Presentation is loading. Please wait.

Presentation is loading. Please wait.

June 5, 2013 XenClient Enterprise 5.0 Engine VNC Remote Access.

Published byJared Williamson Modified over 9 years ago

Similar presentations

Presentation on theme: "June 5, 2013 XenClient Enterprise 5.0 Engine VNC Remote Access."— Presentation transcript:

1 June 5, 2013 XenClient Enterprise 5.0 Engine VNC Remote Access

2 Copyright 2013 Citrix Page 2 XenClient Enterprise 5.0 Engine VNC Remote Access Table of Contents VNC Engine Remote AccessPage 3 Engine Policy VNC ConfigurationPage 4 Engine Policy Override (Owned Computers)Page 5 Engine Policy Override (Unowned Computers)Page 6 Engine Update Check RequiredPage 7 Manual Engine Update CheckPage 8 VNC SoftwarePage 9 Connecting to Engine with VNC ViewerPage 10 Engine IP AddressPage 11 VNC and Engine LoginPage 12 VNC and Engine RebootPage 13 VNC TimeoutPage 14 VNC Connection NotificationPage 15 VNC Connection AuthorizationPage 16 VNC Password RecoveryPage 17 Switching Between Engine and VMPage 18

3 Copyright 2013 Citrix Page 3 XenClient Enterprise 5.0 Engine VNC Remote Access VNC Engine Remote Access Overview Disabled by default, can only be enabled in the Synchronizer. Allows remote access to managed computers at the Engine level. Very useful for providing remote assistance to end users. Frequently used by Citrix technical support for remote troubleshooting. Limitations Requires a direct network connection to the Engine. The Engine computer must have a monitor attached. VNC may be considered insufficiently secure in some environments. Alternatives GoToMeeting/GoToAssist: Great for remote access to VMs. But can’t be used to access the Engine itself. Intel AMT: Platform-level VNC access with better security. Part of the Intel vPro feature set.

4 Copyright 2013 Citrix Page 4 XenClient Enterprise 5.0 Engine VNC Remote Access Engine Policy VNC Configuration VNC access is enabled by updating the Engine policy in Synchronizer. This will enable VNC access for all computers assigned to the policy. VNC access cannot be enabled to unregistered computers. In the Policies section, select the Engine policy to be updated, then select the Support vertical tab. Enable VNC remote access and enter a strong VNC password. Then save the policy changes.

5 Copyright 2013 Citrix Page 5 XenClient Enterprise 5.0 Engine VNC Remote Access Engine Policy Override (Owned Computers) In the Users section, select the user registered to the computer. Then select the Policies tab. VNC access can be enabled for a specific computer by overriding the Engine policy configuration. This method can also be used to set a different VNC password for a specific computer. For owned computers, the Engine policy is associated with the User, not the Computer. Select the Support vertical tab. Enable VNC access and set a strong password, then save the policy override settings. This flag icon indicates the Support section of the Engine policy has been overridden.

6 Copyright 2013 Citrix Page 6 XenClient Enterprise 5.0 Engine VNC Remote Access Engine Policy Override (Unowned Computers) Select the unowned computer in the Computers section, then select the Policies tab. VNC access can be enabled for a specific computer by overriding the Engine policy configuration. This method can also be used to set a different VNC password for a specific computer. For unowned computers, the Engine policy is associated with the Computer, not with a User. Select the Support vertical tab. Enable VNC access and set a strong password, then save the policy override settings. This flag icon indicates the Support section of the Engine policy has been overridden.

7 Copyright 2013 Citrix Page 7 XenClient Enterprise 5.0 Engine VNC Remote Access Engine Update Check Required When Will VNC Access be Enabled? Not until Engine checks for updates with Synchronizer to get the policy update. If Engine can’t communicate with Synchronizer, then VNC access can’t be enabled. Automatic Update Check The computer will automatically check for updates with Synchronizer. Update check interval defined in Engine policy (Activity Center section, see below). Default update check interval is 10 minutes but should be higher for large deployments. Recommended minimum value: N/20 where N is total number of registered computers. But no less than 10 minutes. Excessive update checks can cause performance issues in the Synchronizer. Manual Update Check A manual update check can be initiated from the Engine (see next page). If access to the Engine is not available, must wait for next automatic update check.

8 Copyright 2013 Citrix Page 8 XenClient Enterprise 5.0 Engine VNC Remote Access Manual Engine Update Check There is also a shortcut to the Activity Center on the Engine launcher screen. To check for updates manually on the Engine: Hover to the right of the Control Panel icon. A menu will appear. Choose “Check for Updates”. Or from the Engine control panel: Select the “Tools by Category” view. Launch the Activity Center applet. Click the “Check for Updates button.

