ settings
An example of RDP tool scheduled configuration:
"AppSettings": {
"RdpScreenWidth": "1920",
"RdpScreenHeight": "1080",
"DefaultRdpPort": "3389",
"DefaultRdpWindowTitlePrefix": "Kryon",
"StartupAppPath": "C:\\Windows\\System32\\notepad.exe",
"StartupAppCmdParams": "ttt.txt",
"MstscRdpFilesPath": "",
"APITitle": "Kryon RDP Service API",
"APIDescription": "Kryon RDP Service Web API interface",
"RdpSessionSchedulerEnabled": "true"
}
Remote Apps
FreeRdp has the following for the remote application:
/app:||<alias> or <executable path> |
Remote application program |
/app-name:<app name> |
Remote application name for user interface |
/app-icon:<icon path> |
Remote application icon for user interface |
/app-cmd:<parameters> |
Remote application command-line parameters |
/app-file:<file name> |
File to open with remote application |
/app-guid:<app guid> |
Remote application GUID |
Also, the same list of settings can be found here:
xfreerdp man page - freerdp - General Commands | ManKier
FreeRdp docs mention remote application programs - What is a Remote Application Program?
RemoteApps are part of the Windows Server 2008 R2 Remote Desktop Services role. Remote Desktop Services (RDS), known as Terminal Services in Windows Server 2008 and earlier. RemoteApp (or TS RemoteApp) is a special mode of RDS, available in Windows Server 2008 R2 and later, where remote session configuration is integrated into the client operating system. Details here.
How to enable the remote apps on the server?
There are two options:
-
Add particular applications to the allowed remote apps list: Applications are configured as RemoteApps using the RemoteApp Manager tool. Details on the server configuration to host RemoteApp programs here: TS RemoteApp Step-by-Step Guide
-
Allow all remote apps: To allow unlisted remote programs to be accessible need to set the following registry key:
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services]
"fAllowUnlistedRemotePrograms"=dword:00000001
Detailed information can be found in the links below:
Error RAIL_EXEC_E_NOT_IN_ALLOWLIST When use /app · Issue #998 · FreeRDP/FreeRDP
Managing the Tool
Once windows service is installed and started you should see the status of ‘running’ in Windows Services Manager, as follows:
Windows Services Manager can be used to manage the service. Right click the service t o manage it:
You can access the API page from: http://localhost:5000.
Technical sections from existing/previous doc:
Install the tool
The following sets up the tool as a windows service:
Make sure you have custom or default system user account to create windows service. By default, a windows service will be created for next default user: ‘Local System’.
Installation parameters details:
-
{NAME}
Required. Service name. ‘
KryonRdpService
’ is used below automation scripts as service name. -
{EXE FILE PATH}
Required. The app's executable path (for example,
C:\installation folder\company.RDPService.API.exe
). Include the executable file name with extension. -
{DOMAIN OR COMPUTER NAME\USER}
Optional. Service user account (for example, MyComputerName\ServiceUser). By default windows service will be created for next default user: ‘Local System’.
-
{DISPLAY NAME}
Optional. Service display name (for example, Company RDP Management Service).
Using NSSM
This process is automated using ‘install-as-service.bat’
script.
In order to install the service using NSSM, run ‘install-as-service.bat’
as an administrator.
The installation package contains all the needed dependencies like nssm.exe, run-as-process.bat, etc. Once installed you’ll see the service in the Windows Services list.
The installer sets the service to start automatically.
To verify: check that http://localhost:5000 is accessible.
Using windows service control manager (sc.exe)
-
Create a service
Use sc.exe to create a service, passing the full path of the built executable.
sc create {NAME} binPath= "{EXE FILE PATH}" type=own start=auto displayname="{DISPLAY_NAME}" obj={DOMAIN OR COMPUTER NAME\USER}
Command example
sc create “CompanyRdpService” binPath= "C:\Projects\Company\rdp-service\Company.RDPService.API\bin\Debug\netcoreapp2.2\win7-x64\publish\Company.RDPService.API.exe" type=own start=auto displayname=”CompanyRDP management Service”
-
Start/Stop/Pause a service
Use sc.exe to start the service (this needs to occur in a command prompt running as Administrator)
sc start {NAME}
sc stop {NAME}
sc pause {NAME}
-
Get status of the service
sc query {NAME}
-
Delete service
sc delete {NAME}
Using powershell commands
-
Create a service
New-Service -Name {NAME} –BinaryPathName "{EXE FILE PATH}" –StartupType Automatic –Displayname "{DISPLAY_NAME}" –Credential {DOMAIN OR COMPUTER NAME\USER}
Command example
New-Service -Name “CompanyRdpService” –BinaryPathName "C:\Projects\Company\rdp-service\Company.RDPService.API\bin\Debug\netcoreapp2.2\win7-x64\publish\Company.RDPService.API.exe" –StartupType Automatic -Displayname=”Company RDP management Service
-
Start/Stop a service
Start-Service -Name {NAME}
Stop-Service -Name {NAME}
-
Get status of the service
Get-Service -Name {NAME}
-
Delete service
Remove-Service –Name {NAME}
For more details, see here