Apple Remote Desktop Administrator’s Guide Version 3
K Apple Computer, Inc. © 2006 Apple Computer, Inc. All rights reserved. The owner or authorized user of a valid copy of Apple Remote Desktop software may reproduce this publication for the purpose of learning to use such software. No part of this publication may be reproduced or transmitted for commercial purposes, such as selling copies of this publication or for providing paid for support services. The Apple logo is a trademark of Apple Computer, Inc., registered in the U.S. and other countries.
Contents Preface 9 10 10 10 11 About This Book Using This Guide Remote Desktop Help Notation Conventions Where to Find More Information About Apple Remote Desktop Chapter 1 13 13 15 18 21 22 23 25 26 Using Apple Remote Desktop Administering Computers Deploying Software Taking Inventory Housekeeping Supporting Users Providing Help Desk Support Interacting with Students Finding More Information Chapter 2 28 28 29 31 32 33 34 35 36 36 36 37 Getting to Know Remote Desktop Remote Desktop Human Interf
Chapter 4 41 42 42 43 43 44 46 46 46 47 48 Upgrading the Remote Desktop Administrator Software Upgrading the Client Software Method #1—Remote Upgrade Installation Method #2—Manual Installation Upgrading Apple Remote Desktop Clients Using SSH Creating a Custom Client Installer Considerations for Managed Clients Removing or Disabling Apple Remote Desktop Uninstalling the Administrator Software Disabling the Client Software Uninstalling the Client Software from Client Computers 49 49 50 50 51 52 52 53 53 54
68 68 69 69 Command-Line SSH Access Managing Client Administration Settings and Privileges Getting an Administration Settings Report Changing Client Administrator Privileges Chapter 6 71 71 72 73 73 75 75 76 Setting Up the Network and Maintaining Security Setting Up the Network Using Apple Remote Desktop with Computers in an AirPort Wireless Network Getting the Best Performance Maintaining Security Remote Desktop Authentication and Data Transport Encryption Encrypting Observe and Control Network Data En
93 94 94 94 95 95 Chapter 8 6 96 96 97 98 98 98 99 99 100 101 101 101 103 104 104 105 106 107 108 109 110 111 111 112 113 114 116 118 119 124 125 126 127 127 128 128 Sharing a Screen with Client Computers Monitoring a Screen Sharing Tasks Interacting with Your Apple Remote Desktop Administrator Requesting Administrator Attention Canceling an Attention Request Changing Your Observed Client Icon Administering Client Computers Keeping Track of Task Progress and History Enabling a Task Notification Script Ge
Appendix A 129 129 130 131 131 132 133 133 135 135 136 137 137 138 138 139 139 140 140 141 141 142 143 143 145 145 147 152 152 153 154 155 156 159 Renaming Computers Synchronizing Computer Time Setting Computer Audio Volume Repairing File Permissions Adding Items to the Dock Changing Energy Saver Preferences Changing Sharing Preferences for Remote Login Setting Printer Preferences Managing Computers Opening Files and Folders Opening Applications Quitting Applications Without Logging Out the User Putting a
Appendix B 165 165 167 169 169 169 169 170 172 172 173 173 Report Field Definitions Reference System Overview Report Storage Report USB Devices Report FireWire Devices Report Memory Report PCI Cards Report Network Interfaces Report Network Test Report Administration Settings Report Application Usage Report User History Report Appendix C 174 174 AppleScript Remote Desktop Suite Classes and Commands for the Remote Desktop Application.
Preface About This Book What Is Apple Remote Desktop? Apple Remote Desktop is easy-to-use, powerful, open standards-based, desktop management software for all your networked Macs. IT professionals can remotely control and configure systems, install software, offer interactive online help to end users, and assemble detailed software and hardware reports for an entire Mac network.
Using This Guide The Apple Remote Desktop Administrator’s Guide contains chapters to help you use Remote Desktop. It contains overviews and explanations about Apple Remote Desktop’s features and commands. It also explains how to install and configure Apple Remote Desktop on clients, how to administer client computers, and how to use Remote Desktop to interact with computer users.
Terminal Command Conventions Notation Indicates monospaced font A command or other Terminal text $ A shell prompt [text_in_brackets] An optional parameter (one|other) Alternative parameters (type one or the other) underlined A parameter you must replace with a value [...
The Apple Remote Desktop Support website provides a database of technical articles about product issues, use, and implementation: www.apple.com/support/remotedesktop/ To provide feedback about Apple Remote Desktop, visit the feedback page: www.apple.com/feedback/remotedesktop.html For details about how to join the Apple Remote Desktop Mailing list, visit: lists.apple.
1 Using Apple Remote Desktop 1 Apple Remote Desktop helps you keep Macintosh computers and the software running on them up to date and trouble free. And it lets you interact directly with Macintosh users to provide instructional and troubleshooting support. This chapter describes the main aspects of Apple Remote Desktop’s administration and user interaction capabilities and tells you where to find complete instructions for using them.
You can administer client computers individually, but most Apple Remote Desktop features can be used to manage multiple computers at the same time. For example, you may want to install or update the same applications on all the computers in a particular department. Or you may want to share your computer screen to demonstrate a task to a group of users, such as students in a training room.
Deploying Software Apple Remote Desktop lets you distribute software and related files to client computers from your Apple Remote Desktop administrator computer or from a computer running Mac OS X Server. Deploy configuration files Deploy drag-and-drop application folders Deploy install packages (.pkg or .
For example, you can use Apple Software Update to download an iCal update or an operating system update to a test computer. If the update works as expected and introduces no compatibility issues, copy the installer package to the administrator computer to distribute to computers that need upgrading. Note that this approach conserves Internet bandwidth, because only one copy of the package needs to be downloaded.
Client computers that boot from a NetBoot image get a fresh system environment every time they start up. For this reason, using NetBoot images is useful when a particular computer is shared by several users who require different work environments or refreshed work environments, or when you want to start a new experiment or use a different computing environment in a cluster node.
Taking Inventory Apple Remote Desktop lets you capture data describing the attributes of client computers, then generate reports based on the data. You specify how often you want to capture data, the data you want to capture, and the computers you want to profile. You can collect data just before generating a report if you need up-to-the-minute information.
File Search Report Use the File Search report to search client systems for specific files and folders and to audit installed applications. This report can help you find out how many copies of a particular application are in use so you don’t violate license agreements. Spotlight File Search Use the Spotlight Search report to search Tiger client systems for specific files and folders. The information in the report is updated as files matching your search change on the client systems.
Application Usage Report Use the Application Usage report to find out which applications have been running on your client computers and who ran those applications. Network Test Report A Network Test report helps you measure and troubleshoot the communication between your administrator computer and your client computers. The Network Interfaces report might also help troubleshooting network hardware issues.
Housekeeping Apple Remote Desktop provides several ways to remotely control client computers for housekeeping activities, which you can conduct using one or more Apple Remote Desktop windows.
Locking Computer Screens You can lock the screens of client computers for specified durations when you don’t want the computers to be used. For example, you may need to perform network maintenance and want to make sure computers don’t use the network for a few hours. You can display custom pictures or text messages on locked computer screens to let users know when the computers are available again. Reclaiming Disk Space Periodically empty the Trash on client computers to conserve disk space.
Providing Help Desk Support When a user is having trouble, Apple Remote Desktop provides several ways to interact with the user and his or her computer to diagnose and fix the problem. Administrator computer Use text chat Copy items Control, observe, and share screens Marketing department Engineering department Requesting Help A user can discreetly notify you of a problem by sending a request for help using an Apple Remote Desktop text message.
Screen Controlling Use Apple Remote Desktop to control the user’s screen in order to diagnose and fix the problem. You may have unlimited control, or a user can grant you temporary guest access so you can control the computer only during troubleshooting. There are two levels of control available. You can take complete control of the user’s computer, or you can share control of the keyboard and mouse with the user.
