Readydesk Installation and User S Guide

Total Page:16

File Type:pdf, Size:1020Kb

Readydesk Installation and User S Guide

ReadyDesk Remote Desktop Installation and User’s Guide

v8.9 April, 2015 Table of Contents

 Introduction

I. About Remote Desktop

 Configuration and Administration

I. Remote Desktop a. Settings b. Remote Sessions c. Installing the Repeater d. Port Forwarding

 Troubleshooting Common Problems Introduction

Introduction > About Remote Desktop

Remote Desktop is a feature that will allow your technicians to connect to a customer’s Windows- based computer remotely, view their desktop in real time, and control the mouse and keyboard. It’s just like being at their computer. This feature can be extremely helpful in troubleshooting and resolving issues quickly, by the technician, without the need to walk customers through each step via chat or over the phone.

The remote desktop functionality was built on the open source VNC platform. We have made modifications, and built new features into ReadyDesk to make it fully integrated. With this newly designed setup, technicians and customers should be able to connect to each other through most firewalls and proxies with ease. Here is a brief overview of how it works:

 From the admin console you enter a few server specific settings. When those settings are saved, an executable is compiled for you on the server. This is what the customers will use to connect.

 You run an application known as a “repeater” on a server or workstation inside or outside of your network. This repeater just needs two ports forwarded to it through your router or firewall. The repeater can also be run as a service.

 When in a live chat session, customers will see an icon for requesting remote desktop support. When clicked, they are prompted to run an executable (the one that was compiled in the first step above). When they click run they are connected to the repeater, and the application will wait for 5 minutes for the technician to join.

New in version 8: Technicians can now send a link or the actual executable to a customer via the technician interface, without the need for first joining a chat session. There is also the ability to install the remote desktop feature as a service on a remote computer for making unattended remote desktop connections.

 When the customer initiates the remote desktop session, the technician is provided a hyperlink to launch the viewer. The viewer is a small Windows .exe file that includes full encryption to secure the remote session.

 When the technician launches the viewer, it automatically connects to the repeater. The repeater will relay the communications back and forth between the customer and the technician, so there is no direct connection from one party to the other, making it safer and more secure for both. At this point the technician has control of the customer’s computer. The connection can be closed by the customer or the technician.

 Once a connection has been closed, the executable on the customer’s computer will terminate, and will be removed from their temp files since it was never installed and ran from this location. If the customer closed the connection from their end, the technician’s viewer will terminate, and display a message that the connection was closed.

 Technicians can have multiple sessions open at the same time.

 Only the technician chatting with the customer who initiates the remote session can join it.  Remote desktop sessions are secure, using 128 bit encryption.

Configuration and Administration

Login to the administration console at http://localhost/ReadyDesk/hd/admin/default.php (your exact URL may vary depending on installation location). You will notice a new section on the left navigation tree menu named “Remote Desktop”.

Configuration and Administration > Remote Desktop > Settings

This is the page you will use to define what settings your remote desktop applications will use.

Set “Enable Remote Desktop” to “Yes” if you want it to be an available option for your customers. If you set it to “No” the Remote Desktop icon will not be visible to customer in Live Chat.

We very strongly recommend the use of the repeater, so set “Use Repeater” to “Yes”. This will allow techs to operate multiple sessions, it is more secure because there is no direct link between the customer and technician and it will allow you to use Remote Desktop through firewalls and proxies. While it is possible to make direct connections by entering the host address and port (either to connect directly to a VNC server or different type of repeater), we will not be able to provide support for such setups, as we would have no way to control the configuration of the server you are connecting to.

After setting “Use Repeater” to “Yes”, enter the URL or IP Address of the server where the repeater will be running, as well as ports for the server and viewer. These ports must not already be in use, and cannot be the same as each other. If you will be running the repeater from within your network and you want it to be accessible to external customers via the internet, you will need to use the external URL or IP Address of your network. You will also need to forward two ports on your router or firewall to the computer that is running the repeater. One port for the server (what customers use to connect) and one port for the viewer (what technicians use to connect). Use the following scenario as an example:

ReadyDesk is running the repeater on our internal network on a computer with the internal IP Address of 192.168.1.103. For customers to be able to connect to this repeater, we have set the repeater’s IP Address to that of our external address, www.readydesk.com. We then configured our router to forward ports 8080 through 8081 to the internal address 192.168.1.103. This allows all incoming traffic on ports 8080 and 8081 to go directly to the computer running the repeater, which will be listening on those two ports. The technician and customer can be either inside or outside of your network, as they both connect to the repeater via the internet.

