1. About RemotelyAnywhere

1. About RemotelyAnywhere

1. About RemotelyAnywhere

RemotelyAnywhere allows secure remote access to and administration of any machine on which it is installed. No special client software is required on your local machine, and it is closely integrated with Windows NT/2000/XP security.

MINIMIZE DOWNTIME

RemotelyAnywhere helps system administrators keep IT systems up and computer users happy by offering the industry’s richest remote-support toolkit. Support staff can often detect, diagnose, and solve problems faster than local support using built-in operating system functions.

Background access means the user need not be interrupted during the implementation of solutions.

DELIVER THE SOLUTION, NOT THE PERSON

All RemotelyAnywhere’s features can be accessed securely and from any Web browser. Support and diagnostics can even be delivered from a PDA or WAP-phone browser. This means you can now offer genuine global support from anywhere, anytime.

STOP FIGHTING FIRES

RemotelyAnywhere brings predictability to system management. By giving you monitoring, scripting, and alerts, RemotelyAnywhere allows you to detect potential problems on all your systems before they bring a halt to business. This ensures that you are often the first to know about workstation issues ranging from attempted security breaches to unstable software installations.

FAST, SIMPLE, SECURE ENTERPRISE DEPLOYMENT

RemotelyAnywhere was designed for professionals responsible for large installations of workstations. The product is simple to install and configure on anywhere between a handful and thousands of systems. Five levels of security and built-in event logging give you the confidence that your systems are safe.

KEEP YOUR COMPANY PRODUCTIVE

Less downtime means more productivity. What’s more, RemotelyAnywhere can dramatically reduce IT operating costs for a surprisingly low price. Contact RemotelyAnywhere and download a free trial of our enterprise version enabling you to see these productivity gains for yourself.

KEY FEATURES

- Secure Remote Control

- Support Toolset

- Automatic Alerts

- File Transfer

- Folder Synchronization

- Remote-to-local printing

- Remote Deployment

- Accessible via Web Browser

- Enterprise Deployment

- Robust Security

- Centralized Logging

- Port Forwarding (Server Edition Only)

REMOTE CONTROL

- Complete remote control of keyboard, mouse & monitor

Copyright ©2005 • Send support questions to: [email protected]

Page 4

Copyright ©2005 • Send support questions to: [email protected]

1. About RemotelyAnywhere

Page 5

Copyright ©2005 • Send support questions to: [email protected]

1. About RemotelyAnywhere

Page 4

1. About RemotelyAnywhere

- Can also provide work-from-home and on-the-road access to workstation

- Dynamic resizing of desktop and adjustment of color depth

- File Transfer with delta-file updates

- Remote-to-local printing

- Automatic Folder Synchronization

- Compression algorithms adapts to bandwidth

SECURITY

- Standards-compliant SSH server

- All events including unauthenticated connection attempts are logged to central syslog server

- IP lockout of machines with a configurable number of unsuccessful logon attempts

- Security alerts and notification sent to IT managers

- Integrated Windows authentication

- RSA support

ANYWHERE ACCESS

- RemotelyAnywhere can be accessed without client software

- Remote Control can be accessed using any Java or ActiveX-enabled Web Browser

- All diagnostic and administrative toolset features are presented using simple HTML interfaces

- Fully customizable interfaces support standard, light, and handheld/WAP browsers

EASY ENTERPRISE-WIDE DEPLOYMENT

- Network console simplifies workstation management and remote installation

- Standard application installation

- Command line installation

- Scripted mass-deployment support

- Background installation

SUPPORT TOOLSET

- Background access doesn’t interfere with user

- Realtime performance, connection, hardware and registry information

- Process manager with detailed info on CPU, memory, registry key and dll usage

- Service manager with service account and dependencies

- Driver manager with dependencies

- Comprehensive user manager

- Share manager, including admin shares

- Full registry editor with ACL support

- Virtual memory settings

- Resource availability

- Emergency reboot

- Environment variables settings

REPORTING & ALERTS

- Catch problems before they interrupt work

- Realtime performance, resource, security, and event monitoring

- Script-defined alerts and warnings

- Powerful and flexible scripting language

- Automatic start of recovery procedures

- Alerts can be sent online, by email, or by text messages

HELP DESK AND SUPPORT

- Local keyboard and mouse can be disabled or left active

- Built-in Help Desk allows interactive support for user from anywhere using your browser

- Background access allows maintenance to be performed without interrupting the user

ADDITIONAL FEATURES

- Full support for XP Fast User Switching and Terminal Services

- Custom HTTP pages can be delivered from each workstation running RemotelyAnywhere without additional of HTTP server

Copyright ©2005 • Send support questions to: [email protected]

Page 5

1. About RemotelyAnywhere

- Automatic check for upgrades

- User-defined colors and layouts

- User-defined quick links to the features you use most

SYSTEM REQUIREMENTS

- RemotelyAnywhere can be used to remotely control and manage any computer running

Windows XP/2000/ NT4 and now Windows 98/ME. Some features, however will not appear on

Windows 98/ME machines, and this is indicated in this manual.

- The computer running RemotelyAnywhere can be accessed from most devices with ActiveX or Java-compatible web browsers, regardless of the operating system. PDA Access is limited to devices running Pocket PC 2000/2002, Microsoft Windows Mobile 2003 for Pocket PC or

Microsoft Windows Mobile 2003 Second Edition for Pocket PC.

Copyright ©2005 • Send support questions to: [email protected]

Page 6

2. Acknowledgements

OpenSSL

RemotelyAnywhere includes cryptographic software developed by the OpenSSL Project for use in the OpenSSL Toolkit. For more information visit: http://www.openssl.org

OpenSSH

RemotelyAnywhere uses cryptographic software developed by the OpenSSH group. For more information visit: http://www.openssh.org

CompuPhase

RemotelyAnywhere includes scripting software developed by ITB CompuPhase. The Small language, its interpreter and compiler are copyright © Thiadmer Riemersma, ITB CompuPhase,

1998-2000, The Netherlands. For more information visit: http://www.compuphase.com/small.htm

Copyright ©2005 • Send support questions to: [email protected]

Page 7

3. Getting Started

1. About RemotelyAnywhere

RemotelyAnywhere is the perfect choice for anyone who has ever needed to access and control a

PC or server from elsewhere, be it from down the hall or from halfway around the world. All that is required to control a PC or server is a web browser or WAP-enabled wireless device.

RemotelyAnywhere is a remote administration tool that lets you control and administer

Microsoft

®

Windows

®

-based computers over a local area network or the Internet. Originally designed for network administrators by network administrators, RemotelyAnywhere has since evolved to offer a wide variety of remote computing solutions for an equally wide variety of users.

Today, RemotelyAnywhere provides such useful capabilities as Java-based desktop remote control, file transfer protocol (FTP) for downloading and uploading of files, configuration of the host computer, remote-to-local printing, advanced scripting, and dozens of other features fully detailed in the rest of this manual.

RemotelyAnywhere acts as the host software on the machine that is to be controlled or accessed.

The client (the remote computer that is used to access the host) requires no special software. The client software is any Java- or ActiveX-enabled web browser, such as Internet Explorer (IE) or

Netscape Navigator (versions 3 or above). Many RemotelyAnywhere features can also be accessed and controlled using such client software as that found in handheld PDAs and WAP-enabled mobile telephones.

ABOUT THIS CHAPTER

This chapter walks you through the process of setting up and accessing your host computer through RemotelyAnywhere.

The chapter covers:

• Installing the RemotelyAnywhere software on the machine that you wish to remotely

control, including:

-Default installation configurations

-Custom installation configurations

• Activating the software following installation.

• Accessing the host computer from a local area network (LAN) or over the Internet.

• Logging into the host machine, and the special options available.

• Bypassing the Login screen.

• Special settings required to access RemotelyAnywhere through a firewall.

2. Installation of RemotelyAnywhere

DEFAULT INSTALLATION

Step 1.

If you have not already downloaded RemotelyAnywhere, locate and download remotelyanywhere.zip from http://www.RemotelyAnywhere.com/downloads.htm.

Step 2.

Execute remotelyanywhere.msi, found in the downloaded .zip archive.

Copyright ©2005 • Send support questions to: [email protected]

Page 8

Copyright ©2005 • Send support questions to: [email protected]

3. Getting Started

Page 9

Copyright ©2005 • Send support questions to: [email protected]

3. Getting Started

Page 8

3. Getting Started

Step 3.

On the Welcome screen, select Next.

Step 4.

On the License Agreement screen, select I Agree if you agree to the terms and conditions.

If you do not accept these terms, you can exit the setup by clicking the Cancel button.

Step 5.

The Software Options screen appears next. If the default listening port is acceptable, click

Next.

For more information regarding customizing RemotelyAnywhere during installation, see

Custom Installation

below.

Step 6.

The setup will then ask for confirmation of the destination location for the files for

RemotelyAnywhere.

If you wish to change the destination folder, select the Browse option. Select Next to confirm the destination folder.

Step 7.

To start copying the files to their destination folder (selected in step 6 above) click Next.

Step 8.

Select Finish to complete the Setup.

CUSTOM INSTALLATION

Step 1.

Follow steps 1 – 4 above of the Default Installation.

Step 2.

The Software Options screen allows the user to specify the listening port for use by

RemotelyAnywhere.

If the default port used by RemotelyAnywhere (2000) conflicts with an existing application or service, the user may change it here. If the person installing RemotelyAnywhere is not the

Network Administrator, the Network Administrator should be consulted before a port is assigned.

This screen also allows the user to copy configuration settings from an existing

RemotelyAnywhere installation.

After all options have been configured satisfactorily, select Next.

Step 3.

Continue with steps 6 – 8 outlined above for the Default Installation.

3. Software Activation

Once you have installed RemotelyAnywhere following the instructions above you will then need to activate it.

If you have already purchased a license you will be able to paste it into the space provided and activate the software straightaway.

If you have not purchased a license but would like to do so, you will be given the option to do this on the software activation screen. If you purchase online your license would be delivered immediately, so you can activate your software without delay. Alternatively, you may want to contact our sales department at [email protected] or by calling 1 800 993 1790 (toll free U.S.) or +36 1

413 3780 (international).

If you’d prefer to try the software before purchasing you are entitled to a 30 day evaluation period.

Just select “I would like a free trial” on the software activation screen and follow the instructions.

You will need to be connected to the Internet to activate your free trial.

The RemotelyAnywhere free trial uses an identifier value from your machine to control the number of evaluation licenses a single computer can receive. It is generated by passing unique data related to your computer through a one-way cryptographic hash function. The ID generated with this algorithm does not identify you or any component of your computer system. You can think of this as a unique ticket that your machine receives.

Page 9

Copyright ©2005 • Send support questions to: [email protected]

3. Getting Started

4. Accessing RemotelyAnywhere

When the installation is complete, the default Internet browser will open with the address of http://MachineName:2000.

To access the host machine from a different machine, open an Internet browser and enter http://111.111.11.1:2000 on the Location/Address line. The “111.111.11.1” represents the IP address of the host machine. The “2000” represents the default port shown on the Software Options screen during installation. If you changed this port during installation, then use that port when accessing RemotelyAnywhere. On the same network the machine name can also be used.

On the host itself you can also access a machine by entering the loopback address http://127.0.0.1:

2000 at the Location/Address line. This address allows the user to communicate with the

RemotelyAnywhere installation only at the machine on which it is installed.

ABOUT DYNAMIC IP ADDRESSES

Many DSL and cable internet connections assign your machine a new IP address each time you connect to the internet. This is known as a Dynamic IP address. RemotelyAnywhere will work if you have a dynamic IP (DNS) address, but RemotelyAnywhere needs to be able to track your IP address so that if it changes, the connection can be maintained. There are dynamic DNS solutions available, often for free, which means your machine can be assigned a fully qualified and static domain name regardless of your IP address.

Alternatively, Under Preferences > Network you can configure RemotelyAnywhere to send you an e-mail message pointing to the IP address of your remote host every time it detects a change. This way, you always know where to find your remote computer.

5. Logging In

After entering the URL into your browser and pressing enter, you will reach the

RemotelyAnywhere Login screen.

RemotelyAnywhere will access the user database to authenticate the user. Initially, you will need to log on as someone who is a member of the Administrators group. Later you can change this default behavior by granting NT users or groups access to RemotelyAnywhere under Security >

Access Control

.

Win98 and ME users need to specify their user name during installation. If they do not, the default user name will be the machine name, and the password field will be blank.

Copyright ©2005 • Send support questions to: [email protected]

Page 10

Copyright ©2005 • Send support questions to: [email protected]

3. Getting Started

Page 11

3. Getting Started 3. Getting Started

NTLM:

By clicking on the NTLM button you can use your current Windows login credentials to verify your identity on the host computer. This only works when accessing a Windows NT/2000 or XP computer. It will use your current credentials (those you entered at the NT logon prompt on the computer running your browser) to identify you to the remote computer. This is only available on local networks.

RSA Support: RemotelyAnywhere now supports RSA security. RSA SecurID offers an extra physical layer of security by demanding conclusive proof of a user’s identity. If your remote machine has RSA installed the option to use this powerful authentication method will be available on the login screen. For more information please see http://www.rsasecurity.com/products/ securid/index.html.

ADVANCED LOGIN OPTIONS

By clicking on Show Advanced Options in the login window a number of additional options become available:

Copyright ©2005 • Send support questions to: [email protected]

Page 10

Go directly to -

Using these buttons you can select whether you want to go directly into Remote

Control

, to File Transfer & Synchronization or to the Main Menu page - this last option being the default.

Full and Light Interfaces –

You can choose between the full and light interfaces.

RemotelyAnywhere’s full interface is for DHTML capable browsers. The light interface is more suitable for old browsers or users with slow connections.

SSL –

If you set up SSL Support for RemotelyAnywhere all traffic between the host and the remote computer will be encrypted using industry-strength 128-bit ciphers, protecting your passwords and data. You can do this easily by going to Security, clicking on SSL Setup, and following the step-by-step instructions there. More information about this can be found in this manual’s Section Guide.

Language Option –

With RemotelyAnywhere version 5 you are now able to select the language of your choice when logging in. German, Italian, and Chinese are already available, and more will be available soon.

Copyright ©2005 • Send support questions to: [email protected]

Page 11

3. Getting Started

BYPASSING THE LOGIN SCREEN

You can force an NTLM login – and thus bypass the login screen entirely – by appending

/ntlm/” to the URL with which you access RemotelyAnywhere. For example, the URL http://

MAILSERVER:2000

would become http://MAILSERVER:2000/ntlm/. Be careful not to forget the trailing slash!

You can also use this method to bypass the menu system and access certain parts of

RemotelyAnywhere directly. Here are some URLs as an example:

Remote Control:

http://your.machine.here:2000/ntlm/remctrl.html

Command Prompt:

http://your.machine.here:2000/ntlm/telnet.html

Chat:

http://your.machine.here:2000/ntlm/chat.html

Similarly, you can specify your username and password in the URL – thus forcing a normal login

– by appending the credentials in a “/login:username:password:domain/” form to the URL with which you access RemotelyAnywhere. For example, the URL http://MAILSERVER:2000 would become http://MAILSERVER:2000/login:username:password:domain/. Yet again, be careful not to forget the trailing slash!

The Windows NT domain you are logging in to is optional. If omitted, RemotelyAnywhere will try to authenticate you on the computer on which it’s running, then in the domain to which it belongs. Here are some URLS as an example:

Remote Control:

http://your.machine.here:2000/login:yourloginname:yourpassword/remctrl.html

Command Prompt:

http://your.machine.here:2000/login:yourloginname:yourpassword/telnet.html

Chat:

http://your.machine.here:2000/login:yourloginname:yourpassword/chat.html

6. Accessing RemotelyAnywhere through a firewall or router

Most corporations today employ certain security measures to protect their computer networks from hostile intrusion. One of the common measures includes creating a firewall. A firewall is a system designed to prevent unauthorized access to a private (internal) network. Firewalls can be implemented either as hardware or software, or a combination of the two.

The most common use of a firewall is to prevent unauthorized intrusion from Internet users attempting to access a private network or Intranet. A firewall examines all traffic entering or leaving the internal network/Intranet, ensuring that traffic meets security criteria established by the Network Administrator.

RemotelyAnywhere can be configured to work with a computer protected by a firewall. This requires mapping an external, incoming port on the firewall to the internal IP and port on the computer running RemotelyAnywhere.

Routers, on the other hand, operate much in the same way as firewalls. They both offer the opportunity to open and map ports to specific computers. For the rest of this explanation, the term “router” can be interchangeable with “firewall.”

From outside your LAN, you would gain access to the computer running RemotelyAnywhere by entering the firewall’s IP address and the port to which the desired machine is mapped. For example:

Copyright ©2005 • Send support questions to: [email protected]

Page 12

Copyright ©2005 • Send support questions to: [email protected]

3. Getting Started

Page 13

3. Getting Started 3. Getting Started

Router:

External IP address: 111.111.111.111

RemotelyAnywhere computer:

IP address: 192.168.0.10, Port: 2000

(port 2000 is the default but this can also be changed)

STEP 1: MAP A FIREWALL PORT TO THE COMPUTER

In this case, you would pick a port on the router (say, 5200) and map it to 192.168.0.10:2000.

The procedure for mapping ports from routers to computers is router-specific. Usually your router will have a web-based interface that allows you to configure and maintain it. Sometimes router companies refer to this action as Port Forwarding or Port Mapping.

STEP 2: ACCESS REMOTELYANYWHERE THROUGH THE FIREWALL

Having done the above, you will now be able to fully access the RemotelyAnywhere computer with the URL http://111.111.111.111:5200 - that is the firewall’s external IP, followed by the port you mapped to the RemotelyAnywhere machine.

EXTERNAL RESOURCES FOR HELP WITH ROUTER AND FIREWALL

CONFIGURATION

No two router models are exactly alike, and this document lacks sufficient space or scope to offer detailed support for all routers and firewalls and RemotelyAnywhere. However, the overarching principles for port forwarding remain the same. Should your router or firewall documentation prove confusing or insufficient, there are several resources available on the internet that provide exhaustive instruction and help with configuring routers and firewalls.

One such resource that we recommend can be found at http://www.port-foward.com.

Copyright ©2005 • Send support questions to: [email protected]

Page 12

Copyright ©2005 • Send support questions to: [email protected]

Page 13

4. What’s New in

RemotelyAnywhere Version 6

If you’re new to RemotelyAnywhere then you can skip this chapter and go straight to the next one.

This chapter is a quick summary of the new features that set RemotelyAnywhere version 6 apart from its predecessor.

ActiveX Clients for Remote Control and File Transfer RemotelyAnywhere now offers the option of selecting either Java or ActiveX-based clients for the remote control and file transfer clients. By default, it attempts ActiveX remote control when Internet Explorer is used on the remote machine; other browsers, such as Firefox, make use of Java versions. The ActiveX clients offer the added benefit of an increase in performance, and in the case of Remote Control, a true full-screen view.

Windows CE/Mobile PDA remote control support

RemotelyAnywhere 6 now offers desktop remote control via PDAs, including support for highresolution PDAs with 640 x 480 VGA resolution.

Native Active Directory user and permission management

Windows Password expiry support

Remote control speed improvements Speed improvements have been made here, notably in the case of Windows NT where the RemotelyAnywhere mirror driver cannot be used.

OpenSSH version update to v3.9

Remote Control desktop recording as .avi file

HTML template optimization for better performance

Extensive support for connections via proxy servers

Http tunnel improvements

Installer improvements

Page 14

Copyright ©2005 • Send support questions to: [email protected]

5. User Interface

User Interface

The completely updated user interface is designed to make using RemotelyAnywhere quicker and easier than ever before. The best reference for using RemotelyAnywhere are the Section Guides which follow this chapter. There the functionality of every feature is detailed at length. In this chapter, however, we will outline those interface features that are consistent throughout the tool.

When you start up RemotelyAnywhere 6 this is what you’ll see:

THE MENU

Every page of RemotelyAnywhere can be reached from the left hand menu tree. The menu tree is expandable and collapsible like Windows Explorer so you can find the pages you need quickly.

There are new categories for RemotelyAnywhere’s extensive range of features so that the tool’s functionality is now more transparent than ever before. These are shown at the top of the next page.

The sub-sections of each of the above categories are labeled as follows in the menu:

This means that the page contains data that can be modified. It is a configurable page.

This icon shows that a page just displays data. Although you may be able to refresh the page in

Copyright ©2005 • Send support questions to: [email protected]

Page 15

5. User Interface order to get the latest data, you cannot interact with or in anyway modify what is shown from this location.

For more information about the above sections, please refer to this manual’s Section Guide.

PERFORMANCE DATA VIEWER

On every page of RemotelyAnywhere you can see a real-time Performance Data Viewer. This java applet is to the right of the RemotelyAnywhere logo in the top frame. It shows CPU load (green) and Memory load (red) and is updated every few seconds so you can get instant feedback on the effects of performance intensive processes.

This graph can be disabled under Preferences > Appearance.

QUICKLINKS

QuickLinks are another new feature accessible from every page of RemotelyAnywhere. You can add your favorite pages to the QuickLinks drop down menu wherever you see the star icon in the tool bar of the page you are viewing. You can also edit your QuickLinks by clicking on —Edit your

QuickLinks – in the QuickLinks drop-down menu.

The QuickLinks menu is situated in the top frame of the page so that your favorite pages are always only a click away. They are also listed on the System Overview tab of Home page.

LOG OUT

You can Log Out from RemotelyAnywhere via the red Log Out button in the top right corner of the screen, to the right of your computer’s name. If you are inactive for 10 minutes you will be logged

Copyright ©2005 • Send support questions to: [email protected]

Page 16

Copyright ©2005 • Send support questions to: [email protected]

5. User Interface

Page 17

Copyright ©2005 • Send support questions to: [email protected]

5. User Interface

Page 16

5. User Interface out automatically. The session timeout time can be modified under Security > Access Control.

TIME

The time on the remote machine is displayed above the log out button.

THE MAIN CONTENT WINDOW

The main content window is where you’ll do most of your interaction with the host machine via RemotelyAnywhere. For the most part this should be self explanatory. The Remote Control window can be detached from the main pane – you will read more about this in the relevant part of the Section Guide.

On most pages you’ll see a tool bar at the top. Below is a quick key to the buttons you’ll encounter on these toolbars. For more information about commands specific to certain pages, see Section

Guide - Remote Control.

SYSTEM TRAY ICON

RemotelyAnywhere includes a system tray icon that serves multiple purposes. This icon can be fully configured via the Preferences > Systray Settings screen.

The icon will blink whenever someone is accessing the computer with RemotelyAnywhere.

Double-clicking the tray icon will bring up a dialog that shows the most recent events that have occurred within RemotelyAnywhere.

A user sitting at a Windows XP host computer will be notified of remote printing:

Right-clicking the RemotelyAnywhere icon will bring up the following menu:

Open RemotelyAnywhere This option will open the dialogue shown at the top of the next page.

Open RemotelyAnywhere Web Interface

This option will start up RemotelyAnywhere on the local host and log you in using NTLM.

Open Status Window This option opens a window that updates you on the current status of

RemotelyAnywhere.

Enable/Disable RemotelyAnywhere Here you can turn the RemotelyAnywhere service on and

Copyright ©2005 • Send support questions to: [email protected]

Page 17

off at will.

5. User Interface

The above dialog is displayed when you click on Open RemotelyAnywhere in the menu available from the systray icon or from your Start menu. In addition to the other context menu items

(open the web interface, enable/disable RemotelyAnywhere) you can see if RemotelyAnywhere is currently being accessed, and access the documentation (including this guide). You will also be alerted via this screen if RemotelyAnywhere’s license has expired or the software has not been activated.

Enable/Disable Status Indicators

Here you can enable or disable the memory and CPU usage indicators.

About...

This command brings up RemotelyAnywhere’s HTML About box.

Convert Remote Control Recordings This wizard will convert RemotelyAnywhere remote control screen recording files into an AVI file for playback in any media player.

Show Performance Windows This item will open the following submenu:

In this menu, you are given a selection of performance indicators to display on your desktop.

What actually appears in this menu is based on the performance data RemotelyAnywhere is able to collect. The software automatically collects performance data on CPU usage (total and broken down by individual CPU on SMP systems), and various memory counters.

Copyright ©2005 • Send support questions to: [email protected]

Page 18

Copyright ©2005 • Send support questions to: [email protected]

5. User Interface

Page 19

5. User Interface 5. User Interface

When you select an item from this menu, a window will pop up, similar to that shown at the top of the next page.

Double-clicking the performance window will shrink it to a smaller format:

You can have as many of these windows up on your screen as you want. They are persistent – that is, they will automatically appear in their previous position following a reboot.

Copyright ©2005 • Send support questions to: [email protected]

Page 18

Copyright ©2005 • Send support questions to: [email protected]

Page 19

6. Section Guide - Home

Home

Home is the page that you’ll see when you first start up RemotelyAnywhere. There you will find a useful at-a-glance System Overview, and more general information about RemotelyAnywhere itself is available if you click on the About RemotelyAnywhere tab.

System Overview

When you first start up RemotelyAnywhere you will see the System Overview tab of the

RemotelyAnywhere homepage. It contains a multitude of useful information about the host computer.

6. Section Guide - Home

Welcome At the top of the page you’ll see a welcome message which displays your basic licensee information as well as who you’re logged in as. The date and time of the host machine is also displayed. If you click on the date and time (highlighted in blue) you’ll be taken to a page where you can set the time on that machine. This page is normally accessible under Computer Settings >

Time in the left hand menu.

Information about when the machine was last rebooted, how long it’s been running, and how much data has been sent to how many clients is also shown here.

Security In the top right corner of the System Overview section of the RemotelyAnywhere Home page you can see a summary of your security data. This includes the authentification method used to log in and information on the Secure Sockets Layer (SSL) connection. More information on SSL can be found later in this manual.