Interacting with Students Apple Remote Desktop helps instructors teach more efficiently by letting them interact with student computers individually or as a group. Broadcast text messages Observe and share one or multiple screens Administrator computer Control screen Lock screens Log out students Distribute items electronically Open applications or files One-to-one help desk support Classroom Using Text Messages Send Apple Remote Desktop text messages to communicate with students.
Locking Screens Lock student screens to prevent students from using their computer when you want them to focus on other activities. Terminating Computer Use Remotely log students out or shut down their computers at the end of a class or school day. Distributing and Collecting Files Distribute handouts electronically, at a time that won’t disrupt class activities or when they’re needed for the next class activity, and collect homework files. Automating Website Access Open a webpage on all student computers.
To learn more about See information for Starting on page Housekeeping tasks Deleting items Emptying the Trash Setting startup volumes Renaming computers Sleeping and waking Locking screens Logging users out Restart and shutdown page 127 Automating tasks Configuring data gathering Scheduling tasks Using UNIX shell scripts page 152 Additional information can be obtained at several Apple websites: Â For information about NetBoot and Network Install, download the system imaging administration guide at:
2 Getting to Know Remote Desktop 2 Remote Desktop is the administrator application for Apple Remote Desktop. Its attractive interface is powerful, yet simple to use. Remote Desktop’s interface is customizable, allowing you to get the information you want quickly, the way you want it. This chapter contains screenshots and short descriptions of Remote Desktop’s interface, as well as detailed instructions for customizing the appearance and preferences of the application.
Remote Desktop Main Window The main window of Remote Desktop has a customizable toolbar, groups of lists, tasks, and scanners on the left, and the main window area to the right. “List Menu Icons” on page 162 contains icons seen in the list menu of the main window. K L A B C D E H F G I J A All Computers list: The All Computers list is a list of all client computers that you plan to administer.
F Scanner: Scanners find clients to add to the All Computers list. You can make new scanners and customize them for your needs. See “Making a New Scanner” on page 52. G Task server list: This lists tasks delegated to the Task Server, rather than run those run directly from the application. When all the target computers have come online and participated in the task, the task is labeled as complete.
Task Dialogs When you click a task, a dialog appears to let you set task parameters or confirm the task. A B G C D E F A Task type header: This header area shows you the kind of task represented. B Saved task name: When you save a task, you name it for your own use. C Task configuration area: This area is different for every task. It’s where you set operating parameters for the task to be performed. D Participating computers: This area shows you the computers that will be affected by the task.
Control and Observe Window This window is the same for both controlling and observing a single client. The only difference is the state of the Observe or Control toggle button. When it’s selected, you have control over the remote client. A B C D E F I G H J 32 A Observe or control toggle: When this button is selected, you have control over the remote client. B Share mouse control: When this button is selected, you share mouse control with the user.
H Send clipboard to the client: When clicked, the remote client Clipboard receives the contents of the local Clipboard. I Image Quality: Adjusts the screen color depth from black and white to millions of colors. J Desktop of Controlled Computer: Resize this window from the lower right corner. Multiple-Client Observe Window When you observe many clients at the same time, they all appear in the same window. If you have more computers than will fit in the window, they are divided across several pages.
G Computer status: Shows basic computer status beneath each client screen. H Cycle through pages: Manually advances to the next page of screens. I View Options: Reveals the view option controls. J Observed computers: Contains the scaled desktops of the observed client computers. Report Window Reports serve as valuable shortcuts when you’re copying files and organizing computer lists.
E Delete selected: Deletes the item selected in the report from the remote computer. F Copy to this computer: Copies selected items to the administrator computer. Changing Report Layout You can customize report layouts for your own purposes. By default, reports include a column for each information type you selected before running the report, in the order presented in the report dialog. The columns in the report are initially sorted by computer name.
Configuring Remote Desktop You can configure the Remote Desktop administrator application to meet your work needs. Remote Desktop has an interface that is both flexible and functional. Customizing the Remote Desktop Toolbar The Remote Desktop application has a fully customizable toolbar, which provides a quick way to perform tasks. To perform a task, just click the appropriate icon in the toolbar. To show or hide the toolbar, click the toolbar button in the upper-right corner of the application window.
 Whether other Apple Remote Desktop administrators can access your local Task Server  Whether clients collect user and application tracking data  A saved template for scheduling client reporting policies In the Labels pane, you can set:  Label colors and text for labeling computers In the Tasks pane, you can set:  Whether to automatically change focus to the active task  Whether to execute a notification script on task completion  Limits on task history list contents and time until removed In the Sec
Drag and drop works on configuration dialogs Configuration dialogs accept dragged items. Computer lists in the dialogs accept dragged computers. The Copy Items dialog accepts dragged files to copy, without having to browse the file system for them. Save yourself time and effort by dragging available items to dialogs rather than browsing for them.
3 Installing Apple Remote Desktop 3 To use Apple Remote Desktop, install the administration software on the administrator computer first, and then install and enable the client software on the computers you want to manage. You’ll need your install disc, the serial number, and either the printed Welcome instructions, or these instructions. This chapter describes how to install Apple Remote Desktop for system administration and user interaction and gives complete setup instructions.
Network Requirements  Ethernet (recommended), AirPort, FireWire, or other network connection See “Setting Up the Network” on page 71 for more information. Installing the Remote Desktop Administrator Software To set up Apple Remote Desktop on administrator computers, you install the software on the computer you plan to use to administer remote computers. Then, you open the application setup assistant, and add to the main list of computers.
10 Configure some client computers for administration, find them in a scanner, and add them to a computer list. See: Â “Setting Up an Apple Remote Desktop Client Computer for the First Time” on page 41 Â “Finding and Adding Clients to Apple Remote Desktop Computer Lists” on page 49 Setting Up an Apple Remote Desktop Client Computer for the First Time The following section contains information on setting up Apple Remote Desktop 3 on client computers. Since Apple Remote Desktop v1.
Upgrading the Client Software This section contains information on installing Apple Remote Desktop 3 on client computers. Since Apple Remote Desktop client software was automatically included on the clients running Mac OS X v10.3 and v10.4, all Apple Remote Desktop 3 installations are upgrade installations, even if you are setting up clients for the first time. You can only upgrade Apple Remote Desktop v1.x and v2.
Method #2—Manual Installation This method works best if you have never enabled Apple Remote Desktop on your clients and have an existing software distribution infrastructure. This method also allows for the greatest power and configuration flexibility. Also, if you don’t want Apple Remote Desktop to upgrade your clients using the Upgrade Client Software feature, you can perform a manual upgrade.
To upgrade existing client software using SSH: 1 Create the custom client installer package. For detailed instructions, see “Creating a Custom Client Installer” on page 44. 2 Open the Terminal application (located in /Applications/Utilities/). 3 Copy the installer package to the client computer by typing: $ scp -r @: For other options, see the scp man page.
4 Click Continue to begin creating a custom installer. 5 Choose whether to start Remote Desktop sharing at system startup. This changes the setting found in the Sharing pane of System Preferences. 6 Choose whether to hide or show the Apple Remote Desktop menu bar icon. 7 Click Continue. 8 Choose whether to create a new user for Apple Remote Desktop login. Click Continue. A new user account can be created to grant Apple Remote Desktop administrator privileges.
17 Click Continue. 18 Select a location for the installer. 19 Click Continue to create the installer. An installer metapackage (.mpkg file) is created in the designated location. 20 Click Done. Considerations for Managed Clients If you plan on restricting what applications can open on a managed client, you’ll need to make sure that Apple Remote Desktop’s processes are allowed to run. A managed client is a client computer whose environment is governed by Mac OS X Server’s Workgroup Manager.
