1 files changed, 101 insertions, 93 deletions
diff --git a/xrdp/xrdp.ini b/xrdp/xrdp.ini
index 34adb077..242641ff 100644
--- a/xrdp/xrdp.ini
+++ b/xrdp/xrdp.ini
@@ -1,39 +1,59 @@
-[globals]
-# xrdp.ini file version number
+[Globals]
+; xrdp.ini file version number
 ini_version=1
 
-bitmap_cache=yes
-bitmap_compression=yes
+; fork a new process for each incoming connection
+fork=true
+; tcp port to listen
 port=3389
-allow_channels=true
-max_bpp=32
-fork=yes
-# minimum security level allowed for client
-# can be 'none', 'low', 'medium', 'high', 'fips'
+; regulate if the listening socket use socket option tcp_nodelay
+; no buffering will be performed in the TCP stack
+tcp_nodelay=true
+; regulate if the listening socket use socket option keepalive
+; if the network connection disappear without close messages the connection will be closed
+tcp_keepalive=true
+#tcp_send_buffer_bytes=32768
+#tcp_recv_buffer_bytes=32768
+
+; security layer can be 'tls', 'rdp' or 'negotiate'
+; for client compatible layer
+security_layer=negotiate
+; minimum security level allowed for client
+; can be 'none', 'low', 'medium', 'high', 'fips'
 crypt_level=high
-# security layer can be 'tls', 'rdp' or 'negotiate'
-# for client compatible layer
-security_layer=rdp
-# X.509 certificate and private key
-# openssl req -x509 -newkey rsa:2048 -nodes -keyout key.pem -out cert.pem -days 365
+; X.509 certificate and private key
+; openssl req -x509 -newkey rsa:2048 -nodes -keyout key.pem -out cert.pem -days 365
 certificate=
 key_file=
+; specify whether SSLv3 should be disabled
+#disableSSLv3=true
+; set TLS cipher suites
+#tls_ciphers=HIGH
 
-# regulate if the listening socket use socket option tcp_nodelay
-# no buffering will be performed in the TCP stack
-tcp_nodelay=yes
+; Section name to use for automatic login if the client sends username
+; and password. If empty, the domain name sent by the client is used.
+; If empty and no domain name is given, the first suitable section in
+; this file will be used.
+autorun=
 
-# regulate if the listening socket use socket option keepalive
-# if the network connection disappear without close messages the connection will be closed
-tcp_keepalive=yes
-
-#tcp_send_buffer_bytes=32768
-#tcp_recv_buffer_bytes=32768
-
-#
-# colors used by windows in RGB format
-#
+allow_channels=true
+allow_multimon=true
+bitmap_cache=true
+bitmap_compression=true
+bulk_compression=true
+#hidelogwindow=true
+max_bpp=32
+new_cursors=true
+; fastpath - can be 'input', 'output', 'both', 'none'
+use_fastpath=both
+; when true, userid/password *must* be passed on cmd line
+#require_credentials=true
+; You can set the PAM error text in a gateway setup (MAX 256 chars)
+#pamerrortxt=change your password according to policy at http://url
 
+;
+; colors used by windows in RGB format
+;
 blue=009cb5
 grey=dedede
 #black=000000
@@ -44,68 +64,51 @@ grey=dedede
 #red=ff0000
 #green=00ff00
 #background=626c72
-#autorun=xrdp1
-#hidelogwindow=yes
-
-# when true, userid/password *must* be passed on cmd line
-# require_credentials=yes
-
-# set a default entry for autorun if the client send login and pass directly
-autorun=xrdp1
-
-bulk_compression=yes
-
-# You can set the PAM error text in a gateway setup (MAX 256 chars)
-#pamerrortxt=change your password according to policy at http://url
-new_cursors=yes
-allow_multimon=true
 
-# fastpath - can be set to input / output / both / none
-use_fastpath=both
-#
-# configure login screen
-#
+;
+; configure login screen
+;
 
-# Login Screen Window Title
+; Login Screen Window Title
 #ls_title=My Login Title
 
-# top level window background color in RGB format
+; top level window background color in RGB format
 ls_top_window_bg_color=009cb5
 
-# width and height of login screen
+; width and height of login screen
 ls_width=350
 ls_height=430
 
-# login screen background color in RGB format
+; login screen background color in RGB format
 ls_bg_color=dedede
 
-# optional background image filename (bmp format).
+; optional background image filename (bmp format).
 #ls_background_image=
 
-# logo
-# full path to bmp-file or file in shared folder
+; logo
+; full path to bmp-file or file in shared folder
 ls_logo_filename=
 ls_logo_x_pos=55
 ls_logo_y_pos=50
 