9 Copyright 2013 Citrix Page 9 XenClient Enterprise 5.0 Engine VNC Remote Access VNC Software VNC Viewer Software VNC Viewer (client) software is needed for remote access to XCE computers. Synchronizer does not include a VNC Viewer, one must be installed separately. Compatible VNC Products The following VNC products have been known to work: TightVNC (recommended): http://www.tightvnc.comhttp://www.tightvnc.com RealVNC: http://www.realvnc.comhttp://www.realvnc.com UltraVNC: http://www.uvnc.comhttp://www.uvnc.com Free open-source versions are available for download. Purchasing the software is recommended if it is found to be useful. VNC Server Software VNC products may also include a VNC Server component. Installing the VNC Server is not recommended and not required for remote access to XCE computers. It may be necessary to use a “custom installation” option to install the VNC Viewer without VNC Server (example shown for the TightVNC installer).

10 Copyright 2013 Citrix Page 10 XenClient Enterprise 5.0 Engine VNC Remote Access Connecting to Engine with VNC Viewer Start the VNC Viewer and connect to the Engine by IP address. A password challenge should appear. Enter the password set for VNC access in the Engine policy. The VNC viewer should connect to the Engine and display the Engine desktop.

11 Copyright 2013 Citrix Page 11 XenClient Enterprise 5.0 Engine VNC Remote Access Engine IP Address The Engine IP address is displayed in the Engine networking control panel. The Engine IP address is also displayed in the Synchronizer console. If the Engine connects to Synchronizer across a network router: The IP address displayed in the Synchronizer console may be incorrect. It may be the IP address of the router instead of the Engine. The IP address displayed in the Engine will always be correct.

12 Copyright 2013 Citrix Page 12 XenClient Enterprise 5.0 Engine VNC Remote Access VNC and Engine Login For Unencrypted Computers: VNC access to Engine is possible while Engine is waiting for user login. Once connected with VNC, a remote user may login to Engine through the VNC session. VNC access does not bypass the need to login to the Engine. But if VNC Connection Authorization is enabled, VNC can’t connect until a user logs into the Engine and accepts the VNC connection.VNC Connection Authorization For Encrypted Computers: VNC access cannot be used to unlock disk encryption. Encryption can only be unlocked with a physical keyboard connected to the computer. VNC access is not enabled until after encryption is unlocked and the Engine is fully booted.

13 Copyright 2013 Citrix Page 13 XenClient Enterprise 5.0 Engine VNC Remote Access VNC and Engine Reboot If an Engine computer is rebooted (restarted) from a VNC connection: Unencrypted Computers The VNC viewer will disconnect when the computer shuts down. Engine VNC access should automatically restart when the computer restarts. The VNC viewer should be able to connect back to the computer in a few minutes. But if VNC Connection Authorization is enabled, VNC can’t connect until a user logs into the Engine and accepts the VNC connection.VNC Connection Authorization Encrypted Computers The VNC viewer session will terminate when the computer shuts down. When the computer restarts, it will stay at the encryption unlock screen until the encryption password is entered. VNC access does not restart until after encryption unlock and the Engine is fully booted.

14 Copyright 2013 Citrix Page 14 XenClient Enterprise 5.0 Engine VNC Remote Access VNC Timeout The Support section of the Engine policy includes a VNC timeout setting. Prevents VNC access from being enabled when it shouldn’t be. When Engine VNC access is enabled: Engine periodically checks with Synchronizer to see if VNC access should remain enabled. If Engine is unable to perform this check, a timer is started for VNC timeout. If Engine is still unable to check with Synchronizer after the VNC timeout expires, then Engine will disable VNC access. If the Synchronizer is offline for an extended period of time: Eventually all Engine computers will disable VNC access due to VNC timeout. This effect can be mitigated by setting the VNC timeout very high. Only recommended for computers on trusted networks. This refers to communication between Engine and Synchronizer.

15 Copyright 2013 Citrix Page 15 XenClient Enterprise 5.0 Engine VNC Remote Access VNC Connection Notification On the Engine, a pop-up message is displayed for a VNC connection. This is simply a notification. Click on the message to dismiss it. The message should appear even if a VM is in the foreground. The notification can be disabled in the Engine policy Launcher section. By un-checking the Display Pop Up Messages checkbox. But this will disable all pop-up messages on the Engine. Uncheck to disable VNC notification and all other Engine pop-up messages.

16 Copyright 2013 Citrix Page 16 XenClient Enterprise 5.0 Engine VNC Remote Access VNC Connection Authorization Check to enable user authorization of VNC connections to Engine. VNC connection authorization can be enabled in the Support section of the Engine policy. By checking the Accept Support Connection check box. This allows the end-user to accept or reject the VNC connection. With VNC connection authorization enabled, a pop-up message is displayed when a remote user tries to connect to Engine. By default, this message is not displayed and the end-user cannot reject the VNC connection. This message is displayed and must be accepted before the VNC viewer will prompt the remote user for the VNC password.