Copyright ©2005 • Send support questions to: [email protected]

Page 20

Copyright ©2005 • Send support questions to: [email protected]

Page 21

6. Section Guide - Home 6. Section Guide - Home

QuickLinks QuickLinks are a new addition to RemotelyAnywhere version 5, designed to make things even quicker and easier. Displayed in the blue box on the right hand side of the home page, you can add any page of RemotelyAnywhere to QuickLinks so that your favorite or most often used sections are always only a click away from log in.

QuickLinks are also diplayed in a dropdown in the upper frame of every page so you can always select your favorite pages quickly.

To add a QuickLink, just click on the QuickLinks icon, which appears on every page. To remove a

QuickLink, select —Edit your QuickLinks – from the drop down menu.

Performance The performance graph details memory usage (in fact, this section was called

Memory in previous releases of RemotelyAnywhere). Data about the physical and committed memory are displayed in an easy to read green and red graph.

Current Connections Here you can see data on any current connections on the host machine.

Most Recent Accesses Here you can see information about the users who have most recently accessed RemotelyAnywhere on this computer.

System Information Here you can see information on the computer itself, including the current

CPU utilization.

Operating System An overview of the operating system of the accessed machine is displayed here, including when it was installed.

Installed Hotfixes Here you can see a list of the Hotfixes that have been installed on the machine.

Click on the Hotfix name for more information about that particular Hotfix.

About RemotelyAnywhere

Behind the System Overview tab you will see the About RemotelyAnywhere tab. Here you can find out information about the software, updates, the company, and this very manual. It also presents you with more detailed license information, so you can find out who this copy of

RemotelyAnywhere is registered to, and for how many machines.

Copyright ©2005 • Send support questions to: [email protected]

Page 20

Copyright ©2005 • Send support questions to: [email protected]

Page 21

6. Section Guide - Home

News The News panel exists to notify you of any important news about RemotelyAnywhere.

This will most often consist of any updates we make so you can make sure you always have the most up to date release, but could also notifiy you of Windows vulnerabilities and so on. News items are retrieved by your browser from our website. Whenever a news item is posted the About

RemotelyAnywhere tab will flash to alert you to the update.

If you’d prefer not to see the News panel on this page, click on the Delete icon on the right and it will disappear. You can re-enable it easily by clicking on Show News.

Licensee Information The About RemotelyAnywhere tab also displays your licensee data. It tells you who the software is licensed to, how many installations it is valid for, and the license ID. You might need to quote your license ID if contacting the RemotelyAnywhere support desk.

If you need to see the full license file, you can see it under Preferences > License in the left hand menu.

RemotelyAnywhere Users Manual You can bring up this manual for your reference at any time via the About RemotelyAnywhere tab. This should be your first stop when looking for information about the software.

RemotelyAnywhere.com

There is also a link to our site so you can find out more about this and other products in the RemotelyAnywhere range. Here you’ll also find our support pages, along with a comprehensive FAQ section and contact details. If the answer isn’t in this manual you may well find it there.

SMALL Documentation Documentation on the scripting language used with RemotelyAnywhere is also available from here. RemotelyAnywhere specific extensions to this language will be covered later in this manual.

Software License The legal terms and conditions of your license are published here for your reference. General copyright data is also displayed on this page.

Copyright ©2005 • Send support questions to: [email protected]

Page 22

7. Section Guide -

Remote Control

Remote Control

One of the main features of RemotelyAnywhere is its advanced ability to remotely control the computer on which it is installed, thus enabling you to authentically replicate the experience of sitting in front of the host computer — regardless of where you actually are in the world.

When you select Remote Control, by default RemotelyAnywhere will attempt to load a small

ActiveX control, and, if your browser doesn’t support ActiveX, it will try the Java-based version.

Failing that, the HTML screenshot version will load. By expanding the left-hand Remote Control menu manually, it is possible to select any of these three options manually. Depending on your browser settings, you may see a popup window asking you to accept or reject the ActiveX control or Java applet. You should accept it in order to use Remote Control.

When typing or using your mouse it will be exactly as if you were sitting in front of the remote machine. The only real difference will be a few RemotelyAnywhere-specific tools which appear at the top of the remote control window, detailed below.

ActiveX Version

The ActiveX version of RemotelyAnywhere’s remote control, which is what launches by default, offers a substantially different interface from the Java version (the default in previous versions of

RemotelyAnywhere.)

Copyright ©2005 • Send support questions to: [email protected]

Page 23

7. Section Guide -

Remote Control

FULL SCREEN

This launches a true fullscreen the remote window. Moving the pointer to the top of the screen will bring a pulldown toolbar showing the same options available in the regular remote control interface. Clicking Full Screen again will return the screen to the regular interface.

SCREEN SIZE

There are four options here:

View Actual Size - renders a 100% view of the host screen

Fit to Window - adjusts the zoom on the host screen to make the window fit the screen

Match Resolution - resizes the host computer’s desktop to fit the resolution of the remote screen

Zoom - manually adjusts the zoom

SEND CTRL-ALT-DEL

Use this button to send a Ctrl-Alt-Del keystroke combination to the host machine.

ADVANCED

Brings up a further layer of remote control options. Click this again to hide the advanced interface.

SCREEN:

Resize the host desktop to one of an available range of predefined resolutions.

BIT DEPTH PULLDOWN

Depending on the capabilities of your host machine’s video card, you can reset the color depth of that machine to 4, 8, 16, 24, or 32 bits. The lower the bit depth, the fewer colors and the faster the remote control performance.

ENABLE MAGNIFIER

Selecting this launches a magnifying box that can be placed anywhere on the screen. This is useful for when you are remote controlling while zoomed out, but would like to examine the host screen in detail.

NETWORK SETTINGS

Here you can configure your link speed options. We recommend the Auto setting, but it is possible to force the link speed.

QUALITY

Users with slower connections will note a performance increase as the remote control quality option is adjusted downwards. However, the quality of the screen image transmitted may suffer.

CHAT

Using this feature you can chat with an interactive user of the remote host. Having clicked on the

Chat button a dialog field opens beneath the toolbar wherein you can enter and send messages.

These messages will be displayed on the remote desktop, much as with RemotelyAnywhere’s Help

Desk Chat feature, which is documented later in this manual.

Copyright ©2005 • Send support questions to: [email protected]

Page 24

Copyright ©2005 • Send support questions to: [email protected]

7. Section Guide -

Remote Control

Page 25

Copyright ©2005 • Send support questions to: [email protected]

7. Section Guide -

Remote Control

7. Section Guide -

Remote Control

Java Version

In the top left corner of the remote control screen you will see the menu:

Page 24

SEND SPECIAL KEYS

Some actions, such as sending Ctrl-Alt-Delete, cannot be captured by the applet, but you can still send them via the menu. If you select Send Special Keys you will gain access to a whole list of special key combinations you might want to send to the host computer.

FULL SCREEN REMOTE SESSIONS

Also available in the menu is the Full Screen option. This detaches the remote window allowing you greater flexibility. When in full screen mode you can easily switch back to the standard

RemotelyAnywhere frame by selecting Exit Full Screen.

You can also do this with the close and maximize icons in the top right corner of the remote window.

DISPLAY PROPERTIES

You can modify the remote screen’s display properties via the menu as well. There are drop down menus for color and screen resolution, as well as a zoom option that allows you to view the screen all the way up to 300% of its original size.

For the best performance during remote control you should set the remote machine’s screen resolution down to the lowest, still convenient value.

It is also recommended that you do not use 16-bit (hi-color, 65536 colors) for the remote host’s display. Use either 256 colors or true color. Converting 16-bit color bitmaps down to the internal format is rather slow, and has an impact on performance.

REMOTE CLIPBOARD

Another useful option available from the menu is the ability to transfer your clipboards between machines, thus allowing you to copy from one machine and paste on the other.

For example, if you copy some text on the local machine, then select from the menu on the remote screen Transfer Clipboard > Local to Host. The same applies the other way around, but you would select Host to Local in order to transfer your clipboard between machines.

The limit is 8 mb in both directions. If the clipboard is larger it won’t do anything. On the MS

JVM it only supports Unicode text. With Sun, it also works with bitmaps.

CHAT

Using this feature you can chat with an interactive user of the remote host. Having clicked on the

Copyright ©2005 • Send support questions to: [email protected]

Page 25

7. Section Guide -

Remote Control

Chat button a dialog field opens beneath the toolbar wherein you can enter and send messages.

These messages will be displayed on the remote desktop, much as with RemotelyAnywhere’s Help

Desk Chat feature, which is documented later in this manual.

TERMINAL SERVERS

This feature enables you to attach your remote control connection to an existing terminal server session. By default, RemotelyAnywhere reads the display output in order to show the remote desktop. Terminal server sessions are not included in this display output. In effect, they are hidden from the desktop, but RemotelyAnywhere is able to display and interact with them in a way that would not ordinarily be available to an interactive user of the host machine.

REMOTE CONTROL TOOLBAR

In addition to the Menu options and the ability to change screen resolution and magnification on the fly, the following options are available via the remote control toolbar:

Send Ctrl+Alt+Delete. This option is found under the Menu option during browser based

RemotelyAnywhere Remote Control, and you’ll need this to unlock a remote machine.

Network Here you can configure your link speed options. We recommend the Auto setting, but it is possible to force the link speed.

Other Remote Control Features

REMOTE NOTIFICATION

When you initiate a remote control session a notification message will appear on the remote screen. If you do not have full administrative rights on the remote machine, a user sitting there would be invited to decline or accept the remote session, with a default time of 10 seconds before you would be connected automatically. You can configure both the message displayed and the amount of time given to make a decision under Preferences > Remote Control.

When a remote session is in progress, a small window in the top right corner of the remote screen is displayed stating who is currently remotely connected to the machine. This message can also be configured under Preferences > Remote Control.

REMOTE PRINTING

When connected to the remote machine, and if you have remote printing enabled (under

Preferences > Remote Control) that machine’s default printer will temporarily become that of your local machine. This means that should you choose to print anything from the remote machine, you will receive it on your local printer.

A user sitting at the remote machine would be notified of this change.

REMOTE CONTROL PREFERENCES

There are a number of special features you can use to configure your remote control sessions

Copyright ©2005 • Send support questions to: [email protected]

Page 26

Copyright ©2005 • Send support questions to: [email protected]

7. Section Guide -

Remote Control

Page 27

Copyright ©2005 • Send support questions to: [email protected]

7. Section Guide -

Remote Control

7. Section Guide -

Remote Control under preferences. These are detailed in the Preferences section towards the end of this chapter under Preferences > Remote Control.

Screenshot-based Remote Control

If the client you are using is not ActiveX or Java-enabled, or for whichever reason your connection is just too slow, you might want to make use of Screenshot-based Remote Control.

In order to use this feature you’ll first need to set it as the default for Remote Control under

Preferences > Remote Control. You can switch back to ActiveX or Java Remote Control any time.

If you have Screenshot-based Remote Control enabled, this is what you’ll see when you click on

Remote Control in the left hand menu:

Page 26

The remote screen is a clickable image map, with which you can interact right on the page to some extent (clicking on buttons, right clicking) but for the most part you will have to use the toolbar at the top.

To enter text on the remote screen, you have to enter it in the send keys field in the toolbar and click send. Checking the box next to this field enables you to enter special characters and simulate special keys. Each key is represented by one or more characters. To specify a single keyboard character, use the character itself. The plus sign (+), caret (^), percent sign (%), tilde (~), and braces { } have special meanings to this function. To specify one of these characters, enclose it within braces ({}).

For example, to specify the plus sign, use {+}. To specify brace characters, use {{} and {}}.

To send special key combinations such as Ctrl+Alt+Delete, use the drop down menu to the right of the send keys field.

To specify characters that aren’t displayed when you press a key, such as Enter or Tab, and keys that represent actions rather than characters, use the codes shown below:

Key Code

Backspace

Caps Lock

{BACKSPACE}, {BS}, or {BKSP}

{CAPSLOCK}

Copyright ©2005 • Send support questions to: [email protected]

Page 27

7. Section Guide -

Remote Control

Del

End

Enter

Home

Insert

Page Up

Down Arrow

Left Arrow

Num Lock

Page Down

Right Arrow

Scroll Lock

{DELETE} or {DEL}

{DOWN}

{END}

{ENTER} or ~ ESC {ESC}

{HOME}

{INSERT} or {INS}

{LEFT}

{NUMLOCK}

{PGDN}

{PGUP}

{RIGHT}

{SCROLLLOCK}

Tab

Up Arrow

{TAB}

{UP}

F1 to F24 {F1} to {F24}

To specify keys combined with any combination of the Shift, Ctrl, and Alt keys, precede the key code with one or more of the following codes:

Key Code

Shift

Ctrl

Alt

+

^

%

For example, if you wanted to go to the beginning of an edit field, select the entire line, place it on the clipboard, and overwrite it with something else then hit Enter, you would type:

{HOME}+{END}^cThis is the new text {ENTER}

This translates into pressing the Home key (going to the beginning to the field), pressing the Shift and the End keys at the same time (selecting the entire field), pressing Ctrl+C (clipboard copy), typing the new text and then hitting Enter.

Copyright ©2005 • Send support questions to: [email protected]

Page 28

8. Section Guide - File Transfer

File Transfer

With RemotelyAnywhere’s ActiveX or Java-based File Transfer you can quickly and securely transfer files between the local and the remote computer. All data transferred between the two computers is compressed and encrypted.

This manual details the Java-based version of File Transfer. The ActiveX version, which defaults on Internet Explorer, functions exactly the same and contains only minor cosmetic differences.

As in the screenshot above, the screen is divided into two panels. The left hand panel shows the file system of the computer running the web browser. The right panel displays the remote computer’s file system.

You can use the icons at the top of the screen or your keyboard and mouse to operate the File

Transfer applet. There’s always an active and inactive panel and you can switch easily between them with the Tab key.

Copyright ©2005 • Send support questions to: [email protected]

Page 29

8. Section Guide - File Transfer

Refresh You can refresh the list with the refreshbutton, or by pressing F5.

Up You can go up to the parent directory by clicking on the Up button, or by pressing Backspace.

Goto Folder To go to a different folder click on the Goto folder button, or use the Ctrl+G key.

.combination.

Create folder You can create a new folder with the Create folder button or by pressing Ctrl+N.

Delete You can delete a folder or file with the delete button, or by pressing Delete on your keyboard.

Rename You can rename a file or folder with the Rename button or by pressing F2.

Copy You can copy a file or folder with the copy button or by pressing Ctrl+C.

Move You can move a file or folder with the Move button or by pressing Ctrl+X.

Synchronize current folders By clicking on the Synchronize current folder button (or by pressing

Ctrl+S) you can synchronise the folders on local and remote machines.

Replicate Current folder These button allows you to synchronise one way from one folder to another.

Select files You can select files with the Select files button or by pressing + on the number pad.

Deselect files You can also deselect files via the toolbar or with - on the number pad.

Copyright ©2005 • Send support questions to: [email protected]

Page 30

9. Section Guide -

Help Desk Chat

Help Desk Chat

RemotelyAnywhere’s Help Desk Chat feature allows you to communicate with the user sitting in front of the remote computer as you would with any instant messenger software. Thus

RemotelyAnywhere’s advanced diagnostic capabilities can be put to use while you’re remotely connected.

The text you type appears in the upper pane of the chat window, the remote user’s in the lower.

You can copy and paste text from and to these windows.

In order for this feature to work there must be an interactive user logged in at the remote machine.

This functionality is implemented in either an ActiveX control or Java applet. RemotelyAnywhere attempts ActiveX by default, but will switch to Java if the browser does not support it, or if the Java version is selected in the Help Desk Chat menu.

Copyright ©2005 • Send support questions to: [email protected]

Page 31

10. Section Guide -

Computer Management

Computer Management

Under Computer Management you can take advantage of a wealth of RemotelyAnywhere administrative features including the File Manager, data on the Processes, Services and Drivers of the remote machine and rebooting.

File Manager

Clicking on File Manager under System Administration in the menu presents the following interface:

10. Section Guide -

Computer Management

The File Manager displays a list of all available drives, together with their capacity and available space.

Clicking on the drive names will take you into the root directory of that drive, where all files and directories are also links. Clicking on the name of a subdirectory will take you into it and produce a listing. If you click on the name of a file, RemotelyAnywhere will send it to your browser.

You can select multiple consecutive files with the Shift key, or non-consecutive files with the Ctrl key. Then, using the toolbar or by right-clicking you can copy, delete, or move the files. Also:

By clicking the Execute button, RemotelyAnywhere will attempt to launch each selected file on the host computer.

The Edit button lets you edit small text files within your browser. This is useful for changing

Copyright ©2005 • Send support questions to: [email protected]

Page 32

Copyright ©2005 • Send support questions to: [email protected]

Page 33

Copyright ©2005 • Send support questions to: [email protected]

10. Section Guide -

Computer Management

Page 32

10. Section Guide -

Computer Management small configuration or batch files without downloading or uploading.

The Attributes button lets you change file attributes, such as Hidden, Read-Only, etc.

The Permissions button lets you specify new Windows NT permissions on the selected objects if the file system supports it.

Clicking the Upload button uploads files to the current directory.

FIELDS DISPLAYED IN THE FILE MANAGER

Icon A small icon indicating the file type

Name File name and extension

Attributes File attributes (i.e. read-only, system, etc.)

Permissions Indicates what actions the user can perform on the object (i.e. read, write, change, etc.)

Size

File size

Created File creation time

Last modified Last modification time

Last accessed Last access (read or write) time

Owner The owner of the file

The following properties are also displayed as tooltips:

-The name of the application that might have this file open

I f the file system supports compression

-Tthe amount of storage the file takes up on disk and also the effectiveness of compression, if applicable

The Quick Jump field accepts a path name. Entering a directory (for example C:\Winnt\System32\

Drivers) and clicking on the Quick Jump button will immediately take you to the requested location, without having to click your way there. This can be helpful over slow connections.

Clicking on header fields will change the sorting order of the file list to the relevant column. For example, to sort files by modification time rather than name, simply click on the header field for that column. To sort in descending order, click the header field of the currently active sorting field again.

XP/2000/NT4 only

User Manager

Clicking on User Manager under System Administration in the menu you will be able to access

RemotelyAnywhere’s full-blown user manager. This supports all the features of NT’s built-in User

Manger.

XP/2000/NT4 only

Event Viewer

If you select Event Viewer under Computer Management in the left-hand menu you can view the

Copyright ©2005 • Send support questions to: [email protected]

Page 33

10. Section Guide -

Computer Management

NT logs of the remote machine. This feature is very much like NT’s Event Viewer.

You’ll see a listing of log entries on your screen. Clicking on an entry will display its details.

You can choose to clear the contents of the log file by pressing the Delete button in the toolbar. If you specify a filename, the event log will be backed up before being erased.

You can also have RemotelyAnywhere send email alerts to a specified email address when log entries matching a given criteria are entered into any of the event logs.

See Scheduling & Alerts > Email Alerts for more information on this feature and its uses.

XP/2000/NT4 only

Services & Drivers

When you click on Services or Drivers under Computer Management you will see this:

The format of the Services and the Drivers lists are identical. These lists display the names and statuses of all the services (or drivers) installed on the remote machine.

Clicking on the name will show you more detail about the selected object and allows you to control it. You can also change its startup options. When specifying a user account to be used by a service, it must be in DOMAIN\USER form. If you want to use a local user account, you can type .\USER.

Copyright ©2005 • Send support questions to: [email protected]

Page 34

Copyright ©2005 • Send support questions to: [email protected]

10. Section Guide -

Computer Management

Page 35

10. Section Guide -

Computer Management

10. Section Guide -

Computer Management

In the list of objects, the status field shows Stopped, Running, Starting, Stopping, etc.

RemotelyAnywhere looks through the list of services and drivers, and if it finds one that is set to start automatically but is not running, their status will be shown in red. This alerts you to the fact that the service should be running, but isn’t.

By selecting a service you can drill down and find out more about its properties as well as starting, stopping or restarting them.

Processes

When you click on Processes under Computer Management in the lefthand menu a window like this will appear:

Copyright ©2005 • Send support questions to: [email protected]

Page 34

The output of this function will give you a listing of all processes running on the remote computer.

The list is hierarchical: a parent process will have its child processes listed beneath it, with indentation indicating relationships. Please note that this is for information purposes only, since

Windows reuses process IDs.

The following information is available either in the list, by clicking on an item or as tooltips:

PID The internal Windows NT Process ID.

Name The name of the executable file with full path. This works as a link, and clicking on it will give you some very detailed information on the process. On that page, you have the option of changing the priority class or the processor affinity for the selected process. This data is arranged under the following tabs for easy viewing: General, Threads, DLLs, Open Files, Registry Keys in

Use.

Version The version of the program, if given.

Copyright ©2005 • Send support questions to: [email protected]

Page 35

10. Section Guide -

Computer Management

Description The description of what the program does, if given.

Memory Used The amount of memory in use by the process in kilobytes.

Created The date and time the process was started.

CPU Time The amount of CPU time (d hh:mm:ss) the process has used.

Priority The priority class of the process.

Type The type of the process (service or interactive).

Account The user account the process runs under.

End Process Clicking the End Process icon in the toolbar will have RemotelyAnywhere kill the process. The process will be terminated immediately.

The Refresh button will retrieve and display the latest process list.

Registry Editor

This option (System Administration > Registry Editor) enables you to edit the registry of the host computer. First, the registry roots (HKCR, HKCU, HKLM, etc.) are displayed, and you can drill down into them by clicking on their names.

Registry keys are displayed in a hierarchical tree. Key values are also displayed, with their name, type and value.

You can edit values that are of either text (REG_SZ, REG_EXPAND_SZ or REG_MULTI_SZ) or integer (REG_DWORD) type and REG_QWORD type values. Binary, etc. values are only displayed but cannot be edited.

Using the buttons in the toolbar you can add a subkey, add a value or delete the currently opened key.

Command Prompt

You can access a command prompt from within your browser by selecting Command Prompt under Server Functions in the menu. The Telnet client, written as a Java applet, provides encryption and data compression for security and speed. The Telnet and SSH server included with RemotelyAnywhere lets you access a command prompt on a remote computer from terminal emulator software or a web browser.

You can either use the Java Telnet client that’s part of RemotelyAnywhere, or any other terminal emulator you like. There are several reasons to stick with our client:

It’s secure - it uses the same encryption that’s employed by the remote control module. It’s fast, since it uses sophisticated data compression to achieve high throughput. And finally, it lets you

transfer keystrokes that terminal emulators don’t handle, such as the Alt key. You can also use your mouse in console applications that support it.

If you decide to use a terminal emulator instead, you will need to connect to the Telnet port (23)

Copyright ©2005 • Send support questions to: [email protected]

Page 36

Copyright ©2005 • Send support questions to: [email protected]

10. Section Guide -

Computer Management

Page 37

Copyright ©2005 • Send support questions to: [email protected]

10. Section Guide -

Computer Management

10. Section Guide -

Computer Management or the SSH port (22). You can change the default listener ports in the configuration dialogs to any available port. Should you need to send a special keystroke to the server, just press Ctrl-Q and a virtual keyboard will pop up. You can then move the pointer over the desired key with the cursor keys, and press Enter to send it. If you want to send a combination of several keys at the same time, you can select the keys with Space, and then press Enter after selecting the last key of the combination.

When a connection is initiated from a terminal emulator, you will be asked to log on.

This is handled automatically by SSH clients, so you need to enter your username and password in the SSH client itself. RemotelyAnywhere currently supports the SSH1 and SSH2 protocols with password authentication. To specify a Windows NT/2000 domain, you can enter it as part of the username, separated from the actual login name with a backslash character. For example:

DOMAIN\Username.

With Telnet clients, you need to enter your credentials in clear text during the session. You are asked for your username, password, and Windows NT/2000 domain.

After successfully logging in, you will be asked if you want full console support. If you answer with No, you will only be able to use stream-mode programs — applications that take over the whole console window, like Edit.com, Norton Commander, the Far file manager, etc. will not work. However, if you are only planning to use command-line utilities, you can safely say No to this question and you will be right at the command prompt.

If you answered yes to the previous question, you will be asked to specify the console window size. A default value is provided for you. You should make sure that the terminal emulator you are using supports it and is set to the size you enter here.

Finally, if you have an ANSI compliant terminal emulator, you can choose to use ANSI color support during the session.

Should you disconnect your terminal emulator, or go to a different page in the browser window containing the Telnet client applet, all applications you have running in the Telnet session are left active.

You can reconnect to this Telnet session by simply logging in (or loading the applet) again. There is a timeframe for this though: if you do not reconnect within an hour, all your telnet applications, including the command shell, are terminated. You can change the timeout value from the default one hour to anything you like in the configuration dialogs.

To close the Telnet session for good, type exit at the command prompt.

Reboot

When you click on Reboot under System Administration in the lefthand menu you will see the following window:

Page 36

Copyright ©2005 • Send support questions to: [email protected]

Page 37

10. Section Guide -

Computer Management

With this feature you can reboot the machine. You have five choices.

Restart RemotelyAnywhere Restarts the RemotelyAnywhere service. It does not reboot the remote machine. This is useful if you change settings like the listening port and have no physical access to the machine in order to restart the service.

Normal Reboot Closes all processes and reboots the remote machine in an orderly fashion.

Emergency Reboot Does not allow applications and other processes to terminate gracefully, so you might lose unsaved data. Windows will, however, shut down nicely and flush all outstanding file operations to disk. This can be useful if there are hung processes that prevent NT from shutting down normally.

Hard Reboot Reboots as quickly as possible. This option will not allow Windows to terminate gracefully, so you might lose unsaved data. Since rebooting is immediate (just like pressing the reset button) you will not receive any feedback from RemotelyAnywhere when clicking this button.

Scheduled Reboot This allows you to schedule a date and time to automatically reboot the computer. This is useful if the reboot is not urgent and can take place during off-peak hours.

Copyright ©2005 • Send support questions to: [email protected]

Page 38

11. Section Guide -

Computer Settings

Computer Settings

In addition to the administrative features available under Computer Management, you can also view and modify a number of settings on the remote machine, from Environment Variables to

Automatic Priorities.