5 Delete the Remote Desktop documentation using the following commands in the Terminal application.
Uninstalling the Client Software from Client Computers To remove Apple Remote Desktop client software from Mac OS X clients, you need to remove a number of software components from each client system. Warning: It is not recommended that you uninstall the client software. Disabling the client software is sufficient to stop Apple Remote Desktop system activity. See “Disabling the Client Software” on page 47 for instructions. To uninstall client software: 1 Open Terminal (located in /Applications/Utilities).
4 Organizing Client Computers Into Computer Lists 4 Apple Remote Desktop uses lists of client computers to logically organize the client computers under your control. Connecting to client computers on the network and adding them to your list is necessary to administer them. This chapter describes finding clients and organizing them into lists for Apple Remote Desktop administration and user interaction.
Search column Description DNS Name The computer’s DNS name, found by reverse lookup, if any. ARD Version Apple Remote Desktop client software version. Network Interface Which interface the client responded through. If you want to change the default display list for the scanner, you can select Edit > View Options and choose any of the other available options (which include Computer Info Fields, Ethernet ID, Label, or others).
To search a range of network addresses: 1 Select a scanner at the left of the Remote Desktop window. 2 Select Network Range. 3 Enter the beginning and ending IP address. 4 Click the Refresh button. All responding clients are listed in the Remote Desktop window. 5 Select the desired computers. 6 Drag the selected computers to the All Computers list. 7 Authenticate by providing a user name and password for an Apple Remote Desktop administrator. The computer is now in your All Computers list.
Finding Clients by File Import You can import a list of computers into Apple Remote Desktop by importing a file listing the computers’ IP addresses. The list can be in any file format (text, spreadsheet, word processor) and must contain either IP addresses or fully qualified domain names (such as foo.example.com). File import also allows you to add ranges of IP addresses by expressing the range in the following format: xxx.xxx.xxx.xxx-yyy.yyy.yyy.yyy. For example, a text file with the line “192.168.0.2-192.
5 Customize the search by entering the specific parameters for the search (such as an IP address range, or file location). You can find out how to customize the search in the following sections: Â Â Â Â “Finding Clients by Searching the Local Network” on page 50 “Finding Clients by Searching a Network Range” on page 50 “Finding Clients by Network Address” on page 51 “Finding Clients by File Import” on page 52 6 Click the Refresh button. All responding clients are listed in the Remote Desktop window.
Creating an Apple Remote Desktop Computer List You can make more specific, targeted lists of computers from your All Computers list. The easiest way to make a new list is to use computers already in the All Computers list. You can also create blank lists and add computers to them later. To create an Apple Remote Desktop computer list: 1 Select the All Computers list icon in the main Remote Desktop window. 2 Select the computers you want to add to the new list. 3 Choose File > New List From Selection.
To create a smart computer list: 1 Choose File > New Smart List. 2 Name the smart computer list. 3 Choose “any” or “all” criteria to match. 4 Select the attribute to select by, using the pop-up windows and text entry field. 5 Add any other criteria with the Add (+) button. 6 Click OK. The new smart list appears in Remote Desktop’s main window. Editing a Smart Computer List You may want to edit the smart lists you have created. The editing window is the same as the one used to create the smart list.
8 Add other conditions and criteria as desired. 9 Create the final Smart List by clicking OK. The new Smart List appears in Remote Desktop’s main window. Importing and Exporting Computer Lists When setting up Apple Remote Desktop 3, you may not necessarily use the same computer you used for the previous version of Apple Remote Desktop. Rather than create new lists of client computers, you can transfer existing lists between computers, with benefits and limitations depending on the transfer circumstance.
8 Select the exported list, and click Open. The list now appears in Remote Desktop’s main window. Transferring Remote Desktop 2 Computer Lists to a New Remote Desktop 3 Administrator Computer If you are installing Apple Remote Desktop 3 on a computer different from the version 2.x administrator computer, you may want to move your existing computer lists to the new administrator computer running Apple Remote Desktop 3.
To transfer the computer lists: 1 Open Keychain Access (located in /Applications/Utilities) on the source computer. 2 Choose File > New Keychain. 3 Name the new keychain, and click Create. 4 Enter a password for the new keychain. This is a temporary password that you will use to retrieve the information in the keychain. Do not use your login password or other sensitive password. 5 If necessary, click Show Keychains to show the administrator keychain. 6 Select the source computer’s main keychain.
5 Understanding and Controlling Access Privileges 5 There are several different ways to access and authenticate to Apple Remote Desktop clients. Some depend on Apple Remote Desktop settings, and others depend on other client settings, or third-party administration tools. This chapter explains the various access types, their configuration, and their uses.
The following table shows the settings in the Apple Remote Desktop settings in the Sharing Preference pane and the features of Remote Desktop that they correspond to. For example, if you want a certain administrator to be rename computer file sharing names, you will need to grant that user that privilege by selecting “Change Settings”. checkbox in the Apple Remote Desktop settings in the Sharing Preference pane on the client computer.
Setting Apple Remote Desktop Administrator Access Authorization and Privileges Using Local Accounts To prepare a client for administration, you activate the existing version of Apple Remote Desktop on the client computer and set Apple Remote Desktop administrator access privileges by using the Sharing pane of the computer’s System Preferences. You set access privileges separately for each user account on the computer. Follow the steps in this section to set access privileges on each client computer.
Apple Remote Desktop Administrator Access Using Directory Services You can also grant Apple Remote Desktop administrator access without enabling any local users at all by enabling group-based authorization if the client computers are bound to a directory service. When you use specially named groups from your Directory Services master domain, you don’t have to add users and passwords to the client computers for Apple Remote Desktop access and privileges.
Management Privilege ard_admin ard_reports ard_manage ard_interact Generate reports X X X Open and quit applications X X Change settings X X Copy items X X Delete and replace items X X Send messages X X Restart and shut down X X Control X X Observe X X Show being observed X X X In the XML, you name a privilege key and make the value the name of the group or groups you want to possess the privilege. Use the sample XML below to make your management/key designation XML.
The following is the sample XML format you need to use to assign management privileges via MCX keys. It assigns the above “ard_interact” privileges to the groups named “some_group” and “staff.” It also assigns the “ard_manage” privileges to the group named “staff,” the “ard_admin” privileges to the group “my_admin_group,” and leaves no group with the “ard_reports” privilege set. Here’s the XML:
Method #2 You can create groups with special names that correspond to the privilege keys above: ard_admin, ard_reports, ard_manage, and ard_interact. The corresponding privileges are automatically assigned to these specially named groups. If you have already created these groups for use with Apple Remote Desktop 2, they will continue to work as expected with Apple Remote Desktop 3.
To allow guest access: 1 On the client computer, open System Preferences and click Sharing. If prompted, enter the user name and password of a user with administrator privileges on that computer. 2 Select Apple Remote Desktop in the Sharing pane. 3 Click Access Privileges. 4 Select “Guests may request permission to control screen.” 5 Click OK. Apple Remote Desktop Nonadministrator Access Remote Desktop can operate in what is referred to as “user mode.
Each of these features can be enabled or disabled independently of each other, or you can enable all of Remote Desktop’s features for nonadministrator users. To enable User Mode: 1 Make sure you are logged in as an administrator user. 2 Open Remote Desktop. 3 Choose Remote Desktop > Preferences. 4 Click the Security button. 5 Enable or disable features, as desired. 6 Close the Preference’s window.
To allow VNC access: 1 On the client computer, open System Preferences and click Sharing. If prompted, enter the user name and password of a user with administrator privileges on that computer. 2 Select Apple Remote Desktop in the Sharing pane. 3 Click Access Privileges. 4 Select “VNC viewers may control screen with password.” 5 Enter a VNC password. Warning: Do not use the same password as any local user or Apple Remote Desktop login.
