0

I work for a small IT firm whose main client has dozens of Windows Servers (2012 R2) catering to thousands of workstations in several dozen cities.

We routinely and remotely assist end-users, and to do that, we have to:

  1. Log onto a main server in our own domain;

  2. From there, log onto a server (VM) on the client's domain;

  3. From there, log onto yet another server where the Active Directory is set;

  4. From there, finally access the end-user workstation, either via RDP, Veyon or UltraVNC, depending on the OS the workstation has under the hood.

That's a lot of hoops and a lot of wasted time entering credentials before finally doing our job, so I was wondering how we could speed things up by passing directly from our own workstation to the end-user's, thus automating the whole authentication process on two server rebounds.

Caesar_Chimp
  • 1
  • 1
  • Why aren't you using an RMM? That's why they exist. – joeqwerty Apr 15 '21 at 19:00
  • @joeqwerty ah, that's the question my colleagues and I ask ourselves a thousand times a day... It's the client choice, and it's more of a political one than anything else. They grant us access to their servers, to some extent, but they won't let us use other RMM tools than Veyon, RDP or UltraVNC. I was hoping to find a faster way to make the successive connections to servers. – Caesar_Chimp Apr 16 '21 at 03:24
  • What about UltraVNC SC? It's a RMM solutition and it's UltraVNC ... – bjoster Apr 16 '21 at 10:36
  • What I mean is, we can't even use Remote Assistance or SCCM's tool to remotely connect to a user PC. In fact, I'd like to know if there's a way, a proper syntax, to "concatenate" IP addresses into a Remote Desktop shortcut, instead of having to perform one connection at a time, server by server? We have other restrictions to take into account, such as the inability to "connect as a user" (some users have special profiles that are cleared out every night). We are forced to connect as admin all the time, more or less. Not ideal to actually see what the user sees. It's complicated, I know. – Caesar_Chimp Apr 16 '21 at 21:06
  • I've discovered an application called Terminals, that's supposed to be some kind of jack-of-all-trades when it comes to remote desktop and/or assistance, but I can't make it work. It finds a distant PC on my home network (I'm experimenting at home for the weekend), but I get a "Connection cannot proceed because authentication isn't enabled" (or something like that) error message. That's too bad because this application looked like a good candidate for what I want to achieve at work. – Caesar_Chimp Apr 17 '21 at 17:13
  • @bjoster sorry, I misread your comment about UltraVNC Simple Clic(k). I visited their page, and it does look interesting. I work in a very constrained environment, and our users aren't always tech-savvy, so a simple executable they'd just have to double-click to send an SOS to our helpdesk could be a solution. Still, if our hotliners wanted to initiate the contact, they'd still have to go through all the hoops I described in my OP. – Caesar_Chimp Apr 18 '21 at 14:50
  • Without any user interaction *and* no RMM relay service (agent service, cloud service ...), it's no possible to do RMM. Which is a good thing, securitywise. – bjoster Apr 19 '21 at 10:39
  • @bjoster I agree when it comes to security, but that doesn't help me at all! :-D In fact, I tried MobaXTerm a few hours ago, and found that you could indeed create a whole chain of gateways between your PC and the end-user's. I didn't have time to dig deeper, but I'll try tomorrow and let you know. – Caesar_Chimp Apr 19 '21 at 16:36

0 Answers0