Environment Variables

Here you can view and make changes if necessary to Environment Variables on the remote machine. User environment variables that are defined by you or by programs are listed here, such as a path where files are located. It looks like this:

Virtual Memory

When you click on Virtual Memory under System Administration in the menu this what you will see:

This option allows you to change virtual memory settings on the remote computer. Simply enter a minimum or maximum size for the paging file next to a drive listed above and click the Apply button. Entering zero values both for the minimum and maximum size will remove the paging

Copyright ©2005 • Send support questions to: [email protected]

Page 39

11. Section Guide -

Computer Settings file from the drive.

You will need to reboot the computer for any changes to take effect.

Time

You can edit the time on the remote computer under Computer Settings > Time. Simply enter the correct values and click the Apply button. Please note that the time is displayed according to the time zone settings of the host computer.

Automatic Login

This option lets you enable or disable NT’s autologon feature. You can also do this via the registry or with other small utilities, like the one included in the NT Resource Kit.

Enabling autologon will cause the server to bypass the logon screen after system startup and log in with the username and password specified here.

This is a potential security risk: the username and password are stored in the registry in clear-text format.

Shared Resources

When you click on Shared Resources under System Administration in the menu this what you will see:

This function gives a detailed report of all shared resources on the remote computer, including shared folders, administrative shares, and printers etc.

This screenshot shows the C$ administrative share. The Path link takes you to the directory in

File Manager. The connections list shows open files, if any, and these files can be closed forcibly by clicking on the Close button.

Access permissions active on the object are also shown in detail, except for administrative shares where permissions cannot be set.

The Delete Share button removes sharing from the object.

Copyright ©2005 • Send support questions to: [email protected]

Page 40

Copyright ©2005 • Send support questions to: [email protected]

11. Section Guide -

Computer Settings

Page 41

11. Section Guide -

Computer Settings

11. Section Guide -

Computer Settings

XP/2000/NT4 only

Automatic Priorities

Automatic Priorities (System Administration > Automatic Priorities) lets you direct

RemotelyAnywhere to automatically change process priorities. If you’ve ever wanted to run a backup on your server without impacting performance or archive a huge directory structure using zip/winzip on a live web server without putting additional load on the machine you’ll find this feature useful. Likewise if you’ve ever wanted your workstation to be responsive while you browse the web on your workstation during a lengthy compile.

When you click on Automatic Priorities, you are taken to a dialog that shows you a list of executables and their target priorities. By default the list is empty, so you’ll need to click on Create in the toolbar. On the dialog that comes up, enter the name of the executable, and select the target priority from the dropdown box. The name of the executable is without paths, so, for WinZip it’s

WINZIP.EXE, for the Microsoft C compiler it’s CL.EXE, etc. The target priority is usually Idle.

This puts your process in the same priority class as the screen saver, meaning that it will only get a chance to make any progress if it does not compete for CPU power with other processes. You can also select a target CPU for the process. This allows you to divide processes amongst CPUs on an

SMP machine to suit your needs. Click on Add and you are taken back to the previous list that is now showing your executable’s name and the priority class you selected.

If there are entries in the above list, RemotelyAnywhere will scan the process list on your machine every ten seconds, looking for the process names you entered. If RemotelyAnywhere finds one and its priority class does not match the one you specified it will be changed to your preference.

Copyright ©2005 • Send support questions to: [email protected]

Page 40

Copyright ©2005 • Send support questions to: [email protected]

Page 41

12. Section Guide -

Server Functions

Server Functions

Under Server Functions you can find all the pages you’ll need to make use of RemotelyAnywhere’s powerful FTP and Port Forwarding capabilities.

RemotelyAnywhere Server Edition comes with an extremely versatile FTP server. You can set up an unlimited amount of FTP servers on one computer, each with its unique IP address and port combination. You can create users and groups for your FTP server, or you can use the built-in

Windows NT accounts for rights management.

If logging has been enabled in Preferences > Log Settings the FTP Server will log all user activity to the main RemotelyAnywhere log file.

FTP Configuration

When you click on FTP Configuration under Server Functions in the menu this what you will see:

The options for creating and managing the settings for your FTP servers, users and groups are arranged into three tabs. We will address the content of each tab in turn.

FTP SERVERS

In order to create a new virtual FTP server on your machine you need to define at least one virtual

FTP server on the FTP Servers tab of the FTP Configuration screen. If no FTP servers are defined then this screen will be blank, but for the New FTP server button.

Once you have defined a new server they will be shown in a table as in the screen shot above. You can delete a server by clicking on the red box in the delete column to the right of a given server.

The server can be started and stopped by clicking on the status indicator to the left of the virtual server.

A green circle indicates that the server is running, and a red one shows that it is stopped. This may be either because it was stopped manually, it has been disabled, or it was not able to start due to an error.

When you stop an FTP server on this screen its status will change to Disabled. This means that when you reboot the computer the server will not be started automatically. Likewise, if you start a stopped or disabled FTP server it will be Enabled, and it will start automatically on rebooting.

New FTP Server To set up a new FTP server click on New FTP server at the bottom of the FTP servers tab. This will bring up the New FTP server dialog screen, which will look something like this:

Copyright ©2005 • Send support questions to: [email protected]

Page 42

Copyright ©2005 • Send support questions to: [email protected]

12. Section Guide -

Server Functions

Page 43

12. Section Guide -

Server Functions

12. Section Guide -

Server Functions

Copyright ©2005 • Send support questions to: [email protected]

Page 42

You can specify the following settings for your new FTP server here:

Name The name of the virtual FTP server. This is for reference purposes only. You can call your server whatever you want. This is what will be displayed on the FTP configuration screens, the login message from the FTP server, and so on.

TCP/IP port to listen on The port in use by the virtual FTP server. The default is the standard

FTP port, 21.

TCP/IP address to listen on The IP address to use. You can select one item from the list. If you select All available interfaces the virtual FTP server will listen on all assigned IP addresses.

IP Filter The IP Filtering drop down lets you specify the IP addresses from which to accept connections. By default, the clients can come from any IP address. The IP filtering engine is the same as that used by RemotelyAnywhere itself. Please see the section on IP filtering under

Security for more information.

Port range for passive data transfers (inclusive) This feature is relevant to passive mode data connections (PMDCs), also known as PASV mode in some clients. In such cases the data channels are opened by the client and the server communicates a PASV reply stating which address and port to connect to. However, servers behind firewalls and/or routers may have problems with the use of the reported address and/or port.

If the server is behind a firewall there may be a problem with the port on which PMDCs are accepted. By default the server tries the port (server port - 1). For example, the server will try port

20 if it is on the default FTP port of 21. If multiple clients were to try to establish simultaneous data connections this would fail and the server would query Windows for an arbitrary free port.

Behind a firewall connection to random ports will not work. To avoid this, you can specify a range of ports on which to accept PMDCs. If these ports are open on the firewall then the connection will be established.

IP address of the network interface connecting to NAT router and External IP address of

NAT router By default the server examines the local IP address to which the client is connected and accepts the PMDC on that address. In a NAT environment this is likely to fail, because the server’s local IP address is not externally visible for access from the Internet. To avoid this we can

Copyright ©2005 • Send support questions to: [email protected]

Page 43

12. Section Guide -

Server Functions configure the FTP server to report a user specified IP address instead of the local one, although only for connections passing through the router. Thus we must specify the IP address of the network interface connecting to the router, and that to report to clients opening PMDCs through this interface. This should be the router’s external IP address.

Subnet mask of network interface connecting to NAT router In the above scenario a problem remains, which is that clients connecting from the LAN, possibly using the same network as the router would be redirected to open the PMDC using the external address. Most routers do not support this. Thus there is a third setting which allows you to specify the subnet mask of the network interface. Clients connected from the same subnet as the router will not be redirected. If the subnet parameter is not specified all connections from the interface will be redirected.

A typical FTP server setup behind an NAT router and a firewall

Imagine a machine on which RemotelyAnywhere has been installed with a local IP address of

192.168.1.2 (subnet mask 255.255.0.0) and the external IP address of 123.45.67.89 (belonging to a

NAT router/firewall). We would need to do the following in order to set up an externally accessible

FTP server on this machine:

1. Create an FTP server within RemotelyAnywhere with the default settings, listening on all available interfaces, with the default FTP port of 21.

2. On the main configuration page of our new FTP server set the IP address of the network interface connecting to the NAT router as 192.168.1.2, the subnet mask to 255.255.0.0, and the external IP address to 123.45.67.89

3. Set the port range for passive data transfers to 5200-5299

4. Configure your router so that it forwards connections to 123.45.67.89:21 to 192.168.1.2:

21 and make sure port 21 is open on the firewall.

5. Configure the router to forward connections to 123.45.67.89:5200-5299 to 192.168.1.2:

5200-5299 and make sure that you open the 5200-5299 port range on the firewall.

6. Finish configuring your remaining FTP settings (security, users, etc.)

The server is enabled If a server is enabled it will start automatically with RemotelyAnywhere. If disabled you will need to start it manually.

Use implicit SSL encryption Here you can set your new virtual FTP server to use implicit

SSL encryption. Please note that if a server uses implicit SSL connections, it will accept these connections alone and clients must be configured accordingly. Most clients default to port 990 when creating implicit SSL FTP site entries.

Root directory The root directory for the virtual FTP server. If you leave this field blank the drive list will be used as the root.

Resolve shell links If you enable this option, shell links (.lnk files) pointing to directories will be displayed as directories, enabling you to use Unix and Windows 2000-style hard links.

Download bandwidth limit The global download speed limit for the server. No matter how fast users are accepting data, the server will not send it any faster than the speed specified here.

Upload bandwidth limit The global upload limit to the server. No matter how fast users are sending data, the server will not accept it any faster than the speed specified here.

When you’ve filled in the required data to define your new server, click apply. The following FTP server configuration pages will become available as buttons at the bottom of the page:

• Security

• NT Users

• Welcome

• ODBC

Copyright ©2005 • Send support questions to: [email protected]

Page 44

12. Section Guide -

Server Functions

SECURITY

The Security dialog lets you specify various security and connection-related options. It will look like this:

Maximum number of simultaneous connections The maximum number of simultaneous connections to the FTP server. Setting it to zero means that there are no limits.

Maximum number of failed login attempts If a user fails to log in with this many tries the connection will be dropped.

Login timeout The maximum number of seconds the user can take to log in.

No transfer timeout The connection will be considered idle and will terminate after the specified number of seconds have elapsed on an open connection without a file transfer or directory listing.

Stalled transfer timeout This is the amount of time a file transfer can spend without sending or receiving any data before it is considered stalled and thus terminated.

Allow keep-alives FTP clients use various commands to keep the connection from being idle.

When enabled, FTP commands such as CWD, PWD or the ubiquitous NOOP will reset the No

transfer timeout counter (described above). If disabled, only an actual file transfer or a directory listing will reset the counter.

Thread priority You can select the priority of the threads servicing users for the FTP server. If you are running an FTP server on an otherwise busy web server it might be a good idea to set the priority to a lower value than the default Normal setting.

Allow unsecured FTP connections If this option is disabled the FTP client must support and utilize SSL.

Allow data connections to go to different IPs than that of the control connection (enable

FXP, basically) The FTP protocol uses two connections: The control connection and the data connection. The data connection is where all the raw data is sent, the control connection is used to send commands to the server and receive replies. Normally data connections are set up to the same IP address as that of the control connection, but in order to facilitate server-to-server file transfers it may be desirable to allow data connections to go to different IP addresses. If you are not using server-to-server transfers you can safely disable this option.

Copyright ©2005 • Send support questions to: [email protected]

Page 45

12. Section Guide -

Server Functions

Quoted password changes This determines whether the parameters of the SITE PSWD command are in quotes or simply surrounded by a space. (SITE PSWD oldpwd newpwd vs. SITE

PSWD “oldpwd” “newpwd”).

Which form is used depends on the targeted FTP client.

Anti-hammer filter

This feature is similar to RemotelyAnywhere’s IP address lockout settings. By default if 4 bad logins occur from an IP address within one minute, the IP address will be locked out for one hour.

Number of invalid attempts before locking out

You can change the number of bad login attempts from 4 to anything you want.

Reset invalid attempt count after You can modify the time before the invalid attempt count is reset to zero.

Lock out for You can choose the duration for which the user is locked out after the specified number of invalid attempts has been made.

NT Users You can connect to the newly defined FTP server with any FTP client, but you are not able to log in until you have created a new FTP user and give them access to the server or you can allow any Windows NT user to access the new virtual FTP server.

The difference between FTP users and NT users is simple.

NT users are pre-existing users in the Windows NT user database. Creating and managing them is done via the User Manager – either the HTML-based one included in RemotelyAnywhere, or the User Manager applet that comes with Windows. You cannot explicitly tell the FTP server the directories and files to which the user has access, but Windows access rights will be enforced. If a user can access a file below the server’s root directory locally or over the network, he will be able to do so via FTP as well. If a user has no rights to a file or a directory, he will not be able to access the object with FTP either. This is enforced by the FTP server by having the thread servicing the user impersonate him towards the operating system as soon as login is complete.

FTP users, on the other hand, are created and managed within the FTP configuration pages.

You can tell the server which files or folders the user can access, where he can read from, where he can write to. When an FTP user logs on, the thread servicing the user is executing under the

LocalSystem account by default. This is rather undesirable, so you can specify an NT user account on a per-server basis that will be impersonated when servicing FTP users. We will return to FTP users later in this chapter, when discussing the content of the FTP users tab.

Clicking on the NT Users button will bring up the following dialog:

Page 46

Copyright ©2005 • Send support questions to: [email protected]

Copyright ©2005 • Send support questions to: [email protected]

12. Section Guide -

Server Functions

Page 47

Copyright ©2005 • Send support questions to: [email protected]

12. Section Guide -

Server Functions

12. Section Guide -

Server Functions

The Windows NT account whose permissions are assigned to FTP users fields let you specify a username, domain and password for an existing Windows NT account. This is used when an

FTP user logs on: the thread servicing the user will be impersonating this account towards the operating system. If you enter an incorrect username or an incorrect password here, the FTP user will receive a ‘Login incorrect’ message from the FTP server, even if he enters his credentials correctly.

To grant access to a Windows NT user or group on the FTP server, select its name in the list on the

right and click the Update button. To revoke access from a user or a group, select its name in the

list on the left, and click the Update button.

To list user accounts from a domain rather than from the local computer, enter the domain’s name in the ‘default domain’ field and click the Update button.

Now that you have granted access to an NT user, you can use an FTP client to connect and log in to the FTP server. The user will have access to all files and directories below the server’s root directory. However, on an NTFS file system, NT access restrictions will apply. For example, if the user does not have the rights to read or write in a certain directory, he will not be able to do so via

FTP either. The FTP server enforces this in a very effective way: the thread servicing the user will impersonate him towards the operating system as soon as login is successful.

WELCOME

The Welcome dialog allows you to view and modify the welcome message for your users:

Page 46

The first message the user will see when they log in will be the RemotelyAnywhere welcome banner. If you do not wish to let the outside world know which FTP server you are running, you can disable this via the checkbox at the bottom of this window.

The next message the user will see looks like this by default:

------------------------------------------------------------

Welcome to the _!SERVER_NAME!_ FTP server, running on _!OS_VERSION!_.

The server has been up for _!SERVER_UPTIME!_.

Data downloaded: _!BYTES_DOWN!_

Data uploaded: _!BYTES_UP!_

Sessions serviced: _!TOTAL_LOGINS!_

------------------------------------------------------------

You can change this to anything you like, or leave it blank if you’d prefer no login message for your users. If you disable both the banner and the welcome note, the FTP Server will just send

Copyright ©2005 • Send support questions to: [email protected]

Page 47

12. Section Guide -

Server Functions

‘Welcome’ whenever somebody connects to the FTP port. This is because the FTP specification requires a server to send a code and some text when a connection is established.

By default, the post-login message looks like this:

------------------------------------------------------------

Welcome, _!USER_NAME!_, to _!SERVER_NAME!_.

Your last successful login was at _!LAST_LOGIN!_.

Good logins so far: _!GOOD_LOGINS!_.

Bad logins so far: _!BAD_LOGINS!_.

You have uploaded _!BYTES_UP!_ and downloaded

_!BYTES_DOWN!_ in your previous sessions.

------------------------------------------------------------

User logged in.

The final line reading User logged in cannot be customized, as this is a requirement of FTP protocol. The rest you can change to suit your preferences, or leave blank.

The following variables can be inserted into the welcome messages, and they will be automatically replaced with their corresponding values:

_!SERVER_NAME!_

The name of the FTP server.

_!OS_VERSION!_

The operating system and its version.

_!SERVER_UPTIME!_

The amount of time the server has been up.

_!BYTES_UP!_ and _!BYTES_DOWN!_

The amount of data uploaded and downloaded. These variables behave differently when used in the pre-login or post-login messages. In the pre-login message, they represent a server-wide value, while in the post-login message they represent the amount of data transferred by the user.

_!TOTAL_LOGINS!_

The number of successful logins to the FTP server. Only valid in the pre-login message.

_!GOOD_LOGINS!_ and _!BAD_LOGINS!_

The number of logins and unsuccessful login attempts. Only valid in the post-login message.

_!LAST_LOGIN!_

The last successful login by the user. Only valid in the post-login message.

These welcome messages are server-wide settings, and apply to all users and groups. When you specify a welcome message for an FTP group or an FTP user, it will override the post-login message defined here.

ODBC ACCESS

The ODBC option allows you to specify a database as a source of user information as in the image on the next page.

With this dialog you can set up a database to contain user information. This can be any database type: Oracle, SQL Server, Microsoft Access, or even a plain text file. You need to create an ODBC data source that refers to this database so that RemotelyAnywhere can access it. The data source must be a so-called Machine Data Source, as this is the only ODBC source available to processes

Copyright ©2005 • Send support questions to: [email protected]

Page 48

Copyright ©2005 • Send support questions to: [email protected]

12. Section Guide -

Server Functions

Page 49

Copyright ©2005 • Send support questions to: [email protected]

12. Section Guide -

Server Functions running in the system context.

12. Section Guide -

Server Functions

Page 48

When you have your database and ODBC data source ready, we advise you to test it by querying it with a tool that supports ODBC queries, such as a spreadsheet program.

You should have all user information available in one table. If you already have a user database and user information is in separate tables, you should set up a query within your database that contains all user-related fields. RemotelyAnywhere only reads from the database.

The above screenshot is set up for the following scenario:

Suppose that you have a user database in a data source called FTPUsers. The user information is present in a database table called Users. A database user called ra is able to read from the Users table. You should also supply the password for this user in the above form.

The Users table can have any number of fields in any order, but the above figure assumes that these fields are present:

login (character string)

password (character string)

homedir (character string)

quota (integer, in bytes, optional)

downstream (integer, speed in bytes/sec, optional)

upstream (integer, speed in bytes/sec, optional)

disabled (integer, zero or non-zero, optional)

maxconns (integer, optional)

maxconnsperip (integer, optional)

welcome (character string, optional)

The only three mandatory fields are login, password and homedir. The login and password fields contain the user’s login name and password, in clear text. The homedir field must contain the user’s home directory, which can be an absolute path (such as z:\ftp\users\~john) or it can be relative to the server root (such as /users/~john).

Users have full access to their home directory, but have neither read nor write permissions outside of it.

The quota field will not let the user store more data in his home directory and its subdirectories

Copyright ©2005 • Send support questions to: [email protected]

Page 49

12. Section Guide -

Server Functions than the number of bytes specified here.

The downstream and upstream fields restrict download and upload speed. They are optional, and should be an integer number specifying bytes per second.

The disabled field should be an integer. When it’s non-zero, the user is disabled and cannot log in.

The maxconns field specifies the maximum simultaneous connections to this FTP server for a user.

The maxconnsperip field specifies the maximum simultaneous connections per unique IP address for a user.

The welcome string, if used, should contain a custom welcome message for the user.

FTP USERS

If you click on the FTP users tab under Server Functions > FTP Configuration you can view, create or modify your existing FTP users. These are only defined in RemotelyAnywhere and unlike NT users they do not exist outside of the FTP server.

As on the FTP Servers page, users are shown in a table, with a delete column to the right.

Below this is the New FTP user button.

NEW FTP USER

To create a new FTP user click on the New FTP user button on the FTP Users tab of the FTP configuration page.

Enter the desired username and password in the above dialog. You can also specify upload and download speed limits for the user. If not set to zero (meaning disabled) these options override the global FTP server settings.

You can also enable or disable their ability to change this password, and select an IP from the IP filter drop down menu.

Click Apply to create the user.

When you create a new user the following options become available:

Groups

Permissions

Ratio

Disable

Home/Quota

Max Connections

Welcome

Copyright ©2005 • Send support questions to: [email protected]

Page 50

Copyright ©2005 • Send support questions to: [email protected]

12. Section Guide -

Server Functions

Page 51

Copyright ©2005 • Send support questions to: [email protected]

12. Section Guide -

Server Functions

12. Section Guide -

Server Functions

Permissions Report

The newly created user cannot log in yet: you have to assign permissions to them for an FTP server and a path so that the user is able to use the account.

To allow anonymous access to an FTP server, you should create an FTP user called anonymous.

This user account is special: no password checking is done upon login. You can assign permissions to the anonymous user account as you would to any other user. By default, the newly created anonymous user has no rights to any virtual FTP server defined.

Groups This dialog lets you specify the FTP groups to which the user belongs. For more details on

FTP groups, please see the next section.

Selecting a group that the user is a member of and clicking the Update button will remove the user from that group. Selecting a group that the user is not a member of and clicking the Update button will add the user to that group.

The Back button takes you back to the main user editing dialog.

PERMISSIONS

The following dialog lets you edit users’ access to directories, and it looks like this:

Page 50

This dialog lets you edit users’ access rights to directories. To grant access to a directory on a server, select the virtual server from the server list, select the type of rights you wish to assign to the user, enter the path to the directory and click the Update button.

The path you specify can be a full path, containing a drive letter, or a path relative to the server’s root directory. If you assign rights to a path that is not within the server’s root directory, the setting will have no effect at all.

Copyright ©2005 • Send support questions to: [email protected]

Page 51

12. Section Guide -

Server Functions

The following rights are possible:

L

– Show directory contents.

Allows the user to list the contents of the directory.

R – Read file.

Download files from the directory.

C

– Create subdirectories.

Create new directories in the directory.

D – Delete/rename file.

Delete or rename a file or a directory. Also required to be able to overwrite files.

W

– Create/modify file.

Create a new file and/or write data to it.

Full access.

All of the above.

The above settings let the user access FTP Server 1 – he has full control over the contents of the server. These rights only apply to the root directory of the server and all directories below that. The user also has list, read and write access to the c:\work directory on FTP Server 2. However, the user has no rights at all to the c:\work\java directory on FTP Server 2. The user has no rights at all on FTP Server 3, meaning he cannot even log on.

The rights you specify for a directory are automatically inherited by its subdirectories, unless you specify different rights for them.

The following method is used when checking access rights to a directory:

1. The current virtual server’s access list is enumerated for the current user.

2. When the directory closest to the directory in question is found, the access rights specified for that directory is used. For example, if the user has LRW rights for C:\Work, he has LR rights for C:\Work\CPP, and the directory in question is C:\Work\CPP\

Project1, only LR rights are returned – meaning that the user can only list and read files, but not write to them.

3. If an NT user is specified for the server to run FTP accounts under, further Windows

NT-enforced restrictions might apply, based on file system permissions.

You can also make the user member of one or more groups, and these groups can also be members of one or more groups. For an explanation of this scenario, please see the FTP Groups section of this document.

RATIO

The following dialog lets you edit the upload/download ratio settings for the user.

This dialog lets you edit the upload/download ratio settings for users. The upload/download ratio lets you control how much data the user has to upload before he can download anything.

If the Upload ratio is set to 1, and the Download ratio is set to 5, the user can download 5 bytes for every byte uploaded. If it were the other way around, the user would have to upload 5 bytes to be able to download one. You can enter any positive integer number in either of these fields.

Copyright ©2005 • Send support questions to: [email protected]

Page 52

Copyright ©2005 • Send support questions to: [email protected]

12. Section Guide -

Server Functions

Page 53

Copyright ©2005 • Send support questions to: [email protected]

12. Section Guide -

Server Functions

12. Section Guide -

Server Functions

There are four possible settings for the Ratio type:

1. None. The user is a normal user, and can download any file he has read access to, without having to upload first.

2. Per session. When the user logs in, his counters are zeroed. Should he lose connection while uploading or downloading, any remaining credits he has will be lost.

3. Per user. The user’s credits are remembered over sessions. It is not recommended if you want several users to share the same account.

4. Per IP. Even if the user loses connection, his credits are remembered, if he logs in again from the same IP address. This does not cause a problem, even if the user account is shared by hundreds of concurrent users.

The Per IP ratio information expiration time setting allows you to expire the per-IP credits after a certain amount of time. If the user logs back from the same IP address after not visiting the server for this much time, he will have to start over building up his credits.

The ratio setting applies to all virtual servers.

To let the user download files without uploading, you can specify a starting credit. The amount given is in kilobytes – the user will be able to download the specified amount of data without uploading.

DISABLE

The following dialog lets you explicitly disable (or ban) a user on a virtual FTP server.

Disabled users cannot log in, even if they have rights on an FTP server. You can also disable a connected user from the FTP status page.

HOME/QUOTA

The dialog below lets you specify home directories for the user.

Page 52

A home directory is basically the entry point for a user on an FTP server. When the user logs in,

Copyright ©2005 • Send support questions to: [email protected]

Page 53

12. Section Guide -

Server Functions he will find himself in the directory you specify here. If no home directory is specified, he will be logged in to the server’s root directory.

The user can move out from his home directory if he has rights to an outside directory.

You can use a full path, starting with a drive letter, when specifying home directories – or you can enter a relative path to the server’s root directory. Home directories specified above the server’s root directory are disregarded.

You should make sure that the user has rights to his entry point on the server – either to his home directory, or if the home directory is not specified, to the root directory of the server. If the user has no rights to the entry point, he will not be able to log in.

You can specify quotas for your users. Quotas are only enforced on home directories, and apply to all files contained in the home directory and its subdirectories. If a user has rights to upload files outside of his home directory, he will be able to do so without restrictions – quotas only apply to the home directory and its contents.

