One of the main security features in NetMan Desktop Manager is ticketing. For every session start, whether it is an RDP or an ICA session, a configuration file is generated by NetMan web services and sent to the NetMan client. This configuration file does not contain the application to be launched; rather, it contains a ticket. The ticket contains either a user name (only in sessions opened by NetMan anonymous users), or a random string of characters. Based on the ticket, the NetMan Desktop Manager program (nmchttp.exe), together with the NetMan web services, can detect which application the user wishes to launch. This procedure provides enhanced security for access to Remote Desktop Session Hosts, because only that particular application can be launched for which session configuration file was generated. Users cannot access the Session Host to launch an application by creating their own configuration files, or modifying existing files, for RDP or ICA access.
Settings for ticketing are configured in the Global section of the NetMan Settings:
Once issued, the ticket is valid for a limited time only. After the period of validity has expired, the ticket cannot be used. With the default settings, the period of validity is 120 seconds. You can change this value if desired. The text configured here in the Message field is displayed to the user if an attempt is made to open a session with an invalid ticket – or without any ticket.
For a complete description of the settings options, see "NetMan Settings/Global Settings/Ticketing".