Using the Admin Agent - iTivity User Guide

iTivity™ User Guide

7. Using the Admin Agent on Windows

The Admin Agent provides for remote viewing and administration of Windows systems. This agent can be installed from a web link or via CD ROM. It provides a persistent, "always-on" connection. If the connection is lost, the Admin Agent automatically attempts to reconnect.

This chapter explains the menu options available on the computer where the Admin Agent is installed. For installation instructions, see Chapter 5 in this guide.

Note: For information on installing and running the Admin Agent on Linux/UNIX systems, see Chapter 8.

7.1 Admin Agent Start Menu Options

When the Admin Agent is installed, the following options are made available on the Windows Start menu.

7.1.1 Administrative Tools

The Administrative Tools menu option presents a flyout menu with additional options.

7.1.1.1 Edit iTivity Screen Server Settings

This option can be used to edit the default settings for the WinVNC module. This module runs as part of the Admin Agent to allow remote control and viewing of the computer.

Note: When the Admin Agent is active, the computer is considered a WinVNC host.

Choosing this option displays the following dialog:

Accept Socket Connections

When this option is checked (the default), the computer accepts direct, socket-based connections from the viewer program. Clearing this checkbox disables incoming connections from the viewer. However, file transfer connections are still allowed.

Display Number

Allows you to specify the display number that the host will use. There is normally no need to change this from the default of zero.

Auto

This checkbox indicates to WinVNC whether it should use the display number specified in the Display Number box or the first display number not already in use on the host machine.

Password

Not used with iTivity. This field is grayed and unavailable.

Disable Remote Keyboard & Pointer

Any new incoming connections will be able to view the screen but not send any input.

Disable Local Keyboard & Pointer

This option works on Windows NT only. If selected, the local keyboard and mouse are disabled during a connection. This is useful if you want to log in to a machine from elsewhere and don’t want passers-by to be able to use your session.

Poll Full Screen

Some applications are incompatible with the methods used by iTivity to trap screen updates. For this reason, it is sometimes useful to be able to poll the entire screen to check for changes. This tends to sacrifice performance for accuracy.

Poll Foreground Window

Polling only the currently selected window for changes is less CPU-intensive than full-screen polling and often gives similar results. This is true, for example, when using the Command Prompt, which is not normally compatible with iTivity.

Poll Window Under Cursor

A variation on Poll Foreground Window, this option causes the window under the mouse cursor to be polled for changes. Both options may be enabled simultaneously, if required.

Poll Console Windows Only

When this option is set, the only windows polled will be Command Prompts. This works well in conjunction with Poll Window Under Cursor, to use polling only when the cursor is over a console window.

Poll On Event Received Only

When this option is set, the screen is only polled for updates when a mouse or keyboard event is received from the iTivity iManager. This is provided for low-bandwidth networks, where it may be useful to control how often the screen is polled and changes sent.

Advanced Selections

Selecting the Advanced button opens the WinVNC: Default Local System Advanced Properties box, allowing you to further modify the local system server settings. The local system will use these settings when being used as a host. The settings will be used next time you run WinVNC.

Query Server User Settings

Prompt server/host user to allow new connections

Determines whether the host user is prompted for permission to allow new iTivity connections to occur.

AutoAccept (instead of Refuse) if query times out

Determines whether a new iTivity connection is accepted automatically when the timeout elapses before the host user responds.

Query Timeout in seconds

The length of time the host user prompt is displayed when requesting connection permission.

Connection Priority

Disconnect existing connections

Drops all existing (previous) connections when a new iTivity connection arrives to this host.

Automatic shared sessions

Allows multiple, simultaneous iTivity connections to this host.

Refuse concurrent connections

Rejects new iTivity connections when an existing connection is present.

Require VNC authentication

Always requires VNC type authentication. (Usually disabled when NTLM authentication is in use.)

Allow loopback connections

Allows the VNC connection over the loopback (local) interface. This is required for use with iTivity encrypted or tunneled connections.

Allow ONLY loopback

Restricts VNC connections to the loopback (local) interface. When enabled, provides extra security because only iTivity's encrypted connections are possible to the VNC server. This is recommend for use with iTivity encrypted or tunneled connections.

Log info to Winvnc.log

Writes logging (debug) information to the WinVNC.log file in the iTivity bin directory (C:\Program Files\iTivity\bin).

7.1.1.2 FTP Server Configuration

This option is used to configure and launch the Admin Agent's included FTP server.