Since Windows does not support disk quotas for user accounts, RemotelyAnywhere has to enforce them. When a user starts to upload a file, the FTP server quickly scans the contents of the directory to determine if the user is below or above the quota. If the quota is not exceeded, the upload can be started – however, the FTP server will interrupt the transfer as soon as the file being uploaded starts to exceed the specified quota.

Home directory quotas are entirely optional, by leaving the field empty you choose not to limit the amount of data that can be stored on the server by the user.

MAXIMUM CONNECTIONS

You can specify the maximum number of simultaneous connections for a user account in this dialog. By default, a user account can be used to log in any number of times, until exhausting the maximum number of connections for the virtual FTP server, or exhausting the resources of the computer.

Simply select the server on the right, enter the number of maximum simultaneous connections in the Count field and click the Update button.

To remove a limitation, select it in the list on the left and click the Update button.

You can also limit the number of simultaneous connections for the user from a computer or IP address. The Per IP field serves this purpose. When left blank, or a zero is entered, this limitation is disabled. If you enter a numeric value, a single computer can be used to log in that many times with the account.

Copyright ©2005 • Send support questions to: [email protected]

Page 54

Copyright ©2005 • Send support questions to: [email protected]

12. Section Guide -

Server Functions

Page 55

Copyright ©2005 • Send support questions to: [email protected]

12. Section Guide -

Server Functions

Page 54

12. Section Guide -

Server Functions

It is a good idea to limit certain user accounts (for example the Anonymous account) this way. An overall maximum connection limit ensures that the server cannot be overloaded by thousands of

Anonymous users, and a Per IP limitation makes sure that no single user can take up all available connections.

WELCOME

You can compose a custom welcome message for the user in this window.

------------------------------------------------------------

Welcome, _!USER_NAME!_, to _!SERVER_NAME!_.

Your last successful login was at _!LAST_LOGIN!_.

Good logins so far: _!GOOD_LOGINS!_.

Bad logins so far: _!BAD_LOGINS!_.

You have uploaded _!BYTES_UP!_ and downloaded

_!BYTES_DOWN!_ in your previous sessions.

_!QUOTA!_

------------------------------------------------------------

Messages specified here override any post-login message specified for the virtual FTP server. In this case, messages specified for any groups the user belongs to will be disregarded as well. See the equivalent section on welcome messages above for the available variables.

PERMISSIONS REPORT

The permissions report can be retrieved for any FTP user. It will list all FTP servers, and all the rights a user has on the given server. Here is a sample report for a user on FTP Server 2:

You can see that the user can list, read and write to files in the C:\Work directory. The Inherited

from column shows that this particular right was granted to the user himself.

The user has full access to the C:\Work\files directory, due to being a member of the filexfer group. As a member of the web group he also as full access to the C:\Work\websites directory.

He has no rights at all to the C:\Work\Java directory – and it is clear that the user himself has been denied access.

This report can be useful if you have a more complicated setup of groups and users, and would like to see what exactly the user can do on the system, and from where these rights come.

FTP GROUPS

If you click on the FTP Groups tab under Server Functions > FTP Configuration you can easily control the resources available to your FTP users. As on the FTP Servers and Users pages, groups are shown in a table, with a delete column to the right.

To add a new FTP Group click on New FTP Group.

GENERAL GROUP SETTINGS

This dialog lets you specify general settings for a group.

Copyright ©2005 • Send support questions to: [email protected]

Page 55

12. Section Guide -

Server Functions

12. Section Guide -

Server Functions

You can make a group a member of another group, thus bringing in any permissions or restrictions for its member users from the parent group.

Selecting a group in the Member of list and clicking the Update button will remove it from that group. Selecting a group in the Not member of list and clicking the Update button will add the group to it.

You can also specify a welcome message for a group. Whenever a member logs in, he will see this message instead of the server’s general welcome message.

PERMISSIONS

With this dialog you can specify the rights to servers and directories.

The dialog works very much like the FTP User Rights dialog. For a basic description please see the appropriate section of this document.

Copyright ©2005 • Send support questions to: [email protected]

Page 56

Copyright ©2005 • Send support questions to: [email protected]

Page 57

Copyright ©2005 • Send support questions to: [email protected]

12. Section Guide -

Server Functions

Page 56

12. Section Guide -

Server Functions

There are some scenarios, however, that might require further explanation.

Suppose the following, rather complicated scenario:

• User1 is member of Group1.

• Group1 is member of Group2 and Group3. On the membership display, Group2 is shown first and Group3 is shown second.

• User1 is granted LR access to C:\, and LRW access to C:\Work.

• Group1 is granted full access to C:\, LR access to C:\Work, and LRWD access to C:\Work\

CPP.

• Group2 is granted LR access to C:\Work\CPP and full access to C:\Work\CPP\Project1

• Group3 is granted LR access to C:\Work\CPP\Project1

So, what exactly User1 can do in the aforementioned directories?

• C:\

He has LR rights. He was explicitly granted LR rights to this directory, and this overrides anything else.

• C:\TEMP

He has LR rights. He was explicitly granted LR rights to the directory closest to this one (C:\), and no groups that he is a member of, directly or indirectly, specify anything else for the C:

\TEMP directory.

• C:\Work

LRW rights again. See the first case.

• C:\Work\CPP

LRWD, because Group1 has LRWD rights. Even though Group2, which Group1 is a member of, specifies LR access for this directory, Group1 is the least indirect object that specifies actual rights for the directory. Group2 is one more indirection away, with User1 only being a member of it because he is a member of Group1, and is therefore overridden by Group1.

• C:\Work\CPP\Project1

Full access. Both Group2 and Group3 are two indirections away, they both specify access rights to the same directory, so the deciding factor between Group2 and Group3 is that

Group2 is the first one in the list on the membership display of Group1.

FTP Status

When you click on FTP Status under Server Functions in the menu you can view the current status of each of your virtual FTP servers.

For each server, it provides a listing of all current connections and their current activity. The fields in the list are:

Icon This field shows a small icon, representing the current status of the connection. A green checkmark indicates a ready, or idle connection. An hourglass indicates a connection currently in the process of logging in or becoming ready. An up or down arrow indicates uploading or downloading.

User name The name of the user associated with the connection. For NT users, it is in an

AUTHORITY\ACCOUNT form. For FTP users, it’s simply the username. For connections not yet logged in, it’s N/A.

Control address The IP address of the FTP control connection.

Downloaded Bytes downloaded during this connection.

Uploaded Bytes uploaded during this connection.

Copyright ©2005 • Send support questions to: [email protected]

Page 57

12. Section Guide -

Server Functions

Data address The IP address of the FTP data connection, if applicable.

Path The path and name of the file currently being uploaded or downloaded, if any.

Speed The speed of the upload or download process.

Bytes left The amount of data left from the transfer operation. Only applies to download transfers, since the FTP protocol does not let the server know the size of the file being uploaded in advance.

Est. time left The estimated time remaining from the transfer operation. Only applies to download transfers, for the same reason as the previous item.

Kick This button kicks the user out – in other words, terminates the connection.

Ban user This button kicks and then bans the user from the FTP server. Only applies to FTP users, and not to NT users. The user’s properties will show him as disabled on the server he was banned from.

Ban user IP This option first kicks the user from the server in question, then adds an IP filtering rule to the user object that will prevent him from logging in again from the IP address in question. He will have the ability to log in from other IP addresses (depending on IP filtering setup) and the IP address will only be disabled for this user.

Ban server IP This button kicks the user, then adds an IP filtering rule to the server object that will cause the server not to accept connections from the IP address in question at all. The user will be able to log in from other IP addresses.

Anti-hammering information for each server is also shown, where applicable. It is in the following format:

IP address The address the attempted connection came from.

Expires at The time when the information will be discarded – users will be able to establish connections from the IP address at this time again.

Bad logins Number of bad logins from the IP address.

Delete Clicking this button will remove the anti-hammering information from the FTP server’s memory, thus making the IP address available for logins, had it been locked out.

The Refresh button refreshes the contents of the screen to reflect any changes, while the Back button goes back to the main FTP settings screen.

FTP Statistics

If you click on FTP Statistics under Server Functions in the menu you can view per-server and per-user statistics, such as the last login, number of logins, bytes sent and received, etc.

The red button labeled Reset for servers and FTP users, or Delete for NT users will reset or delete statistics kept on that object.

RemotelyAnywhere

Server Edition Only

Port Forwarding Server

RemotelyAnywhere Server Edition also comes with Port Forwarding Server. This allows you to forward one or more TCP or UDP ports on one computer to another so that separate networks can be bridged.

Copyright ©2005 • Send support questions to: [email protected]

Page 58

Copyright ©2005 • Send support questions to: [email protected]

12. Section Guide -

Server Functions

Page 59

Copyright ©2005 • Send support questions to: [email protected]

12. Section Guide -

Server Functions

12. Section Guide -

Server Functions

Before getting into the details of how you would configure your Port Forwarding Server (PFS) we will look at how it works. Picture the following scenario:

You have a Local Area Network (LAN), connected to the Internet with a firewall / proxy server.

The computers on the LAN all have non-Internet IP addresses, and they connect to the outside world via the proxy server.

If you have RemotelyAnywhere installed on any computer on the LAN — say, the fileserver — you would be able to access it from within the LAN without any problems. However, it is not accessible from the Internet.

If you set up RemotelyAnywhere Server Edition and PFS on the firewall, so that a certain port

(say, 3000) on the firewall is forwarded to the fileserver’s IP address and RemotelyAnywhere port

(2000 by default), accessing port 3000 on the firewall will let you access RemotelyAnywhere on the fileserver. Both from within the LAN and from the outside as well.

Port Forwarding Configuration

When you click on Port Forwarding Configuration under Server Functions in the menu you can set up the above scenario. In order to look at the interface for this feature we will look at some more possible scenarios.

Imagine, for example, the following situation:

The firewall’s Internet IP address is 145.236.120.227

The firewall’s LAN IP address is 192.168.0.2

The fileserver’s LAN IP address is 192.168.0.10

RemotelyAnywhere is installed on both computers, and is listening on port 2000.

The IP addresses used in the foregoing are for demonstration purposes only.

What we need to do is simple: map port 3000 on the firewall computer to port 2000 on the mail server (dns name mailserver.company.com).

Having called up the Port Forwarding Configuration screen from the menu you can now add a new rule by clicking the Create forwarding rule button. This will present you with the following dialog:

Page 58

The Incoming Protocol field will be TCP. Other protocols (SSL, CSSL) will be discussed later.

The Incoming IP Address can be either All available meaning that the port will be forwarded from all IP addresses of the firewall. If you want to use a single IP address instead of all assigned ones, select it here. The Incoming Port can be anything not already in use on the computer - let’s assume 3000 for now.

The Outgoing Protocol will be TCP. The Outgoing IP Address will be mailserver.company.com (or

Copyright ©2005 • Send support questions to: [email protected]

Page 59

12. Section Guide -

Server Functions the actual IP address of the host), and the Outgoing Port will be 2000.

The Defer Close and the I/O Timeout values can be left to their defaults. These will be explained later.

The Description field lets you specify a remark associated with the port forwarding item. This will be displayed on the main screen.

If you fill out the dialog and click the Add button, the item will be listed on the main PFS screen:

That’s really all there is to it. Your first port forwarding item has now been configured.

ADVANCED OPTIONS

You can edit a port forwarding item by double clicking it, or by selecting on it and clicking on the

modify rule button.

You can specify IP address restrictions for the item from the IP filtering drop down. This works exactly like the RemotelyAnywhere IP Address Filtering feature, only it restricts incoming connections to the corresponding port forwarding item only. For more information, please read the documentation on Security > IP Address Filtering.

I/O Timeout This setting lets you specify how long the PFS will hold a connection open with no data going through it in either direction. When the amount of time specified here is reached and the connection is idle, both ends of the connection will be closed gracefully.

Defer Close This setting lets you specify a timeout value for a special condition. When one end of the connection has been closed, but the other is still open, PFS will wait this much time for the open end of the connection to be closed. It will then close the connection itself.

Incoming and Outgoing Protocol These fields let you specify SSL or CSSL as well as TCP. To translate SSL connections to TCP or TCP to SSL, and thus behave as an SSL proxy for applications that are not SSL-enabled, simply set one end to SSL and the other end to TCP.

There are situations when SSL encryption would be a very nice thing to have, but neither the client nor the server support it. In this case, you can use two installations of RemotelyAnywhere: one to translate the connection from TCP to SSL, the other to translate it back from SSL to TCP.

Let’s suppose that you are using a laptop with a dialup account, and your email software does not support SSL. Let’s also suppose that your corporate mail server does not support SSL either. If you still want to keep your email secure, you can install RemotelyAnywhere both on your laptop and on the email server, and set up a port forwarding item on both computers.

On your laptop, you would need to do the following:

1. Create a port forwarding item with the incoming IP address as 127.0.0.1 (the loopback address), the incoming port as 3110, the incoming protocol is TCP. The outgoing IP address or host name would be set to that of your email server, the outgoing port would be set to 3110, and the outgoing protocol would be SSL.

2. Change your email client’s preferences so that the POP3 server is 127.0.0.1 and the port is 3110.

On the mail server, you would need to only create one port forwarding item, with the incoming

Copyright ©2005 • Send support questions to: [email protected]

Page 60

Copyright ©2005 • Send support questions to: [email protected]

12. Section Guide -

Server Functions

Page 61

12. Section Guide -

Server Functions

12. Section Guide -

Server Functions

IP address set to your mail server’s Internet IP address, the incoming port would be 3110, and the incoming protocol would be SSL. The outgoing IP address would be the same (the mail server’s

Internet IP address), the outgoing port would be 110 (the standard POP3 port), and the outgoing protocol would be set to TCP.

If you performed the above three steps, starting up your email client and checking for mail would actually go through two port forwarding servers; the first one being on your own computer, encrypting all data before it’s sent to the mail server. The mail server’s port forwarding server would receive the encrypted data, and decrypt it before sending it on to the actual mail server software. Data flowing in the other direction would be also seamlessly encrypted and decrypted.

However, if you have two RemotelyAnywhere Port Forwarding Servers talking to each other, you could also utilize the proprietary CSSL protocol instead of using plain SSL. CSSL, which stands for

Compressed SSL, would also seamlessly compress and uncompress your data as well as encrypt and decrypt it - to keep to the above example, making your mail arrive much faster over a dialup connection. (And also, to properly finish the laptop/email example, you would also have to create one additional port forwarding item on both computers for the SMTP protocol that is used to send email as opposed to receiving it. This runs on port 25 by default.)

Port Forwarding Status

If you have configured your Port Forwarding Server as in the examples above, you will be able to view the status of your Port Forwarding connections by clicking on Port Forwarding Status under

Server Functions in the menu.

Active Directory

This is an Active Directory browser. It lets the user connect to and browse through the various elements in the Windows 2000 domain’s active directory tree. It’s usually employed as a simple system info tool.

Copyright ©2005 • Send support questions to: [email protected]

Page 60

Copyright ©2005 • Send support questions to: [email protected]

Page 61

13. Section Guide -

Scheduling & Alerts

Scheduling & Alerts

Under Scheduling & Alerts you can make use of RemotelyAnywhere’s scripting capabilities, as well as set up a service to send you email alerts when certain events occur on the remote machine.

System Monitoring

This is a powerful feature of RemotelyAnywhere enabling you to monitor the system based on the performance data collected.

You can also define conditions, and actions to be performed. A condition and an associated action are known as a rule.

Rules are defined in the file MonitoringScript.txt located in your RemotelyAnywhere directory.

You can edit this file using your favorite text editor, or you can use the System Monitoring option under Scheduling & Alerts in the menu to make changes and create new rules.

A rule has the following structure:

<rule name> (delay)

{ <condition> { <action1> } else { <action2> } }

For example:

“Check Memory Usage” (10m)

{

MemUsageAboveFor(70%, 20m)

{

SendMail(“[email protected]”,

“Memory usage on [MACHINE]”,

“High memory utilization!\n”

“(Max: [MAX_USAGE])”);

} else

{

SendMail(“[email protected]”,

“Memory usage back to normal”,

“See topic.”);

}

}

The above rule executes every 10 minutes (delay), and checks the condition MemUsageAboveFor.

In the above scenario, if the memory utilization is above 70% for 20 minutes or more, the condition becomes true, and action1 is executed.

The action, in this case, will send an email to [email protected] describing what has happened. The rule will keep checking the condition every 10 minutes after the condition has become true. If it’s still true, it does nothing – but if it becomes false (that is, the emergency situation is resolved) it executes action2. In that case, RemotelyAnywhere will email the

Copyright ©2005 • Send support questions to: [email protected]

Page 62

Copyright ©2005 • Send support questions to: [email protected]

13. Section Guide -

Scheduling & Alerts

Page 63

Copyright ©2005 • Send support questions to: [email protected]

13. Section Guide -

Scheduling & Alerts

Page 62

13. Section Guide -

Scheduling & Alerts administrator to let him know that the problem has been resolved.

The action can consist of several statements – they have to be separated with a semicolon. Such as:

MemUsageAboveFor(70%, 20m)

{

SendMail(“[email protected]”,

“Memory usage on [MACHINE]”,

“High memory utilization!\n”

“(Max: [MAX_USAGE])”);

SendMessage(“administrator”,

“High memory utilization on [MACHINE]!\n”

“(Max: [MAX_USAGE])”);

}

There is one special rule that can – and should - be defined: it’s called ERROR. If something goes wrong while performing actions – for example, when the user Administrator is not logged on and the above actions are executed, SendMessage will fail – ERROR is executed, allowing you to customize error-handling behavior.

The MonitoringScript.txt file that ships with RemotelyAnywhere defines a number of sample rules. They are all commented out – you will need to remove the comment marks (#) from the beginning of each line of a rule you’d like to use.

You will find a full list of conditions, actions and string substitutions in Appendix B.

It might seem overwhelming at first, but if you have a little bit of experience of programming in

C or a similar language (escape sequences and string formatting are C-like) and study the sample

MonitoringScript.txt for a little while, you will be up and running sooner than you thought.

You can enable or disable certain conditions with the dialogue that appears when you select

System Monitoring

The Edit script button lets you edit the monitoring script in your browser.

XP/2000/NT4 only

Email Alerts

When log entries matching a certain criteria are entered into any of the event logs you can have

RemotelyAnywhere send you email alerts to an email address of your choice.

Email alerts will not work until you configure your SMTP server under Preferences > Network.

Once you’ve set that up, you can configure email alerts according to the following criteria:

Log The event log to watch.

Type Can be Error, Warning or Information. It is not necessary to specify this field.

Source Type in the source of the message you want to be alerted on. For example, Security, Disk, etc. This field is optional.

Category Type in the category of the message as it would appear in the event log. This field is optional.

Event Type in the event code as it would appear in the event log. This field is optional.

Email The email address the notifications are sent out to. You can only specify a single email address per entry, so if you want several people to receive these messages you should specify a

Copyright ©2005 • Send support questions to: [email protected]

Page 63

13. Section Guide -

Scheduling & Alerts group alias here.

Task Scheduler

This function (Scheduling & Alerts > Task Scheduler) differs in behavior on NT and W2K systems. On NT, it gives you a simple interface to NT’s Scheduler. In order to be able to view, add and delete tasks, the Schedule service must also be running.

On W2K, it interfaces with the updated task scheduler service instead of the old, still present

Scheduler. It allows you to create multiple triggers for a single task, specify different user accounts to run tasks under, and so on. It supports the entire feature set of the W2K Task Scheduler.

On the main page, you can see a list of all currently scheduled tasks. The table shows you the following:

• the ID of the task

• the command to be executed

• the time of the day the command is to be run

• the days of the week and month on which the command is scheduled to run

• whether the command is interactive (that is, shows on the desktop)

• whether the last run of the job ended successfully

You can remove a task from the list by selecting it and clicking on the delete button in the toolbar.

You can add a new scheduled task by clicking on the Create New Task button. You can also check and modify the attributes of your existing tasks by double clicking them or via the Change

attributes button in the toolbar. These attributes are organized under three tabs, with the headings

Task, Settings and Schedule.

Scripting

RemotelyAnywhere provides an extension interface in which you can create custom scripts that interact with the system, RemotelyAnywhere and the user. This is available under Scheduling &

Alerts > Scripting, and this is what you’ll see when you select it:

Clicking on the name of the script will execute it. The Edit command will bring up a page with the source code of the script, where you can edit and compile your program. The Delete command removes the script.

To create a new script, enter its desired name in the input field and click the New script button.

There are three kinds of scripts you can create:

1. Interactive

2. Quiet

3. Hybrid

Interactive scripts display their output on HTML pages, within the RemotelyAnywhere frameset.

An example for an interactive script is the File.sma script, which is installed with RA. These scripts do not have to return a value from their main function. They communicate with the user

Copyright ©2005 • Send support questions to: [email protected]

Page 64

Copyright ©2005 • Send support questions to: [email protected]

13. Section Guide -

Scheduling & Alerts

Page 65

13. Section Guide -

Scheduling & Alerts

13. Section Guide -

Scheduling & Alerts via the htmlBeginOutptut(), htmlEndOutput(), and various other html***() functions.

A Quiet script is one that is usually called from the System Monitoring script. It does not display output. A return value is required at the end of the main function. A skeleton example for a Quiet script is here:

#include <ra> main ()

{ return 0;

}

This script does not do anything useful. It simply returns a zero value, meaning that no problem has occurred. If you attempt to run this script from the Script menu, you will get a message similar to this:

Hybrid scripts, on the other hand, are executable interactively and also return a value at the end of their main function. An example for a hybrid script is the WatchProcess.sma file, included with

RemotelyAnywhere. Hybrid scripts check the return value of the htmlBeginOutput() function, and if it’s a zero value, the script is run in non-interactive mode. (That is, it is invoked from the

System Monitoring script, via the Small() function call.)

For a complete reference of the scripting language, please see Appendix B, and the Small Booklet

(smalldoc.pdf), also included with RemotelyAnywhere.

If you have experience in programming in C or C++, and have a basic understanding of HTML, you will be creating your own scripts in no time.

Copyright ©2005 • Send support questions to: [email protected]

Page 64

Copyright ©2005 • Send support questions to: [email protected]

Page 65

14. Section Guide -

Performance Monitoring

Performance Monitoring

The menu items under Performance Monitoring allow you access to the performance data collected by RemotelyAnywhere. Descriptions for each of the choices can be found below. When you open this branch of the menu tree you’ll notice that all the items are just data pages. They can only be configured under Preferences > System Monitoring.

CPU LOAD

This option takes you to a page with a number of graphs and lists. The graphs show CPU utilization with various sampling rates. Please note that RemotelyAnywhere needs time to gather performance data for these graphs. If you have just installed the software, it is likely that only the left-hand side of the first graph will show you meaningful information. If you have multiple CPUs in your computer, you will see separate graphs for each one, as well as a set of graphs showing you the total CPU load.

14. Section Guide -

Performance Monitoring

The sampling rate for the first graph is 2 seconds, so the graph spans less than an hour. This is useful to see what’s happening right now on the machine. If you move your mouse over a line in one of the graphs, the tooltip that pops up tells you exactly when the sample was taken.

The list at the bottom shows the processes that take up most of the processor time. This list is weighted, so younger processes that take up a lot of processing time come closer to the top. (The figure is: PROCESSOR_SECONDS/PROCESS_AGE_SECONDS). So, if you see a sudden spike on the first graph you can check the second list and immediately find out which process is eating up processor time.

Copyright ©2005 • Send support questions to: [email protected]

Page 66

Copyright ©2005 • Send support questions to: [email protected]

Page 67

Copyright ©2005 • Send support questions to: [email protected]

14. Section Guide -

Performance Monitoring

Page 66

14. Section Guide -

Performance Monitoring

Clicking on an item in the ID column will display the relevant data on that process, organized under six separate tabs (General, Threads, Services hosted, DLLs, Open Files, and Registry Keys

In Use).

MEMORY LOAD

This will present you with four graphs similar to those on the CPU Load page. These display the memory utilization on the machine.

DISK SPACE

Graphs displaying the disk space utilization per logical disk are available under this menu item.

XP/2000/NT4 only

DRIVE & PARTITION INFO

This page displays all physical drives in the remote computer and their partition tables. This data is organized onto two separate tabs for Physical Drives and Partitions, and Logical Drives.

XP/2000/NT4 only OPEN TCP/IP PORTS

This will present you with a listing of all open IP endpoints on the computer. You can specify whether you’d like to see the ports that are listening for connections, ports that have been connected to another computer, and ports in various stages of being connected and disconnected.

You can also elect to have RemotelyAnywhere resolve IP addresses appearing in the list of hostnames - please note that this can take a considerable amount of time.

NETWORK

Under Network you can find feedback on your network traffic.

The four graphs offer different timelines of 2 seconds, 10 seconds, 5 minutes, and 1 hour on your inbound or outbound traffic.

You can set the Maximum Inbound Bandwidth according to the appropriate kilobits per second in order to be sure of accurate results.

PCI INFORMATION

If you click on PCI Information you can view all hardware connected to the PCI bus or buses in the system.

OPEN FILES

This will show a listing of all files currently open on the remote computer, along with the names of the processes using them. The processes list is clickable, so you can view data on the processes, and if necessary, kill them.

XP/2000/NT4 only

REGISTRY KEYS IN USE

Under Registry Keys in Use you can view a list of all registry keys currently open on the remote computer. As with open files, you can also see the names of the processes that use them. The processes list is clickable, so you can view data on the processes, and if necessary, kill them.

DLLS IN USE

Here you can view a listing of all currently loaded dynamic link libraries and the processes that use them.

REMOTELYANYWHERE CONNECTIONS

Selecting this option will display all current connections currently being served by

Copyright ©2005 • Send support questions to: [email protected]

Page 67

14. Section Guide -

Performance Monitoring

RemotelyAnywhere. It will display the IP address and host name of the remote computer, the type of connection and the name of the Windows NT user associated with the connection. The connection type can be one of the following:

(Browser) HTTP A typical browser connection requesting a page.

