How to publish a remote access to a given URL as an application in PAM

Document ID : KB000106742
Last Modified Date : 16/07/2018
Show Technical Document Details
Terminal services allows publishing different applications, which an subsequently be accessed by using RDPWeb, and also as RDP applications in PAM. 

In Terminal Services, each new RDP application can be defined with specific command line arguments, so for instance, it would be possible to publish internet explorer (C:\Program Files\iexplorer.exe) and specify as its argument the URL that we would like ot access (for instance

As a result it i possible to publish different URL in a remote Windows server as different applications. The different URL must be specified as command line arguments.

However, CA PAM does not have the same format for defining a remote RDP service to be published: there is only room for the path to the remote application and no explicit reference to its arguments.

This means that PAM expects to launch exactly what is defined in its application definition. For instance, let's imagine we want to launch

using Internet explorer
  • In Terminal services we would create a collection and we would publish  C:\Program Files (x86)\Internet Explorer\iexplore.exe with a command line argument of
  • In CA PAM we would create a RDP service specifying as path: "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
However, trying to use the newly created RDP service would result in a "Permission denied" error and nothing would be run
CA PAM all versions
There is a workaround to achieve this:

1. In the server we want to publish the access to the remote URL application,  define a collection with the following options
  • Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe
  • Command line arguments: Accept any parameter
2. In PAM define applications you want to use as having the following path
     " C:\Program Files (x86)\Internet Explorer\iexplore.exe"