Support
Authorization

Newsletter

  Settings

Paul B (All user's messages)

 

Forums list
New topics
Search
Rules
Help
Login: 
Register

All user's messages
Forum::
Added::Select date in calendarSelect date in calendar
 

Author's messages in topic: 1
Topic: «Windows Security, How to configure?» on forum: Network management general discussion
Posted:
04/30/2009 07:46:15
Go to
I don't know too much about the Radmin security mechanism, but it seems that Radmin security is _only_ a mechanism to allow you to authenticate a connection to Radmin Server on the remote machine. I don't think there's any functional authorisation involved once you're authenticated.

So I think that using Radmin Windows security simply allows you to authenticate your machine access using a Windows user on the remote machine. Once you have (for example) a Radmin in Full Control session then the user rights on that remote machine have no bearing on what you are authorised to do in within the Radmin session.

Furthermore, as you have discovered, the Radmin session simply gives you a view of the current desktop; effectively sharing a session with any currently logged on user. It does not give you a separate session on the remote machine.

So in your scenario it sounds like you need to carefully manage your access. You would have one user connecting at a time and have them log off afterwards. That way another user can connect (regardless of whether Radmin Server is configured with Radmin security or Windows security) and then log on to the PC with their own Windows credentials.

There have been a few threads an here recently about limiting the number of concurrent Radmin users ... but I think it's "watch this space" on that one ... see this thread ...
http://www.radmin.com/support/forum/read.php?FID=19&TID=13862
Posted:
04/30/2009 07:40:52
Go to
Quote
Eugene Idzikovsky wrote:
Probably feature of limiting connections amount won't be implemented.

I think it would be a good idea to implement this. It's up to the people administering the server to decide whether reducing the number of concurrent users to 1 is acceptable (for example on the basis that log on locally is available). You could also enforce a inactive session timeout after so many minutes _if_ the number of concurrent users is set to 1. So after say, 15 minutes of inactivity Radmiin Server drops the connection and Locks or Logs Off the server.

It's just a question of additional flexibility. The more flexible the product is the more people will buy it. No-one would be forced to set a connection limit of one would they - it's a decision individual users would have to take responsibility for.

And maybe this also ties in with other discussions about protecting Radmin settings to stop _any_ user with a full connection changing the settings - the idea of another permissions level like "Radmin Admin smile:)" who _is_ allowed to change settings.
Posted:
04/21/2009 18:12:49
Go to
Quote
chris forrest wrote:
... what happens if it is set to auto deny and nobody is around the machine to accept?

Then the remote user cannot access the machine. There is no point in using an "ask user" and "auto deny" policy if you expect or require people to access an unattended machine.

Quote

Next, where can I set the number of concurrent Radmin connections to 1?

Currently, you can't. See this thread ...
http://www.radmin.com/support/forum/read.php?FID=30&TID=13800
Posted:
04/19/2009 17:14:12
Go to
Hey, whatcha doing back "in exile"? smile;)

Ah ... I see you're yourself again now I've actually got round to posting!

You're right in that I hadn't considered that! However the logon/logoff scripts would simply have to disable/enable or pause/resume the Radmin service depending on the identity of the current user. So a user could be reserved for a "genuine" local logon only and the script would affect the Radmin service for "any other user".

And that's similar to your last paragraph. As you say, there are various variations on a theme, though without knowing precise requirements nothing I can think at the moment is especially elegant! smile:)
Posted:
04/17/2009 16:52:48
Go to
You have the choice in the Radmin Server settings of auto allow or auto deny after the prescribed time is up.
Posted:
04/17/2009 16:02:04
Go to
As an afterthought, as far as local logons go there are probably a few workarounds you could employ. For example you could have policy-driven logon/logoff script which turn the Radmin Server service off/on respectively. This would stop Radmin access while a user was logged on and restore that capability when they logged off.

That wouldn't solve all of your problems by any means, but it may help to form one part of a workable solution.
Posted:
04/17/2009 15:32:17
Go to
Hi Chris

Have a look at this thread ...
http://www.radmin.com/support/forum/read.php?FID=30&TID=13800

... I don't know if that change would be in the next release ... ?