Remote Control A Java remote control client.

Upload Status Viewer A Java applet displaying the progress of a File Manager upload.

Performance Viewer The Java applet above the menu, displaying CPU and memory utilization.

TELNET/SSH CONNECTIONS

Selecting this option will display all current Telnet/SSH connections currently being served by

RemotelyAnywhere. It will display the IP address and host name of the remote computer, the type of connection and the name of the Windows NT user associated with the connection.

INSTALLED APPLICATIONS

Under Installed Applications you will find a useful list of applications installed on the remote machine. This list is populated from Add or Remove Programs on the remote machine’s Control

Panel.

The data is for information purposes only, but in addition to the program name and version you will be able to see the Publisher, Installation Directory and frequency of usage, if this information is available. If you roll over a listed application you may also be able to see other data such as estimated size, the installation source, registration data, and the time and date it was last used.

MOTHERBOARD STATUS

This feature relies on a 3rd party free product created by Alex van Kaam called Motherboard

Monitor. If you have this software installed on your system, RemotelyAnywhere can extract information from it and display it here. MBM can provide you with the following information: chassis and CPU temperatures, fan speeds and voltages. MBM can be found at

http://mbm.livewiredev.com.

Copyright ©2005 • Send support questions to: [email protected]

Page 68

15. Section Guide -

Security

Security

The menu items under Security allow you access to RemotelyAnywhere’s various enhanced security features.

Access Control

Under Security > Access Control you can control who has access to RemotelyAnywhere. This is slightly different on Windows 9x and Windows NT, due to lack of a user database on the Windows

9x family of operating systems. We’ll cover Windows NT first.

Before getting into the details of setting up users here we’ll look at the lower part of the Access

control page. Here you can enable or disable the following features:

Allow full control to administrators This is enabled by default. It adds Full Control permission to all administrators of the computer. If you turn it off, only users explicitly granted permission to use RemotelyAnywhere will have access.

NT LAN Manager Authentication Enable/Disable NTLM authentication. For those of you concerned about security, RemotelyAnywhere supports the Windows NT Challenge/Response type authentication. You must use Internet Explorer to take advantage of this feature. Netscape will always use the default authentication method, which means that passwords travel in Base64encoded clear text over the network. You need not worry about exposing your password to eavesdroppers if you are using HTTPS to secure all communications between your browser and

RemotelyAnywhere.

Save user name in a cookie Finally, you can configure RemotelyAnywhere to remember your user name in a cookie.

The upper portion of this dialog lists users already granted access to RemotelyAnywhere. The Add button lets you specify a Windows NT user or group, and the access mask you wish to assign. The red Remove button next to each entry in the list will remove that user or group from the access list.

Copyright ©2005 • Send support questions to: [email protected]

Page 69

15. Section Guide -

Security

Here’s the dialog showing you the options available for an entry in the permission list:

15. Section Guide -

Security

You can select individual permissions, or specify Full Control. You can also restrict the user to an IP address or a network by entering the appropriate parameters in the fields below. To restrict the user to a single IP address, enter it in the IP Address field, and leave Subnet Mask blank. To specify access from a network, enter the network address in the IP Address field, and enter the subnet mask in the Subnet Mask field.

The R , W and D columns allow you to specify powers to read only ( R ), write ( W ), or delete content

( D ). All three on Remote Control, for example, will allow user access to a remote machine without asking for permission from the interactive user on the host. Just uncheck D to force this dialogue to appear before accessing the remote machine.

Login Anyone with any sort of access to RemotelyAnywhere is implicitly granted Login access.

This allows for looking at the Info page, reading the Help file, chatting with the user in front of the computer, and logging out.

Configuration Users with access to the Configuration module can re-configure

RemotelyAnywhere. This also grants users access to modifying RemotelyAnywhere permissions; keep this in mind!

Scripts Users can execute, create, change or delete scripts.

Event Viewer Allows the use of the Event Viewer module.

File System Allows access to and the use of the file system on the remote machine.

Registry Allows for editing and compacting the registry.

Performance Data Ability to view performance and system information data.

Processes Allows access to the Process List, and adds the ability to terminate processes and/or change their priorities.

Copyright ©2005 • Send support questions to: [email protected]

Page 70

Copyright ©2005 • Send support questions to: [email protected]

Page 71

Copyright ©2005 • Send support questions to: [email protected]

15. Section Guide -

Security

Page 70

15. Section Guide -

Security

Reboot Allows rebooting the computer and restarting the RemotelyAnywhere service.

Remote Control Allows use of both the screenshot-based and the Java-based Remote Control module.

User / Group Accounts Allows the use of the User Manager module.

System Configuration Access to setting the time, using the Shared Resources administrative page and changing virtual memory settings under the Computer Settings menu option.

SSH Shell Allows access to a command prompt on the host computer via the SSH protocol.

SSH Port Forward This option grants the user the right to use SSH port forwarding.

SSH Privileged Port Forward This option grants the user the right to use SSH privileged port forwarding.

SCP This option grants the user the right to use SCP.

SFTP Allows the user access to the filesystem of the host computer via the SFTP (Secure File

Transfer Protocol, an extension of SSH) protocol.

Telnet (RA Client) This option allows the user to use the secured telnet client found in the browser under Computer Management > Command Prompt.

Telnet Allows access to the machine via Telnet - either using the built-in telnet client or any standalone terminal emulator.

Full Control

Adds all possible permissions to a user. It is recommended to have at least one account that has Full Control capabilities.

IP Filter This assign an IP filter profile to the user, and specifies which IP addresses from which he or she can or cannot connect.

Special care needs to be taken with a few of the above options. Users with access to Configuration and Registry Editor can also access and change the RemotelyAnywhere configuration data, including permissions. However, the Registry Editor option can be considered safe, since the administrator can change permissions on the HKLM\Software\RemotelyAnywhere key and protect it from unwanted access. Users who can Create/Edit Scripts can also create programs in the Small language that run on the remote computer. These scripts will be run under the account of the person starting the script from the Scripts menu – except when a Small program is called from the system monitoring script. In this case, the program is run under the LocalSystem account.

With the exception of the Reboot, Remote Control and Processes, Windows NT access restrictions apply. For example, you can grant someone access to the File Manager, but they will only be able to access files and directories their Windows NT account has permissions to. The same goes for the

Registry Editor, User Manager, etc.

The above exception for Reboot, Remote Control and Processes is made to provide you maximum control over your system, and RemotelyAnywhere uses the all-powerful LocalSystem account to perform the above tasks. For example, not even an Administrator has sufficient rights to terminate a service process - but with RemotelyAnywhere performing this action under the

LocalSystem account, any process can be terminated. Remote Control is another exception. When you are remotely controlling the system with RemotelyAnywhere, you have access to the mouse and the keyboard of the system. If nobody is logged on interactively, you will need to use the NT

Logon dialog to gain access to the desktop, typing in a username or password, possibly different than the one you are accessing RemotelyAnywhere with. If there is a user logged on to the host computer, you will be working under his account.

Copyright ©2005 • Send support questions to: [email protected]

Page 71

15. Section Guide -

Security

Access rights are cumulative. That is, if Group A has access to the Event Viewer, and Group B has access to the File Manager, a user who is a member of both groups will have access to both modules.

If the machine is a domain controller, the user accounts and groups that appear are listed from its domain. If the computer is not a domain controller, local users and groups are displayed. You can specify where to list accounts from by typing the name of the domain or the computer in the input field and clicking the List accounts button.

You can also restrict a certain user to an IP address or an IP address range. Please remember that access rights are cumulative: if Group X has full access to RemotelyAnywhere and is not bound to an IP address and User Z is a member of that group, he will always have full access, even if you bind him to a specific IP address or network. To allow a user or group access from two or more IP addresses or networks, simply grant them the same permissions several times, but with different

IP restrictions.

Access rights are stored in the registry value HKEY_LOCAL_MACHINE/Software/

RemotelyAnywhere/Permissions in binary form. This data is basically a listing of the Security

Identifiers of the groups or users, the access mask associated with them, the network they might be restricted to, and a CRC value. By default, any data under the HKEY_LOCAL_MACHINE/

Software key can only be changed by administrators or the LocalSystem account. Windows NT reserves the latter for services and the operating system itself.

IP Address Lockout

With RemotelyAnywhere’s IP Address Lockout feature you can detect and temporarily lock out potential intruders.

This security precaution allows you to configure two specific types of filter. These are called the

Denial of Service Filter and the Authentication Attack Filter. The first is a precaution against unwanted intruders who slow your remote machine to a halt by continuously requesting the same service. The second locks out those who persistently try to get past your log-in screen without authorization.

The configuration for each is identical, although the default values differ due to the differences in the kind of attack they are designed to prevent.

Page 72

Copyright ©2005 • Send support questions to: [email protected]

Copyright ©2005 • Send support questions to: [email protected]

15. Section Guide -

Security

Page 73

Copyright ©2005 • Send support questions to: [email protected]

15. Section Guide -

Security

Page 72

15. Section Guide -

Security

Active By ticking this box you will enable this feature. This can be useful if your server is exposed to the Internet. IP Lockout will prevent people from gaining access to the administrator username and password using brute-force methods, or from tying up your services through relentless requests.

Number of invalid attempts before locking out Specify the number of login attempts before a lockout occurs.

Reset invalid attempt counter after After the amount of time specified in this box elapses, the invalid attempt count of the offending IP address will be reset to zero.

Lock out for If there were a number of bad login attempts from the same IP address, as specified in the second field, within the time period specified in the reset count field, all attempted connections from the offending IP address will be rejected for the amount of time given here.

Bad login attempts and lockouts are logged in the RemotelyAnywhere.log file if you have logging enabled.

IP Filtering

With RemotelyAnywhere’s IP address filtering feature you can specify exactly which computers are allowed to access RemotelyAnywhere on your system.

The above simple interface lets you maintain IP address restrictions. If the Current IP Address

Filters list is empty, then filtering is disabled.

The Up, Remove and Down buttons let you manage already entered filters. Select one item in the list, and move it up or down with the appropriate buttons, or remove it altogether.

The New Item fields let you specify a new filtering item. You can enter the following:

1. A single IP address

2. An IP address with a subnet mask, essentially granting or denying access for a whole network.

3. An IP address with wildcards and no subnet mask. Accepted wildcards are an asterisk

(*) that matches any number of characters, or a question mark (?), that matches a single character only.

The Allow and Deny drop down lets you specify whether you want to allow or deny access to the IP address or addresses entered.

Whenever a new connection is established to RemotelyAnywhere, the remote IP address is checked against the filter or filters in the list, and access is granted or denied accordingly. The IP filters that you set up here apply to every connection received by RemotelyAnywhere, except for those aimed at the FTP or Port Forwarding Server. To specify IP address restrictions specific to these modules you will need to use their specific IP filtering options (see Section Guide - Server

Functions).

Copyright ©2005 • Send support questions to: [email protected]

Page 73

15. Section Guide -

Security

HOW IP FILTERING WORKS

When an IP address is checked against a list, RemotelyAnywhere goes from the first element of the list to the last, comparing the IP address against the item. If the item is a single IP address, it only matches the remote IP if they are equal. If the item is an IP address with a subnet mask, a logical AND operation is performed on the subnet mask and the remote IP address, and the result is checked against the item’s network address to see if the remote IP address is in fact on the network. If the item is a wildcard, the remote IP address is converted to its dotted textual representation and the two strings are compared.

When a match is found, RemotelyAnywhere checks if it should allow or deny the connection, based on the allow/deny flag belonging to it. This result is then used to decide whether to let the connection proceed.

If no match is found, then the connection is allowed. If you would like all connections to be denied by default, except for those in the list, enter a DENY:* line as the last item on the list.

Examples:

1. Allow connections from IP address 215.43.21.12 and the network 192.168.0.0, and deny all other connections:

ALLOW:215.43.21.12

ALLOW:192.168.0.0 (255.255.0.0) –OR- ALLOW:192.168.*

DENY:*

2. Allow connections from IP address 215.43.21.12 and the network 192.168.0.0, but not from the address 192.168.0.12, and deny everything else:

ALLOW:215.43.21.12

DENY:192.168.0.12

ALLOW:192.168.0.0 (255.255.0.0) –OR- ALLOW:192.168.*

DENY:*

Please note that denying the connection from 192.168.0.12 comes before allowing connections to the 192.168.0.0 network. This is because if RemotelyAnywhere was to find the ALLOW item first, it would let IP address 192.168.0.12 through, since it matches the condition. To prevent this, we make sure that the address 192.168.0.12 is checked before the network to which it belongs.

3. Allow all connections, except those coming from 192.168.0.12:

DENY:192.168.0.12

4. Deny all connections from the network 192.168.0.0 except for the subnet 192.168.12.0, and allow all other connections:

ALLOW:192.168.12.0 (255.255.255.0) –OR- ALLOW:192.168.12.*

DENY:192.168.0.0 (255.255.0.0) –OR- DENY:192.168.*

Yet again, ordering is crucial.

It is not possible for you to lock yourself out by accident when setting up IP address restrictions from afar, i.e. you can’t enter a DENY:* clause into an empty list.

RemotelyAnywhere Logs

In order to view the RemotelyAnywhere log files, this is where you’d look.

Page 74

Copyright ©2005 • Send support questions to: [email protected]

Copyright ©2005 • Send support questions to: [email protected]

15. Section Guide -

Security

Page 75

Copyright ©2005 • Send support questions to: [email protected]

15. Section Guide -

Security

Page 74

15. Section Guide -

Security

The active log file is at the bottom of the list and is named RemotelyAnywhere.log. Older logs are stored with the naming convention RAYYYYMMDD.log. For example, the RemotelyAnywhere log file for June 1st 2003 would be called RA20030601.log.

You can enable or disable logging to text files as you will, but RemotelyAnywhere will always log the following events to the Windows NT/2000 Application Log:

1. Service Start/Stop

2. Login/Logout

3. Remote Control Start/Stop

4. Telnet/SSH Login/Logout

The Application Log is used because of security considerations.

In addition, service start and stop events are always written to the RemotelyAnywhere.log file, no matter whether logging is enabled or disabled. You can modify the settings for these logs under

Preferences > Log Settings.

SSL Setup

If you set up SSL support for RemotelyAnywhere all traffic between the host and the remote computer will be encrypted using industry-strength 128-bit ciphers, protecting your passwords and data. You can do this fairly easily by going to Security and clicking on SSL Setup.

RemotelyAnywhere can detect and use any SSL certificates already installed in Windows on your machine, as long as they have an exportable private key.

You will be given a choice whether you’d like to use one of your already installed certificates or create a new self-signed certificate.

To select a previously installed certificate select -- Look in Certificate Services -- and then click on

Continue.

You will be displayed a list of

Certificate Services found in your domain. Select the one from which you wish to request your RemotelyAnywhere server certificate.

If you’d prefer to create your own self-signed certificate, it can be done in four easy steps:

• First, you must set up your Certificate Authority (CA). This step will create a CA certificate, valid for ten years, and self-sign it. Simply fill out the form at the bottom of the page specifying your country code, your organization and your name. Some default values are provided here from your computer’s registry. When you’ve finished, click on the Create CA button. This will create the CA. Click on the Continue button at the bottom of the page when you’re ready for the next step.

• Second, you need to create the server certificate. Simply fill out the form at the bottom and click on Create Certificate to proceed. RemotelyAnywhere will generate a certificate request, and sign it with the Certificate Authority you created in the previous step. The certificate created this way will be valid for ten years. Click Continue on the next screen.

• The third step is optional: you can now install the CA certificate in your browser. This will suppress the message you’d otherwise get about the unknown Certificate Authority every time you make a secure connection to RemotelyAnywhere. Click on the button and follow the instructions on screen.

• Fourth, you need to restart RemotelyAnywhere so that it can load the newly created server certificate. You can do this from the Control Panel or the console by typing net

stop RemotelyAnywhere and net start RemotelyAnywhere.

Copyright ©2005 • Send support questions to: [email protected]

Page 75

15. Section Guide -

Security

That’s it. You are now ready to make a secure connection to RemotelyAnywhere. Simply use a URL in the form of https://my.machine.here:2000.

Note: you can use the same CA certificate on several machines, but you can’t use the same server certificate in more than one place. If you want to use one CA certificate on a network of

NT machines, simply perform step one on the first machine, then copy the files CACert.pem,

CAKey.pem and CACert.der in the RemotelyAnywhere directory to the other machines. You can then continue SSL setup from step two on all other boxes. You only have to perform step three once in this case.

The SSL certificates generated here are used for accessing the HTML-based administration module via HTTPS, and are also used by all virtual FTP servers to secure connections if using a suitable client.

Copyright ©2005 • Send support questions to: [email protected]

Page 76

Preferences

RemotelyAnywhere is a highly configurable tool, meaning that you can change its settings to suit your individual remote administration needs and desires. When you click on Preferences in the menu a number of additional options become available for configuring the various sections of

RemotelyAnywhere outlined in previous sections of this manual. In Version 4 and earlier releases of RemotelyAnywhere this option was called Configuration.

Appearance

If you select Appearance under Preferences you can tailor the look of RemotelyAnywhere to your liking.

GENERAL SETTINGS

Display perfviewer applet at the top of the screen Enable/Disable the Java applet showing the current processor and memory utilization in the top frame.

Enable Tooltips If you grow bored of the tooltips displayed by RemotelyAnywhere, you can turn them off here.

Enable Icons

You can turn off most of the icons displayed on the HTML pages.

Default number of items per page for long lists The number of records displayed per page on those where there are long lists (such as eventlogs).

Default number of items per WAP page Most of the WAP devices out there have very small screens and limited memory. Also, some gateways might enforce size restrictions on the WML documents they compile for their devices. This configuration setting lets you specify the number of records to appear per WAP screen, where applicable. Such screens belong to the Processes,

Services, and Drivers menu options.

Copyright ©2005 • Send support questions to: [email protected]

Page 77

16. Section Guide - Preferences

SYSTRAY SETTINGS

Under Preferences > Systray Settings you can enable and disable the System Tray icons.

Display the RemotelyAnywhere icon in the System Tray If you don’t want the

RemotelyAnywhere icon to be displayed in the System Tray, you can disable it here. Clicking on this icon gives you access to a wealth of extra information, including a log of recent events and detailed performance data graphs. This is detailed in the User Interface chapter of this manual.

CUSTOM PAGES

RemotelyAnywhere is able to act as a simple HTTP daemon and serve files from the computer to the Web. You can customize the HTTP daemon’s behavior in the Appearance submenu under

Preferences.

If you specify the root directory for the HTTP daemon, and the default index file then when you select Custom Pages (at the bottom of the menu) it will display the default index file from the web root specified.

Simply leave the directory field empty if you don’t want to use custom pages.

Network

Under Preferences > Network you can configure your RemotelyAnywhere connection settings, your SMTP settings, and even Dynamic IP Support.

16. Section Guide - Preferences

GENERAL SETTINGS

The General Settings dialog allows you to change various connection and data transport related options.

TCP/IP port to listen on Specify the port you want RemotelyAnywhere to use. This takes effect

Copyright ©2005 • Send support questions to: [email protected]

Page 78

Copyright ©2005 • Send support questions to: [email protected]

Page 79

16. Section Guide - Preferences

Page 78

16. Section Guide - Preferences when the service is restarted.

IP Address to listen on Specify the IP address you want RemotelyAnywhere to use for incoming connections. Your machine can have several IP addresses assigned to it, and RemotelyAnywhere can listen on all of those addresses or just the one you specify here. This takes effect when the service is restarted.

IP filter profile to use Here you can select from a drop down menu of specified IP addresses. You will first need to set this up under Security > IP Filtering

Accept unsecured HTTP connections (non-SSL) If this box is unchecked and SSL transport has been set up (Security > SSL Setup) then only HTTPS connections will be allowed.

Broken proxy server mask This is a rather obscure name for a setting provided to work around a rather obscure problem.

Some proxy servers request pages from web servers using several IP addresses. This can cause

RemotelyAnywhere to bounce you back to the login page after you click the Login button. If you are not affected by this problem, you should not change this setting. However, if you experience this problem, please read the following section carefully.

When you log in, your browser is assigned a session identifier in a cookie. For security reasons, this cookie is only valid when sent from the IP address from which the login originated. Were it not so, an eavesdropping attacker would be able to copy your cookie and gain access to all

RemotelyAnywhere resources to which you have access.

Some proxy servers use several IP addresses when requesting data from a remote computer. If this is the case with your proxy server, RemotelyAnywhere sees the original IP address and session identifier as valid, but requests originating from other IP addresses (even if accompanied by a valid cookie) are replied to with the login page. The login page breaks out of frames, and displays itself in your browser - and you are prompted to log in again. A possible workaround is to keep logging in as many times as necessary - most proxy servers only use a few - maybe half a dozen

- IP addresses. Once all the IP addresses are logged in, you will no longer be bounced to the login page.

Since version 3.2, RemotelyAnywhere has had a setting called Proxy Problem Fixer.

This is essentially a mask that can be applied to IP addresses. Suppose your proxy server uses the following IP addresses to request pages from servers:

192.168.0.33, 192.168.0.34, 192.168.0.35, 192.168.0.36, 192.168.0.37, 192.168.0.38

In this scenario, if you look at the IP addresses in binary form, you can see that only the last three bits are different:

11000000.10101000.00000000.00100001

11000000.10101000.00000000.00100010

11000000.10101000.00000000.00100011

11000000.10101000.00000000.00100100

11000000.10101000.00000000.00100101

11000000.10101000.00000000.00100110

This means that the largest number that can be represented on three bits (111 binary = 7 decimal) has to be masked from the IP addresses when checking them against each other to verify the validity of the session identifier cookie.

RemotelyAnywhere provides a subnet mask-like setting for this purpose. By default, it is set to 255.255.255.255 - this means that no bits are masked off. Given the above scenario, we need to mask off the three least significant bits, thus we subtract 7 (binary form: 111) from

Copyright ©2005 • Send support questions to: [email protected]

Page 79

Copyright ©2005 • Send support questions to: [email protected]

16. Section Guide - Preferences

255.255.255.255, which leaves us with 255.255.255.248. By entering this value in the Proxy

Problem Fixer field, we are telling RemotelyAnywhere to ignore the last three bits.

This is a rather tedious way of getting around the problem, but short of reconfiguring the proxy server to use only one IP address, there is no easier solution. The latter is the recommended solution, since allowing several IP addresses to share the same session identifier can be a security risk. It is not really significant when you only mask off a few (three or four) bits, but if you need to decrease more and more significant bits of the IP addresses, you are putting yourself in a risky situation.

The risk is decreased significantly due to the fact that RemotelyAnywhere now uses HTTPS rather than HTTP by default meaning that the cookie is protected by SSL.

Maximum number of servicing threads Here you can specify the maximum number of threads

RemotelyAnywhere can spawn to service client connections.

Idle time allowed Here you can specify the idle time allowed on a connection before the user is automatically logged out.

Stalled transfer timeout Here you can specifiy the time before a stalled transfer times out.

Force HTTP Tunneling HTTP tunneling basically allows the applets to communicate to the RemotelyAnywhere installation from behind proxy servers by issuing HTTP requests to

RemotelyAnywhere.

This option has two advantages and one drawback:

If you connect to the remote computer via HTTPS, Remote Control, Telnet, and Chat will be tunneled through HTTPS - and SSL is much more secure than the built-in encryption used by these modules when a direct socket connection is established.

If you can not establish a direct connection to the remote computer (because of, say, a proxy server) you will not have to wait for the direct connection attempt to time out, RemotelyAnywhere will immediately try to connect via the HTTP tunnel.

The drawback is that you will definitely notice a performance decrease when using these modules with HTTP tunneling, since tunneling requires the data to be packed into HTTP packets and usually each packet will need to establish its own connection to RemotelyAnywhere.

Automatically check for latest version on the Web When enabled, RemotelyAnywhere will attempt to connect to http://www.remotelyanywhere.com every 24 hours to see if there is a newer version of the software available. If there is, it will notify you via the News panel on the About

RemotelyAnywhere tab of the home page, as well as place an entry in the RemotelyAnywhere.log file. When RemotelyAnywhere connects to RemotelyAnywhere.com, the following information is recorded on the server:

• The version of RemotelyAnywhere making the request

• The version and family of the operating system RemotelyAnywhere is running on

• The language of the operating system

• Whether the instance of RemotelyAnywhere making the request is a trial or a licensed copy

This information is recorded for statistical purposes, to help 3am Laboratories PL better serve its customers. If you do not wish to provide this information to us, please disable this option.

SMTP SETTINGS

If you want to configure RemotelyAnywhere to send you e-mail alerts you need to enter your

SMTP settings here.

Copyright ©2005 • Send support questions to: [email protected]

Page 80

16. Section Guide - Preferences

Copyright ©2005 • Send support questions to: [email protected]

Page 81

16. Section Guide - Preferences 16. Section Guide - Preferences

DYNAMIC IP SUPPORT

RemotelyAnywhere can send you an email message pointing to the IP address of your remote host every time it starts up. Use this if your host has a dynamic IP address. Leave the recipient field blank if you don’t want to use this feature.

Colors

Under Preferences > Colors you can modify the colors used by RemotelyAnywhere.

This is done using the standard hexadecimal code used by HTML. Simply enter the ‘#’ symbol followed by the appropriate six-digit code and click Apply to see the change. For example, the pale blue color used for backgrounds in the default color settings for RemotelyAnywhere is #8abdf0.

Page 80

A new feature available with RemotelyAnywhere version 5 is the ability to select predefined color schemes. Just select from the options in the drop down menu at the bottom of the screen and click Apply. With this option, you can even revert to the colors used for earlier releases of

RemotelyAnywhere.

You can restore the default colors by clicking Restore at the bottom of the page.

Log Settings

RemotelyAnywhere’s log settings are fully configurable. In order to view the logs themselves you would go to Security > RemotelyAnywhere Logs. Here, in the Preferences section you can modify the general settings for RemotelyAnywhere and the Syslog settings.