Keep in mind that the two ports you choose cannot be in use by any other application or service on the computer that will be running the repeater. The default ports are 5900 and 5500, but we have chosen different numbers ourselves just as an example.

If you must connect to the internet through a proxy server, select “Yes” for “Use Proxy”, and enter the URL or IP Address of the proxy server, and the port you connect through. If your proxy server requires a username and password, enter those as well. If it does not require a username and password, you can use these fields blank. These proxy settings are only used by the technician’s viewer.

The next setting on this page is “Compile Option”. In order for your customers to be able to connect to your repeater, the executable they download must be re-compiled with the addresses and ports you set in the above fields. You must recompile the executable every time you make changes to these settings for them to actually take affect.

If you select “Server”, your settings will be written to a text file on the server, and the executable will automatically get compiled on the server using those settings, and will be immediately available for customers to run. On Windows servers, this may require the IUSR account to have additional permissions, depending on your server’s configuration. Important Note: For Non- Windows servers, you will be unable to use this option, because the server-side technology used to compile the executable is Windows specific. You will have to use the “Local” option, and compile it locally on a Windows based computer, as instructed below.

If you choose “Local”, the settings will be written to a text file on the server, and you will be prompted to download the file so it can be used to compile the executable on your local machine. To compile the executable locally, you will first need to copy the directory /readydesk/chat/files/remote to your local Windows machine. Then, when you are ready to compile, you will copy in the file helpdesks.txt that you are prompted to download, and then run the file setupexe.bat. You would then copy the newly compiled file remote.exe to the directory /readydesk/chat/files/remote on your server.

If you choose “None”, your settings will still be written to a text file on the server, but the executable will not get recompiled and you will not be prompted to download anything. This is useful when you just want to enable or disable remote desktop without altering or recompiling the executable. Techs can send: This defines whether or not technicians will have the ability to send an email to customers containing either a link to or the actual executable via email.

Techs can delete: This defines whether or not techs will be allowed to delete sessions that have been sent to the customer. When a session is delete the database entry is removed and the remote desktop and viewer executables will be deleted from the server.

Download Remote Service: This defines whether or not technicians will be allowed to download the remote desktop server package for a device. If enabled, the technician can download either a .exe or .zip format. The purpose of downloading a remote desktop server package would be for installing it on a remote device.

Email Remote Service: This defines whether or not technicians will be allowed to email the remote desktop server package from the NETWORK DEVICES page. This can be useful for emailing the remote desktop server package to a customer so they can install it. The package is sent in .zip format.

Restart Remote Service: This defines whether or not technicians will be allowed to restart the remote desktop service on the device from the NETWORK DEVICES page. This is useful if the service is hung on the device or if someone has stopped the service on the device.

Remote to Service: This defines whether or not technicians will be allowed to initiate a remote desktop session from the NETWORK DEVICES. This setting does not affect remote dekstop sessions initiated by a customer through the chat window or by technicians from the remote desktop page.

Configuration and Administration > Remote Desktop > Remote Sessions

This page lists current and un-deleted remote sessions. When a technician closes the viewer after a remote desktop session, it is supposed to delete the reference to it in the database so that session IDs can be reused. Sometimes a customer might click the remote desktop icon more than once, creating multiple session requests. If the technician only joins one of those, the reference will remain in the database. You can delete old session IDs from this page. Deleting a session ID that is currently in use will not have any affect that is apparent to the customer or technician (i.e. the session connection will remain active). However, if an in use session ID is deleted and another customer attempts a remote desktop session, it is possible that the deleted ID will be re-issued, and could potentially kill the existing remote desktop session. It would be good practice to not delete remote session IDs until you are positive they are no longer in use, such as several hours after they were created, or even the following day.

Configuration and Administration > Installing the Repeater

Important Note: The repeater we have provided requires a Windows based computer to run it. There is also a Linux based port of the repeater also included. However, this Linux based version of the repeater was not developed by us, nor has it been fully tested by us. While it does appear to be a working version, it may have issues as the developer has noted in the readme file that it may be buggy. We have provided some notes on its usage, but we will not provide support for this Linux repeater, so if you choose to use it you must seek support for it on UltraVNC’s forums.

