diff -ur xrdp-0.9.11.orig/sesman/sesman.ini xrdp-0.9.11/sesman/sesman.ini
--- xrdp-0.9.11.orig/sesman/sesman.ini	2019-08-19 17:41:37.000000000 +0200
+++ xrdp-0.9.11/sesman/sesman.ini	2019-08-21 23:14:04.896000000 +0200
@@ -12,13 +12,13 @@
 ReconnectScript=reconnectwm.sh
 
 [Security]
-AllowRootLogin=true
+AllowRootLogin=false
 MaxLoginRetry=4
-TerminalServerUsers=tsusers
-TerminalServerAdmins=tsadmins
+TerminalServerUsers=xrdp
+TerminalServerAdmins=root
 ; When AlwaysGroupCheck=false access will be permitted
 ; if the group TerminalServerUsers is not defined.
-AlwaysGroupCheck=false
+AlwaysGroupCheck=true
 ; When RestrictOutboundClipboard=true clipboard from the
 ; server is not pushed to the client.
 RestrictOutboundClipboard=false
@@ -64,10 +64,10 @@
 Policy=Default
 
 [Logging]
-LogFile=xrdp-sesman.log
-LogLevel=DEBUG
+LogFile=/dev/null
+LogLevel=INFO
 EnableSyslog=1
-SyslogLevel=DEBUG
+SyslogLevel=INFO
 
 ;
 ; Session definitions - startup command-line parameters for each session type
@@ -90,8 +90,8 @@
 param=-noreset
 param=-nolisten
 param=tcp
-param=-logfile
-param=.xorgxrdp.%s.log
+#param=-logfile
+#param=.xorgxrdp.%s.log
 
 [Xvnc]
 param=Xvnc
diff -ur xrdp-0.9.11.orig/xrdp/xrdp.ini xrdp-0.9.11/xrdp/xrdp.ini
--- xrdp-0.9.11.orig/xrdp/xrdp.ini	2019-08-19 17:41:37.000000000 +0200
+++ xrdp-0.9.11/xrdp/xrdp.ini	2019-08-21 23:15:10.436000000 +0200
@@ -5,6 +5,9 @@
 ; fork a new process for each incoming connection
 fork=true
 
+; IP address to listen
+#address=127.0.0.1
+
 ; ports to listen on, number alone means listen on all interfaces
 ; 0.0.0.0 or :: if ipv6 is configured
 ; space between multiple occurrences
@@ -143,10 +146,10 @@
 ls_btn_cancel_height=30
 
 [Logging]
-LogFile=xrdp.log
-LogLevel=DEBUG
+LogFile=/dev/null
+LogLevel=INFO
 EnableSyslog=true
-SyslogLevel=DEBUG
+SyslogLevel=INFO
 ; LogLevel and SysLogLevel could by any of: core, error, warning, info or debug
 
 [Channels]
@@ -178,14 +181,15 @@
 ; Some session types such as Xorg, X11rdp and Xvnc start a display server.
 ; Startup command-line parameters for the display server are configured
 ; in sesman.ini. See and configure also sesman.ini.
-[Xorg]
-name=Xorg
-lib=libxup.so
-username=ask
-password=ask
-ip=127.0.0.1
-port=-1
-code=20
+
+#[Xorg]
+#name=Xorg
+#lib=libxup.so
+#username=ask
+#password=ask
+#ip=127.0.0.1
+#port=-1
+#code=20
 
 [Xvnc]
 name=Xvnc
@@ -197,25 +201,25 @@
 #xserverbpp=24
 #delay_ms=2000
 
-[vnc-any]
-name=vnc-any
-lib=libvnc.so
-ip=ask
-port=ask5900
-username=na
-password=ask
+#[vnc-any]
+#name=vnc-any
+#lib=libvnc.so
+#ip=ask
+#port=ask5900
+#username=na
+#password=ask
 #pamusername=asksame
 #pampassword=asksame
 #pamsessionmng=127.0.0.1
 #delay_ms=2000
 
-[neutrinordp-any]
-name=neutrinordp-any
-lib=libxrdpneutrinordp.so
-ip=ask
-port=ask3389
-username=ask
-password=ask
+#[neutrinordp-any]
+#name=neutrinordp-any
+#lib=libxrdpneutrinordp.so
+#ip=ask
+#port=ask3389
+#username=ask
+#password=ask
 
 ; You can override the common channel settings for each session type
 #channel.rdpdr=true