17 Copyright 2013 Citrix Page 17 XenClient Enterprise 5.0 Engine VNC Remote Access VNC Password Recovery In the Engine policy, the VNC password is usually hidden. To view the VNC password in plain text, check the Show Password Value checkbox. The VNC password will be hidden again if the browser is restarted or refreshed. Only an Administrator with the proper Synchronizer role is able to view the VNC password.

18 Copyright 2013 Citrix Page 18 XenClient Enterprise 5.0 Engine VNC Remote Access Switching Between Engine and VM This should switch to the Engine launcher screen. A similar process can be used for other key combinations with Ctrl and Alt. On some VNC viewers (including TightVNC), the Ctrl and Alt buttons are sticky so make sure to unset them when done. With a VM in the foreground, Ctrl-Down is used to display the Engine launcher screen. Sometimes the Ctrl key isn’t passed through the VNC Viewer to the Engine. If this happens: Click the Ctrl button on the VNC viewer: Then press the Down button on the keyboard. This is for TightVNC. Other VNC viewers may have different controls.

Download ppt "June 5, 2013 XenClient Enterprise 5.0 Engine VNC Remote Access."

Similar presentations

PC Encryption installation progress/password screen Includes comments from: Encryption team Sarah Deane Tony Stieber Selected people who took part in the.

PC Encryption installation progress/password screen Includes comments from: Encryption team Sarah Deane Tony Stieber Selected people who took part in the.
FILEMAKER SERVER SOFTWARE & REMOTE ADMINISTRATION

FILEMAKER SERVER SOFTWARE & REMOTE ADMINISTRATION
General Operation and Facts As of 3/24/2014. Virtual Desktop 1. What is a Virtual Desktop? 2. Why VDI? 3. Installing the Virtual Desktop 4. Accessing.

General Operation and Facts As of 3/24/2014. Virtual Desktop 1. What is a Virtual Desktop? 2. Why VDI? 3. Installing the Virtual Desktop 4. Accessing.
X-Call Version V3.0 User Guide

X-Call Version V3.0 User Guide
VMWare Workstation Installation. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *Note: The following instructions.

VMWare Workstation Installation. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *Note: The following instructions.
Tutorial on Basic Usage

Tutorial on Basic Usage
Web Filtering. ExchangeDefender Web Filtering provides policy-controlled protection from dangerous content on the web. Web Filtering is agent based, allowing.

Web Filtering. ExchangeDefender Web Filtering provides policy-controlled protection from dangerous content on the web. Web Filtering is agent based, allowing.
DAP-1520 FAQ’s Wireless AC750 Dual Band Range Extender.

DAP-1520 FAQ’s Wireless AC750 Dual Band Range Extender.
KX-NS1000 Initial Set Up For step by step : 16 May, 2012 1.

KX-NS1000 Initial Set Up For step by step : 16 May,
X-Call Version 2.0 user guide A manual to explain how to identify arrived patients and call into a preferred location. www.jayex.com A manual to explain.

X-Call Version 2.0 user guide A manual to explain how to identify arrived patients and call into a preferred location. A manual to explain.
Lesson 17: Configuring Security Policies

Lesson 17: Configuring Security Policies
15.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 15: Configuring a Windows.

15.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 15: Configuring a Windows.
NxPrep: Installing Virtual Machine Images on Engine

NxPrep: Installing Virtual Machine Images on Engine
NetAcumen ActiveX Download Instructions

NetAcumen ActiveX Download Instructions
XenClient Enterprise 4.5 Network Bandwidth Policies.

XenClient Enterprise 4.5 Network Bandwidth Policies.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.
DHP-306AV & DHP-W306AV. Agenda: How to change Encryption on a DHP-306AV How to change the Device Password on a DHP-306AV What will happen if the Device.

DHP-306AV & DHP-W306AV. Agenda: How to change Encryption on a DHP-306AV How to change the Device Password on a DHP-306AV What will happen if the Device.
Getting Started with Linux: Novell’s Guide to CompTIA’s Linux+ (Course 3060) Section 2 Use the Linux Desktop.

Getting Started with Linux: Novell’s Guide to CompTIA’s Linux+ (Course 3060) Section 2 Use the Linux Desktop.
Terminal Server © N. Ganesan, Ph.D.. Reference Thin-Client Concept Thin-Client concept tutorial.

Terminal Server © N. Ganesan, Ph.D.. Reference Thin-Client Concept Thin-Client concept tutorial.

Similar presentations

Ads by Google