GENERAL SETTINGS

Keep log files for this many days At midnight RemotelyAnywhere rotates its log files and deletes old, unneeded ones. The value you enter here determines how old log files can grow before they are deleted. If you set this to zero, the files will never be deleted, unless you do it manually.

Directory for log files You can also specify the directory for storing these log files. If you leave this blank, they will be stored in RemotelyAnywhere’s installation folder, by default.

Send log events to ODBC data source Now that you can specify a predefined ODBC data source within RemotelyAnywhere you can also specify a data source for storing log events. See the ODBC messages option under Preferences for more information on this feature.

Copyright ©2005 • Send support questions to: [email protected]

Page 81

Copyright ©2005 • Send support questions to: [email protected]

16. Section Guide - Preferences

SYSLOG SETTINGS

With RemotelyAnywhere version 5 you can also modify the syslog settings. Here you can specify the syslog hostname or IP address, transport protocol (UDP or TCP), syslog port numbers for

UDP and TCP, as well as the facility code to report.

Click Apply to update your settings.

ODBC Messages

The ODBC messages feature under Scheduling & Alerts allows you to write messages from

System Monitoring and Scripting to a database. By filling in the fields shown on the screen below you can specify the ODBC data source properties through which these operations are done.

16. Section Guide - Preferences

Data Source Here you can enter a predefined data source on the remote host. This can be set up via that machine’s Control Panel, under Administrative Tools > Data Sources (ODBC). This can be any database type: Oracle, SQL Server, Microsoft Access, or Excel.

User name & Password You need to enter the user name (including domain) and password in order to access the data source, as RemotelyAnywhere cannot imitate your login to the database.

Table Name Enter the table in which the messages are to be stored.

You can also specify the column names for the messages to be written to the specified database.

The message, computer name and time stamp fields are all required.

A machine datasource must already be set up, and should contain a table with at least three fields. Specify the name of the datasource, an optional username and password, and the name of the table that will be used to hold the data. Then enter the names of the fields that will hold the timestamp, the computer name (max. 16 characters), the message itself (max. 250 characters) and other parameters.

Click Apply for these settings to take effect. You can also write a test message to correct that you have configured ODBC messages correctly.

For more information about the kind of data that RemotelyAnywhere can collect, please see the

Copyright ©2005 • Send support questions to: [email protected]

Page 82

Copyright ©2005 • Send support questions to: [email protected]

Page 83

16. Section Guide - Preferences

Page 82

16. Section Guide - Preferences relevant sections under Scheduling & Alerts > System Monitoring.

License

Under Preferences > License you can view your current license, enter updated licenses, or request an evaluation license. Simply paste the license you received when you purchased or updated your RemotelyAnywhere license into the input field, and click the Apply button. See the Getting

Stared chapter for more information about activating RemotelyAnywhere after installation and requesting a trial.

The license file that you must copy without making ANY modifications looks something like this:

-----BEGIN LICENSE-----

PRODUCT RemotelyAnywhere

PRODUCTTYPE Workstation Edition

VALIDFORVERSION 6

EXPIRES 2006-06-08

LICENSETYPE COUNTED

LICENSECOUNT 1

LICENSEETYPE Corporate

LICENSEE Your Company Name Ltd

ISSUER 3am Laboratories PL

ISSUERID 1060-4b81-0781-f51c

ISSUEDATE 2005-02-22

ISSUEREASON PURCHASE

LICENSEID 52af-38f3-126e-0658

-----END LICENSE-----

-----BEGIN PKCS7-----

MIHbBgkqhkiG9w0BBwKggc0wgcoCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEH dG9yaWVzIFBMMRQwEgYDVQQDEwtNYXJ0b24gQW5rYQIBADAJBgUrDgMCGgUAMA0G

ATGBqjCBpwIBATBGMEExCzAJBgNVBAYTAkhVMRwwGgYDVQQKExMzYW0gTGFib3Jh

CSqGSIb3DQEBAQUABEBtenZrjzT4rXX41iYZgJ1UaONyL72nc/KEnfoM4+zHEfBk4A sG7E6+FOa1uLSryMu4bLPj+segZZ03/GuTXjlN8l

-----END PKCS7-----

You must cut and paste everything from BEGIN LICENSE to END PKCS7 when you are prompted.

The license file contains two distinct parts. The first part is the actual license and is in plain text format. This is indicated by the BEGIN LICENSE and END LICENSE lines. The second part is the digital signature which assures the integrity of the license text. This is contained between the lines BEGIN PKCS7 and END PKCS7.

Remote Control

Under Preferences > Remote Control you can view and modify a number of options available during realtime remote control sessions. This includes the general settings, audible notification, interactive user permissions, and the remote printing feature, as you can see on the next page.

GENERAL SETTINGS

Disable host keyboard and mouse By disabling the host keyboard and mouse you can prevent the person sitting in front of the machine from using their mouse or keyboard while a remote control session is in progress.

Use mirror display driver RemotelyAnywhere provides a mirror display driver on the W2K/XP platforms. This display driver provides a faster and less CPU-intensive remote control session.

Copyright ©2005 • Send support questions to: [email protected]

Page 83

Copyright ©2005 • Send support questions to: [email protected]

16. Section Guide - Preferences

Should you have any compatibility problems, you can turn off the use of this driver by disabling this option.

16. Section Guide - Preferences

Automatically disable wallpaper

By default the wallpaper (or background desktop image) on the host computer is disabled when a remote control session is started. If, for some reason, you need to be able to see this, uncheck this box.

Automatic clipboard transfer maximum size RemotelyAnywhere version 5 features advanced remote clipboard capabilities. Its usage is outlined earlier in this manual. Under preferences you can specify the maximum number of kilobytes to be transferred between machines. The default maximum is 1024kb, but bear in mind that transferring significantly larger amounts may cause problems.

Idle time allowed If the remote control client is inactive for the amount of time specified here, it will automatically be disconnected.

Auto panning If the host computer’s display area is larger than that which the remote control client can display only a part of the screen is shown and you can use scrollbars to view the required area of the remote display. With this option enabled, the screen is automatically scrolled for you when the mouse nears the edge of the current display area.

Lock console when connection broken With this option enabled RemotelyAnywhere will lock the console to protect your work if, due to a network error, the Java remote control client loses its connection to the server.

Lock console when connection times out With this option enabled RemotelyAnywhere will lock the console to protect your work if your connection times out.

Maximum number of screen updates per second Here you can specify the number of times the screen is updated every second.

Use screenshot-based remote control by default

Here you can enable screenshot-based remote control, which menas that when you click on Remote Control in the menu, instead of loading the

Copyright ©2005 • Send support questions to: [email protected]

Page 84

Copyright ©2005 • Send support questions to: [email protected]

Page 85

16. Section Guide - Preferences

Page 84

16. Section Guide - Preferences

Java applet, it will go straight to screenshot-based Remote Control instead. You can switch to Java based Remote Control from the toolbar, but you cannot switch back again. This setting is useful if you have an extremely slow connection or a browser without Java. For more information, see the appropriate part of this manual.

AUDIBLE NOTIFICATION

Beep when the remote control session starts or ends

If this is enabled the host computer will beep when a remote control session is initiated or ended.

Beep continuously during remote control With this enabled the host computer will beep periodically when a remote control session is active.

Beep interval Here you can specify the time between beeps for the above setting.

INTERACTIVE USER’S PERMISSION

Ask for permission from interactive user If you turn this option off, you will disable the icon, and also any attempts to notify the local user when someone is accessing the computer remotely.

When this option is off, none of the other settings in this configuration screen apply. This option, when disabled, basically tells RemotelyAnywhere not to bother starting RAGui.exe, the software that sits in the system tray and communicates with the user. Disabling this option will also disable the Chat function.

Default answer for confirmation message Yes or No. When someone tries to gain remote control access to the computer, and the local user does not answer the query, the remote control session will either proceed or not, depending on this setting.

Time allowed for the interactive user to give permission This is the amount of time specified before the notification message times out.

Text to display to the user This is the text that will be presented to the user in the remote control confirmation dialog box. The string ‘%USER%’ will be substituted by the name of the user who is attempting the remote control operation.

Display a warning message during Remote Control Disabling this option requires a special license file.

Full Control (and Remote Control D) access rights bypass interactive user’s permission With this option enabled, users with full Remote Control access rights (R+W+D) will be able to access the remote host without first asking the user’s permission. If this is enabled it overrides the above settings.

REMOTE PRINTING

Here you can enable or disable RemotelyAnywhere’s ability to print remotely.

Telnet Server

This dialog allows you to view and modify Telnet related options. For a complete explanation of the Telnet server, please see the Computer Management section of this manual.

TCP/IP port to listen on / address to listen on Here you can specify which port / address you want RemotelyAnywhere to listen on for telnet connections. This defaults to the standard telnet port of 23, and all available interfaces. Changes take effect when the service is restarted.

Accept RemotelyAnywhere connections (secure) Allow connections from RemotelyAnywhere’s built in Command Prompt.

Copyright ©2005 • Send support questions to: [email protected]

Page 85

Copyright ©2005 • Send support questions to: [email protected]

16. Section Guide - Preferences 16. Section Guide - Preferences

Accept Telnet connections Allow plaintext terminal emulator connections. If disabled, only the built-in Java client can be used to access Telnet. This does not affect the SSH server.

Show login banner

Enable or disable the logon message sent by the Telnet/SSH servers when a connection is established. The logon message looks like the following:

Login:

Windows NT Server 4.0 (build 1381) Service Pack 6

RemotelyAnywhere Telnet/SSH Server v3.5.268

Copyright (C) 1998-2001 3am Laboratories PL. All Rights Reserved.

If you do not want to let anybody who connects to the Telnet/SSH ports know the version of the operating system and RemotelyAnywhere, disable this option.

Maximum simultaneous connections Here you can specify the maximum number of connections to the Telnet/SSH servers. It’s a good idea to set a reasonable limit, especially on computers connected to the Internet. Every new connection uses resources on the computer.

TIMEOUTS

Here you can set the login timeout (number of seconds the user may remain idle during the login process), the idle timeout (number of seconds the user may remain idle during a Telnet/SSH session) and the session recovery timeout. When a Telnet connection is broken ungracefully (that is, the user does not type exit at the command prompt) it is possible to reconnect to the session and continue work where it was left off for a period of time. You can specify the amount of time for which you want the lost telnet session to remain available. Any and all running programs started by the user in the Telnet session will be available when the session is resumed.

REMOTELYANYWHERE CLIENT

Here you can specify the number of columns and rows that the console window will occupy. You can also specify whether you’d like to have the client open in a new window, or in a new window in full screen mode.

TELNET/SSH CLIENT DEFAULT PARAMETERS

Here you can specify the default parameters for the Telnet/SSH client. You can also select the console mode (Stream, Full ANSI Colors, or Full Monochrome) and enable/disable the console parameters option.

Copyright ©2005 • Send support questions to: [email protected]

Page 86

Copyright ©2005 • Send support questions to: [email protected]

Page 87

16. Section Guide - Preferences 16. Section Guide - Preferences

SSH Server

As with the Preference options for the Telnet Server, this dialog allows you to view and modify

SSH related options.

Copyright ©2005 • Send support questions to: [email protected]

Page 86

The IP and address options are the same as above, but with the default port of 22, which is standard for SSH connections. Changes will take effect when the service is restarted.

Features enabled These are the nuts and bolts of the SSH server.

Enable SSH1 or SSH2 server to take advantage of these features.

SFTP This is a secure file transfer method

SCP This is another secure file transfer method, but non-interactive.

Compression If this is checked data sent over the network will be compressed.

Password authentication When activated, the user can enter a username / password combination in the terminal emulator client program and use that to gain access.

Keyboard interactive authentication This is similar to the above option, but it won’t allow the saving of the username / password in the terminal client.

Cross-check IP and DNS entry of clients If this option is activated, and if the client comes from the IP address 192.168.0.10 (for example), and this IP address resolves to COMPUTER1, but

COMPUTER1 does not resolve to 192.168.0.10, the connection will be disallowed.

Forwarding of server-side ports This is SSH Port Forwarding, allowing server-side ports to be

Copyright ©2005 • Send support questions to: [email protected]

Page 87

16. Section Guide - Preferences forwarded to others, effectively creating a virtual encrypted tunnel for the duration of the SSH session.

Remote connects to the forwarded ports This allows the ports to be forwarded outside the server; that is, to any computer on the network the server has access to.

HOST KEYS

The SSH Host Keys section lets you re-generate SSH1 and SSH2 host keys used by the SSH server.

You can specify the key size, but the larger the key, the longer it takes to generate it. Anything above 2048 bits is excessive, and will take a very long time even on a fast computer.

SSH hosts have keys that can be used to identify them, much like SSL-protected websites have certificates. SSH1 only supports a single host key, while SSH2 supports both RSA and DSA keys. The key length is recommended to be 1024 bits or more, and can be 512, 768, 1024, 2048 or 4096. The SSH1 server key is a key that is relatively short, and has a short lifetime. It is used in conjunction with the host key to negotiate a one-time session key for each connection. SSH2 uses the Diffie-Hellman keyexchange protocol to negotiate the session key and therefore does not need one.

Export SSH2 public host keys in SECSH format This button lets you export the host keys and save them in your terminal emulator. This way, you can be sure that when the emulator connects to the RemotelyAnywhere computer and does not put up a warning about an unknown host key, you are still in fact connecting to the intended computer.

PRIVILEGE SEPARATION

You can enable or disable privilege separation here. A full description of what this means is available within RemotelyAnywhere by clicking on ‘What is it.’ The text is reproduced here in full for your reference.

PRIVILEGE SEPARATION IN SSH

When a user establishes an SSH session, and authentication succeeds, the server executes applications (typically a shell process such as cmd.exe) in the user’s security context. The server needs to execute with LocalSystem privileges to access resources required for user authentication and impersonation.

Allowing an anonymous user to directly communicate with code that runs with the same permissions as the operating system itself is the primary reason remote exploits exist.

Privilege separation has been pioneered by the Unix community with the release of OpenSSH 3.2.

The main goal of this technology is to prevent anonymous clients from exchanging information with highly privileged software. This is achieved by serving a client with the help of two serverside processes: one that runs with SYSTEM privileges, and another which has practically no privileges (i.e. GUEST privileges). The latter process is automatically spawned by the privileged parent. The unprivileged child processes all network data and handles communications with potentially untrusted clients. It relies on the parent process to perform tasks that need privileges, and communicates these requests through a well defined and very simple interface. This way both sides must agree that the client has authenticated before it is granted further access, and even if the unprivileged child is compromised, the intruder cannot gain access to, let alone modify, valuable information.

OpenSSH runs the unprivileged process in the context of a special user account. When you enable SSH Privilege Separation in RemotelyAnywhere, this user is automatically created and its access rights are minimized on the file system and the registry. This usually requires several minutes, especially on large file systems. This special user has very limited rights: only execute permissions in the System32 directory, and read rights to a minimum set of registry entries.

These permissions are required by Windows to execute any and all software. All other access

Copyright ©2005 • Send support questions to: [email protected]

Page 88

16. Section Guide - Preferences

Copyright ©2005 • Send support questions to: [email protected]

Page 89

16. Section Guide - Preferences

Page 88

16. Section Guide - Preferences rights are explicitly denied for the special user account.

The Privilege Separation User is created under the name __ra_ssh_privsep__. It is maintained by RemotelyAnywhere and you should not modify the account, its group memberships or any other related security settings. This user is created with GUEST privileges, its password is set to a cryptographically random string that is as long as system policies allow. The user account is disabled by default. When RemotelyAnywhere accepts an SSH connection, it changes the user’s password, enables the account, logs the user in, stores it’s access token handle, resets the password again - and finally disables the user account until it is needed again.

WARNING!

Only NTFS file systems allow the required access rights to be set.

When you install a new hard drive in your computer, Windows grants full access to the everyone group to the new hard disk and all of its contents. On such occasions you should use the Check

rights feature on the SSH Configuration page to set the correct access permissions on your system.

Local or domain security policies might restrict local logins. RemotelyAnywhere attempts to explicitly grant the Privilege Separation User local login privileges in the local security policy

- however, if domain policies override the local security policy, the __ra_ssh_privsep__ user might not be allowed to log in. In this case, Privilege Separation should be disabled or the domain security policy should be changed to be less restrictive.

Network Maintenance

With this feature you can install and configure RemotelyAnywhere on other computers connected to the network, much as you would with the RemotelyAnywhere Console.

This option will not work if you have logged on with NTLM authentication. NTLM authentication cannot be delegated over the network, so RemotelyAnywhere would not be able to identify you to other computers.

First, you are asked how you would like to scan the network. You can choose to scan a specified domain only, or you can browse the whole network. On larger networks, this can be a lengthy operation, so looking at single domains at a time is recommended. You also have the option of inspecting and upgrading a single computer.

On the next screen you are shown the part of the network selected in the previous step. All computers are listed, and you will be able to see what operating system and which version they are running, what roles they fulfill, and last, but not least, whether or not they have

RemotelyAnywhere installed.

If RemotelyAnywhere is installed on a machine in the list, you can quickly open it by clicking on the machine name. You can also see which version of RemotelyAnywhere is running on the computer, and you can upgrade it if necessary with two mouse clicks.

If RemotelyAnywhere is not installed on one of the machines on the network you can also quickly do so from here with two clicks.

Page 89

Copyright ©2005 • Send support questions to: [email protected]

Copyright ©2005 • Send support questions to: [email protected]

17. Command Line Parameters

On Windows NT and Windows 2000, you can run RemotelyAnywhere from the command line to perform various actions. These are:

1. INSTALLING REMOTELYANYWHERE ON THE LOCAL COMPUTER

The command for this operation is:

Install [-port PORT]

You will need to have the RemotelyAnywhere installation files in the current directory, either copied from an existing installation or from the manual installation archive available on

RemotelyAnywhere.com.

This command will create the RemotelyAnywhere service and its support driver in the current directory, and start it immediately.

The optional parameter can specify the listener port. For example:

RemotelyAnywhere Install -port 2020

You will need administrative privileges on the local computer to successfully perform this operation.

2. INSTALLING REMOTELYANYWHERE ON A REMOTE COMPUTER

The command is:

Install <–computer COMPUTER> <–path PATH> [-port PORT]

[-minimal] [-license FILENAME]

You will need to have the RemotelyAnywhere installation files in the current directory. You will also need administrative rights on the remote computer.

The first optional parameter is the same as when installing RemotelyAnywhere on the local computer; it specifies the HTTP port number. The [-minimal] switch allows you to perform a minimal install. This option does not copy the documentation files, thus speeding up the install process over a slow network connection. The two required parameters are the name of the remote computer and the local path to the intended destination directory on the remote computer.

The [-license FILENAME] option lets you specify a license file to be installed on the target computer.

For example, if you want to install RemotelyAnywhere on a computer called KOSSUTH in the C:

\RemotelyAnywhere directory, and you do not want the documentation files copied, you will need to enter the following command:

RemotelyAnywhere Install –computer KOSSUTH -path

“C:\RemotelyAnywhere” -minimal

Copyright ©2005 • Send support questions to: [email protected]

Page 90

Copyright ©2005 • Send support questions to: [email protected]

17. Command Line Parameters

Page 91

Copyright ©2005 • Send support questions to: [email protected]

17. Command Line Parameters

Page 90

17. Command Line Parameters

This will create the destination directory, copy all necessary files, and create and start the

RemotelyAnywhere service on KOSSUTH.

3. UNINSTALLING REMOTELYANYWHERE ON A LOCAL COMPUTER

The command is:

Uninstall

This will stop and remove the RemotelyAnywhere service and its support driver, as well as all registry entries created by RemotelyAnywhere. You will need to delete the RemotelyAnywhere directory and all its contents yourself.

For example:

RemotelyAnywhere Uninstall

You will need administrative privileges on the local computer to successfully perform this operation.

4. UNINSTALLING REMOTELYANYWHERE ON A REMOTE COMPUTER

The command is:

Uninstall <-computer COMPUTER>

This will stop and remove the RemotelyAnywhere service and its support driver, as well as all registry entries created by RemotelyAnywhere. You will need to delete the RemotelyAnywhere directory and all its contents yourself.

For example:

RemotelyAnywhere Uninstall –computer KOSSUTH

You will need administrative privileges on the remote computer to successfully perform this operation.

5. STARTING AND STOPPING A SERVICE

The command is:

start [-service SERVICE] [-computer MACHINE] stop [-service SERVICE] [-computer MACHINE]

The optional parameters are the name of the service (it defaults to RemotelyAnywhere) to be started, and the computer to perform the operation on (defaults to the local computer).

For example:

RemotelyAnywhere start

This will start the RemotelyAnywhere service on the local computer.

RemotelyAnywhere stop W3SVC –computer KOSSUTH

Copyright ©2005 • Send support questions to: [email protected]

Page 91

17. Command Line Parameters

This will stop the W3SVC service on the computer called KOSSUTH. You will need administrative rights on the remote computer to perform this operation.

6. RESTART THE REMOTELYANYWHERE SERVICE

The command is:

Restart [-computer COMPUTER]

The optional parameter is a computer name (defaults to the local machine).

For example:

RemotelyAnywhere Restart –computer KOSSUTH

You will need administrative privileges on the computer to successfully perform this operation.

7. EXPORT/IMPORT REMOTELYANYWHERE CONFIGURATION SETTINGS TO/

FROM A TEXT FILE

The commands are:

CreateIniFile [-inifile FILENAME] [-computer MACHINE]

LoadIniFile [-inifile FILENAME] [-computer MACHINE]

The default value for FILENAME is RemotelyAnywhere.ini in the directory the RemotelyAnywhere executable is located in. The COMPUTER parameter, if not specified, defaults to the local computer.

You can use these commands to quickly copy configuration settings from one RemotelyAnywhere installation to another, usually when installing RemotelyAnywhere to a remote computer from the command line.

A typical set of commands using these settings would be:

RemotelyAnywhere CreateIniFile

RemotelyAnywhere Install –computer SERVER1

RemotelyAnywhere Stop –computer SERVER1

RemotelyAnywhere LoadIniFile –computer SERVER1

RemotelyAnywhere Start –computer SERVER1

The first line saves the local RemotelyAnywhere configuration to the default file. The second command installs RemotelyAnywhere on the computer named SERVER1. The third command stops the RemotelyAnywhere service on SERVER1 – necessary, because the previous command already started RemotelyAnywhere. The fourth command will read all settings from the default ini file, and configure RemotelyAnywhere on SERVER1 accordingly. Finally, the last command starts

RemotelyAnywhere.

The CreateIniFile command will write all RemotelyAnywhere configuration data to the target text file. The LoadIniFile command will import all configuration data contained within the text file to the target computer. This means that all configuration data is copied, including permissions, FTP

Server settings, the license key, etc. If you do not want to import specific configuration items, you will need to edit the generated ini file and remove these entries. The format of the generated ini file is as follows:

Copyright ©2005 • Send support questions to: [email protected]

Page 92

Copyright ©2005 • Send support questions to: [email protected]

17. Command Line Parameters

Page 93

17. Command Line Parameters 17. Command Line Parameters

[MetaData]

Creator=RemotelyAnywhere

CreatorBuildNumber=268

SourceComputer=SERVER2

Value0000=UseGraphRed

Value0001=VisitLength

Values=2

[UseGraphRed]

Type=REG_DWORD

Data=0

[VisitLength]

Type=REG_DWORD

Data=600

The above example, of course, is just a small part of the actual file generated. If you do not wish to copy, for example, the VisitLength setting, simply remove the ValueXXXX=VisitLength line from the MetaData section.

Copyright ©2005 • Send support questions to: [email protected]

Page 92

Copyright ©2005 • Send support questions to: [email protected]

Page 93

19. WAP Access

Introduction

RemotelyAnywhere supports limited access via wireless devices using the Wireless Application

Protocol (WAP).

These devices are usually mobile phones, with limited screen size, limited memory, and limited processor capacity.

For this reason, they do not understand HTML – pages displayed on WAP devices are written in

WML, which is based on XML. Graphics are simple black-and-white images.

When you access RemotelyAnywhere via the WAP interface, you are prompted to log in.

Enter your username and password using the phone’s controls then click the OK link.

Note If RemotelyAnywhere does not recognize your WAP device as such, it might cause your WAP browser to display a message regarding unknown content, a compile error, or something similar. In this case, you can edit the contents of the WapClients.cfg file found in your RemotelyAnywhere directory to make the user agent known as a WAP device. Further information on the format of the file is found inside. It is a plain text file and can be edited using any text editor.

Security Precautions

With HTTP and the browser interface, you have a fairly simple job securing your communication: simply create an SSL certificate, install the certificate in your browser, and use HTTPS as the protocol.

With the WAP interface, things are more difficult, since your phone does not directly communicate with RemotelyAnywhere. WAP devices connect to a WAP gateway that acts like an intelligent proxy server:

1. The phone issues a request to the gateway. The phone and the gateway communicate via

UDP (connectionless IP).

2. The gateway issues an HTTP or HTTPS request to RemotelyAnywhere and waits for the reply.

3. The gateway compiles the received WML into bytecode and sends it to the phone.

While this is of no concern when browsing WAP pages for stock quotes or weather forecasts, it raises two issues when a secure connection is required:

1. The phone must be able to communicate with the gateway via a secure channel. This is done via the WTLS protocol that requires that the phone ‘trusts’ the gateway – that is, it has its WTLS certificate installed.

2. The gateway must be able to communicate with RemotelyAnywhere via HTTPS. This requires that the gateway ‘trust’ the RemotelyAnywhere installation in question – it should have its certificate installed.

When using a commercial gateway (such as the ones provided by cellphone companies) the first

Copyright ©2005 • Send support questions to: [email protected]

Page 94

Copyright ©2005 • Send support questions to: [email protected]

19. WAP Access

Page 95

Copyright ©2005 • Send support questions to: [email protected]

19. WAP Access

Page 94

19. WAP Access issue is usually not a problem. However, your cellphone provider will probably not install your self-generated RemotelyAnywhere certificates, so the secure connection between the gateway and

RemotelyAnywhere will not be established.

RemotelyAnywhere provides a free, secure WAP gateway to its customers. The IP address of this gateway is 206.252.132.168.

