Home » Apple Manuals » Computer Software » Apple M9547Z/A » Manual Viewer

Apple M9547Z/A Administration Guide - Page 75

Command-Line SSH Access, Managing Client Administration Settings and Privileges, To allow VNC access

UPC - 718908688908

Add to My Manuals
Save this manual to your list of manuals

Page 75 highlights

To allow VNC access: 1 On the client computer, open System Preferences and click Sharing. If prompted, enter the user name and password of a user with administrator privileges on that computer. 2 Select Remote Management in the Sharing pane. If the client computer is running Mac OS X version 10.4 or earlier, change VNC access by selecting Apple Remote Desktop in the Sharing pane and clicking Access Privileges. 3 Click Computer Settings. 4 Select "VNC viewers may control screen with password." 5 Enter a VNC password. WARNING: Do not use the same password as any local user or Apple Remote Desktop login. Command-Line SSH Access Command-line SSH access is not granted or managed using Remote Desktop. This type of access is managed in the Sharing pane of System Preferences (called "Remote Login") and is separate from Apple Remote Desktop access types. When you log in to a client remotely using SSH, you have the user privileges assigned to the user name and password. These may or may not include computer administrator privileges. You can use SSH to access a client using a user account created for Apple Remote Desktop, but you are limited to performing whatever tasks were allowed to that user when the account was created. Conversely, only the users specified in the Apple Remote Desktop access privileges can access a computer using Apple Remote Desktop. Apple Remote Desktop privileges are completely separate and distinct from local computer administrator UNIX privileges. Managing Client Administration Settings and Privileges Regular audits of administration settings can help maintain a secure Remote Desktop administration environment. Using the various administrator options given with Apple Remote Desktop administrator privileges, you can create specialized logins for certain tasks, limiting potentially disruptive power of certain sub-administrators. The following section gives detailed instructions for checking the administrator privilege settings of client computers, and changing those settings. Chapter 5 Understanding and Controlling Access Privileges 75