Getting an Administration Settings Report You can query active Apple Remote Desktop clients for a report on what commands they are accepting from your administrator authentication. The report is a list of the Apple Remote Desktop administrator access types each with an “On” or “Off” to indicate whether that access type is available to you. To get an administration settings report: 1 Select a computer list in the Remote Desktop window. 2 Select one or more computers in the selected computer list.
8 Add a new user by clicking Add and filling in the appropriate information. Click OK after adding each user, and click Continue when you’re ready to go on. 9 Choose whether to assign Apple Remote Desktop administrator access privileges to Directory Services groups. If you choose to do so, select “Enable directory-based administration.
6 Setting Up the Network and Maintaining Security 6 This chapter describes the main aspects of setting up your network for use with Apple Remote Desktop system administration, as well as best-practice tips for your network. Additionally, it contains information about Apple Remote Desktop security features, and detailed instructions for enabling them.
 Organize computers you’re administering using Apple Remote Desktop into small groups, and close the Remote Desktop administrator application when not in use. This helps reduce the number of status queries, thus reducing network traffic.  If a client has a slow network type, consider running it in a list separate from the faster clients. A single slow client can slow down network operations.
 Wireless networks also are not suited for multicast traffic. However Apple Remote Desktop’s multi-observe feature is different because it doesn’t use multicast traffic.  Display shared screens in black and white rather than in color.  Configure your AirPort Base Station with a station density of High and increase the multicast rate to 11 Mbps using AirPort Admin Utility.
Administrator Application Security  Make use of user mode to limit what nonadministrator users can do with Remote Desktop. See “Apple Remote Desktop Nonadministrator Access” on page 66.  If you leave the Remote Desktop password in your keychain, be sure to lock your keychain when you are not at your administrator computer.  Consider limiting user accounts to prevent the use of Remote Desktop.
 Quit the Remote Desktop application when you have finished using it. If you have not stored the Remote Desktop password in your keychain, the application prompts you to enter the administrator name and password when you open it again. Physical Access Security  If you have stored the Remote Desktop password in your keychain, make sure the keychain is secured and the application isn’t running while you are away from the Remote Desktop window.
To enable Observe and Control transport encryption: 1 Choose Remote Desktop > Preferences. 2 Click the Security button. 3 In the “Controlling computers” section, select “Encrypt all network data.” Encrypting Network Data During Copy Items and Install Packages Tasks Remote Desktop can send files for Copy Items and Install Packages via encrypted transport.
7 Interacting with Users 7 Apple Remote Desktop is a powerful tool for interacting with computer users across a network. You can interact by controlling or observing remote screens, text messaging with remote users, or sharing your screen with others. This chapter describes Remote Desktop’s user interaction capabilities and gives complete instructions for using them.
Controlling Apple Remote Desktop allows you to control remote computers as if you were sitting in front of them. You can only control the keyboard and mouse of any one computer at a time. There are two kinds of remote computers that Apple Remote Desktop can control: Apple Remote Desktop clients and Virtual Network Computing (VNC) servers. Controlling Apple Remote Desktop Clients Apple Remote Desktop client computers can be controlled by any administrator computer that has the Control permission set.
Also, special keys including the sound volume, screen brightness, and Media Eject keys do not affect the client computer. These instructions assume the that observed computer has Apple Remote Desktop installed and configured properly (see “Setting Up an Apple Remote Desktop Client Computer for the First Time” on page 41) and that the computer has been added to an Apple Remote Desktop computer list (see “Finding and Adding Clients to Apple Remote Desktop Computer Lists” on page 49).
Switching the Control Window Between Full Size And Fit-To-Window When controlling a client, you can see the client window at full size, or scaled to fit the control window. Viewing the client window at full size will show the client screen at its real pixel resolution. If the controlled computer’s screen is larger than your control window, the screen show scroll bars at the edge of the window. To switch in-a-window control between full size and fit-to-window modes: 1 Control a client computer.
Hiding a User’s Screen While Controlling Sometimes you may want to control a client computer with a user at the client computer, but you don’t want the user to see what you’re doing. In such a case, you can disable the client computer’s screen while preserving your own view of the client computer. This is a special control mode referred to as “curtain mode.” You can change what’s “behind the curtain” and reveal it when the mode is toggled back to the standard control mode.
Sharing Clipboards for Copy and Paste You can transfer data between the Clipboards of the administrator and client computer. For example, you may want to copy some text from a file on the administrator computer and paste it into a document open on the client computer. Similarly, you could copy a link from the client computer’s web browser and paste it into the web browser on the administrator computer. The keyboard shortcuts for Copy, Cut, and Paste are always passed through to the client computer.
2 Select one computer from the list. 3 Choose Interact > Control. If the controlled computer’s screen is larger than your control window, the screen scrolls as the pointer approaches the edge of the window. 4 To customize the control window and session, see “Control Window Options” on page 79. 5 Use your mouse and keyboard to perform actions on the controlled computer. Regardless of your Apple Remote Desktop preferences, controlled VNC servers share keyboard and mouse control.
VNC Control Options After you have added a VNC server to a computer list (or when you are first adding it), you can set a custom port for VNC communication, and you can designate a display to control. To set a custom port on an existing computer list member: 1 Select a computer list in the Remote Desktop window. 2 Select a VNC Server computer in the Remote Desktop window. 3 Choose File > Get Info. 4 Click Edit in the Info window.
If you want to control the third display, you would enter: vncserver.example.com:5902 Configuring an Apple Remote Desktop Client to be Controlled by a VNC Viewer When configured to do so, an Apple Remote Desktop client can be controlled with a non–Apple VNC viewer. Allowing a non–Apple VNC viewer access to an Apple Remote Desktop client is less secure than using Remote Desktop to control the client.
Remote Desktop allows you to observe multiple clients on the same screen, cycling through the list of observed computers. This allows you to monitor many screens without having to select each one individually. Dealing With Many Client Screens When observing a single client, you can see the client window at full size, or scaled it to fit the observe window. To switch between the full size and fitting to the window, click the Fit to Window button, just as you would in a control window.
 the observe window is resized, shrinking the information beneath the threshold  the setting for the number of viewed machines is changed The computer information area is reenabled when the sizes are returned to more than the image size threshhold. Changing Observe Settings While Observing While you are observing multiple computers, you can adjust the Apple Remote Desktop observe settings using the controls at the top of the observe window.
Changing Screen Titles While Observing While you are observing multiple computers, you can change the title underneath the desktops shown in the observe window. The main title can be the:  Name (the computer sharing name)  IP Address  Host Name To change your observe window titles: 1 Click View Options in the observe window’s toolbar. 2 Select Display Computer Information. 3 From the Title pop-up menu, select the desired title. 4 Click Done.
There are two levels of detail for system statistics. The top level is a single icon (a red, yellow, or green icon). Icon Indicates or One or more service statistic is red. This takes precedence over any yellow or green indicator. or One or more service statistic is yellow This takes precedence over any green indicator. Service is operating within established parameters. No service informaiton available. You show the second level of detail by placing the mouse pointer over the high-level status icon.
Service Icon Status Over 95% used No status information available To show system status in the observe window: 1 Click View Options in the observe window’s toolbar. 2 Select Display Computer Information. 3 Select Computer Status. 4 Click Done. Shortcuts in the Multiple Screen Observe Window You can access several Apple Remote Desktop commands using icons in the observe window. You can customize the observe window with the commands that are most useful to you.
Observing Multiple Computers When you observe multiple client computers, each client screen is scaled down, so that several computers can be viewed at the same time. You can set the number of client screens that appear at any one time. See “Setting Preferences for the Remote Desktop Administrator Application” on page 36 for more information. If a client has a screen saver running when you start observing, the screen saver remains in effect.
