[英]Azure Remote Desktop Traceability in a Cloud Service
If you follow Microsoft's instructions here to enable RDP on instances in a Cloud Service, they tell you to create a user and set a password for remote desktop purposes. 如果您按照Microsoft的说明在 Cloud Service中的实例上启用RDP,则它们会告诉您创建用户并为远程桌面目的设置密码。
As this can quickly become a "shared account", I am wondering how one goes about linking this to a person. 由于这可以很快成为“共享帐户”,因此我想知道如何将其链接到一个人。 The Azure Operation logs do not seem to keep track of who RDP'ed or not, and the Windows Security Event Log obviously has no idea what user was connecting other than the user you created.
Azure操作日志似乎无法跟踪谁进行了RDP,并且Windows安全事件日志显然不知道除了创建的用户以外,哪个用户正在连接。 This make traceability difficult.
这使可追溯性变得困难。
While I understand RDP should only be enabled for troubleshooting purposes, I am hoping I missed something simple that would allow Azure Cloud Service users to enable RDP without losing all traceability on who is accessing what instance. 虽然我知道应该仅出于故障排除目的而启用RDP,但我希望我错过了一些简单的事情,这些事情将允许Azure云服务用户启用RDP,而不会丢失有关谁在访问哪个实例的所有可追溯性。
Short Version: How do I know who connected over RDP using the shared RDP Account? 简短版:我如何知道谁使用共享的RDP帐户通过RDP连接? Azure logs, infrastructure logs maybe?
Azure日志,基础架构日志?
Thanks 谢谢
There have been a few changes since the link you mentioned is published: 自您提到的链接发布以来,发生了一些更改:
CONFIGURE
tab for your cloud service and then click on Remote
icon and follow the instructions. CONFIGURE
选项卡,然后单击“ Remote
图标并按照说明进行操作。 I haven't actually looked at security event logs so I can't say for sure that it would log this activity but I'm assuming it would. 我实际上并没有查看安全事件日志,因此不能肯定地说它将记录此活动,但我假设会记录。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.