Some improvements for publishing RDP+ to ‘untrusted’ users.
- Expanded the kiosk mode to allow any combination of the fields for computername, username and password to be enabled or disabled. The /kiosk command line parameter now allows you to specify a 3-character mask in which each character stands for one of the three fields (computername, username, password). 1 enables the field, 0 disables it. For example, /kiosk:011 will disable the computername field and only allow the user to enter the username and password.
- Added the command line parameter /allowed, which allows you to specify a list of computers to which a connection can be made. If the target computer does not match the list, the connection will be refused. This ensures users don’t connect to computers you don’t want them to.
- The list of supported command line parameter is still steadily growing and can become quite much to type each time. To ease the pain, you can now put command line parameters in a file and use the contents using the @-sign.
- Both the new kiosk mode(s) and the allowed targets list can be controlled through Group Policies. The updated templates can be found here.
- Several other improvements and tweaks.
The new version can be downloaded here.