Section	Page
Apple Remote Desktop Administrator’s Guide	1
Contents	3
About This Book	9
Using This Guide	10
Remote Desktop Help	10
Notation Conventions	10
Where to Find More Information About Apple Remote Desktop	11
Using Apple Remote Desktop	13
Administering Computers	13
Deploying Software	15
Taking Inventory	18
Housekeeping	22
Supporting Users	24
Providing Help Desk Support	24
Interacting with Students	26
Finding More Information	28
Getting to Know Remote Desktop	29
Remote Desktop Human Interface Guide	29
Remote Desktop Main Window	30
Task Dialogs	31
Control and Observe Window	33
Multiple-Client Observe Window	34
Report Window	35
Changing Report Layout	36
Configuring Remote Desktop	37
Customizing the Remote Desktop Toolbar	37
Setting Preferences for the Remote Desktop Administrator Application	37
Interface Tips and Shortcuts	38
Installing Apple Remote Desktop	41
System Requirements for Apple Remote Desktop	41
Network Requirements	42
Installing the Remote Desktop Administrator Software	42
Setting Up an Apple Remote Desktop Client Computer for the First Time	43
Upgrading the Remote Desktop Administrator Software	44
Upgrading the Client Software	44
Method #1—Remote Upgrade Installation	44
Method #2—Manual Installation	45
Upgrading Apple Remote Desktop Clients Using SSH	46
Creating a Custom Client Installer	46
Considerations for Managed Clients	48
Removing or Disabling Apple Remote Desktop	49
Uninstalling the Administrator Software	49
Disabling the Client Software	50
Uninstalling the Client Software from Client Computers	51
Organizing Client Computers Into Computer Lists	53
Finding and Adding Clients to Apple Remote Desktop Computer Lists	53
Finding Clients by Using Bonjour	54
Finding Clients by Searching the Local Network	55
Finding Clients by Searching a Network Range	55
Finding Clients by Network Address	56
Finding Clients by File Import	57
Making a New Scanner	57
Making and Managing Lists	58
About Apple Remote Desktop Computer Lists	58
Creating an Apple Remote Desktop Computer List	59
Deleting Apple Remote Desktop Lists	59
Creating a Smart Computer List	59
Editing a Smart Computer List	60
Creating a List of Computers of from Existing Computer Lists	60
Importing and Exporting Computer Lists	61
Transferring Computer Lists from Apple Remote Desktop 3 to a New Administrator Computer	61
Transferring Remote Desktop 2 Computer Lists to a New Remote Desktop 3 Administrator Computer	62
Transferring Old v1.2 Computer Lists to a New Administrator Computer	62
Understanding and Controlling Access Privileges	65
Apple Remote Desktop Administrator Access	65
Setting Apple Remote Desktop Administrator Access Authorization and Privileges Using Local Accoun...	67
Setting Apple Remote Desktop Administrator Access Authorization and Privileges Using Local Accoun...	68
Apple Remote Desktop Administrator Access Using Directory Services	69
Creating Administrator Access Groups	69
Enabling Directory Services Group Authorization	72
Apple Remote Desktop Guest Access	72
Apple Remote Desktop Nonadministrator Access	73
Limiting Features in the Administrator Application	73
Virtual Network Computing Access	74
Command-Line SSH Access	75
Managing Client Administration Settings and Privileges	75
Getting an Administration Settings Report	76
Changing Client Administrator Privileges	76
Setting Up the Network and Maintaining Security	79
Setting Up the Network	79
Using Apple Remote Desktop with Computers in an AirPort Wireless Network	80
Getting the Best Performance	81
Maintaining Security	81
Remote Desktop Authentication and Data Transport Encryption	83
Encrypting Observe and Control Network Data	83
Encrypting Network Data During Copy Items and Install Packages Tasks	84
Interacting with Users	85
Controlling	86
Controlling Apple Remote Desktop Clients	86
Control Window Options	87
Switching the Control Window Between Full Size And Fit-To-Window	88
Switching Between Control and Observe Modes	88
Sharing Control with a User	88
Hiding a User’s Screen While Controlling	89
Capturing the Control Window to a File	89
Switching Control Session Between Full Screen and In a Window	89
Sharing Clipboards for Copy and Paste	90
Controlling VNC Servers	90
Setting up a Non–MacOSX VNC Server	91
VNC Control Options	92
Configuring an Apple Remote Desktop Client to be Controlled by a VNC Viewer	93
Observing	93
Changing Observe Settings While Observing	95
Changing Screen Titles While Observing	96
Viewing a User’s Account Picture While Observing	96
Viewing a Computer’s System Status While at the Observe Window	97
Shortcuts in the Multiple Screen Observe Window	98
Observing a Single Computer	98
Observing Multiple Computers	99
Observing a Computer in Dashboard	99
Sending Messages	100
Sending One-Way Messages	100
Interactive Chat	100
Viewing Attention Requests	101
Sharing Screens	101
Sharing a Screen with Client Computers	101
Monitoring a Screen Sharing Tasks	102
Interacting with Your Apple Remote Desktop Administrator	102
Requesting Administrator Attention	102
Canceling an Attention Request	103
Changing Your Observed Client Icon	103
Administering Client Computers	105
Keeping Track of Task Progress and History	105
Enabling a Task Notification Script	106
Getting Active Task Status	107
Using the Task Feedback Display	107
Stopping a Currently Running Task	108
Getting Completed Task History	108
Saving a Task for Later Use	108
Creating and Using Task Templates	109
Editing a Saved Task	110
Installing Software Using Apple Remote Desktop	110
Installing by Package and Metapackage	110
Installing Software on Offline Computers	112
Installing by Using the Copy Items Command	113
Using Installers from Other Companies	114
Upgrading Software	115
Copying Files	116
Copy Options	116
Copying from Administrator to Clients	118
Copying Using Drag and Drop	118
Restoring Items from a Master Copy	120
Creating Reports	121
Collecting Report Data	121
Using a Task Server for Report Data Collection	122
Report Database Recommendations and Bandwidth Usage	123
Auditing Client Usage Information	124
Finding Files, Folders, and Applications	126
Comparing Software	128
Auditing Hardware	130
Testing Network Responsiveness	135
Exporting Report Information	136
Using Report Windows to Work with Computers	137
Maintaining Systems	138
Deleting Items	138
Emptying the Trash	139
Setting the Startup Disk	139
Renaming Computers	140
Synchronizing Computer Time	140
Setting Computer Audio Volume	141
Repairing File Permissions	142
Adding Items to the Dock	142
Changing Energy Saver Preferences	143
Changing Sharing Preferences for Remote Login	144
Setting Printer Preferences	144
Managing Computers	146
Opening Files and Folders	146
Opening Applications	147
Quitting Applications Without Logging Out the User	148
Putting a Computer to Sleep	148
Waking Up a Computer	149
Locking a Computer Screen	149
Displaying a Custom Picture on a Locked Screen	150
Unlocking a Computer Screen	150
Disabling a Computer Screen	151
Logging In a User at the Login Window	151
Logging Out the Current User	152
Restarting a Computer	153
Shutting Down a Computer	153
Starting Up a Computer	154
UNIX Shell Commands	155
Send UNIX Command Templates	155
Executing a Single UNIX Command	157
Executing Scripts Using Send UNIX Command	157
Built-in Command-Line Tools	159
Automating Tasks	165
Working with the Task Server	165
Preliminary Planning for Using the Task Server	166
Setting Up the Task Server	166
Setting Up an Admin Console to Query the Task Server	167
Setting Up Clients to Interface with the Task Server	168
Using Automatic Data Reporting	168
Setting the Client’s Data Reporting Policy	169
Creating a Template Data Reporting Policy	170
Working with Scheduled Tasks	170
Setting Scheduled Tasks	170
Editing Scheduled Tasks	171
Deleting Scheduled Tasks	171
Using Scripting and Automation Tools with Remote Desktop	171
Using AppleScript with Remote Desktop	172
Using Automator with Remote Desktop	175
Icon and Port Reference	177
Client Status Icons	177
Apple Remote Desktop Status Icons	177
List Menu Icons	178
Task Status Icons	178
System Status Icons (Basic)	179
System Status Icons (Detailed)	179
TCP and UDP Port Reference	180
Report Field Definitions Reference	181
System Overview Report	181
Storage Report	184
USB Devices Report	185
FireWire Devices Report	185
Memory Report	185
Expansion Cards Report	186
Network Interfaces Report	186
Network Test Report	188
Administration Settings Report	188
Application Usage Report	189
User History Report	189
AppleScript Remote Desktop Suite	191
Classes and Commands for the Remote Desktop Application	191
PostgreSQL Schema Sample	199