About the FTP Server

The FTP Server is launched automatically whenever the Admin Agent starts. The server must be running and properly configured for the Admin Agent to allow a File Transfer connection with the iTivity iManager.

By default, the FTP Server is set to listen on the local host IP address (127.0.0.1) and to an arbitrary port number 8882. This allows the FTP server to work automatically in most cases. However, if another program is using port 8882, the FTP server will not work unless you change its port number as described below.

Configuring the FTP Server

You need to use this procedure only if you need to allow File Transfer sessions through the Admin Agent and if the default configuration does not work on the local computer.

1. Choose Start > Programs > iTivity > Administrative Tools > FTP Server Configuration.

The Connect to Server dialog is displayed:

2. Click the OK button.

Note: Do not change the Server Address or Port in this dialog.

The FTP Server window is displayed. This window will display the log of FTP server activity. You can also use the menu options available in this window to more fully configure the FTP server.

The following screen image shows an example of the configuration options you can set.

3. Under Connection settings in the right pane, change the Port and/or Server Address as necessary. If you enter an FTP server address other than the default for the local host, you must also enter a password for that server.

4. Click OK. Then close the FTP server main window.

5. To allow the Admin Agent to locate the new port number in use by the FTP server, update the following registry setting:

HKEY_LOCAL_MACHINE\Software\iTivity\
Connector_rc\ftpCtlSvcPort.

This is a DWORD (integer) setting that must contain the same port number on which the FTP server is listening. For an example registry file that updates this setting, refer to: C:\Program Files\iTivity\config\Admin_FTP_Port_Default.reg.

6. Stop and then restart the Admin Agent.

7.1.1.3 Set Admin Agent Simple Password

You can use this option to change the password used by a remote user of iTivity iManager to view this computer. This password applies only if Simple Password was chosen as the Authentication Method when the Admin Agent was installed. If NTLM was chosen, any entry in this dialog is ignored.

Note: If the iTivity iManager is installed on this computer, you can also set the password on the Security tab of the Tools > Options dialog. See Section 4.1.4.4, Options.

Enter the password twice, then click OK to reset the password.

7.1.1.4 Start Admin Agent

You can use this option to start the Admin Agent. The agent immediately connects to the iServer and the Admin Agent icons appear in the system tray.

7.1.1.5 Stop Admin Agent

You can use this option to stop the Admin Agent when it is currently running. The agent immediately disconnects from the iServer and the Admin Agent icons are removed from the system tray.

7.1.2 Documentation

Choose Start > Programs > iTivity > Documentation > iTivity Online Help to display the online Help.

7.1.3 About iTivity Admin Agent

Choose Start > Programs > iTivity > About iTivity Admin Agent to display an About box showing version information for the Admin Agent.

7.1.4 Edit Admin Agent iServer Connection Settings

Choose Start > Programs > iTivity > Edit Admin Agent iServer Connection Settings to display following dialog.

You can use this dialog to edit the information for connecting to the iServer and for opening or closing a connection. The Advanced button displays the Advanced Connection Settings dialog:

You can use this dialog to enable connection to the iServer through a SOCKS V5 proxy server and to enter the proxy server settings. See Section 5.6 Using the iTivity Agents with a Proxy Server for more information.

7.2 System Tray Options

When the Admin Agent is running, the following icon is shown in the Windows system tray:

Right-click on this icon to display the following popup menu:

7.2.1 Show Active Sessions

This option displays a dialog showing active remote control sessions currently viewing this computer as host. You can use the buttons to select and close any or all of the sessions. When NTLM authentication is used, the NTLM user name is shown for each session. The name of the iServer is shown in the remote host column.

7.2.2 Show Certificate Fingerprint

The Admin Agent automatically generates a local default 1024-bit RSA encryption certificate the first time it runs. This unique certificate is presented to the iTivity iManager to ensure encryption of all session data transmitted between the Admin Agent and the iManager.

Selecting the Show Certificate Fingerprint option displays the Certificate Fingerprint.

The first time the iTivity iManager attempts to view the host, the user is asked to confirm the host’s certificate fingerprint. After the first connection, the remote machine retains the fingerprint in its cache for the next viewing session.

Note: iTivity also supports commercial SSL digital certificates purchased from Verisign or other Certificate Authorities. Contact Tridia if you need to configure your iServer to us a commercial digital certificate.

7.2.3 About iTivity Admin Agent

Select this option to display an About box showing version information for the Admin Agent.

Table of Contents

webmaster@tridia.com
sales@tridia.com
Technical Support