‏92-Offer Remote Assistance

Filled under:


Computer/User Node :
   MACHINE

Policy Path :
   Administrative Templates\System\Remote Assistance

Supported on :
   At least Microsoft Windows XP Professional or Windows Server 2003 family

Help/Explain Text :
   Use this policy setting to determine whether or not a support person or IT admin (who is termed the expert) can offer remote assistance to this computer without a user explicitly requesting it first via a channel, e-mail, or instant messenger. Using this policy setting, an expert can offer remote assistance to this computer. The expert cannot connect to the computer unannounced or control it without permission from the user. When the expert tries to connect, the user is still given a chance to accept or deny the connection (giving the expert view-only privileges to the user's desktop), and thereafter the user has to explicitly click a button to give the expert the ability to remotely control the desktop, if remote control is enabled. If you enable this policy setting, Remote Assistance can be offered to users logged on to the machine. You have two options as to how Helpers can provide Remote Assistance: Allow helpers to only view the computer or Allow helpers to remotely control the computer. In addition to making this selection, when you configure this policy setting you also specify the list of users or user groups that will be allowed to offer remote assistance. These are known as helpers. To configure the list of helpers, click Show. This opens a new window where you can enter the names of the helpers. Add each user or group one by one. When you enter the name of the helper user or user groups, use the following format: <Domain Name>\<User Name> or <Domain Name>\<Group Name> If you disable or do not configure this policy setting, users or groups cannot offer unsolicited remote assistance to this computer. If you use Windows Firewall, you would also have to add the following exceptions to the Windows Firewall local or group policy settings to make unsolicited remote assistance work. Add the following entry to the Windows Firewall Port exceptions: TCP port 135 Add the following entries to the Windows Firewall Program exceptions: %WINDIR%\SYSTEM32\Sessmgr.exe %WINDIR%\PCHealth\HelpCtr\Binaries\Helpsvc.exe %WINDIR%\PCHealth\HelpCtr\Binaries\Helpctr.exe

Registry Settings :
  HKLM\Software\policies\Microsoft\Windows NT\Terminal Services!fAllowUnsolicited, HKLM\Software\policies\Microsoft\Windows NT\Terminal Services!fAllowUnsolicitedFullControl

0 التعليقات:

Post a Comment

Subscribe to: Post Comments (Atom)