Sending Messages Apple Remote Desktop allows you to communicate with users of Apple Remote Desktop client computers using text messaging. You can use text messages to give instructions or announcements, to collaborate remotely, or troubleshoot with users. There are two types of text messaging: one-way messages and two-way interactive chat. Text messages and chat are available only to Apple Remote Desktop client computers; they are not available to VNC client computers.
5 Press the Return key to complete and send each line. Viewing Attention Requests After a client user sends an attention request, the Apple Remote Desktop administrator can read the attention request text. To view attention requests: 1 Choose Window > Messages From Users. 2 Select the message you want to view. 3 Click Display to view the request’s message.
Monitoring a Screen Sharing Tasks You may want to keep track of the screen sharing tasks you have begun. You can get information on all active screen sharing tasks, and can sort the tasks by time started, source screen, or target computers. To view current active screen sharing tasks: m Choose Window > Active Share Screen Tasks. Interacting with Your Apple Remote Desktop Administrator Users of Apple Remote Desktop client computers can initiate contact with a Remote Desktop administrator.
Canceling an Attention Request If a user no longer needs the Apple Remote Desktop administrator’s attention, he or she can cancel the attention request after it has been sent. To cancel an attention request: 1 Click the Apple Remote Desktop status icon and choose Message to Administrator. 2 Click the Apple Remote Desktop status icon in the menu bar and choose Cancel Message.
8 Administering Client Computers 8 Apple Remote Desktop gives you powerful administrative control. You can manually or automatically get detailed information about every computer, install software, and maintain systems from a single administrator computer. This chapter describes Remote Desktop’s capabilities and gives complete instructions for using them.
Remote Desktop keeps track of three kinds of task progress: active, Task Server, and completed. Active tasks are those which are currently being processed by the client computers, and the client computers have not all reported back to the administrator console. Some tasks are so short that they only briefly appear in the list of current tasks; other tasks may take a long time and remain there long enough to return to the task and view the progress as it happens.
Getting Active Task Status When you get a task’s current status, you see the progress of the task, the computers involved, and their feedback to the administrator computer. To get status on a currently running task: 1 Select the Active Tasks list. 2 Select the desired task in the Remote Desktop window. The task status and computers involved are shown in the Remote Desktop window. You can make sure the main window always shows the currently running task in the main work area by setting a preference.
To stop a currently running task: 1 Select the Active Tasks list. 2 Select the desired task in the Remote Desktop window. The task status and computers involved are shown in the Remote Desktop window. 3 Click the Stop button in the top-right of the main window. Getting Completed Task History After a task has received feedback from all the involved client computers, or they have experienced a communication time-out, the task is moved to the Task History list.
Creating and Using Task Templates In each task configuration dialog, you can save a task’s settings to a template to reuse for future tasks of that same type. For example, if you always use certain copy options for a Copy Items task, you can save those settings as a template, and have them apply to any newly created Copy Items task. Once a task template is saved, you can select any one of the saved templates from the Templates pop-up menu.
Editing a Saved Task You may want to change a previously saved task, changing whether what the task does or changing the target computers. To edit a saved task: 1 Double-click the saved task you want to edit. Alternatively, you could use Control-click or right-click and choose Edit Task from contextual menu. 2 In the task description window, change the task parameters. You can alter task preferences, and change the computer list.
You can choose to initiate the installation of a package from the designated Task Server rather from a Remote Desktop task. This allows you to install packages on to computers that may not be connected to the network (with a status of “Offline”) when you run the task. The Task Server monitors the network for the next time the offline client comes online again. Then the Task Server performs the installation.
7 Select other installation parameters, as desired. For more information on the available options, see “Copy Options” on page 107. Note: Client computers are not restarted automatically after an installation is complete unless explicitly selected in the task command. 8 Click Install. During installation, a progress bar appears in the task header in the main window. No progress bars appear on the client computer. The copied package is deleted from the client computer if an error occurs during installation.
Installing by Using the Copy Items Command Many applications can be installed simply by copying the application or its folder to the client computer. Consult the application’s documentation to verify that you can simply copy the application to the hard disk to install it. To install software by copying: 1 Select a computer list in the Remote Desktop window. 2 Select one or more computers in the selected computer list. 3 Choose Manage > Copy Items. 4 Add software to the “Items to copy” list.
The software is copied to the indicated destination. If the copy is operation unsuccessful, an error message appears in the task feedback window. 8 Select a computer that received the copy of the installer. 9 Choose Interact > Control. 10 Control the screen of the selected computer and complete the installation process interactively. Upgrading Software Upgrading software is similar to installing software. However, the method of upgrading software depends on the original method of installation.
3 Use the appropriate installation method to install the new version of the software. For more information, see: Â “Installing by Package and Metapackage” on page 101 Â “Installing by Using the Copy Items Command” on page 104 Â “Using Installers from Other Companies” on page 104 Copying Files Apple Remote Desktop makes it easy to copy items (other than the system software) on one or more client computers. Copying files works fastest with a small number of files.
If you choose to copy out to many client computers simultaneously, Remote Desktop uses network multicasts to send the files. If there is a significant number of multicast networking errors, Remote Desktop tries to copy individually to each client computer.
More Options When the Item Already Exists If an item with the same name as the item you selected to copy already exists at the destination, you have several options for handing the name conflict. You can:  replace the existing item  replace the existing item if the existing item is older  rename the existing item  rename the item being copied  always ask which of the above options you want to use Post-Copy Action You can choose to open a copied item immediately after it’s copied.
Copying Using Drag and Drop Using Apple Remote Desktop, you can copy items by dragging them between Finder windows on your administrator computer, the Remote Desktop window, and control windows. For example, you can drag an item from a Finder window to a selected computer in the Remote Desktop window. You can use this feature to collect needed files from remote computers or distribute files between remote computers.
Alternatively, you can drag items from a control window to the administrator computer’s desktop. Restoring Items from a Master Copy Your client computers can restore non-system software from a master copy. This is helpful if you want to make sure each client computer has the same software. You can automate the software restore process by using the instructions in “Automating Functions” on page 152.
Creating Reports Apple Remote Desktop allows you to query client computers for many kinds of information, from installed software to network speed and reliability. Creating reports gives you valuable information about the client computers. Reports also help when you’re copying files and organizing computer lists. Collecting Report Data There are three search strategies that Apple Remote Desktop uses when searching for report information: new data, cached data, and Spotlight data.
The database, which is a PostgreSQL database located at /var/db/RemoteManagement/ RMDB/ can be accessed using other tools besides Remote Desktop. To find out more about the database schema, see “PostgreSQL Schema Sample” on page 180. The last kind of new data search is a Spotlight search. This is not a static report on saved data in a database, but it’s an interactive search of the client computers. A Spotlight search can only be done on client computers running Mac OS X 10.4 or later.
You do this using the Get Info window of any client computer or the client’s own Apple Remote Desktop preferences. See “Setting the Client’s Data Reporting Policy” on page 152 and “Creating a Template Data Reporting Policy” on page 153. Report Database Recommendations and Bandwidth Usage You can have a single Apple Remote Desktop data collection database for any number of clients. However, avoid having all the clients upload their report information at the same time.
System Report Size The file system data which is uploaded to the report database (labeled “File Search data” in the Scheduling sheet of the Task Server preference pane) contains a significant amount of data. For a client with 10 GB of files on the hard disk, the report data uploaded can easily reach 5 MB in size. With hundreds or thousands of clients, this amount can add up quickly and might tax network resources.
To generate a User History report: 1 Select a computer list in the Remote Desktop window. 2 Select one or more computers in the selected computer list. 3 Choose Report > User History. 4 Select the time frame for the user history information. 5 Click Generate Report. The newly generated report window appears. Generating an Application Usage Report The Application Usage report shows which applications have been running on a given client, their launch and quit time, and who launched them.
