Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)
We currently use PC Anywhere where we as helpdesk operators are able to take
control of an existing session on a remote PC without user interaction.
This is protected by way of authentication in the PC Anywhere client using
Windows Authentication and so is secure.
The drawback however is that it is slow compared to RDP.
Remote assistance, through policy, requires TWO methods of authentication -
first enabling the policy to allow remote offers to be sent, and *then*
having to specify the allowed users and grous, yet the user still must accept
the offer for remote assistance... This I cannot understand.
In this article
(http://www.microsoft.com/technet/itsolutions/msit/deploy/hlpratcs.mspx), MS
itself states that it added this policy to reduce the time taken to get hold
of the machine due to the user previously having to first create the invite.
Why not have an additional policy which allows up to take control of the
machine without user intervention? There are already two methods of
protection to stop unauthorised access.
Sometimes this MS security push really sacrifices usability. There are many
situations where helpdesk staff would like to get hold of an *existing*
session, however don't want to have to worry about the user having to accept
it first.. In most cases they have already rung up to indicate a problem, so
why make them have to again allow us to take hold of their machine? In
others, the user is not in attendance and has left the machine in its current
state for us to inspect, such as after hours or at lunch breaks.
It just doesn't make sense that we are able to set global security settings
throughout our coporation through policy which over-rides everything, yet can
be over-riden by a user simply clicking a box?
Are MS thinking of releasing a commercial product to rival other products
which already offer this is as standard functionality? If that why we can't
do this?
We currently use PC Anywhere where we as helpdesk operators are able to take
control of an existing session on a remote PC without user interaction.
This is protected by way of authentication in the PC Anywhere client using
Windows Authentication and so is secure.
The drawback however is that it is slow compared to RDP.
Remote assistance, through policy, requires TWO methods of authentication -
first enabling the policy to allow remote offers to be sent, and *then*
having to specify the allowed users and grous, yet the user still must accept
the offer for remote assistance... This I cannot understand.
In this article
(http://www.microsoft.com/technet/itsolutions/msit/deploy/hlpratcs.mspx), MS
itself states that it added this policy to reduce the time taken to get hold
of the machine due to the user previously having to first create the invite.
Why not have an additional policy which allows up to take control of the
machine without user intervention? There are already two methods of
protection to stop unauthorised access.
Sometimes this MS security push really sacrifices usability. There are many
situations where helpdesk staff would like to get hold of an *existing*
session, however don't want to have to worry about the user having to accept
it first.. In most cases they have already rung up to indicate a problem, so
why make them have to again allow us to take hold of their machine? In
others, the user is not in attendance and has left the machine in its current
state for us to inspect, such as after hours or at lunch breaks.
It just doesn't make sense that we are able to set global security settings
throughout our coporation through policy which over-rides everything, yet can
be over-riden by a user simply clicking a box?
Are MS thinking of releasing a commercial product to rival other products
which already offer this is as standard functionality? If that why we can't
do this?
Facebook
Twitter
Instagram