Portal Portal Forum Forum Devolutions Force Devolutions Force Hub Business Hub Business Hub Personal Hub Personal Devolutions Send Devolutions Send Download RDM RDM Workspace Workspace Launcher Launcher
Tips & Tricks
Adam Listek
Adam Listek

As an IT specialist with over 20 years in the industry, I work hard to stay up to date on new and emerging technologies. Having worked in diverse fields from healthcare to higher education, I love new challenges and creating in-depth content to share with the world!

RDP Management Showdown: RDCMan vs. Devolutions RDM

Summary

After rectifying a major vulnerability, Microsoft's Remote Desktop Connection Manager (RDCMan) made a comeback in 2021 in the Sysinternals toolkit. Despite being a long-standing choice of IT technicians, RDCMan has now got a new formidable challenger: Devolutions' Remote Desktop Manager (RDM). In this article, we'll explore how RDCMan stacks up against its new rival.

Table of Contents

Microsoft's Remote Desktop Connection Manager (RDCMan) was revived in 2021 after fixing a critical vulnerability and became part of the Sysinternals toolset. Although a common sight in IT technician toolsets for years, RDCMan has faced competition from modern tools such as Devolutions' Remote Desktop Manager (RDM). How does RDCMan stack up against these newer tools?

Looking Beyond RDP: Protocol Support

Born from the internal Microsoft need to better support Remote Desktop Protocol (RDP) connections, RDCMan offers more functionality than the built-in client, MSTSC (Microsoft Terminal Services Client). As a Microsoft product, RDCMan focuses on RDP support and does not offer additional protocols outside the Microsoft ecosystem. Instead, RDCMan focuses on organizational and quality-of-life improvements when managing many remote RDP connections.

In contrast, Devolutions Remote Desktop Manager supports various remote connection protocols. In addition to robust support for RDP, the software also supports connection protocols such as SSH, ARD, VNC, TeamViewer, LogMeIn, and many others. While RDCMan is valuable, most IT users must manage many different types of connections. With a single tool managing all of their connections in one place, RDM saves time by eliminating the need to switch between many different tools.

looking-beyond-rdp-protocol-support-1.png

Plumbing the Depths of RDP Support

RDCMan development focuses solely on RDP support. The feature set is limited to the built-in ActiveX control of RDP available on the version of Windows that RDCMan runs from. This creates a Windows dependency that could limit the available features. Some organizations are tied to older versions of Windows for operational and compliance reasons, and RDCMan protocol support is limited when run from older Windows versions.

RDM supports multiple implementations of RDP, depending on your needs. For instance, you can choose any of the following for a specific connection or group of connections (through inheritance):

  • A specific version of RDP, running the ActiveX control of that RDP version.
  • MSRDC, a modernized version of MSTSC primarily intended for Azure Virtual Desktop connections.
  • A cross-platform RDP implementation in FreeRDP, which also supports the latest version of RDP, 10.11.

plumbing-the-depths-of-rdp-support-1.png

By offering multiple implementations, RDM provides the flexibility of modern RDP versions even on older systems (Windows 7+). Additionally, if you require a specific version of RDP or need to work around a bug, you can try different RDP versions.

Innovation isn’t limited to selecting specific versions or implementations of RDP. RDM development continues to push the envelope with API hooking to fix or implement fixes and features that would otherwise be unavailable. Although RDCMan does have new releases through Sysinternals, these releases are primarily focused on bug-fixing rather than new features, as evidenced by the past few releases.

Everything in Its Place: Connection Organization

One of RDCMan's greatest strengths is its ability to organize client connections. By grouping connections into a tree structure, keeping track of many connections becomes much more manageable than relying on .rdg files in a folder. Switching between multiple connections is easier since you can keep each connection open and quickly switch between them.

Smart groups allow you to organize similar connections without manual placement. To quickly organize connections, use a combination of properties such as DisplayName, ServerName, Parent, and Comment. Additionally, you can set group properties, such as credentials, connection, display, and local resource settings, to ensure all group members inherit the same properties.

everything-in-its-place-1.png

In RDCMan, you cannot mix connections and folders at the root. Either every connection must be in a folder, or all connections must be in a flat list.