Finding Files, Folders, and Applications Apple Remote Desktop allows you to search the contents of client computer hard disks for specific files, folders, or applications. Additionally, it can compare the results of such searches to the items on the administrator computer. These searches can compare software versions, fonts, applications, or installed packages. Using Spotlight to Find Items You can use Spotlight to find items on client computers.
The results of the search are listed in the pane at the bottom of the window. Note: The “Home” Spotlight search location means the Home folder of the currently logged in user. Generating a File Search Report The File Search report allows you to find up to a total of 32,000 items on selected computers. The items can be files, folders, or applications, but they can only be items accessible (or visible) in the Finder.
7 Click Search. The newly generated report window appears. Comparing Software Apple Remote Desktop has several specialized reports for comparing software on client computers with software on the administrator computer. These reports can’t be run comparing two client computers. One computer in the comparison must be the administrator computer.
To generate a Software Difference report: 1 Select a computer list in the Remote Desktop window. 2 Select one or more computers in the selected computer list. 3 Choose Report > Software Difference. 4 Select the software type you want to compare. Selecting Applications compares all executable applications. You can limit which folder on the administrator computer Remote Desktop uses to look for applications.
Getting Serial Numbers Although there is no specific serial number report for Apple Remote Desktop, the serial number of any client is in the Computer section of the System Overview Report. In addition to using Apple Remote Desktop to retrieve a computer’s serial number, you could use the command-line tool systemprofiler with Apple Remote Desktop’s Send UNIX Command feature. To generate a serial number report: 1 Select a computer list in the Remote Desktop window.
Getting FireWire Device Information The FireWire Devices report gets information about FireWire devices connected to the client computer. It can get the following information from a device:  Manufacturer  Model  Device speed  Software version  Firmware revision For more information about FireWire Devices report options, see “Report Field Definitions Reference” on page 165. The number of attached FireWire devices can also be found in the Devices section of System Overview report.
To generate a USB Devices report: 1 Select a computer list in the Remote Desktop window. 2 Select one or more computers in the selected computer list. 3 Choose Report > USB Devices. 4 Select the USB device information desired. 5 To search using new data, select Rebuild Data For Report. 6 Click Get Report. The newly generated report window appears. Getting Network Interface Information The Network Interfaces report gets information for all network interfaces, including inactive interfaces.
Getting Memory Information The Memory report gets specific information about the installed memory in a client computer. In addition to reporting how much memory the client has, it shows information about each memory module, including the module’s:  Slot identifier  Size, type, and speed Memory reports can be used for managing computer resources, hardware troubleshooting, or deciding which client computer can handle a memory-intensive application or task.
To generate a PCI Cards report: 1 Select a computer list in the Remote Desktop window. 2 Select one or more computers in the selected computer list. 3 Choose Report > PCI Cards. 4 Select the PCI card information desired. 5 To search using new data, select Rebuild Data For Report. 6 Click Get Report. The newly generated report window appears. Testing Network Responsiveness Apple Remote Desktop can test network responsiveness between your administrator computer and client computers.
Here are some suggestions for evaluating your network performance based on this report: Â The number of routers between your computer and another computer can affect the time the packets take to return. When you evaluate the times for a computer, you should compare them to the times for a computer in the same area of the network or with the same number of intervening routers.
 Unicode (UTF-16): Best choice if the report contains Asian language characters. 7 Select a field separator.  Tab: Inserts a Tab character between column values.  Comma: Inserts a comma between column values. 8 If you have selected only some rows of the report and want to export only the selected rows, select Export Selected Items Only. 9 Click Save.
Maintaining Systems Apple Remote Desktop provides easy and powerful tools for maintaining client computers, including tasks such as deleting files, emptying the Trash, and setting computer startup options. Deleting Items If you delete a file from a client computer, it is moved to the client’s Trash. To delete an item from a client: 1 Select a computer list in the Remote Desktop window. 2 Select one or more computers in the selected computer list. 3 Choose Report > File Search.
Emptying the Trash Apple Remote Desktop allows you to empty the Trash on clients to free up disk space. To find out how much free disk space is on a computer, create a System Overview or Storage report using the Report menu. As a part of routine maintenance for client computers, you can free disk space by emptying the Trash. Emptying the Trash completely removes any items you’ve previously deleted on the client.
If you select Restart When Done, the client computer will restart after having its startup volume set. You need to have Restart privileges to use this option. 8 Click Set. Renaming Computers Apple Remote Desktop can set the name that a client computer uses for file sharing. You can rename multiple computers with the same name followed by a number (such as Computer1, Computer2, and so on). This is especially useful for differentiating client computers after a clean system installation.
To synchronize client computer clocks: 1 Select a computer list in the Remote Desktop window. 2 Select one or more computers in the selected computer list. 3 Choose Manage > Send UNIX Command. 4 Use the provided Templates for Send UNIX Command to set the time server (see “Send UNIX Command Templates” on page 143 for more information). a Select System Setup > Network Time from the Template pop-up menu. b Click Send. c Select System Setup > Network Time Server from the Template pop-up menu.
5 Alternatively, manually enter the UNIX command. a Type or paste the following UNIX command: osascript -e 'set volume output volume any_number_from_0-100' b or for Mac OS X v.10.3 clients enter or paste the following: osascript -e 'set volume any_number_from_0-7' 6 Click Send. Repairing File Permissions Sometimes a client’s system file permissions can be corrupted or changed from their expected values. In such a case, it may be necessary to manually repair the permissions on the client.
4 Type or paste the following UNIX command (replace /Path_To_Application with your own path to the desired application, and be sure to include the application file extension, .app): defaults write com.apple.
a Type or paste the following UNIX command: systemsetup -setsleep minutes number_of_minutes_to_sleep -setwakeonmodem (on | off) -setwakeonnetworkaccess (on | off) -setrestartpowerfailure (on | off) -setrestartfreeze (on | off) b Set the permissions for this command to root. 6 Click Send. Changing Sharing Preferences for Remote Login Mac OS X’s Sharing System Preference pane allows you to enable or disable SSH login access to the computer.
To set up printer preferences using Copy Items: 1 Set up a client computer’s print preference using the Printer Setup Utility. 2 Use the Copy Items task to copy the following file and folder to all the target computers: /private/etc/cups/printers.conf /private/etc/cups/ppd/ Because these files are hidden in the Finder, you may have to use the Terminal or the Finder’s “Go to Folder” command to add them to the “Items to copy” list. 3 Choose a “Same relative location” as the copy destination.
Managing Computers Using Apple Remote Desktop, you can control multiple client computers simultaneously, issuing commands that are found in Mac OS X’s Apple menu (Log Out, Sleep, Restart, etc.), as well as other commands. Opening Files and Folders Apple Remote Desktop can open existing items (files, folders, and applications) on client computers.
To open an item: 1 Select a computer list in the Remote Desktop window. 2 Select one or more computers in the selected computer list. 3 Choose Manage > Open Items. 4 Click the Add (+) button and browse for the item on the administrator computer. Alternatively, drag the item from the administrator computer’s Finder to the Open Items dialog. 5 Click Open when the item is selected. The Open Items dialog shows the icon and name of the item to open. 6 Click Open.
Quitting Applications Without Logging Out the User Apple Remote Desktop can quit running applications on client computers. You can quit both Mac OS X and Classic applications with this command. The administrator must be able to use the Send UNIX Command on the client computer. You can get more information on the killall command by seeing its man page. Note: Unsaved changes to documents on the client will be lost. To quit an open application: 1 Select a computer list in the Remote Desktop window.
Waking Up a Computer Apple Remote Desktop can wake up computers that have gone to sleep or been put to sleep with Remote Desktop. To wake a computer using Remote Desktop, the computer’s networking hardware must support waking via network packet (wakeonlan), and the computer must have “Wake For Ethernet Network Administrator Access” enabled in the Wake Options of Energy Saver preferences. You cannot wake up computers connected to the network via AirPort or computers not located on your local subnet.
