Solved

Group Policy to allow VNC server on all workstations

Posted on 2007-11-15
9
2,445 Views
Last Modified: 2010-04-21
After migrating our XP machines to a SBS2003 domain, the Firewall on each XP machine now prevents me from accessing the VNC server software for support purposes. Is it possible to use a Group Policy on the SBS2003 server to add the VNC software (or port 5900 if better) in the exception list of each XP Firewall, and if so, how ?
Thanks
0
Comment
Question by:ndidomenico
  • 3
  • 2
  • 2
  • +1
9 Comments
 
LVL 51

Expert Comment

by:Netman66
ID: 20291845
Just turn off the firewall in the domain profile.
Enable it in the Standard profile.

You'll find this in Group Policy.

Behind the SBS server, there is likely no need to firewall the clients.
0
 
LVL 51

Expert Comment

by:Netman66
ID: 20291852
You do know that RDP is available on XP as is Remote Assistance?

0
 

Author Comment

by:ndidomenico
ID: 20291957
I use RDP if I need to "work" on the remote pc (better display quality if feel). For user assistance, I had tried Remote Assistance quite a while ago and I found it long and complex to get the session started, compared to vnc. Has it got better ?
0
 
LVL 51

Accepted Solution

by:
Netman66 earned 500 total points
ID: 20292004
Make sure it's enabled on the workstation.
Set it up in Group Policy and add Administrators (the group) manually to the Helpers group it asks for.

Copy this into a shortcut on your desktop.

hcp://CN=Microsoft%20Corporation,L=Redmond,S=Washington,C=US/Remote%20Assistance/Escalation/Unsolicited/unsolicitedrcui.htm

Open this shortcut while using an account that has Admin rights locally on the user's workstation.  Bang in the computer name and press connect.

It's fairly simply.
0
Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

 
LVL 38

Expert Comment

by:ChiefIT
ID: 20292054
Something else you should know about VNC. It is also considered a security vulnerability by some antivirus software. I think McAfee picks it up as a bug and will remove it. As a result, some AV software will not allow you to install VNC.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 20293723
McAfee doesnt give too hoots about it :) I run McAfee and the only time i have seen anything detect VNC as a bug is things like windows defender scans.....the free VNC vers 4.1.11 had a flaw in it that let a dirty trojan through....4.1.12 fixed that flaw
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 20298380
Hey again Jay Jay:

You're right, I was using an older version of VNC calle Tight VNC. I have changed to remote desktop since. This was a couple years ago. It was definately McAfee 4.5.xx that didn't like Tight VNC and wouldn't allow me to install VNC. It wasn't the Trojan associated with VNC.

I also saw Windows Defender not like Tight VNC, as you described. If I remember right, Defender would allow the install, but try to delete Tight VNC upon every scan.

There's no denying, things have changed and my experience with VNC is outdated.  
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 20303038
**grin** Tight VNC is much more secure than any of the real VNC versions, so you were certainly using the better options...i think McAfee must have update their deffs as i have no issue with it, though, i dont use the McAfee Security suite, just the AV module...i dont think anyone likes VNC :)
0
 

Author Closing Comment

by:ndidomenico
ID: 31409406
Thanks for the shortcut Netman66. I will try to use this method now instead of Vnc.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

I’m often asked about newer and larger USB drives connected to SBS2008 and 2011 failing Windows Server Backup vs the older USB drives not failing. As disk space continues to grow and drive technology change SBS2008 and some SBS2011 end up with the f…
Learn about cloud computing and its benefits for small business owners.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now