Set up Remote Desktop Protocol for team agents

If you want to run unattended tests, set up Microsoft Autologon. If you're working in a highly restricted environment where Autologon isn't allowed, you can still run unattended tests by configuring your team agent with loopback Remote Desktop Protocol (RDP). This topic explains how to set it up.

Before you start

Verify that you have administrator rights for Tosca Cloud. Then, get your agent machine ready:

• Check that your machine meets all system requirements.

• Confirm that Launcher is installed.

• Turn on Remote Desktop.

• Verify that Network Level Authentication supports loopback connections.

• Ensure your firewall allows RDP connections on the configured port. The default is 3389.

Configure your agent

To set up your agent for unattended test runs with RDP, follow these steps:

1. Go toRun > Agents and select one of the following options: 

   • If this is your first agent, select Set up team agent.

   • If you already have agents, select Add new agent.

2. Go through the setup wizard: 

   • Enter a name for your agent. If you skip this, the agent gets the default ID {MachineName}-{UserName}.

   • Set agent settings and characteristics as needed.

   • Copy the Command prompt and the Client secret.

3. Open Command Prompt, paste the command with the argument --useRdp, and run it.

4. In the pop-up, paste the Client secret and confirm.

5. Complete the Configure agent for unattended test runs dialog: 

   • Enter the Username in domain/username format, for example computername/username, and provide the Password for the Windows account that will run the tests.

   • Optionally, configure Device display details and Advanced settings.

6. Close the setup wizard and the Command Prompt window.

You can now close the RDP window and continue working while the desktop stays active, and tests keep running.

RDP settings

During the setup, you can configure device display and advanced RDP settings.

Device display settings

You can configure the following Device display details for your team agent:

Settings	Description	Optional
Credentials source	Select where you store the Windows user credentials:  Local: Enter the username and password directly. Key vault: Use credentials stored in a supported key vault.
Username	Windows username for the the RDP session:  Local: Enter the username directly. Key vault: Enter the dynamic expression Secret without curly brackets. For example, SECRET[kv/data/rdp/pw][Username]. Make sure the Windows account has permission to sign in through RDP.
Password	Password for the Windows user account:  Local: Enter the password directly. Windows Data Protection API (DPAPI) encrypts the password locally. Key vault: Enter the dynamic expression Secret without curly brackets to fetch the password from your key vault. For example, SECRET[kv/data/rdp/pw][Password]. If you change the password, you also need to Update RDP settings.
Desktop width	Remote desktop width in pixels. The default is 1920.	X
Desktop height	Remote desktop height in pixels. The default is 1080.	X
Color depth	Color depth for the remote session. The default is Highest quality (32-bit).	X

Advanced settings

You can configure the following Advanced settings for your team agent:

Settings	Description	Optional
Loopback IP address	IP address for your RDP connection. You can use your local IP address. The default is 127.0.0.2.	X
RDP port	RDP port. The default is 3389.	X

Update RDP settings

If you change the password for your Windows user account, you need to update the RDP settings, as follows: 

1. Close and disconnect the team agent where you want to update the RDP settings.

2. Open Command Prompt and do the following:

   • Paste the command from the setup wizard with the argument --deleteRdpConfig and run it.

   • Paste the command from the setup wizard with the argument --useRdp and run it.

   • If prompted, paste the Client secret from the setup wizard and confirm.

3. Complete the Configure agent for unattended test runs dialog.

RDP connections are known to be unstable. If you experience frequent disconnects, switch to Microsoft Autologon for a more reliable setup.

Update credentials in the key vault

You can update Windows credentials without signing in to the remote machine. The team agent retrieves credentials from the key vault at runtime when it reconnects or starts an RDP session. For example, if your Windows user account in Active Directory requires a password rotation, update the password in the key vault. The team agent fetches the updated credentials the next time it starts an RDP session.