I know that audit, session capture and replay, risk level rating and AD authentication are Windows features via RDP relay.
However, how should I do to define specific commands that users will be able to execute on Windows ? Because Command Control integrates through a restricted shell on Unix/Linux but there is not an option on Windows, right ? There are many references which mentions Windows command execution and Remote privileged command execution. But I don´t know the way to do it (allow/deny). What does "PUM Run" do ? Is RDP relay mandatory ?
Please let me know if there is any document which can help me to understand these PUM features for Windows.
As the Windows RDP feature stands today, the only thing that can be done is to make a secure RDP session. We can not currently define specific windows commands, only a full RPD session as the configured user. The "PUM Run" code was disabled and not officially release as a feature.