Use RDM with RDPGW

Hello Raymond,

Thank you for contacting the Devolutions support team.

Could you tell me how you change this token every 15 minutes?
Are you using a PowerShell script?

I will do some tests on my end, but I think the easiest way will be to use a PowerShell script before opening it to get the token and use it in your entry.

If you have more details on how you use it, even with MSTSC, it would be appreciated.

Best regards,

At this moment, I use this script.It works but it doesn't convince me.

RDPGW works similar to Azure Bastion. I need make login in a web, and download a RDP file that contais the token.

Thanks

#BEGIN
$downloadFolder=(New-Object -ComObject Shell.Application).NameSpace('shell:Downloads').Self.Path

$fichero = (Get-ChildItem $downloadFolder -Attributes !Directory "*$( $RDM.Connection.host )*.rdp" | Sort-Object -Descending -Property LastWriteTime | select -First 1).FullName
Start "https://$($RDM.Connection.RDP.GatewayHostname)/connect?host=$( $RDM.Connection.host ):3389"

$startDate = Get-Date
do {
	$fichero1 = (Get-ChildItem $downloadFolder -Attributes !Directory "*$( $RDM.Connection.host )*.rdp" | Sort-Object -Descending -Property LastWriteTime | select -First 1).FullName
	if ($fichero -eq $fichero1) {
		Start-Sleep -Seconds 1
	}
} Until (("$fichero" -ne "$fichero1") -or ((Get-Date) -gt $startDate.AddMinutes(2)))

if(-not $fichero1) {
	msg "%username%" Debe introducir sus credenciales en el navegador para poder conectar
	#$RDM.Cancel = $true
} else {
	#
	$gatewayhostname=(Get-Content $fichero1 | Select-String -Pattern "^gatewayhostname") -replace 'gatewayhostname:s:'
	$gatewayaccesstoken=(Get-Content $fichero1 | Select-String -Pattern "^gatewayaccesstoken") -replace 'gatewayaccesstoken:s:'

	$RDM.Connection.RDP.GatewayCredentialsSource="GatewayAccessToken"
	$RDM.Connection.RDP.GatewayHostname=$gatewayhostname
	$RDM.Connection.RDP.GatewayProfileUsageMethod="Explicit"
	$RDM.Connection.RDP.GatewaySelection="SpecificGateway"
	$RDM.Connection.RDP.GatewayUsageMethod="ModeDirect"
	$RDM.Save();

	$RDM.Connection.RDP.GatewayAccessToken = $gatewayaccesstoken

	$RDM.connection.TabTitle = $RDM.Connection.RDP.GatewayHostname.Replace(".rdpgw.int", ": ").ToUpper() + $RDM.Connection.Name

	#
	Remove-Item -Path $fichero1 -Force
}
#END

Hello,

Thank you for sharing your current script. Based on your description, the script appears to accomplish the task.

Since the token is updated every 15 minutes, an automated fetch and update process within RDM using scripting is necessary. Your current script does a decent job of automating parts of the process.

I also asked the dev team to look at this thread.
According to them, this could be added in RDM to have a feature for this.

I will move this thread to our feature request

Best regards,

Hello

To add a little to what Patrick already wrote, this wouldn't be technically challenging to implement (as you suspect, it's very close to what we have for Azure Bastion with the RD Gateway option). However there is overhead in developing a native integration and realistically we probably don't have the engineering bandwidth to get to that any time soon. I'd consider your PowerShell script to be a good compromise and before we had a native Azure Bastion integration, that was the same approach that we recommended.

That said, I wasn't aware of the rdpgw project until now and it does seem to be a very cool initiative. These kind of feature requests are open ended, and if enough users wanted that it would help us to reprioritize. So I'd encourage other users that are keen for this integration to chime in on this thread.

Please, let us know any questions or comments.

Kind regards,

Thank you for your answers. RDM is a very complete tool, and I didn't know if I was using the best way to solve my needs.
Now I know that currently it is the best way. My intention is not to request a modification to your tool.
Thanks for the help.