If you can make a secure (WTLS & HTTPS) connection to your computer running

RemotelyAnywhere from your WAP device, then you do not need to use our gateway. However, if you run into problems, then we recommend using a normal ISP dial-up account and the

RemotelyAnywhere WAP gateway instead of the dial-up service and gateway offered by your cellphone provider.

Using a third-party ISP for dial-up access is not necessary, but most cellphone companies will not let you use a WAP gateway outside of their network. If this is the case, then you need a dial-up account with an ISP, in addition to the RemotelyAnywhere WAP gateway.

If your RemotelyAnywhere installation is set to filter IP addresses, then you should allow access from 206.252.132.168, since this is the IP address where the HTTP/HTTPS connections will be made from.

When accessing RemotelyAnywhere from your phone, always use the HTTPS protocol by specifying HTTPS:// in the beginning of the URL. This will encrypt the data sent and received between the gateway and the RemotelyAnywhere installation.

Here is a brief description of how to configure a Nokia7110 to use our gateway:

• Select the Services menu. Select Settings. The 7110 allows you to store 5 different sets of

WAP connection settings. Highlight the current settings, or one of the unused settings on the phone, and select Options. Select Edit to edit the selected settings.

Homepage should be set to the RemotelyAnywhere installation you most frequently access - or any other WML page. You can use the Bookmarks feature of the phone to store your RemotelyAnywhere URLs.

Connection Type should be set to Continuous.

Connection Security should be set to On, this will encrypt the data sent and received between the phone and the gateway.

Bearer must be set to Data.

Dial-up number must be set to the phone number of your dial-in server.

IP Address must be set to 206.252.132.168.

Authentication type can be set to either Normal or Secure, depending on the configuration of your dial-in server. This setting specifies how the username and password are sent to the dial-in server, and does not have any affect on actual WAP communications.

Data call type can be set to either Analogue or ISDN, depending on your mobile operator network and the type of dial-in connection that you will be using.

Data call speed can normally be left to Autobauding.

User name specifies the user name associated with your dial-up connection.

Password specifies the password associated with your dial-up connection.

• Once you have configured all of your settings, use Back to return to the previous level of menus, and then Activate your configuration.

Info Screen

You will be greeted with an Info screen that displays some essential information about the computer. The Info screen will look similar to the images on the left.

At the bottom of this screen (and at the bottom of every screen) you will find the main menu that allows you to select RemotelyAnywhere functions accessible via the WAP interface.

Copyright ©2005 • Send support questions to: [email protected]

Page 95

19. WAP Access

The Menu

The menu, at the bottom of the screen looks like the image on the left (only partially shown):

Here is the complete list of menu options:

1. Main Menu

2. Services

3. Drivers

4. Processes

5. Performance Monitoring

6. Reboot

8. Event Viewer

8. Logout

A link to this menu is present at the bottom of every page displayed by RemotelyAnywhere.

Services & Drivers

The Services page looks like the image on the left.

You see a listing of all installed services, with their status next to them. Selecting a service takes you into a menu that allows you to control that service:

On the services listing page, near the end, you can request different parts of the list.

The Drivers page looks and behaves exactly like the Services page.

Page 96

Copyright ©2005 • Send support questions to: [email protected]

Copyright ©2005 • Send support questions to: [email protected]

19. WAP Access

Page 97

Copyright ©2005 • Send support questions to: [email protected]

19. WAP Access 19. WAP Access

Processes

The Processes page has three options, as shown in the image on the left.

The first two will let you see a listing similar to the Services or Drivers lists – next to the process name you will see either the CPU time used by the process or the Memory in use by the process, depending on your selection:

Selecting a process will display detailed information about it, such as the executable name with full path, the parent process, if available, the creation time, CPU time, pagefile and physical memory usage, as in the image on the left.

You also have the option of killing a process here.

The third option in the Processes menu is the Create Process one. This will present you with the following dialog:

Page 96

Filling out this form and submitting it launches a new process under the user account of the person using the WAP device. You can use this for a variety of tasks, such as executing batch files:

Executable Name: cmd.exe

Optional Parameters: /C c:\backup\startbackup.cmd

This will launch the command interpreter, which, in turn, will launch the startbackup.cmd batch file in the c:\backup directory.

Performance Monitoring

On the performance pages, you can view graphs on the CPU, memory, and disk space utilization.

The main menu looks like the image on the left.

By selecting either of these options, you are presented with three graphs, each with a different sampling rate – just like in the main RemotelyAnywhere performance charts.

Copyright ©2005 • Send support questions to: [email protected]

Page 97

19. WAP Access

The CPU load represents the total CPU load on multiprocessor machines. The memory load includes physical and virtual memory. The disk space utilization chart represents the total for all harddisks in the computer.

Reboot

This option presents you with a menu similar to that found in the HTML interface.

The first three selections reboot the computer. Normal reboot shuts down all applications.

Emergency reboot kills all processes then shuts down and restarts the system in an orderly fashion. You might lose data in your running applications. Hard reboot is just like pressing the reset button or toggling the power switch: use this only as a last resort!

The last selection restarts the RemotelyAnywhere service.

Event Viewer

This option enables you to view RemotelyAnywhere’s event viewer. You will be given a list of event viewer options as in the image on the left.

If you select one of these options, you will see the following:

Logout

This menu option ends your RemotelyAnywhere session.

It is not strictly necessary to manually log out – your session will eventually time out after the time period specified in the RemotelyAnywhere configuration elapses.

Page 98

Copyright ©2005 • Send support questions to: [email protected]

18. PDA Access

Introduction

RemotelyAnywhere supports access via wireless handheld devices connecting using the http protocol. These devices, commonly known as PDAs, offer more connectivity to RemotelyAnywhere than do devices using the WAP protocol.

Not all handheld PDAs are the same. While RemotelyAnywhere is designed to operate on the most popular PDA devices and browsers, some features may appear different from one handheld to the next, and indeed in some cases certain functions have been deactivated altogether due to the limitations of some devices. However, in the case of devices running Pocket PC 2000/2002,

Microsoft Windows Mobile 2003 for Pocket PC, or Microsoft Windows Mobile 2003 Second

Edition for Pocket PC, version 6 of RemotelyAnywhere now offers the ability to perform desktop

remote control.

BlackBerry users please note: BlackBerry handhelds connect to RemotelyAnywhere using the

WAP protocol. Please see chapter 19, WAP Access, for more information.

Logging in to RemotelyAnywhere via a PDA is very similar to logging in via a desktop’s web browser. Simply ensure your PDA is connected to your LAN, or, if necessary, the internet, and enter the appropriate IP address or web address and click OK. Authentication with PDA browsers is exactly the same as with other browsers. Enter your Windows username and password and, if necessary, the domain name, click OK, and you will be brought to the main menu.

Security Precautions

With HTTP and the PDA’s browser interface, making secure SSL connections is very similar to the process found on other browsers: simply create an SSL certificate, install the certificate in your browser, and use HTTPS as the protocol.

Main Menu

Depending on the browser, you will see a menu resembling the image to the left when logging in.

The clickable links are, in order:

Home

Remote Control

Processes

Services

Drivers

Event Viewer

User Manager

Registry Editor

Reboot

CPU Load

Memory Load

File Transfer

Network Maintenance

Log Out

Copyright ©2005 • Send support questions to: [email protected]

Page 99

18. PDA Access

The left-pointing arrow encased in the blue circle, present at the top of every page displayed by

RemotelyAnywhere, provides a link back to this main menu.

Home

A simplified version of the RemotelyAnywhere home page described earlier in this manual, as pictured to the left, the PDA interface’s home page shows a simple system overview.

Remote Control

If this option is available with your browser, selecting Remote Control downloads an ActiveX control to your PDA.

Using the stylus, you can move the mouse around on the screen. Tapping the screen, as per normal, is like clicking the mouse.

The toolbar, seen at the top left, offers the following buttons in order from left to right:

DRAG Using this button, the toolbar can be dragged around the edges of the PDA window.

MENU The menu offers the following options:

File > Disconnect - Ends the RemotelyAnywhere session

View > Actual Size - Views the host screen at 100% magnification

View > Scale to Fit - Scales the host screen to fit the PDA screen

View > Zoom To > - Manually specify the zoom level

View > No Rotation - Maintains the remote control screen vertically represented

View > Rotate Left 90 Degrees - Rotates the remote control screen to the left

View > Rotate Right 90 Degrees - Rotates the remote control screen to the right

(The above two options make better use of the screen geometry of the PDA, thus allowing a larger picture)

Tools > Send Ctrl-Alt-Del - Sends a Ctrl-Alt-Delete keystroke combination

Tools > Send Special Keys - See Remote Control section of this manual

Tools > Change Color Depth - Changes the number of colors shown on the host screen

Tools > Change Resolution - Changes the screen resolution of the host screen

KEYBOARD Tapping this icon once brings the keyboard interface up, allowing you to type.

Tapping it again makes the keyboard disappear.

MOUSE BUTTON Tapping this icon switches between left and right mouse-clicks.

EXIT Returns to main menu.

Copyright ©2005 • Send support questions to: [email protected]

Page 100

Copyright ©2005 • Send support questions to: [email protected]

18. PDA Access

Page 101

Copyright ©2005 • Send support questions to: [email protected]

18. PDA Access

Page 100

18. PDA Access

Processes

The Processes page has three options, as shown in the image to the left.

The output of this function will give you a listing of all processes running on the remote computer. The list is hierarchical: a parent process will have its child processes listed beneath it, with indentation indicating relationships. Please note that this is for information purposes only, since Windows reuses process IDs.

Selecting a process will give you more information about it, as detailed earlier in this manual.

Services & Drivers

The images below show you what you would see under the services or drivers menu options:

The format of the Services and the Drivers lists are identical. These lists display the names and statuses of all the services (or drivers) installed on the remote machine. Clicking on the name will show you more detail about the selected object and allows you to control it. You can also change its startup options. When specifying a user account to be used by a service,it must be in DOMAIN\

USER form. If you want to use a local user account, you can type .\USER.

In the list of objects, the status field shows Stopped, Running, Starting, Stopping, etc.

RemotelyAnywhere looks through the list of services and drivers, and if it finds one that is set to start automatically but is not running, a question mark is displayed. This alerts you to the fact that the service should be running, but isn’t.

Event Viewer

This option enables you to view RemotelyAnywhere’s event viewer. You will be given a list of event viewer options as in the image on the left.

User Manager

When you click on User Manager in the menu you will be able to access RemotelyAnywhere’s use manager. Supporting all the features of NT’s built-in User Manager, its functionality is similar to that of RemotelyAnywhere’s regular User Manager.

Copyright ©2005 • Send support questions to: [email protected]

Page 101

18. PDA Access

Registry Editor

This option enables you to edit the registry of the host computer. First, the registry roots (HKCR,

HKCU, HKLM, etc.) are displayed, and you can drill down into them by clicking on their names.

Registry keys are links that open up that key for you. Key values are also displayed here, with their name, type and value. You can edit values that are of either text (REG_SZ, REG_EXPAND_SZ or REG_MULTI_SZ) or integer (REG_DWORD) type. Binary, etc. values are only displayed but cannot be edited. Using the buttons at the bottom of every page you can add a subkey, add a value or delete the currently opened key.

Reboot

This option presents you with a menu similar to that found in the HTML interface.

The first selection restarts the RemotelyAnywhere service.

The next four selections reboot the computer. Normal reboot shuts down all applications.

Emergency reboot kills all processes then shuts down and restarts the system in an orderly fashion. You might lose data in your running applications. Hard reboot is just like pressing the reset button or toggling the power switch: use this only as a last resort! Scheduled reboot allows you to reboot the remote machine at a specified time.

CPU Load & Memory Load

Here you can view graphs on the CPU and memory load.

File Transfer

When using File Transfer bear in mind that Palm devices don’t really have a proper file system.

Under the Windows CE browser, you can hover your stylus over a file and it will give you the option to “Save as” (thus putting the “transfer” in “file transfer”) whereas under the Palm, all it will do is try to open files in various programs (ie. textfiles in textpad, jpegs in picture viewer, etc.)

This is the fundamental difference between Palm and Windows CE.

Copyright ©2005 • Send support questions to: [email protected]

Page 102

Copyright ©2005 • Send support questions to: [email protected]

18. PDA Access

Page 103

18. PDA Access 18. PDA Access

Network Maintenance

With this feature you can install and configure RemotelyAnywhere on other computers connected to the network, much as you would with the RemotelyAnywhere Console, as documented in the

Preferences chapter of this manual.

Log Out

This menu option ends your RemotelyAnywhere session.

It is not strictly necessary to manually log out – your session will eventually time out after the time period specified in the RemotelyAnywhere configuration elapses.

Copyright ©2005 • Send support questions to: [email protected]

Page 102

Copyright ©2005 • Send support questions to: [email protected]

Page 103

Appendix A - Monitoring Script

Reference

Conditions

DiskFreeSpaceUnder(<drive>, <amount>)

• Becomes true if there’s less than <amount> number of bytes free on <drive>.

ProcUsageAboveFor(<usage>, <time>)

• Becomes true if the processor usage has been above <usage> for the time period specified in <time>.

MemUsageAboveFor(<usage>, <time>)

• True if the memory usage is above the specified amount for the specified time.

NetInUsageAboveFor(<net interface>, <usage>, <time>)

• True if the network input on the specified network interface has taken up more than the specified percentage of the available bandwidth of said interface for the amount of time specified.

NetOutUsageAboveFor(<net interface>, <usage>, <time>)

• True if the network output on the specified network interface has taken up more than the specified percentage of the available bandwidth of said interface for the amount of time specified.

CheckAnswer(<server:port>, <request>, <reply>, <time>)

• Connects to the server and port specified, sends a request, and waits for a reply. True if the connection is unsuccessful, there is no data received for the amount of time specified, or the response received from the server does not match the reply specified above.

Small(<script name>)

• Executes the Small script specified in the <script name> parameter. Becomes

TRUE if the script returns a non-zero value, and becomes FALSE if the script returns with zero.

• The script must meet the following requirements:

It has to be compiled and available in the RemotelyAnywhere installation directory.

It must have a main function, and that function should return an integer value.

Parameters

<drive>

• A drive specification, for example, “C:\\

<amount>

• Amount of memory or HD space. For example: 1,000,000 (bytes) or 128M

(megabytes).

<usage>

• A percentage of, for example, processor usage. E.g.: 90%

Copyright ©2005 • Send support questions to: [email protected]

Page 104

Appendix A - Monitoring Script

Reference

Copyright ©2005 • Send support questions to: [email protected]

Page 105

Appendix A - Monitoring Script

Reference

Page 104

Appendix A - Monitoring Script

Reference

<time>

• An amount of time. For example: 10s (10 seconds), 20m (20 minutes), 24h (24 hours).

<net interface>

• A number identifying a network interface. You can see the list of network interfaces installed in the computer by going to Performance Monitoring

>Network. The first adapter in this list is adapter 1, the second is adapter 2, etc.

<server:port>

• When querying a TCP/IP service, you must specify the server and the port to connect to. This can be in the form of a DNS name and a port number (such as “www.company.com:80”) or an IP address and a port number (such as

192.168.0.3:8888”).

<request>

• When you query a TCP/IP service, you specify here what you want to send to the server. For example: “HEAD / HTTP/1.0”.

<reply>

• When you query a TCP/IP service, you expect a reply to your request.

RemotelyAnywhere will match the first few bytes of the response from the server against the reply you specify here.

<string>

• An arbitrary string of characters enclosed by double quotes (“).

<script name>

• The name of a compiled Small script, without the extension. Must be enclosed in double quotes. The script must have a main function.

Actions

Log(<string>)

• Places the parameter in the RemotelyAnywhere.log file.

SendMail(<string>, <string>, <string>)

• Sends an email to the recipient specified in the first parameter, with the subject specified in the second parameter. The contents of the email message are in the third parameter.

SendMail(<string>, <string>, <string>, <string>)

• Sends an email to the recipient specified in the second parameter, with the subject specified in the third parameter. The contents of the email message are in the fourth parameter. The sender of the email is identified in the first parameter.

SendMessage(<string>, <string>)

• Sends an administrative message to the user or computer specified in the first parameter. The contents of the message are specified in the second parameter.

Execute(<string>)

• Executes a program or a batch file. The full path name of the program to be executed and any parameters (including optional output redirection) are specified in the sole parameter.

Small(<script name>)

• Executes a Small script. The script must be compiled and must have a main function.

Copyright ©2005 • Send support questions to: [email protected]

Page 105

Copyright ©2005 • Send support questions to: [email protected]

Appendix A - Monitoring Script

Reference

String Substitutions

When sending emails or administrative messages, it is necessary to include detailed information on the events that have caused the alert to be sent out. The following items, if placed in a string parameter, will be substituted with their associated value.

[MACHINE]

• The name of the computer.

[FREE_MBYTES]

• Free megabytes on a disk drive. Only has a value if the action follows a

DiskFreeSpaceUnder condition.

[TOTAL_MBYTES]

• Total megabytes on a disk drive. Only has a value if the action follows a

DiskFreeSpaceUnder condition.

[FREE_PERCENT]

• Percentage of free space on a disk drive. Only has a value if the action follows a

DiskFreeSpaceUnder condition.

[AVG_USAGE]

• Average usage.

[MIN_USAGE]

• Minimum usage.

[MAX_USAGE]

• Maximum usage. This, and the above two strings only have a value when the action follows one of these conditions: ProcUsageAboveFor,

MemUsageAboveFor, NetInUsageAboveFor or NetOutUsageAboveFor.

[ANSWER]

• The response received from the checked server in a CheckAnswer condition.

[FILE <filename>]

• The contents of the specified file. For example, [FILE C:\\TEMP\\output.txt] will place the contents of the file C:\TEMP\output.txt in the string.

[SMALL_RES]

• The return value from a Small script’s main function. It is of integer type.

Only valid after a Small condition or a Small action.

Page 106

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

RemotelyAnywhere uses a 3 rd

party scripting language called Small.

WHAT IS SMALL?

This is probably best described in the words of the author of the language itself:

Small is a simple, typeless, 32-bit extension language with a C-like syntax. The Small compiler outputs P-code (or bytecode) that subsequently runs on an abstract machine. Execution speed, stability, simplicity and a small footprint were essential design criterions for both the language and the abstract machine.

[…]

The Small language was designed as a flexible, general-purpose language. The tool set

(compiler, abstract machine) were written so that they were easily extensible and would run on different software/hardware architectures.

Many years ago, I retyped the “Small C” compiler from Dr. Dobb’s Journal, by Ron Cain and

James Hendrix. Having just grasped the basics of the C language, working on the Small C compiler was a learning experience of its own. […]

In early 1998, I was looking for a scripting language for an animation toolkit. […] While experimenting with Quincy (from Al Stevens), I decided that a simplified C would probably be a good fit. I dusted off Small C. This is the result.

Small is a descendent of the original Small C, which at its turn was a subset of C. The most fundamental changes that I did were the removal of the type system and the substitution of pointers by references. The motivations to adapt the C language to (yet another) tiny language are best discussed elsewhere (see the rationale in appendix A), but by scrapping the type system and the support for pointers, I could hardly call my language a “subset of C” or a “C dialect”.

Therefore, I stripped off the “C” from the title and kept the name “Small”.

--Thiadmer Riemersma, the Small Booklet, 1999

For an introduction and a complete language reference, please see the Small Booklet

(smalldoc.pdf) included with your copy of RemotelyAnywhere.

This appendix describes the RemotelyAnywhere extensions to the language. These extensions allow your scripts to communicate with RemotelyAnywhere, the user, and provide a small subset of the Win32 API.

The definition of the functions are in the ‘ra.inc’ header file, so you must insert the “#include

<ra>” line in your script’s source code in order to use them. If you create a new script with

RemotelyAnywhere, it will place the appropriate line in the source to use these functions.

Following is a list and description of functions that make up the extensions:

Copyright ©2005 • Send support questions to: [email protected]

Page 107

Appendix B - Small Scripting

Reference

Function Page native gb(arr[], id); 109 native sb(arr[], id, value); 109 native strize(array[], len=-1); 110 native strlen(string[]); 110 native strcpy(dest[], src[]); 110 native strcat(dest[], src[]); 111 native strleft(dest[], src[], len); 111 native strright(dest[], src[], len); 111 native strmid(dest[], src[], pos, len); 112 native strchr(string[], c, start=0); 112 native strstr(string1[], string2[], start=0); 113 native strcmp(string1[], string2[]); 113 native stricmp(string1[], string2[]); 113 native sprintf(string[], format[], ); 114 native atoi(string[]); 115 native fopen(filename[], mode); 115 native fclose(file); 115 native fread(file, buf[], bytes); 116 native fwrite(file, buf[], bytes); 116 native fseek(file, offset, method); 117 native socket(address[], port, timeout=-1); 117 native closesocket(sock); 118 native recv(sock, buf[], bytes); 118 native send(sock, buf[], bytes); 118 native htmlBeginOutput(title[]=””); 119 native htmlEndOutput(); 119 native htmlWrite(text[], htmlize=false); 119 native htmlBR(); 119 native htmlBeginTable( ); 120 native htmlEndTable(); 120 native htmlTableRow( ); 120 native htmlBeginTableRow(); 120 native htmlEndTableRow(); 120 native htmlTableCell(text[]); 120 native htmlBeginTableCell(); 121 native htmlEndTableCell(); 121 native htmlBeginDialog(text[]); 121 native htmlEndDialog(); 121 native htmlBeginForm(); 121 native htmlEndForm(); 121 native htmlAddParam( ); 121 native htmlGetParam(param[], value[]); 122 native htmlButton(text[], func[]); 122 native htmlButtonBack(text[]=”Back”, form=true); 122 native htmlRadioButton(param[], value[], checked=false); 123 native htmlCheckbox(param[], value[], checked=false); 123 native htmlEdit(param[], value[]=””); 123 native htmlLink(title[], url[]); 124 native htmlCBLink(title[], func[], ); 124 native htmlError(msg[]); 124 native raEnumProcs(); 124 native raGetProcessNum(); 125 native raGetProcess(id, &pid, name[], &cpu, &mem); 125 native raGetNextProcess(&pid, name[], &cpu, &mem); 125 native raEnumProcsClose(); 125 native raKillProcess(pid); 126 native raForkProcess(cmdline[]); 126

Copyright ©2005 • Send support questions to: [email protected]

Page 108

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

Page 109

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

Page 108

Appendix B - Small Scripting

Reference native raExecuteCmd(cmd[], buf[]=””, buflen=0, timeout=-1); 127 native raReboot(type=REBOOT_NORMAL); 127 native raEnumServices(); 127 native raGetServiceNum(); 128 native raGetService(id,name[],displayName[],binary[],&type,&status,&startup); 129 native raGetNextService(name[], displayName[], binary[], &type, &status, startup); 129 native raEnumServicesClose(); 129 native raStartService(name[]); 129 native raStopService(name[]); 129 native raPauseService(name[]); 130 native raContinueService(name[]); 130 native raGetTime(); 130 native raGetPerformance(type, time, &value, ); 130 native raSleep(time); 131 native raLog(msg[]); 131 native raSendMail(to[], subj[], msg[], from[]=””); 131 native raMessage(to[], msg[]); 132 native raRegGetValue(base, key[], value[], type, ); 132 native raRegSetValue(base, key[], value[], type, ); 133 native gb(arr[], id);

Extracts a byte from an array at the specified index. (Handles a Small cell array as a byte array.)

Parameters

arr

id

[in] The array to extract the byte from

[in] The index from the byte is to be extracted

Return Value

If the function succeeds, it returns the value of the byte at

the specified index in the array (in the range [0..255]).

If the function fails, it returns –1.

native sb(arr[], id, value);

Sets a byte in an array at the specified index. (Handles a Small cell array as a byte array.)

Parameters

arr

id

[in] The array to set the byte in

[in] The index at the byte is to be set

Return Value

If the function succeeds, it returns 1.

If the function fails, it returns 0.

Copyright ©2005 • Send support questions to: [email protected]

Page 109

Appendix B - Small Scripting

Reference native strize(array[], len=-1);

Converts a Small string to a C-Style string and vice versa. (It is useful when - for example - you want to read/write a text message from/to a file or a socket.)

Parameters

arrray

len

[in] The array containing the text to be converted.

[in] The length of the string to be converted. If this parameter is -1, the string is assumed to be zero terminated and all characters are going to be converted.

Return Value

If the function succeeds, it returns 1.

If the function fails, it returns 0. native strlen(string[]);

Returns the length in characters of a string (not including the terminating null character).

Parameters

string

[in] The string whose length is to be returned

Return Value

If the function succeeds, it returns the length of the string (greater than or equals to 0).

If the function fails, it returns -1. native strcpy(dest[], src[]);

Copies a string to a buffer.

Parameters

dest

[out] The array to receive the contents of the src string. The array must be large enough to contain the string including the terminating null character.

src

[in] The string to be copied.

Return Value

If the function succeeds, it returns 1.

If the function fails, it returns 0.

Page 110

Copyright ©2005 • Send support questions to: [email protected]

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

Page 111

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

Page 110

Appendix B - Small Scripting

Reference native strcat(dest[], src[]);

Appends one string to another.

Parameters

dest

[in/out] The array containing the string to which the contents of src are to be appended.

The array must be large enough to contain both strings.

src

[in] The string to be appended.

Return Value

If the function succeeds, it returns 1.

If the function fails, it returns 0. native strleft(dest[], src[], len);

Extracts the beginning of a string to an array.

Parameters

dest

[out] The array to receive the contents of the src string’s specified part. The array must

be large enough to contain it including the terminating null character.

src

len

[in] The string to extract from.

[in] The number of characters to be copied from the beginning of src to dest. If the

length of src is less than len, the whole string is being copied.

Return Value

If the function succeeds, it returns the number of characters copied to dest not including the

terminating null character.

If the function fails, it returns 0. native strright(dest[], src[], len);

Extracts the end of a string to an array.

Parameters

dest

[out] The array to receive the contents of the src string’s specified part. The array must be large enough to contain it including the terminating null character.

src

len

[in] The string to extract from.