To lock a computer screen: 1 Select a computer list in the Remote Desktop window. 2 Select one or more computers in the selected computer list. 3 Choose Interact > Lock Screen. 4 Enter a message to be displayed on the locked screen, if desired. 5 Click Lock Screen. The client screen goes black, except for the administrator’s name, the default picture, and any message text.
Disabling a Computer Screen Sometimes you may want to control a client computer with a user at the client computer, but you don’t want the user to see what you’re doing. In such a case, you can disable the client computers screen while preserving your own view of the client computer. This is a special control mode referred to as “curtain mode.” You can change what’s “behind the curtain” and reveal it when the mode is toggled back to the standard control mode. This feature only works with Mac OS X v.10.
keystroke return end tell EndOfMyScript 5 Choose user “root” to run the command. 6 Click Send. The client computer executes the script. Logging Out the Current User Apple Remote Desktop can log out the current user on a client computer. Other users, besides the current active user, who are logged in using Fast User Switching are not logged out using this command. Using this command returns the client computer to the login window. Unsaved work will stop the logout process.
Shutting Down a Computer Apple Remote Desktop can shut down a client computer. This has the same result as choosing the Shut Down command from the client computer’s Apple menu. Note: If you shut down an Apple Remote Desktop client, you cannot start it up using Remote Desktop. This command is especially useful when used with Energy Saver preferences. You can set your client computers to start up every morning at a designated time and use Remote Desktop to shut them down at night.
UNIX Shell Commands In addition to its own tasks, Apple Remote Desktop provides a way to easily execute UNIX commands on client computers. In order to send UNIX commands to the client computers, the client computers must have the BSD subsystem installed. The UNIX commands are shell command, which means you can write a script with conditionals, loops, and other functions of the shell, and not just send a single command.
For more information about Task Templates, see “Creating and Using Task Templates” on page 100.
Executing a Single UNIX Command Using the UNIX Command window, you can send a single command to the selected client computers. The command is executed using the bash shell. To execute a single UNIX command: 1 Select a computer list in the Remote Desktop window. 2 Select one or more computers in the selected computer list. 3 Choose Manage > Send UNIX Command. 4 Type or paste the command. If your command is a multi-line script, enter each command on its own line.
To copy and execute a script: 1 Prepare and save your script. Make sure your script is saved as plain text with UNIX line breaks. 2 Open Remote Desktop. 3 Select a computer list in the Remote Desktop window. 4 Select one or more computers in the selected computer list. 5 Use the Copy Items command to copy your script to the client computers. See “Copy Options” on page 107 and “Copying from Administrator to Clients” on page 108 for more information.
Alternatively, you could use a UNIX “read standard input” redirection which looks like: osascript <
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/ networksetup -help  For Mac OS X v.10.4 clients use the following from Send UNIX Command: networksetup -help A few of the capabilities of networksetup are listed below. flag description -listallnetworkservices Displays a list of all the network services on the server’s hardware ports. An asterisk (*) denotes that a network service is disabled.
flag description -setwebproxy networkservice domain portnumber (on | off) [username password] Set Web proxy for a network service with domain and port number. Turns proxy on. Optionally, specify on or off to enable and disable authenticated proxy support. Specify username and password if you turn authenticated proxy support on. Example: networksetup -setwebproxy “Built-In Ethernet” proxy.company.
Flag Description -setremotelogin ( on | off ) Sets remote login (SSH) to either on or off. Important If you turn off remote login, you won’t be able to administer the server using SSH for remote login. Example: systemsetup -setremotelogin on -setrestartfreeze ( on | off ) Use this command to specify whether the server restarts automatically after the system freezes.
Any command in the Mac OS X Server command-line guide that uses systemsetup can be used in Remote Desktop using the Send UNIX Command task. Using kickstart The kickstart command-line utility is embedded within the Apple Remote Desktop client software. It allows you to install, uninstall, activate, configure, and restart components of Apple Remote Desktop without restarting the computer. You can configure all the features found in the Remote Desktop section of the Sharing System Preferences.
 Deactivate Remote Desktop access for a computer: $ sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/ Contents/Resources/kickstart -deactivate -configure -access -off Automating Functions You can automate any command or function in Remote Desktop. Additionally, Remote Desktop supports scripting (either UNIX or AppleScript) to help automate their client management.
The user accounting data includes all possible reported information for the following report: Â User History The application usage data includes all possible reported information for the following report: Â Application Usage To set a client’s data reporting policy: 1 Select a computer list in the Remote Desktop window. 2 Select one or more computers in the selected computer list. 3 Choose File > Get Info. 4 If you have selected only one computer, select the Data Settings tab, and click the Edit button.
To set the default data reporting policy template: 1 Choose Remote Desktop > Preferences. 2 Select Task Server. 3 Check which additional data types the clients will collect: Application Usage Data, User Accounting Data, or both. 4 Check “Upload report data to the Task Server on a schedule.” 5 Click Change Schedule. 6 Choose the day or days the data collection should occur. 7 Set the time at which the collection should occur.
To set the Task Server location: 1 Open Remote Desktop. 2 Choose Remote Desktop > Preferences. 3 Click Task Server. 4 If you want to use the database on this administrator computer, select “Use Task Server on this computer.” 5 If you use your Remote Desktop administration computer as a Task Server on the local administrator computer, click “Allow remote connections to this server.” 6 If you want to use a database on another administrator computer, select “Use remote Task Server.
8 Click OK. 9 Save the task and choose where the task will appear in the Remote Desktop window. Editing Scheduled Tasks Once saved, a task can be changed and all future executions of the task will reflect the changes. You may want to edit which computers are affected by the task or any other task parameter. To edit a task schedule: 1 Double-click a scheduled task in the Remote Desktop window. 2 Edit the task, as needed. 3 Click the Schedule Task button. 4 Edit the task schedule, as needed. 5 Click OK.
Remote Desktop’s AppleScript Basics AppleScript scripts consist of commands that are sent to objects. Objects can be a wide variety of things, including applications, scripts, windows, settings, or the Finder. These objects can receive a specific set of commands and respond with the desired actions. Essentially, a script tells an application (Remote Desktop in this case) to either complete a certain task or retrieve information.
This entry tells you what the verb can act on and how. This entry says that Remote Desktop can add a specified computer to a computer list. The objects “computer” and “computer list” are being acted upon by “add.” To access the full AppleScript dictionary for Remote Desktop: 1 Launch Script Editor in the /Applications/AppleScript/ folder. 2 Select File > Open Dictionary. 3 Choose Remote Desktop. 4 Click Open.
-- perform the task execute clean_task on these_computers -- empty the trash afterward execute (make new empty trash task) on these_computers -- unlock the screen when finished execute (make new unlock screen task) on these_computers end tell Using Automator with Remote Desktop Accomplish all of your time-consuming, repetitive manual tasks quickly, efficiently, and effortlessly with Automator workflows. It’s simple to create custom workflows just by dragging items, pointing, and clicking.
Using Automator actions, you can even create your own interfaces to Apple Remote Desktop functions without having to give users access to Remote Desktop. For instance, say you wanted to give all your teachers a tool to lock and unlock screens in their classrooms. You still need to configure Remote Desktop and set up computer lists, but instead of giving the teachers all access to Remote Desktop, you can create an Automator plug-in or application.
Icon and Port Reference A Appendix A The following tables illustrate some of the icons found in the main window of Remote Desktop. The final table shows which network port numbers are in use by Apple Remote Desktop. Client Status Icons The following icons appear next to the names of computers in a scanner search results list. The icons show the status of each computer in the list.
List Menu Icons The following icons are used in the Apple Remote Desktop list area of Remote Desktop’s main window. Icon What it means Master list Apple Remote Desktop list Smart list Scanner Active Task list Task History list Task Server queue Task Status Icons The following icons are used in task list areas of Remote Desktop’s main window.
