Has anyone ever written a formal Code of Conduct regarding the utilization of Remote Desktop for Administration? Better yet, is there any professional vendor certification that covers the proper ethics and conduct of utilizing this technology as a measured competency?
Here’s why I ask:
I have a vendor which has multiple line of business softwares on multiple servers in our environment. Since I have taken on with my current employer (3+years), I have repeatedly had issues with this vendor’s support staffers doing untoward things (e.g. tying up both TS sessions, never logging off TS sessions, leaving one or more sessions active but disconnected for days, etc.) resultantly making it impossible for internal IT/IS to connect to these server elements via RDP without using TSM from another server and forcibly disconnecting the active disconnected vendor sessions. (Note: we do also use a VNC package to get around this). Now, I know that there are policies that I can set which will logoff these idle disconnected sessions, but that’s not the point. The point is, that irresponsible use of RDP for Administration is akin to driving without a license and/or ignoring the rules of the road. It is both inconsiderate, as well as dangerous to the public good.
I’ve tried to re-educate the vendor in the past, and have simply just dealt with and worked around their lack of compliance until now. What has recently aggravated the issue is a result of some of the new behaviors that arrived with the introduction of Windows 2008 and Terminal Services being replaced by the redesigned Remote Desktop Services. Rather than just being reckless RDP drivers as they could with 2003 and earlier, this vendor is now committing vehicular homicide with impunity by utilizing the force disconnect and request to logoff active sessions options now available. Last weekend, and again this, they were connecting to monitor an issue with one of their products which requires an
