Explanation of security types used in Remote Control Agent

Version 1

    Verified Product Versions

    Endpoint Manager 9.5Endpoint Manager 9.6Endpoint Manager 2016.x

    Local template: Uses only the local device simple permissions set from the remote control Permissions page. Uses only the simple permissions and authentication set in the Remote Control

    window of Agent Configuration. These options are:

    –    Allow Remote Control

    –    Allow Remote Reboot

    –    Allow Chat

    –    Allow File Transfer

    –    Allow Remote Execute


    Windows NT security\local template: Allows only members of the Remote Control Operators group to initiate remote control connections from the console to remote devices. Permitted users are still required to use the permissions set from the Remote Control Settings page of this dialog box.
    Since the Remote Control Operators group is a local group, each device has its own copy of the group. To avoid managing each device's Remote Control Operators group individually, include global (domain level) groups with each local group. Permitted users still use the device's remote control settings, such as permission required.

    Used only for authentication when initiating a remote control session. A user initiating remote control must enter credentials for a user in the Remote Control operators group. Once launched, the session uses Local template permissions and user rights of the currently logged-in end user. In addition to the options for local template security, membership of the Remote Control Operators group can be specified when this option is chosen.


    Integrated security: This is the default security model and is described earlier in this section. Permitted users are still required to use the permissions set from the Permissions page. This security type is used to validate users who have a Windows account that is a member of the LANDesk Management Suite group on the core server, and a combination of a scope to determine if a user has remote control rights. Certificate based security also uses a certificate exchange to encrypt the data and a resident service installed on the client computer

    Please also have a look on the following documents:

    What level of encryption is used during LANDesk Remote Control?



    Things that you should know about Remote Control and the Management Gateway