System Status Icons (Basic) The following icons are shown as initial high-level status indicators for observed client computers. Icon Indicates or One or more service statistic is red. This takes precedence over any yellow or green indicator. or One or more service statistic is yellow This takes precedence over any green indicator Service is operating within established parameters. No service informaiton available.
Service Icon Status Over 95% used No status information is available TCP and UDP Port Reference Apple Remote Desktop uses the following TCP and UDP ports for the functions indicated.
Report Field Definitions Reference B Appendix B The following sections describe the available fields in some of the Apple Remote Desktop reports. For information on generating reports, see “Creating Reports” on page 111. The file search reports (File Search, Software Version, and Software Difference) are not included because their fields closely match those already found in the Finder.
List category Field name Notes or example Velocity Engine Yes/No L2 Cache Size In KB L3 Cache Size In KB Machine Model Memory In KB Empty RAM Slots PCI slots Used Processor Count CPU Type Internal value Sales Order Number VM Size Total RAM Slots Devices ATA Device Count Firewire Device Count Keyboard Connected Mouse Connected Optical Drive Type SCSI Device Count USB Device Count Display 2nd Monitor Depth In bits 2nd Monitor Type 2nd Monitor Resolution Pixels horizontal and vertical Monit
List category Field name Notes or example Primary Network Hardware Address Primary Network Input Errors Primary Network Input Packets Primary Network Output Errors Primary Network Output Packets Primary Network Preferences Printing Sleep Display Yes/No Sleep Hard Disk Yes/No Sleep Computer Yes/No Wake for Ethernet Access Yes/No Printer Name Printer Sharing Yes/No Printer Type Printer Version Remote Desktop Computer Info #1 Computer Info #2 Computer Info #3 Computer Info #4 Sharing Software
Storage Report List category Field name Hardware Options Drive Manufacturer Notes or example Drive Model Drive Revision Drive Protocol Removable Yes/No Serial Number Logical Unit Number Detachable Volume Options Creation date UNIX GMT format Disk Name Macintosh HD File Count Folder Count Total Disk Space Free Space In KB, MB, or GB Startup Disk File System Options UNIX Mount Point /dev/disk0s10 Disk Format HFS, HFS+, UFS Owner Group Yes/No Permission Modes Permissions Yes/No Write Acc
USB Devices Report Field name Notes or example Product Name Product ID Vendor ID Vendor Name Device Speed 1.5Mb, 12Mb Bus Power In mA Date collected FireWire Devices Report Field name Notes or example Device Speed 200, 400, 800 Mbits per second Software Version Manufacturer Model Firmware Revision Date collected Memory Report Field name Notes or example Slot Identifier DIMM0/J21 Size In MB Speed PC133-222 (Mac OS X 10.
Field name Notes or example ROM Revision Displays only Card Revision Card Memory Displays only Date collected Network Interfaces Report List category Field name Notes or example Network Overview Name Location name Active Yes/No Primary Yes/No Configured With Ethernet Hardware Address 00:30:65:01:79:EC Interface Name en0 Flags Active Interface Domain Router Address IP Address Broadcast Address DNS Server Subnet Mask IP Addresses Broadcast Addresses DNS Servers Subnet Masks Network St
List category Field name Notes or example Output Queue Stall Count Ethernet Statistics Ethernet Alignment Errors Ethernet FCS Errors Frame Check Sequence errors Ethernet Single Collision Frames Ethernet Multiple Collision Frames Ethernet SQE Test Errors “heartbeat” test errors Ethernet Deferred Transmissions Ethernet Late Collisions Ethernet Excessive Collisions Ethernet Internal MACTransmit Errors Ethernet Carrier Sense Errors Ethernet Frame Too Long Ethernet Internal Mac Receive Errors Ethernet Ch
List category Field name Notes or example Ethernet Transmitter Resource Errors Ethernet Collision Frequencies Network Test Report Field name Notes or example Computer Computer sharing name Min,. Time Shortest time for ping response Max. TIme Longest time for a ping response Avg. Time Average time for ping response Lost Packets Number of pings without a response Total Packets Number of pings sent.
List category Field name Notes or example General Version Apple Remote Desktop version and build number Last Contacted Relative date Application Usage Report Field name Notes or example Computer name File sharing computer name Name Application name Launch date 24 hour local time and date Total run time Length of time the application was running Frontmost Length of time the application was the frontmost application User name Short user name of application process owner State What the a
AppleScript Remote Desktop Suite C This appendix shows the contents of Remote Desktop’s AppleScript Dictionary. This appendix is not a substitute for the AppleScript Dictionary view in Script Editor. It is included as a quick reference so that AppleScript commands might be found by a search of PDF contents. The Dictionary itself has the most recent information about scriptable objects and events in Remote Desktop, and better usability. Classes and Commands for the Remote Desktop Application.
application n [inh. application; see also Standard Suite]: Remote Desktop’s top level scripting object.
copy items task n [inh. task > item]: Copy items to the target computers. ELEMENTS contained by application. PROPERTIES bandwidth limit (integer): Network usage limit in kilobytes per second (0 = unlimited). conflict resolution (ask what to do/rename the existing item/rename the item being copied/replace/replace if older): Specifies what to do if the item(s) already exist in this location. copy items (list): A list of files and/or folders to copy.
empty trash task n [inh. task > item]: Empty the trash on the target computers. ELEMENTS contained by application. install package task n [inh. task > item]: Install package(s) on the target computers. ELEMENTS contained by application. PROPERTIES after installing (attempt restart/do nothing/force immediate restart): Specifies what to do after installing the package(s). bandwidth limit (integer): Network usage limit in kilobytes per second (0 = unlimited).
naming uniquely (boolean): Should each machine be forced to have a numerically unique name target name (Unicode text): The new name for the computer. restart task n [inh. task > item]: Restart the target computers. ELEMENTS contained by application. PROPERTIES user can save changes or cancel (boolean): Is the user allowed to save changes or cancel the restart send message task n [inh. task > item]: Send a text message to the target computers. ELEMENTS contained by application.
share screen task n [inh. task > item]: Share a computers screen to the target computers. ELEMENTS contained by application. PROPERTIES source computer (computer): The computer (other than the admin) whose screen to share. shutdown task n [inh. task > item]: Shutdown the target computers. ELEMENTS contained by application. PROPERTIES user can save changes or cancel (boolean): Is the user allowed to save changes or cancel the shutdown sleep task n [inh. task > item]: Put the target computers to sleep.
PostgreSQL Schema Sample D This chapter contains SQL commands to assist SQL programmers in obtaining the database schema used in Apple Remote Desktop’s report database. You can use this knowledge about the schema to create your own applications that access Apple Remote Desktop report information. Sample list of main database schema Command: /System/Library/CoreServices/RemoteManagement/rmdb.bundle/bin/psql -U ard -c "\\d propertynamemap" ard Output: Table "public.
lastupdated | timestamp with time zone | Sample list of property names Command: /System/Library/CoreServices/RemoteManagement/rmdb.
A aborting a task 98 access changing privileges 69 group-based 62 via local account 61 Access Privileges 59 adding Dock items 131 administrator announce 92 Apple keyboard keys 79 Apple Remote Desktop menu icon 94, 95 application use report 115 asset tracking application use 115 FireWire devices 121 hardware 119 management 118 memory 123 PCI cards 123 software 118 software changes 118 USB devices 121 B basic file copy 108 best practices networking 71 reporting 113–114 security 73 C chat 92 cleaning up h
G General preferences 36 group-based authorization 65 guest access 65 H hard disk maintenance 131 hardware asset management 119 Help Desk Mode.
Automator 159 Secure Screen Blanking. See curtain mode.