Furthermore, I presume the second part of your question means the refusal of a Radmin connection if there is already a user logged on locally? If that's the case I doubt if Radmin will specifically take account of that.
Author's messages in topic: 1
Topic: «Passthrough 2 routers on same network» on forum: Network management general discussion
Posted:
03/07/2009 04:47:05
Go to
Hi Paul

As I understand it, you've set up the internet-facing (or at least Radmin viewer-facing) router to port forward to the internal router's WAN IP, and the internal router to port forward to the machine running Radmin Server. Is that correct?

I've never had to configure two routers like that but that's the only way I would think to do it.
Author's messages in topic: 1
Topic: «[HOW TO] "auto" logon securely, How to connect securely without having to re-enter user credentials» on forum: Radmin 3.x Troubleshooting
Posted:
03/30/2009 14:49:57
Go to
In light of some of the recent login discussions here is one alternative; connect securely without having to enter a user name and password into Radmin Viewer. This does not involve saving user names and passwords but it does rely on your Windows logon credentials.

The bottom line is that the same Windows accounts and credentials (user names and passwords) need to exist on both machines and you need to connect using Windows authentication. Here it is step-by-step:

1) On the remote PC (running Radmin Server) configure Radmin Server to use Windows Authentication.

2) On the remote PC set up a user account with the same user name and password as the one you will use on the local PC (running Radmin Viewer).

3) On the remote PC add that user under Radmin Server permissions.

4) On the local PC open the Viewer properties for your connection. Under General / Windows Security make sure that "Do not use current user in windows authentication" is not checked.

5) You should now be able to connect directly without re-entering your Windows credentials.

6) If you want to connect directly to a PC using a shortcut you can use something like this as your shortcut target:

"C:\Program Files\Radmin Viewer 3\Radmin.exe" /connect:123.45.67.89

... where 123.45.67.89 is the IP you'd normally use. See the Radmin Viewer help file for the full command-line syntax.

So if you choose you can connect to another PC securely with a single click. Note that this is not auto logon by saving your user name and password. It simply configures Radmin to use the Windows credentials that you've already supplied.

For those living in impenetrable bunkers I'm guessing it should work with Windows users set up without passwords smile;)

[Various edits for clarification]
Author's messages in topic: 5
Topic: «2 Future Suggestions, Sound Output & Registry Editor» on forum: Famatech Software Good Wishes
Posted:
03/30/2009 11:56:08
Go to
Seconded smile:)
Posted:
03/30/2009 03:58:56
Go to
Pass me the soap box then smile;)

I think you're quite right with regard to a change in the handshake mechanism. And as you've probably seen this is topical on a few threads.

The only kind of support I'm involved in on a professional basis is generally more application than PC orientated. Although I seed the requirement for something like the registry facilties described above, that (as a specific example) wouldn't be highest on my 'to do' list for Radmin. What really annoys me is that I've never seen any kind of Radmin technical roadmap. You see lots of good, sensible suggestions on here and occassionally you'll get a nod of 'that will be in at the next release'. But we don't know when the next release is, what's in it, and what's planned to be in the release after that. So everyone gets het up because in development terms nothing seems to be being done. I'm sure it is; it's just not visible enough to the people who pay to use the product.

There are several, really useful but simple things that would improve usability (like auto-hide toolbar and minimise from full-screen), then other harder but essential things (like the connectivity/handshake mechanism). For me these sorts of things need to come before things like a registry editor which is if you like an "add-on application" to a remote access application. The former are things which are integral to things to the access tool itself. But either way - the users have no idea what's planned for Radmin.

I think it would be really helpful if these lists were maintained publically on this website and some sort of roadmap produced with intended release dates and also any reasons why certain ideas are rejected. As it is there is just post after post of the same suggestions and the same gripes that nothing is happening.

Give the users some confidence in the evolution of Radmin, a fundamentally a good product; not the feeling that it's standing still.
Posted:
03/27/2009 13:24:17
Go to
Okay; thanks. I see where you're coming from now smile8)
Posted:
03/27/2009 13:15:47
Go to
Again, genuine curiosity, I'm not knocking this at all - how often would you use these functions?

My Radmin use is "recreational" - I'm genuinely interested in the ways that people use the product in a more professional capacity.