Match case Limit results 1 per page

Chapter 5

Understanding and Controlling Access Privileges

To allow VNC access:

On the client computer, open System Preferences and click Sharing.

If prompted, enter the user name and password of a user with administrator privileges

on that computer.

Select Remote Management in the Sharing pane.

If the client computer is running Mac OS X version 10.4 or earlier, change VNC access by

selecting Apple Remote Desktop in the Sharing pane and clicking Access Privileges.

Click Computer Settings.

Select “VNC viewers may control screen with password.”

Enter a VNC password.

Command-Line SSH Access

Command-line SSH access is not granted or managed using Remote Desktop. This type

of access is managed in the Sharing pane of System Preferences (called “Remote

client remotely using SSH, you have the user privileges assigned to the user name and

password. These may or may not include computer administrator privileges.

You can use SSH to access a client using a user account created for Apple Remote

Desktop, but you are limited to performing whatever tasks were allowed to that user

when the account was created. Conversely, only the users specified in the Apple

Remote Desktop access privileges can access a computer using Apple Remote Desktop.

Apple Remote Desktop privileges are completely separate and distinct from local

computer administrator UNIX privileges.

Managing Client Administration Settings and Privileges

Regular audits of administration settings can help maintain a secure Remote Desktop

administration environment. Using the various administrator options given with Apple

Remote Desktop administrator privileges, you can create specialized logins for certain

tasks, limiting potentially disruptive power of certain sub-administrators. The following

section gives detailed instructions for checking the administrator privilege settings of

client computers, and changing those settings.

WARNING:

Do not use the same password as any local user or Apple Remote Desktop