I recommend that the default behaviour not to be unattended. It’s always better to request permission from the end user before connecting and to default to deny if there’s no answer.
Also, it might be even better to require the end user to grant unattended permission explicitly and to control the duration, as well as to be able to revoke unattended permission altogether.
One more thing, it would be better to display to the Technician a message like “Waiting for the customer to approve the Remote Desktop request” rather than “Initializing the remote desktop connection”.
While the default behavior should be request permission and not unattended for most situations, it should have easy to set central options we can set specific to company, site and/or hostname to have full control over what permissions our clients/customers would like to have in place.
The option to have these centrally administered permissions, which are confirmed by the RMM Agent, which the RMM Agent has the option to override and manually select a different setting would be a very nice feature.
Personally, most of my support and maintenance is done after-hours, and request permission wouldn’t work for most of my customers’ configurations.
Please consider having all options available for selection:
Request permission from the end user before connecting, deny if no answer.
Request permission from the end user before connecting, approve if no answer.
Unattended permissions - any time
Unattended permissions - specific duration
Anything deviating from the central configuration would be indicated in the information the RMM Agent provides to the RMM Administration Console notating the central setting and the current RMM Agent override (deviation).
MSPs have different clients and user cases. In my opinion, the best option would be to cover all scenarios and give the option to set everything at both the central MSP level, as well as be overridden by the RMM Agent (client).
For me also, most support and maintenance is done outside client working hours or with no user logged on. Therefore requesting permission would not work.
Flexibility in access permissions is key.