P
Posted:
03/27/2009 12:05:09
Go to
Out of curiosity John, what do you want in a registry editor that you don't get through regedit?
Author's messages in topic: 4
Topic: «Tunnel through Chat software(AIM, Yahoo, GTalk)» on forum: Famatech Software Good Wishes
Posted:
03/29/2009 06:26:12
Go to
FYI John

Just tried Hamachi and it's quite neat.

I had a bit of a mare installing it but I think that was a problem at my end. The install hung and I had to manually uninstall the network driver and hack out the registry entries before it would let me reinstall. It's okay now. But I haven't heard any horror stories about it on here so I do think it was just a glitch at this end. I installed it on a second machine and it went on fine.

Configuration is fairly straightforward. Is it any easier than setting up a port forward? No, not for me, but then I know what I'm doing with my router. But at least if you go down the hamachi route then as the support person there is only one set of instructions to work with.

The current licensing is free for non-commercial use. The link from the pinned post on the Troubleshooting forum isn't to the latest version. It's to an earlier one which I think was on a different license - so I'm not sure if the "old" link is deliberate.

However hamachi performs very poorly over my (admittedly very naff 0.5 Mb) broadband connection. Considering I've effectively only got half of that because both of the hamachi test machines are this side of the router it's hardly surprising. However at least TeamViewer VPN worked after a fashion - hamachi continually drops the connection.

Radmin aside I actually really like hamachi as a product. You can set up your own multiple VLANs and you have a lot of control over access, network groups and configuration. So I'm definitely going to hang on to it just for the VPN.

One neat feature of hamachi relating to earlier posts on this thread is that you can turn off encryption on a per VLAN basis. I tried doing this and although I think performance was improved, it still wasn't enough to allow hamachi to maintain the connection.

So as a VPN for Radmin use then TeamViewer VPN (also free for non-commercial) has the edge for me, but that's only because of my naff connection.

But as a product hamachi wins easily from what I've seen, and for most people I'm sure it's just fine for Radmin use. But as you say, it's one more potentially unnecessary thing to have to worry about.

Bottom line then - I'd still like to see a lightweight VPN built into Radmin! smile:)
Posted:
03/27/2009 13:25:31
Go to
Thanks - I'm okay on the VPN bit; I think maybe I misunderstood your first post re Skype, which natively doesn't tunnel in a VPN sense.

I completely agree that hamachi (or similar) should only be considered a stop-gap.

I've tried running Radmin over the Team Viewer VPN and got dreadful performance smile:(

I'm sure that a more lightweight set-up would be better for Radmin, which already has adequate encryption.
Posted:
03/27/2009 12:46:39
Go to
I wondered about hamachi and performance too.

Agreed about the unnecessary encryption burden. But ... being pretty ignorant of tunneling technology and methods ... how does that differ from Skype et al?
Posted:
03/27/2009 11:50:24
Go to
Aye.

Let's hope they make good soon ... http://www.radmin.com/support/forum/read.php?FID=12&TID=13764

Until then there's still hamachi (so I understand - I've never had cause to try it out) ... http://www.radmin.com/support/forum/read.php?FID=30&TID=13769 ... but built-in has to be the way to go.
Author's messages in topic: 1
Topic: «Feature Request for Viewer: Wake On LAN, Feature Request for Viewer: Wake On LAN» on forum: Famatech Software Good Wishes
Posted:
03/27/2009 12:29:41
Go to
Agreed.

This is quite a nice site ... http://www.depicus.com/wake-on-lan/
Author's messages in topic: 1
Topic: «Feature Request - Block User Keyboard/Mouse» on forum: Famatech Software Good Wishes
Posted:
03/27/2009 12:25:06
Go to
If you search the forums this is one of the big complaints - the inability of Radmin to lock out the remote user and black out the screen. Particularly since this is offered by many of Radmin's competitors! I really think it would be in famatech's best interests to get this one sorted!
Pages: 1 2 Next

Radmin 3.5 New!

Windows 8 Compatible

DOWNLOAD

Free for 30 days

BUY NOW

Only $49 per lifetime license
for  50 PCs - $29.8 per remote PC
for 100 PCs - $24.9 per remote PC
for 150 PCs - $23.3 per remote PC
from 200 PCs - $22 per remote PC
Follow us on Twitter
Famatech Corporation Copyright © 1999-2014 Famatech. All rights reserved.