we are using the Microsoft RDP ActiveX control which ships with Windows and as far as I know, there's no API to run the ActiveX in /remoteGuard
If MS implements this API, we can easily implement that into Royal TS...
Thanks for the reply, then I hope that MS provides this at some point in the future :)
I would love to see this feature as well. Do you know of any Feature Requests at Microsoft, that we could subscribe to or where to create such a feature request?
maybe this uservoice space is appropriate for such feature requests:
I'd love to be able to use the /remoteGuard switch for mstsc.exe with Royal TS.
It allows to so a remote sign in with Kerberos and does not expose the Credentials to the remote host.
So it is similar to /restrictedAdmin (which is already available in Royal TS), but with some differences.
The main advantage is that you are actually using your own credentials instead of the network service of the remote host, so you can access more network resources.
The main disadvantage is, that is does not support to supply credentials, it's always used in the security context that it's started in, so you could not use the credential objects in RoyalTS with it directly.
I'd still like, if it was available as an option, though ;-)