IntelliAdmin Remote Control - Status Update
We have been working on the new version of Remote Control LAN edition for quite some time.Over a year in fact.
For those who have been waiting...it will be worth it.
Before talking about some of the cool features I want to let you know that all current customers will get a free upgrade. This is a big deal. Why? Because when we do release 3.0 we will be raising the price. In addition we may be changing the way we license the product (Possibly per client instead of per administrator). So if you buy now, you will be getting 3.0 for a lot less.
The biggest change will be Vista, and 64 bit support. This sounds so simple on the surface, but making our product compatible with Vista has been one of the most challenging programing projects we have ever faced.
I don't want to get too technical, but lets take an example...
To grab changes on the screen we need a special DLL called a 'hook'. This hook DLL allows the agent to see any graphical changes, and then send them back to the client. To make all of this work the hook uses a shared piece of memory. This shared memory *must* be accessible to all processes on the system.
Well, for quite some time we fought with our hook in Vista. Why? Because every time Internet Explorer was launched our hook would crash (Sometimes taking the system with it). Finally we determined that IE was now launched in a special restricted mode, and if you wanted it to access your shared memory you needed to explicitly allow these types of processes to access it.
This would have been easy to discover if Microsoft had properly documented this - but it was very hard to find. Worse yet the API calls needed could not compile with the current version of Visual Studio (Well after Vista had been released). With a little luck and lots of research we finally got the hook to work.
As you can imagine, this is the tip of the iceberg. I could fill over 100 pages describing the enormous changes needed to make it not only compatible with Vista, but work well with Vista.
We are still getting all of the ends tied up, and I have a rough estimate of about 2 months before we release our first beta. It might be less time than that, but I want to give our team breathing room so they concentrate on quality and not race to finish
With that said, lets start looking at some of the feature in the new version.
Request access before connecting:
We have a flood of email asking for this. Essentially it allows the end user to have a choice when you connect. They are asked for their permission before you can control their computer. I believe in some areas this is a regulatory requirement (Like being notified that your phone conversation is being recorded).
We wanted it to be clear when permission was asked. So what 3.0 does is darken the current desktop, and display a request form like this:
Now, even this feature gave us some heartburn. We wanted this to be shown even if the user had not logged in yet...and it does do that (This was not easy to accomplish). No matter where the user is at, they will be prompted for access.
Seamless operation during a UAC prompt:
If you have not used Vista before, you might not know what I am talking about. Essentially a UAC prompt is popped up each time you try to do something that requires administrative access. It looks something like this:
Whats the big deal here? Well the big deal is that most remote control software out there will choke when this prompt comes up. RealVNC will just disconnect you. UltraVNC has this wacky disconnect and reconnect feature, but very few remote control solutions have an elegant solution that allows seamless operation before, during, and after a UAC prompt. We have accomplished this in 3.0.
Support for Group Policy, and Windows User accounts:
Currently you simply need an administrator account. Now this will always be true if you want to automatically install the agent over your LAN. What if you wanted to install the agent yourself, and grant all users that are a member of the "Remote Administrators" group "View Only" access? This is all possible in 3.0. In addition, we will make available a group policy template that will allow you to deploy, and manage permissions of agents across your network.
Lets start looking at some screen shots of the software :)
Multi-User permissions
There are three types of accounts available in the new version.
1. Windows users and groups - These are domain, or local accounts that are granted access to the agent
2. Standard username and password - These are username and password combinations created by you, but do not require any interaction with windows security
3. VNC password accounts - Yes. You read it right, support for VNC client to connect to the agent.
Now with 1, and 2 you get a secure connection with Diffie-Heliman key exchange exchange, and 256 bit AES encryption. In addition to that the client supports the full array of features made available in 3.0
If the client is VNC, there is no encryption, and limited support for the new features. VNC support has been added for those customers that have non-windows operating systems and need some way to connect. If you do not add a VNC account, the VNC authentication system becomes inactive.
Here is what the form looks like for adding, or updating these user accounts:
Each user has their own settings:
So for example, you could give windows administrators full access, but standard users 'view only' access.
IP Address Filtering
Out of the box it will allow any IP to connect. Using filtering you could restrict it to a range of IP addresses, or block specific IPs that you have had problems with:
Multiple Interfaces Supported
Most of the time you will only need to listen on all interfaces on the same port. If you have custom needs it is possible to listen on more than one port, and on a specific interface:
Status Window
This has been requested many times over. Some customers have wanted a constant notification while the administrator is connected. When the status window is turned on it is displayed in the top right of the screen. If the mouse moves near it then switches to the left side of the screen. No matter what screen or window the user is on - it will always be displayed. This means even if the workstation is locked, or the user has not even logged in yet...it will be shown (While the administrator is connected)
Here is what it looks like:
Connection Activity
When administrators are connected, it is easy to see who is connected and from what IP address:
That is all I have for now. If you would like to join the beta program (Again...it may be 2 months before you see anything). Please send an email to beta@intelliadmin.com with Remote Control LAN as the subject, and you will be added to the beta list.
Written by Steve Wiseman on March 18th, 2008 with no comments.
Read more articles on Contributors.
Previously available only through subscriptions to MSDN or Technet, Microsoft today released Windows Vista Service Pack 1 on their public download site. 