An essential piece of the Remote Desktop feature is the repeater. This should have been installed as a service when you ran the configuration tool at the end of the installation process. If it did not, you will need to install it manually. To install it, copy the file /readydesk/chat/files/remote/repeater.exe to the directory of your choosing on the Windows based computer on which you wish to run it. It does not matter what directory you copy it to. Once in place, start the repeater by double-clicking on repeater.exe. You will notice a new icon in your system tray. To modify the ports it will use, right-click on the icon and choose “Settings”. The following window will open:

The first field is the port the viewer (technicians) will connect to. The field below that is the port the VNC servers (customers) will connect to. The default ports are 5900 and 5500. We have just changed ours as an example. Remember that these ports must be ports that are not used by any other application or service on that computer. If the computer you are running the repeater on is behind a router or firewall, you will need to forward these ports to this computer.

Once you have entered your settings, click the “Save” button. ** Your settings will NOT take affect until after you exit and restart the repeater.

The Log feature of the repeater can be extremely useful when testing your setup or for general network monitoring to ensure that the repeater is still running and accepting connections from customers and technicians. You can open the log by right-clicking on the system tray icon and choosing “Log” or simply double-click the system tray icon.

You can optionally install the repeater as a Windows service so you do not need to remain logged in to have the repeater running. To do so, open the command prompt and change directories to where you copied the file repeater.exe. Then type in repeater.exe –install. The service will be named “repeater_service”. You can start the service by typing in net start repeater_service

You will see the system tray icon appear when the service has been started. You may want to open the list of services (CONTROL PANEL > ADMINISTRATIVE TOOLS > SERVICES) and make sure the service is set to start automatically when the computer starts to ensure that the repeater is running when the computer is on.

**Please note that settings must be made via the GUI, and that the repeater must be stopped and restarted before your changes will take affect. If you are running the repeater as a service, you will need to stop and restart the service.

Linux Repeater usage:

-It only currently supports mode II (the mode where both viewer and server connect to repeater), I removed connect- routine from repeater (it does not work with firewalls anyway)

-you need to work in terminal window in Linux (no GUI whatsoever)

-compile with command gcc -Wall -phtread repeater.c, it produces an a.out file -start with command ./a.out [optionalviewerport] [optionalserverport], for example just ./a.out

-by default, it listens to port viewer_port = 5900 for viewers (can be overridden with command line parameter)

-by default, it listens to port server_port = 5500 for servers (can be overridden with command line parameter)

-after start, it should report it has opened both ports and is waiting for connection

-You can use standard viewer/server on other 2 boxes (Tested using vmware windows, server and viewer running nt4 and repeater running Ubuntu Hoary, any Linux should work)

-Example: Repeater is on ip address 192.168.137.131, listening on port 5500 for servers and 5900 for viewers. If you need lower ports, note that usually only root can open ports under 1024 on Linux. Running as root is obviously dangerous

-On server, you choose "Add New connection" and give "host name" 192.168.137.131:5500 and "id code" ID:5555. Repeater should now show something like "Add_server_list(): Server added to list 5555"

-On viewer, you write "ID:5555" on field "VNC Server". You also mark "Proxy/Repeater" and write "192.168.137.131:5900" on that line. Press "Connect"- button. Viewer should start to show server screen and repeater should show something like "Add_viewer_list(): viewer added to list 5555".

-You can stop repeater with ctrl+c on terminal window

Configuration and Administration > Port Forwarding

Most routers generally offer a simple method for defining port forwarding. However, what it is called can vary greatly from one manufacturer to the next. It could be listed as “Port Forwarding”, “Forwarded ports” or even “Applications and Gaming” and other similar labels. Because this feature can vary so much by manufacturer, it would be best to consult their documentation on your router or firewall. Below is a brief overview of the steps we took to forward ports on a Linksys wireless G router we use internally, which should at least point you in the right direction. Please note that this is ONLY an example, and your address and settings may vary, so be sure to follow your manufacturer’s documentation, and not the example below.

 Open a web browser and go to http://192.168.1.1.  Login when prompted  Click on “Applications & Gaming”  Typed in “Repeater” for the application name  Set the Start port to 8080  Set the End port to 8081  Set the Protocol to “TCP”  Set the IP Address to 192.168.1.103  Checked the Enable checkbox

Usage Instructions

Customer Usage > Requesting Remote Desktop Support from chat

Important Note: Only customers running Windows will be able to download and initiate the remote desktop feature. This WILL NOT work on Linux, Unix or Mac based computers.

To request remote desktop support via live chat, customers must first open a live support chat session. If remote desktop support is enabled in the admin console, customers will see the icon on the right (with the computer monitor on it). Customers cannot initiate a remote desktop session until after a technician has joined the chat session. This prevents them from generating multiple remote session IDs that are not valid. If they do try to start a session, they will receive the following message: Once a technician has joined the chat session, it will allow the customer to request a session ID and to run the VNC server executable. Clicking on the icon will prompt the customer to run the executable The customer will see the following dialog. You can assure them that this file is safe to run, it will not install anything on their computer and that it will terminate and remove itself once the connection has been closed by them or the technician.

