Video Screencast Help

How to Enable Remote Control Mac OSX Client in the Deployment Console

Created: 22 Jun 2009 • Updated: 22 Jun 2009 | 2 comments
Language Translations
viddect's picture
+8 8 Votes
Login to vote

PURPOSE:

To be able to remote enable a remote control feature for Mac Clients in the deployment console. In the current build of the Darwin adlagent there is no remote control ability to manage clients. This article takes you through the steps of enabling that ability in the deployment console. This article works on clients that can install the Darwin adlagent. So any version not supported on the Deployment Solution guide will not be able to use this guide. Please refer to the current reference guide for exact information (http://www.altiris.com/Support/Documentation.aspx).

Understanding VNC

  1. Definition VNC stands for Virtual Network Computing.
  2. Purpose VNC allows you to remotely send Keyboard and Mouse input across a network or the internet from one computer to another and even view exactly what is on the screen of the other computer. This allows you to control a computer like you were sitting in front of it from another room, another building, or even another country depending on the setup.
  3. How it works In the most basic of terms when you connect to a remote machine through VNC you see in a window the screen of the remote machine and you are able to control it as if you were sitting in front of it. Any actions taken through the window directly affect the remote machine.
  4. The components:
     •  The Server The VNC server is the computer who's screen you want to share, this computer runs the server software allowing other computers to connect and control it.
     •  The Client A VNC client is any computer connecting to and taking control of a server.
     •  The Protocol The protocol used is the method of communication between the client and the server. The protocol is determined by the software and generally the user cannot change it so for the purpose of this document it will suffice to say that it is there but you do not need to worry about it.

Mac OS X 10.5.x - Setup as Server

Mac OS X 10.4 and 10.5 include the server component out of the box so all we need to do is turn it on.

  1. Open your System Preferences from your blue apple menu.
  2. Click the Sharing tab under 'Internet and Network'.
  3. Click Start to fire up the Remote Desktop component.
  4. Click Access Privileges to open the more advanced options.
  5. Check on VNC viewers may control screen with password and define a password.
  6. You can close the System Preferences. You're done!

NOTE: the Next steps will be done on the deployment server.

  1. Download and install vncviewer and save it in a folder on the express share. I called my folder vncviewer.
  2. Edit the remotecontroltools.ini in the root of the express share and add this section.
[VNC]
Display-Name=&Linux Remote
RemoteToolEXEFilePath=tightvnc\vncviewer.exe
CommandLine="%AGENTIPADDR%"

NOTE: If you refer to my Linux remote control articles you can change the name of the "Display-Name=&Linux Remote" to "Display-Name=&Mac Remote" to keep them separate. This way if you have people that are not familiar with the term VNC they should know the term "Mac" and "Linux"

Now when you right click on a Linux machine you can remote control a Linux machine. There are options that you can set passwords and resolution sizes on the Linux machines. To see more information about additional command line switches see http://www.realvnc.com/products/free/4.1

Tips

  • If you are running a server, be sure to secure it by at least setting a password on the server. It is also recommended that you restrict which IP addresses can connect to the server for additional security.
  • If you are genuinely concerned with security, you should configure your VNC server to only accept local connections and then establish an ssh tunnel from the client machine. This way, all VNC packets between client and server will be encrypted.

Warnings

  • VNC with default settings is not all that secure of a protocol and can open you up to attack by someone who is determined to gain access to your system. For this reason you should secure your settings before enabling VNC server or disable VNC by reversing the above steps when it is not needed.

Comments 2 CommentsJump to latest comment

mpgrulke's picture

For some reason %AGENTIPADDR% doesnt work for macs, i can get this to work for a pc but it doesnt grab the ip for mac os, tried on 10.4 and 10.5

I can vnc straight to them otherwise, but cant get ds to pass the ip for mac machines only. Using the latest agent, altiris 6.9 sp3.

Anyone else have the issue / workaround?

0
Login to vote
danks's picture

I had the same problem with %AGENTIPADDR% not working for my macs. seems to be the problem was related to the fact that the macs have multiple addresses (for firewire, bluetooth, wireless network, and wired network) and the altiris console doesn't necessarily relate %AGENTIPADDR% to the address that has the active altiris client, instead it refers to the first one (which is sometimes either blank or 0.0.0.0). the workaround that works in my environment is to use %COMPNAME% instead. This works because the %COMPNAME% on my setup is the same as the computer hostname. Here's the relevant section of my RemoteControlTools.ini


[VNC]
Display-Name=&Mac Remote
RemoteToolEXEFilePath=tightvnc\vncviewer.exe
CommandLine="%COMPNAME%.domain.com"

Of course, replace domain.com with your domain name.

0
Login to vote