How do all these features compare to Devolutions Remote Desktop Manager? Like in RDCMan, you can use many organizational features to organize your connections. But, unlike in RDCMan, you can organize content into vaults and then into folders, providing greater flexibility and security.

RDM offers many features for any connection beyond in-depth support of RDP features. Like RDCMan, RDM provides smart group support. Although filtering is limited to a "contains" search without multiple conditions, you can filter by tags. Adding tags to your connections gives greater flexibility for smart groups and general searches, which is impossible with RDCMan.

everything-in-its-place-2.png

everything-in-its-place-3.png

To truly customize your connections, take advantage of the following features, above and beyond what RDCMan offers:

  • Tab Groups as an alternative to a thumbnail view.
  • Playlists to open saved sets of connections depending on needs.
  • Folder Icons and Colors along with individual Entry (connection) Icons and Colors.

Finally, RDM is more than just an RDP client. It offers Advanced Data Sources that allow your team to stay in sync and avoid conflicting RDCMan files by seamlessly sharing connections and credentials. With advanced integration to Devolutions Server, RDM even integrates with PAM (Privileged Access Management) solutions and offers more than just basic organizational features.

Functionality When You Need it Most: Cross-Platform Support

RDCMan is an executable that is only available on Windows. You must use tools specifically designed for those systems to manage RDP connections in other environments. This limitation means you must switch between clients without standard features available across all platforms.

Devolutions Remote Desktop Manager offers a cross-platform client for Windows, macOS, and Linux, as well as a mobile client for Android and iOS. IT emergencies can be dealt with anywhere, as long as you have a supported device available. Unlike RDCMan, RDM helps your team support your environment in any scenario.

Security on the Mind: Staying Safe and Secure

In 2020, Microsoft deprecated RDCMan due to an XML parsing bug that allowed an attacker to call out to an external source that an authenticated user could execute. Eventually, this vulnerability was fixed, and new versions of RDCMan were released. When it comes to security, RDCMan focuses on credentials.

By entering credentials for a specific connection or folder, a user can save a lot of time by not having to type in their credentials repeatedly. Despite being a huge time-saver, this feature raises the question of how the credentials are protected.

In RDCMan, credentials can be encrypted using either Windows DPAPI (Data Protection API), a per-machine and per-user encryption standard, or an X509 certificate. The first option limits the ability to share an RDCMan file, as encrypted credentials can only be read by the user and machine that created them. Sharing credentials becomes possible with an X509 certificate, but you must make this certificate available on every system that will access the shared RDCMan file.

In contrast, RDM uses AES 256-bit encryption for sensitive information, such as credentials, that does not limit the sharing of connections. Configure a security provider to add another layer of database encryption for peace of mind. Advanced Data Sources, such as SQL Server and Devolutions Server, allow you to configure groups and RBAC (Role-Based Access Control) for individual entries, folders, and vaults.

RDM sets itself apart from RDCMan by offering greater attention to security and flexibility. This allows teams to limit connections strictly to those who require it. In addition, logging and auditing reports provide comprehensive support to teams seeking to protect their connections.

The Verdict on RDCMan vs. RDM

RDCMan provides a comprehensive set of features for IT users who require enhanced RDP connection organization. With smart groups, settings, credential inheritance, and easy connection file sharing, RDCMan can quickly address many of your organization's needs.


Feature Remote Desktop Connection Manager Devolutions Remote Desktop Manager
Remote Desktop Protocol X X
Folder Organization X X
Stored Credentials X X
Additional Protocols (SSH, VNC, etc.) X
Role-Based Access Control X
Enhanced Metadata (Tagging, Images, Colors, etc.) X
Cross-Platform Client X
Multiple RDP Version Support X
Team Support through Advanced Data Sources X


As an organization matures and evolves, advanced features necessary for team growth can be found in Devolutions Remote Desktop Manager (RDM). While both clients have their strengths, RDM offers much more functionality in an ever-improving package that will grow with your needs. This is especially true regarding the advanced security features that RDM provides. Take control of your organization with role-based access control (RBAC) and vault security, and take your connection management to the next level!

Related Posts

Read more Tips & Tricks posts