After clicking Run, the customer will see the following dialog as they are being connected to the repeater on your server, where it will wait for up to five minutes for the technician’s viewer to connect.

Once connected to the repeater the customer will see the following icon in their system tray When the customer initiated the remote desktop request, the following message was sent to technician’s chat screen. To join the remote desktop session the technician simply needs to click on the hyperlink to launch the viewer. The technician will be prompted to run a small executable.

If the customer’s connection is not active (because they closed it, it timed out or they never connected to the repeater in the first place) the technician will see a message similar to the following. If the customer is connected to the repeater, the viewer will connect automatically and can instantly see the customer’s remote desktop and begin working on their computer. At the top of the viewer there are a several buttons available to the technician.

“Close Connection” will terminate the connection on the customer’s computer, and the executables will close themselves on both the technician and customer computers.

Technician Usage > Remote Desktop Sessions from technician interface

New in version 8 is the ability to setup remote desktop sessions directly from the technician interface. To start a new session click on the Remote Desktop link in the left frame of the technician interface. This will bring up a list of pending and connected remote desktop sessions. To start a new session click on the “Add Session” button near the bottom.

Next, select a customer ID from the dropdown, or select “Guest” if you want to send the session to a non-customer. You can then choose to download the .exe or send it via email. If you choose email you will have the option of sending a link to the remote desktop executable, or the file itself in .zip format.

Once the session has been sent, it will appear on the remote desktop sessions page as “Pending”. When they connect the status will change to “Connected” and the technician will have a link to join the session. Once the technician has joined, the status then changes to “In Progress”. Closed sessions will be marked as “Completed”.

Technician Usage > Remote Desktop Sessions from Network Devices

New in version 8 is the ability to install the remote desktop .exe as a service on remote computers. This will allow for technicians to connect to customers’ computers without the customer having to initiate the remote desktop session. This is most useful for connecting to users’ computers within your own network. It will also work for connecting to computers outside of your own network, but the end user may need to open ports on their network for the traffic to get through their firewall and properly routed to them. To install the remote desktop service on a remote computer you must first have the computer listed under Network Devices. Once the device is visible, click on the magnifying glass icon in the View column to see the details of the device. There should be a value in the remote desktop ID field. This is typically the IP address of the remote computer. You can edit this value, but be sure each device has a unique ID number. Once an ID number has been assigned you can either download the service installer or email it to the customer to have them install it. To install the service simply run the .exe on the remote computer. It will install and start the service automatically.

NOTE: When the remote desktop service is running it will prevent Windows RDP sessions from running. If you need to use RDP on a remote machine you will need to stop the “rdremote_service” service.

Back on the main Network Devices age that lists all of your network devices you will see the Remote column. If the service is running on a remote computer you will see a monitor icon and a green circle icon. Clicking on the monitor icon will launch the remote desktop viewer and connect you to the remote computer. Clicking the green circle icon will restart the service on the remote computer. Troubleshooting Common Problems

Problem: The repeater produces a C++ run time error when trying to launch it. Resolution: Some other application or service on that computer may already be using one of the ports you have specified. Stop the other application or service, or change the repeater’s ports.

Problem: The repeater is not accepting connections, and the log file keeps stating that the port is in use. Resolution: Some other application or service on that computer may already be using one of the ports you have specified. Stop the other application or service, or change the repeater’s ports.

Problem: The viewer is displaying the error “Unknown RFB Rectangle: 16. Resolution: You have chosen an unsupported Encoding in the viewer’s options. “ZLib” and “Tight” encodings are not supported and will produce that error.

Problem: The executable immediately closes after the customer has started it. Resolution: The executable cannot contact the repeater, either because it is not running, you have set the wrong ports, the ports are not properly forwarded to the right computer or there is something on the customer’s computer or network that is blocking an outgoing connection to your repeater.

Problem: The customer executable appears to be running on the customer’s computer, but the viewer cannot connect. Resolution: Check the repeater’s log and see if it created a server connection for their session ID. If not, you may need to stop and restart the repeater. If you still cannot connect make sure the repeater ports are properly set and forwarded.

Problem: You receive a warning like "Warning: system() [function.system]: Unable to fork" when compiling the executable in the admin console. A related warning message is "Warning: shell_exec() [function.shell-exec]: Unable to execute" Resolution: The IUSR account must have read permissions on the file c:\windows\system32\cmd.exe.

Recommended publications