;; See `man 5 sesman.ini` for details [Globals] ListenAddress=127.0.0.1 ListenPort=3350 EnableUserWindowManager=true ; Give in relative path to user's home directory UserWindowManager=startwm.sh ; Give in full path or relative path to @sesmansysconfdir@ DefaultWindowManager=startwm.sh ; Give in full path or relative path to @sesmansysconfdir@ ReconnectScript=reconnectwm.sh [Security] AllowRootLogin=true MaxLoginRetry=4 TerminalServerUsers=tsusers TerminalServerAdmins=tsadmins ; When AlwaysGroupCheck=false access will be permitted ; if the group TerminalServerUsers is not defined. AlwaysGroupCheck=false ; When RestrictOutboundClipboard=true clipboard from the ; server is not pushed to the client. RestrictOutboundClipboard=false [Sessions] ;; X11DisplayOffset - x11 display number offset ; Type: integer ; Default: 10 X11DisplayOffset=10 ;; MaxSessions - maximum number of connections to an xrdp server ; Type: integer ; Default: 0 MaxSessions=50 ;; KillDisconnected - kill disconnected sessions ; Type: boolean ; Default: false ; if 1, true, or yes, every session will be killed within DisconnectedTimeLimit ; seconds after the user disconnects KillDisconnected=false ;; DisconnectedTimeLimit (seconds) - wait before kill disconnected sessions ; Type: integer ; Default: 0 ; if KillDisconnected is set to false, this value is ignored DisconnectedTimeLimit=0 ;; IdleTimeLimit (seconds) - wait before disconnect idle sessions ; Type: integer ; Default: 0 ; Set to 0 to disable idle disconnection. IdleTimeLimit=0 ;; Policy - session allocation policy ; Type: enum [ "Default" | "UBD" | "UBI" | "UBC" | "UBDI" | "UBDC" ] ; "Default" session per ; "UBD" session per ; "UBI" session per ; "UBC" session per ; "UBDI" session per ; "UBDC" session per Policy=Default [Logging] ; Note: Log levels can be any of: core, error, warning, info, debug, or trace LogFile=xrdp-sesman.log LogLevel=INFO EnableSyslog=true #SyslogLevel=INFO #EnableConsole=false #ConsoleLevel=INFO #EnableProcessId=false [LoggingPerLogger] ; Note: per logger configuration is only used if xrdp is built with ; --enable-devel-logging #sesman.c=INFO #main()=INFO ; ; Session definitions - startup command-line parameters for each session type ; [Xorg] ; Specify the path of non-suid Xorg executable. It might differ depending ; on your distribution and version. Find out the appropreate path for your ; environment. The typical path is known as follows: ; ; Fedora 26 or later : param=/usr/libexec/Xorg ; Debian 9 or later : param=/usr/lib/xorg/Xorg ; Ubuntu 16.04 or later : param=/usr/lib/xorg/Xorg ; Arch Linux : param=/usr/lib/Xorg ; CentOS 7 : param=/usr/bin/Xorg or param=Xorg ; CentOS 8 : param=/usr/libexec/Xorg ; param=Xorg ; Leave the rest paramaters as-is unless you understand what will happen. param=-config param=xrdp/xorg.conf param=-noreset param=-nolisten param=tcp param=-logfile param=.xorgxrdp.%s.log [Xvnc] param=Xvnc param=-bs param=-nolisten param=tcp param=-localhost param=-dpi param=96 [Chansrv] ; drive redirection ; See sesman.ini(5) for the format of this parameter #FuseMountName=/run/user/%u/thinclient_drives #FuseMountName=/media/thinclient_drives/%U/thinclient_drives FuseMountName=thinclient_drives ; this value allows only the user to acess their own mapped drives. ; Make this more permissive (e.g. 022) if required. FileUmask=077 ; Can be used to disable FUSE functionality - see sesman.ini(5) #EnableFuseMount=false [ChansrvLogging] ; Note: one log file is created per display and the LogFile config value ; is ignored. The channel server log file names follow the naming convention: ; xrdp-chansrv.${DISPLAY}.log ; ; Note: Log levels can be any of: core, error, warning, info, debug, or trace LogLevel=INFO EnableSyslog=true #SyslogLevel=INFO #EnableConsole=false #ConsoleLevel=INFO #EnableProcessId=false [ChansrvLoggingPerLogger] ; Note: per logger configuration is only used if xrdp is built with ; --enable-devel-logging #chansrv.c=INFO #main()=INFO [SessionVariables] PULSE_SCRIPT=@sesmansysconfdir@/pulse/default.pa