-# for positioning labels such as username, password etc
+; for positioning labels such as username, password etc
 ls_label_x_pos=30
 ls_label_width=60
 
-# for positioning text and combo boxes next to above labels
+; for positioning text and combo boxes next to above labels
 ls_input_x_pos=110
 ls_input_width=210
 
-# y pos for first label and combo box
+; y pos for first label and combo box
 ls_input_y_pos=220
 
-# OK button
+; OK button
 ls_btn_ok_x_pos=142
 ls_btn_ok_y_pos=370
 ls_btn_ok_width=85
 ls_btn_ok_height=30
 
-# Cancel button
+; Cancel button
 ls_btn_cancel_x_pos=237
 ls_btn_cancel_y_pos=370
 ls_btn_cancel_width=85
@@ -114,17 +117,17 @@ ls_btn_cancel_height=30
 [Logging]
 LogFile=xrdp.log
 LogLevel=DEBUG
-EnableSyslog=1
+EnableSyslog=true
 SyslogLevel=DEBUG
-# LogLevel and SysLogLevel could by any of: core, error, warning, info or debug
-
-[channels]
-# Channel names not listed here will be blocked by XRDP.
-# You can block any channel by setting its value to false.
-# IMPORTANT! All channels are not supported in all use
-# cases even if you set all values to true.
-# You can override these settings on each session type
-# These settings are only used if allow_channels=true
+; LogLevel and SysLogLevel could by any of: core, error, warning, info or debug
+
+[Channels]
+; Channel names not listed here will be blocked by XRDP.
+; You can block any channel by setting its value to false.
+; IMPORTANT! All channels are not supported in all use
+; cases even if you set all values to true.
+; You can override these settings on each session type
+; These settings are only used if allow_channels=true
 rdpdr=true
 rdpsnd=true
 drdynvc=true
@@ -133,14 +136,19 @@ rail=true
 xrdpvr=true
 tcutils=true
 
-# for debugging xrdp, in section xrdp1, change port=-1 to this:
-# port=/tmp/.xrdp/xrdp_display_10
+; for debugging xrdp, in section xrdp1, change port=-1 to this:
+#port=/tmp/.xrdp/xrdp_display_10
+
+; for debugging xrdp, add following line to section xrdp1
+#chansrvport=/tmp/.xrdp/xrdp_chansrv_socket_7210
 
-# for debugging xrdp, add following line to section xrdp1
-# chansrvport=/tmp/.xrdp/xrdp_chansrv_socket_7210
 
-[xrdp1]
-name=sesman-X11rdp
+;
+; Session types
+;
+
+[X11rdp]
+name=X11rdp
 lib=libxup.so
 username=ask
 password=ask
@@ -149,16 +157,26 @@ port=-1
 xserverbpp=24
 code=10
 
-[xrdp2]
-name=sesman-Xvnc
+[Xorg]
+name=Xorg
+lib=libxup.so
+username=ask
+password=ask
+ip=127.0.0.1
+port=-1
+code=20
+
+[Xvnc]
+name=Xvnc
 lib=libvnc.so
 username=ask
 password=ask
 ip=127.0.0.1
 port=-1
+#xserverbpp=24
 #delay_ms=2000
 
-[xrdp3]
+[console]
 name=console
 lib=libvnc.so
 ip=127.0.0.1
@@ -167,7 +185,7 @@ username=na
 password=ask
 #delay_ms=2000
 
-[xrdp4]
+[vnc-any]
 name=vnc-any
 lib=libvnc.so
 ip=ask
@@ -179,7 +197,7 @@ password=ask
 #pamsessionmng=127.0.0.1
 #delay_ms=2000
 
-[xrdp5]
+[sesman-any]
 name=sesman-any
 lib=libvnc.so
 ip=ask
@@ -188,13 +206,13 @@ username=ask
 password=ask
 #delay_ms=2000
 
-[xrdp6]
+[rdp-any]
 name=rdp-any
 lib=librdp.so
 ip=ask
 port=ask3389
 
-[xrdp7]
+[neutrinordp-any]
 name=neutrinordp-any
 lib=libxrdpneutrinordp.so
 ip=ask
@@ -202,17 +220,7 @@ port=ask3389
 username=ask
 password=ask
 
-[Session manager]
-name=Session manager
-lib=libxup.so
-username=ask
-password=ask
-ip=127.0.0.1
-port=-1
-xserverbpp=24
-code=20
-
-# You can override the common channel settings for each session type
+; You can override the common channel settings for each session type
 #channel.rdpdr=true
 #channel.rdpsnd=true
 #channel.drdynvc=true