Does anyone have a TightVNC guide for business use?
-
@dafyre I've considered it. (usually our users are able to at least connect to the VPN)
-
We use tight VNC for "internal" support.
Simple as installing the TightVNC server on the machine, give it a few passwords (optional). Then when someone needs help ask them to hover over the icon and give you the IP address or use the machine name if you know it.
-
@DustinB3403 said in Does anyone have a TightVNC guide for business use?:
@scottalanmiller said in Does anyone have a TightVNC guide for business use?:
Any reason not to not just use a Jump station?
I need more details @scottalanmiller
Well, it's a very generic question. But a concrete example would be...
- Build a Linux Mint, OpenSuse, Ubuntu or similar terminal server solution, probably with a graphical desktop. (I use Mint for this.)
- Install X2Go so that you can reach the terminal server (Jump Station) easily and effectively from anywhere. X2Go is like using ICA with a VPN built in. Very secure, very easily to use. Can launch a full desktop or single apps.
- Install RDP Client so that you can see RDP protocol from Jump Box.
- Turn on stock RDP on the workstations as Microsoft intends.
- Reach remote machines via the Jump Station in an easy to use, but very secure and aggregated fashion.
-
@DustinB3403 said in Does anyone have a TightVNC guide for business use?:
@dafyre I've considered it. (usually our users are able to at least connect to the VPN)
Do you just have 1 site? (Seems like I saw something about a couple of remote sites as well)
-
We have 1 proper remote office.
But our users are able to connect to the VPN globally. So we could have as many "remote sites" as we have users roaming.
-
@scottalanmiller Did you miss the part where does doesn't want to use RDP?
RDP is useless for helping people because you cant join there session.
-
@DustinB3403 Sounds like a great fit for screenconnect, or VNC.
-
@aaronstuder said in Does anyone have a TightVNC guide for business use?:
@scottalanmiller Did you miss the part where does doesn't want to use RDP?
RDP is useless for helping people because you cant join there session.
Yes. Although you can install VNC and use that with the approach that I gave as well. You can use both through the same system.
-
@scottalanmiller Following from @aaronstuder can I use the end user's session like this?
If not then it's not worth the effort. I often need to troubleshoot PEBKEC issues.
-
@scottalanmiller Why would you need a jumpbox for this? The system will be local, or connecting over VPN.
-
@DustinB3403 said in Does anyone have a TightVNC guide for business use?:
@coliver I'll give you an example of an issue I just had.
Supervisor A wants me to setup folder access for Employee A on device A.
Supervisor A insist the computer is online, I insist it is not. Employee A is no where around (day off). Supervisor A (after 40 minutes of farting around) "Oh Employee A swapped the computers around, so A is B and B is A."
Sounds like bad issue all the way around, Setup folder shares on endpoint devices? of course here supervisors can't request access to employees files without CEO/COO approval.
-
@Jason Let's just agree to disagree...
-
@Jason said in Does anyone have a TightVNC guide for business use?:
@DustinB3403 said in Does anyone have a TightVNC guide for business use?:
@coliver I'll give you an example of an issue I just had.
Supervisor A wants me to setup folder access for Employee A on device A.
Supervisor A insist the computer is online, I insist it is not. Employee A is no where around (day off). Supervisor A (after 40 minutes of farting around) "Oh Employee A swapped the computers around, so A is B and B is A."
Sounds like bad issue all the way around, Setup folder shares on endpoint devices? of course here supervisors can't request access to employees files without CEO/COO approval.
Is it a remote folder share, eg, a windows mount to a server? Or literally setting up a local share from a users PC. If it is the latter I'm going to have to agree with @Jason that's just not good practice, and can lead to all kinds of trouble similar to IT knowing someone else's password.
-
@coliver the end client just needed read access to an existing server share.
Nothing is ever hosted from the client to the network.
-
@DustinB3403 said in Does anyone have a TightVNC guide for business use?:
@coliver the end client just needed read access to an existing server share.
Nothing is ever hosted from the client to the network.
Ah, Ok we're good then no harm there.
Any reason you can't do this with GPs?
-
GPO's aren't something we'd bother with for part time employees.
Plus a better remote support solution would be nice.
-
@DustinB3403 said in Does anyone have a TightVNC guide for business use?:
@coliver the end client just needed read access to an existing server share.
Nothing is ever hosted from the client to the network.
Then why do you need to even get on the client? all that can be done server side
-
@Jason said in Does anyone have a TightVNC guide for business use?:
@DustinB3403 said in Does anyone have a TightVNC guide for business use?:
@coliver the end client just needed read access to an existing server share.
Nothing is ever hosted from the client to the network.
Then why do you need to even get on the client? all that can be done server side
In special PEBKAC cases to resolve the issue is much easier than to try and teach.
-
@DustinB3403 said in Does anyone have a TightVNC guide for business use?:
GPO's aren't something we'd bother with for part time employees.
Huh? You just do one GPO with group filterings on the mappings based on who gets it. Use the same groups that give premissions to map the drive makes it really simple. If they are in a group that gives them permissions then they will automatically get the drive mapping.
Part-Time vs Full time doesn't change IT practices.
-
@DustinB3403 said in Does anyone have a TightVNC guide for business use?:
@Jason said in Does anyone have a TightVNC guide for business use?:
@DustinB3403 said in Does anyone have a TightVNC guide for business use?:
@coliver the end client just needed read access to an existing server share.
Nothing is ever hosted from the client to the network.
Then why do you need to even get on the client? all that can be done server side
In special PEBKAC cases to resolve the issue is much easier than to try and teach.
You don't teach anything for this.. It should all be automatic and semi-less to the user if IT is doing it's job properly.