[in] The number of characters to be copied from the end of src to dest. If the length of src is less than len, the whole string is being copied.

Return Value

If the function succeeds, it returns the number of characters copied to dest not including the terminating null character.

If the function fails, it returns 0.

Copyright ©2005 • Send support questions to: [email protected]

Page 111

Appendix B - Small Scripting

Reference native strmid(dest[], src[], pos, len);

Extracts the specified part of a string to an array.

Parameters

dest

[out] The array to receive the contents of the src string’s specified part. The array must be large enough to contain it including the terminating null character.

src

pos

len

[in] The string to extract from.

[in] The index of the first character that is to be copied from src.

[in] The number of characters to be copied from src to dest. If the length of src is less than pos+len, only the appropriate number of characters are being copied.

Return Value

If the function succeeds, it returns the number of characters copied to dest not including the

terminating null character.

If the function fails, it returns 0. native strchr(string[], c, start=0);

Finds the first occurrence of a character in a string.

Parameters

string

c

start

[in] The string to search in.

[in] The character to be searched.

[in] The index from which the search to start.

Return Value

If the character is found, the index of the first occurrence of c in string.

If the function fails or the character is not found, -1.

Page 112

Copyright ©2005 • Send support questions to: [email protected]

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

Page 113

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

Appendix B - Small Scripting

Reference native strstr(string1[], string2[], start=0);

Finds the first occurrence of a string in another string.

Parameters

string1

string2

[in] The string to search in.

start

[in] The string to search for.

[in] The index which the search to start at.

Return Value

If the string is found, the index of the first occurrence of string2 in string1.

If the function fails or the string is not found, -1. native strcmp(string1[], string2[]); native stricmp(string1[], string2[]);

Compares (case sensitive/insensitive) two strings by checking the first characters against each other, the second characters against each other, and so on until it finds an inequality or reaches the ends of the strings.

The function returns the difference of the values of the first unequal characters it encounters. For example, strcmp determines that “abcz” is greater than “abcdefg” and returns the difference of z and d.

Parameters

string1

string2

[in] The first string.

[in] The second string.

Return Value

If string1 is less than string2, the return value is negative. If string1 is greater than string2, the

return value is positive. If the strings are equal, the return value is zero.

If the function fails, the return value is zero.

Page 112

Copyright ©2005 • Send support questions to: [email protected]

Page 113

Appendix B - Small Scripting

Reference native sprintf(string[], format[], ... );

Formats a string. The parameters are converted and placed in the output string according to the format specifications in the format parameter.

Parameters

string

format

[out] The array that receives the formatted string. It must be large enough to contain the resulting string.

[in] The format specification string. For more information, see the Remarks section.

Return Value

If the function succeeds, the return value is the number of characters stored in the string array

not including the terminating null character.

If the function fails, the return value is zero.

Remarks

The format specification is very similar to that of the sprintf function of the standard C library.

Fields always begin with a percent sign (%). If an unrecognized character follows a percent sign, it is inserted into the output. A format specification has the following form:

%[0][width]type

The width specifies the minimum field width allocated to the parameter in the output string.

The allocated field is always filled right aligned with the parameter. If the width is preceded by a

‘0’ character, and the parameter is an integer type, the blank space remaining in the field is filled with ‘0’ characters.

The following type specifications are supported:

Appendix B - Small Scripting

Reference

Copyright ©2005 • Send support questions to: [email protected]

Page 114

Copyright ©2005 • Send support questions to: [email protected]

Page 115

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

Appendix B - Small Scripting

Reference native atoi(string[]);

Converts a string to an integer.

Parameters

string

[in] The string to be converted.

Return Value

Returns the value produced by interpreting the input string as a signed decimal number. The

return value is 0 if the string cannot be interpreted. The return value is undefined in the case

of an overflow. native fopen(filename[], mode);

Opens a file.

Parameters

filename

mode

[in] A string representing the name of the file to be opened.

[in] A number indicating how to open the file. It can have the following values:

FILE_READ: Open the file for reading

FILE_WRITE: Open the file for writing

Return Value

If the function succeeds, it returns a nonzero value identifying the opened file.

If the function fails, it returns zero. native fclose(file);

Closes an open file.

Parameters

file

[in] A file identifier returned by fopen.

Page 114

Copyright ©2005 • Send support questions to: [email protected]

Page 115

Appendix B - Small Scripting

Reference native fread(file, buf[], bytes);

Reads data from a file.

Parameters

file

buf

bytes

[in] A file identifier returned by fopen.

[in/out] An array that receives the file contents.

[in] Number of bytes to be read into the array.

Return Value

If the function succeeds, it returns the number of bytes read, which may be less than bytes if

the end of file is reached or an error encountered.

If the function fails, it returns zero. native fwrite(file, buf[], bytes);

Writes data to a file.

Parameters

file

buf

bytes

[in] A file identifier returned by fopen.

[in] An array whose contents are to be stored.

[in] Number of bytes to be stored.

Return Value

If the function succeeds, it returns the number of bytes written, which may be less than bytes

if an error is encountered.

If the function fails, it returns zero.

Page 116

Copyright ©2005 • Send support questions to: [email protected]

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

Page 117

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

Page 116

Appendix B - Small Scripting

Reference native fseek(file, offset, method);

Repositions the file pointer.

Parameters

file

offset

[in] A file identifier returned by fopen.

[in] Offset, which the file pointer is to be set to.

method

[in] Identifies the initial position, which the file pointer is to be set relatively to. It must be one of the following constants:

FILE_BEGIN: beginning of the file

FILE_CURRENT: current file position

FILE_END: end of the file

Return Value

If the function succeeds, it returns the number of bytes written, which may be less than bytes

if an error is encountered.

If the function fails, it returns zero. native socket(address[], port, timeout=-1);

Opens a TCP socket and connects it to the specified address and port.

Parameters

address

[in] A string representing the address the socket is to be connected to. It may be a dotted number (for example “127.0.0.1”) or a machine name to be resolved (for example “www.

remotelyanywhere.com”).

port

[in] The port number, which the socket is to be connected to.

timeout

[in] Timeout value in milliseconds to be assigned to the socket. If -1, no timeout is assigned.

Return Value

If the function succeeds, it returns a nonzero number identifying the socket.

If the function fails, it returns zero.

Remarks

RemotelyAnywhere currently supports blocking mode TCP sockets only. The specified timeout

value will affect the behavior of all operations on the socket. If a request cannot be completed

in the time interval specified by timeout, the calls will fail. If timeout is not specified, all

operations will block until they can be finished or some error occurs.

Page 117

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference native closesocket(sock);

Closes a socket.

Parameters

sock

[in] An identifier returned by socket. native recv(sock, buf[], bytes);

Reads data from a socket.

Parameters

sock

buf

bytes

[in] A socket identifier returned by socket.

[in/out] An array that receives the data.

[in] Maximum number of bytes to be read into the array.

Return Value

If the function succeeds, it returns the number of bytes read.

If the function fails, it returns zero.

Remarks

The function will block until some input is available or an error occurs (for example the

timeout specified in socket elapses). native send(sock, buf[], bytes);

Sends data to a socket.

Parameters

sock

buf

bytes

[in] A socket identifier returned by socket.

[in] An array whose contents are to be sent.

[in] Number of bytes to be sent.

Return Value

If the function succeeds, it returns the number of bytes written.

If the function fails, it returns zero.

Remarks

The function will block until all the data is sent or some error occurs (for example the timeout

specified in socket elapses).

Page 118

Copyright ©2005 • Send support questions to: [email protected]

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

Page 119

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

Page 118

Appendix B - Small Scripting

Reference native htmlBeginOutput(title[]=””);

Opens the output to be sent to the caller of the script.

Parameters

title

[in] A string specifying the text that should appear in the headline of the

RemotelyAnywhere browser window.

Return Value

If the function succeeds, it returns 1.

If the function fails, it returns zero.

Remarks

The function will succeed if the script containing it is called from the RemotelyAnywhere

user interface. It fails, if it is called from a Monitoring Script rule. If this function fails any

further call to the html… functions should be skipped because they will have no effect at all.

The htmlEndOutput() function must be called to send the output. native htmlEndOutput();

Sends the output to the caller of the script. native htmlWrite(text[], htmlize=false);

Writes text to the HTML output.

Parameters

text

[in] The string to be written to the output.

htmlize

[in] Specifies whether text is to be converted to html format. See the Remarks section for more information.

Remarks

The htmlize parameter specifies the way the HTML output is being written. If it is false, you

can directly write the output using HTML tags, special characters, etc. If it is true, the text is

converted to appear the same in the browser window. Special characters (for example brackets,

national characters, etc.) are substituted to their HTML equivalent. native htmlBR();

Writes a line break tag (<BR>) to the output.

Page 119

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference native htmlBeginTable(...);

Begins a table on the output.

Parameters

[in] Strings that specify the name of the columns in the table

Remarks

htmlEndTable() should be called in order to the table appear correctly. native htmlEndTable();

Ends a table started with htmlBeginTable. native htmlTableRow(...);

Writes a row to a table.

Parameters

[in] Strings that specify the content of the cells in the row native htmlBeginTableRow();

Begins a row in the current table. native htmlEndTableRow();

Ends a row started with htmlBeginTableRow. native htmlTableCell(text[]);

Inserts a cell into the current row of the table.

Parameters

text

[in] String specifying the content of the cell

Page 120

Copyright ©2005 • Send support questions to: [email protected]

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

Page 121

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

Page 120

Appendix B - Small Scripting

Reference native htmlBeginTableCell();

Begins a cell in the current row of the table. native htmlEndTableCell();

Ends the current cell started with htmlBeginTableCell. native htmlBeginDialog(text[]);

Begins a dialog area on the output. It will have the standard “RemotelyAnywhere look-and-feel”.

Parameters

text

[in] String specifying the caption of the dialog native htmlEndDialog();

Ends a dialog started with htmlBeginDialog. native htmlBeginForm();

Begins a form on the output. native htmlEndForm();

Ends a form started with htmlBeginForm. native htmlAddParam(...);

Inserts so-called hidden parameters into the current form (started with htmlBeginForm) that can be accessed with htmlGetParam when processing form data.

Parameters

[in] String pairs specifying the name and value of parameters

Page 121

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference native htmlGetParam(param[], value[]);

Gets the value of a parameter submitted on a form or in a link.

Parameters

param

value

[in] String specifying the name of the parameter whose value is to be get

[out] Array that receives the string value of the specified parameter. It must be large enough to contain the string.

Return Value

If the function succeeds, it returns 1.

If the function fails, it returns zero.

Remarks

This call will succeed only in a callback function specified in htmlButton or htmlCBLink. native htmlButton(text[], func[]);

Inserts a button into a form that submits the form data to the specified callback function.

Parameters

text

func

[in] String specifying the caption of the button.

[in] String specifying the name of the callback function to call when the button is clicked.

Return Value

If the function succeeds, it returns 1.

If the function fails, it returns zero.

Remarks

This function is valid only on a form started with htmlBeginForm. native htmlButtonBack(text[]=”Back”, form=true);

Puts a button that will navigate the user back to the Scripts page of RemotelyAnywhere.

Parameters

text

form

[in] String specifying the caption of the button.

[in] A boolean value specifying whether to insert a new form containing this button only. See the Remarks section for more information.

Remarks

If you call this function in the scope of a form started with htmlBeginForm you should pass false in the form parameter, because it is of unpredictable result creating a form without closing the previous one.

Copyright ©2005 • Send support questions to: [email protected]

Page 122

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

Page 123

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

Page 122

Appendix B - Small Scripting

Reference native htmlRadioButton(param[], value[], checked=false);

Inserts a radio button into a form with the specified name and value.

Parameters

param

value

[in] String specifying the parameter, which the radio button will modify.

[in] String specifying the value, which the radio button will insert into the parameter.

This will also be the caption of the radio button.

checked

[in] Boolean value specifying whether the radio button is checked by default.

Remarks

This function is valid only in the scope of a form started with htmlBeginForm.

Radio buttons assigned to the same parameter belong to the same group. Only one of them is

allowed to be checked, because it provides the value of the parameter. native htmlCheckbox(param[], value[], checked=false);

Inserts a checkbox on a form with the specified name and value.

Parameters

param

value

[in] String specifying the parameter, which the checkbox will modify.

[in] String specifying the value, which the checkbox will insert into the parameter. This will also be the caption of the checkbox.

checked

[in] Boolean value specifying whether the checkbox is checked by default.

Remarks

This function is valid only in the scope of a form started with htmlBeginForm.

The form will submit the parameter only when the checkbox is checked. native htmlEdit(param[], value[]=””);

Inserts an edit line into a form.

Parameters

param

value

[in] String specifying the parameter, which receives the content of the edit line.

[in] String specifying the initial value of the edit line.

Remarks

This function is valid only in the scope of a form started with htmlBeginForm.

Page 123

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference native htmlLink(title[], url[]);

Writes a link to the output.

Parameters

title

url

[in] String specifying the text appearing on the output.

[in] String containing the URL, which the link points to. native htmlCBLink(title[], func[], ... );

Writes a link that will call a function in the current script with the specified parameters.

Parameters

title

func

[in] String specifying the text appearing on the output.

[in] String specifying the name of the callback function to be called when the link is activated.

[in] String pairs containing parameter name-value information, that will passed to the callback function.

Remarks

The value of parameters passed with the link can be retrieved with htmlGetParam in the

callback function. native htmlError(msg[]);

Puts a standard RemotelyAnywhere error dialog to the ouput.

Parameters

msg

[in] String specifying the text appearing in the error box.

Remarks

This call will discard the previously written output and immediately sends the error message

to the user, so no further output should be written. native raEnumProcs();

Takes a snapshot of the currently active processes, that can be enumerated.

Remarks

You can call raGetProcessNum, raGetProcess, raGetNextProcess to retrieve information on the

processes. You must call raEnumProcsClose to release resources allocated by the snapshot.

Page 124

Copyright ©2005 • Send support questions to: [email protected]

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

Page 125

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

Page 124

Appendix B - Small Scripting

Reference native raGetProcessNum();

Gets the number of processes in the last snapshot taken with raEnumProcs. native raGetProcess(id, &pid, name[], &cpu, &mem); native raGetNextProcess(&pid, name[], &cpu, &mem);

Retrieves information on the specified process in the last snapshot taken with raEnumProcs.

Parameters

id

pid

name

[in] The index of the process to retrieve information on.

[out] Variable that receives the process ID.

cpu

mem

[out] Array that is being filled with the string representing the name of the process.

[out] Variable that receives the CPU time the process used in milliseconds.

[out] Variable that receives the size of memory allocated by the process in Kilobytes.

Return value

If the function succeeds, the return value is 1.

If the function fails, the return value is zero. native raEnumProcsClose();

Frees resources allocated by raEnumProcs. native raKillProcess(pid);

Terminates the process with the specified ID.

Parameters

pid

[in] Process ID.

Return value

If the function succeeds, the return value is 1.

If the function fails, the return value is zero.

Remarks

Windows might reuse the process ID of a process when it is terminated, so you must be

very careful when getting the ID from a snapshot taken with raEnumProcs and be sure that

the process you are going to terminate is still running. You should call raKillProcess as soon as

possible after raEnumProcs.

Page 125

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference native raForkProcess(cmdline[]);

Executes a command using the CreateProcess Win32 function.

Parameters

pid

[in] String specifying the command line.

Return value

If the function succeeds, the return value is 1.

If the function fails, the return value is zero.

Remarks

The function will succeed if the executable specified in the command line is found regardless

to if it succeeded to initialize. (For example the function reports success if the executable is

found but the new process fails to initialize because of missing DLLs.) native raExecuteCmd(cmd[], buf[]=””, buflen=0, timeout=-1);

Executes a command with the command line interpreter specified in the COMSPEC environment variable (usually CMD.EXE on Windows NT/2000 and COMMAND.COM on Windows 95/98).

Parameters

cmd

buf

[in] String specifying the command line.

buflen

[out] An array that will receive the output produced by the command if buflen is not zero.

[in] The length of the array specified by buf.

timeout

[in] The time in milliseconds the command waits for command termination before getting output. If -1, it waits for infinity.

Return value

If the function succeeds, the return value is 1.

If the function fails, the return value is zero.

Remarks

This function uses the command line interpreter’s output redirection option to store output in

a temporary file, so no output redirection should be used in the command line.

If buflen is set to 0, the function will not wait for the termination of the command.

Page 126

Copyright ©2005 • Send support questions to: [email protected]

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

Page 127

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

Appendix B - Small Scripting

Reference native raReboot(type=REBOOT_NORMAL);

Initiates reboot.

Parameters

type

[in] One of the following constants defining the type of the reboot process:

REBOOT_NORMAL: normal reboot process (normal termination of running processes, services, etc.)

REBOOT_EMERGENCY: the fastest possible reboot, should be used only in emergency

Return value

If the function succeeds, the return value is 1.

If the function fails, the return value is zero.

Remarks

After initiating the reboot process, the script should terminate as soon as possible to allow

RemotelyAnywhere to shut down correctly. native raEnumServices();

Takes a snapshot of the currently active services and drivers that can be enumerated.

Remarks

You can call raGetServiceNum, raGetService, raGetNextService to retrieve information on the

processes.

You must call raEnumServicesClose to release resources allocated by the snapshot. native raGetServiceNum();

Gets the number of services and drivers in the last snapshot taken with raEnumServices.

Page 126

Copyright ©2005 • Send support questions to: [email protected]

Page 127

Appendix B - Small Scripting

Reference native raGetService(id, name[], displayName[], binary[], &type, &status, &startup); native raGetNextService(name[], displayName[], binary[], &type, &status, &startup);

Retrieves information on the specified service or driver in the last snapshot taken with raEnumServices.

type

status

Parameters

id

name

[in] The index of the service or driver to retrieve information on.

[out] Array that is being filled with the string representing the short name of the service/driver.

displayName

binary

[out] Array that is being filled with the string representing the long name of the service/ driver.

[out] Array that is being filled with the string representing the executable belonging to the service/driver.

[out] Variable that receives the type of the service/driver. It can be one of the following constants:

SERVICE_KERNEL_DRIVER: Indicating a device driver

SERVICE_FILE_SYSTEM_DRIVER: Indicating a file system driver

SERVICE_WIN32_OWN_PROCESS: Indicating a service application that runs in its own process

SERVICE_WIN32_SHARE_PROCESS: Indicating a service application that shares a process with other services

SERVICE_INTERACTIVE_PROCESS: Indicating a service application that can interact with the desktop

startup

[out] Variable that receives the status of the service/driver. It can be one of the following constants:

SERVICE_STOPPED: The service is not running

SERVICE_START_PENDING: The service is starting

SERVICE_STOP_PENDING: The service is stopping

SERVICE_RUNNING: The service is running

SERVICE_CONTINUE_PENDING: The service continue is pending

SERVICE_PAUSE_PENDING: The service pause is pending

SERVICE_PAUSED: The service is paused

[out] Variable that receives a value indicating when to start the service/driver. It can be one of the following values:

SERVICE_BOOT_START: Started by the system loader

SERVICE_SYSTEM_START: Started by the IoInitSystem function

SERVICE_AUTO_START: Started by the service control manager during system startup

SERVICE_DEMAND_START: Started by the service control manager

SERVICE_DISABLED: The service/driver cannot be started

Return value

If the function succeeds, the return value is 1.

If the function fails, the return value is zero.

Page 128

Copyright ©2005 • Send support questions to: [email protected]

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

Page 129

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

Page 128

Appendix B - Small Scripting

Reference native raEnumServicesClose();

Frees resources allocated by raEnumServices. native raStartService(name[]);

Starts a service/driver.

Parameters

name

[in] String specifying the name of the service to be started.

Return value

If the function succeeds, the return value is 1.

If the function fails, the return value is zero. native raStopService(name[]);

Stops a service/driver.

Parameters

name

[in] String specifying the name of the service to be started.

Return value

If the function succeeds, the return value is 1.

If the function fails, the return value is zero. native raPauseService(name[]);

Pauses a service/driver.

Parameters

name

[in] String specifying the name of the service to be started.

Return value

If the function succeeds, the return value is 1.

If the function fails, the return value is zero.

Page 129

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference native raContinueService(name[]);

Continues a paused service/driver.

Parameters

name

[in] String specifying the name of the service to be started.

Return value

If the function succeeds, the return value is 1.

If the function fails, the return value is zero. native raGetTime();

Retrieves system time.

Return value

Returns the number of seconds elapsed since midnight (00:00:00), January 1, 1970. native raGetPerformance(type, time, &value, ...);

Retrieves data from the performance counters managed by RemotelyAnywhere.

Parameters

type

[in] Constant value indicating the type of performance data to retrieve. It can be one of the following:

PERF_DRIVE: Amount of free space on a storage device

PERF_NET_IN: Incoming traffic on a network adapter

PERF_NET_OUT: Outgoing traffic on a network adapter

PERF_CPU_NTH: The appropriate CPU’s usage

PERF_CPU: Overall CPU usage

PERF_MEMORY: Memory usage

PERF_PHYSICAL_MEMORY: Physical memory usage

PERF_PAGEFILE: Pagefile usage

PERF_REGISTRY_QUOTA: Registry quota

time

time

[in] The time when the performance data to be retrieved is registered

[out] Variable that will receive the performance data (an integer in the range [0..100] indicating the usage in percents of the specified resource)

[in] Optional variable needed by some type of the performance counters:

Return value

PERF_DRIVE: a character indicating which disk drive’s performance data is to be retrieved

PERF_NETIN, PERF_NETOUT, PERF_CPU_NTH: An integer value indicating which resource’s performance data is to be retrieved

If the function succeeds, the return value is the period of the performance counter from which

the data is retrieved in seconds.

If the function fails, the return value is zero.

Copyright ©2005 • Send support questions to: [email protected]

Page 130

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

Page 131

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

Appendix B - Small Scripting

Reference native raSleep(time);

Suspends the execution of the script for the specified amount of time.

Parameters

time

[in] The number of milliseconds defining the duration of the suspension. native raLog(msg[]);

Writes an entry to the RemotelyAnywhere log.

Parameters

msg

[in] The string to be written to the log. native raSendMail(to[], subj[], msg[], from[]=””);

Sends an e-mail message.

Parameters

to

subj

msg

[in] String specifying the addressee of the message.

[in] String specifying the text in the subject of the message.

from

[in] String specifying the text in message body.

[in] String specifying the sender of the message. If an empty string is passed, a default

value is used.

Return value

If the function succeeds, the return value is 1.

If the function fails, the return value is zero.

Remarks

The function uses the SMTP server configured in RemotelyAnywhere Configuration/

Miscellaneous.

The function will block until the message is sent or an error occurs.

Page 130

Copyright ©2005 • Send support questions to: [email protected]

Page 131

Appendix B - Small Scripting

Reference native raMessage(to[], msg[]);

Sends an administrative message to a user.

Parameters

to

msg

[in] String specifying the user to send the message to.

[in] String specifying the message text.

Return value

If the function succeeds, the return value is 1.

If the function fails, the return value is zero. native raRegGetValue(base, key[], value[], type, ...);

Retrieves a value from the system registry.

Parameters

base

[in] A constant specifying which registry tree to use. It can be one of the following:

HKEY_CLASSES_ROOT

HKEY_CURRENT_CONFIG

key

value

type

HKEY_CURRENT_USER

HKEY_LOCAL_MACHINE

HKEY_USERS

HKEY_PERFORMANCE_DATA

HKEY_DYN_DATA

[in] String specifying the registry key to get the data from.

[in] String specifying the name of the value to get.

[in] A constant specifying the type of the data. It can be one of the following values:

REG_SZ: String

REG_EXPAND_SZ: String with environment variable references

REG_BINARY: Free form binary (~byte array)

REG_DWORD: 32-bit number

Parameters that depend on type:

REG_SZ

REG_EXPAND_SZ

Param5: [out] An array that receives the string

Param6: [in] The length of the array

REG_BINARY

Param5: [out] An array that receives the data

Param6: [in] The maximum number of bytes to receive

REG_DWORD

Param5: [out] A variable that receives the value

Return value

If the function succeeds, the return value is the number of bytes retrieved.

If the function fails, the return value is zero.

Copyright ©2005 • Send support questions to: [email protected]

Page 132

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

Page 133

Copyright ©2005 • Send support questions to: [email protected]

Appendix B - Small Scripting

Reference

Appendix B - Small Scripting

Reference native raRegSetValue(base, key[], value[], type, ...);

Sets a value in the system registry.

Parameters

base

[in] A constant specifying which registry tree to use. It can be one of the following:

HKEY_CLASSES_ROOT

HKEY_CURRENT_CONFIG

key

value

type

HKEY_CURRENT_USER

HKEY_LOCAL_MACHINE

HKEY_USERS

HKEY_PERFORMANCE_DATA

HKEY_DYN_DATA

[in] String specifying the registry key to write the data to.

[in] String specifying the name of the value to write.

[in] A constant specifying the type of the data. It can be one of the following values:

REG_SZ: String

REG_EXPAND_SZ: String with environment variable references

REG_BINARY: Free form binary (~byte array)

REG_DWORD: 32-bit number

Parameters that depend on type:

REG_SZ

REG_EXPAND_SZ

Param5: [in] The string to write

REG_BINARY

Param5: [out] An array containing the data to write

Param6: [in] The number of bytes to write

REG_DWORD

Param5: [out] The number to write

Return value

If the function succeeds, the return value is 1.

If the function fails, the return value is zero.

Page 132

Copyright ©2005 • Send support questions to: [email protected]

Page 133

Version 6

User’s Guide

Copyright ©2005 3am Labs, Inc. All rights reserved. All product names mentioned are used for identification purposes only and may be trademarks or registered trademarks of their respective holders.

Contents

1. ABOUT REMOTELYANYWHERE.................................................................................................4

2. ACKNOWLEDGEMENTS................................................................................................................7

3. GETTING STARTED.......................................................................................................................8

4. WHAT’S NEW..................................................................................................................................14

5. USER INTERFACE........................................................................................................................15

6. SECTION GUIDE - HOME............................................................................................................20

System Overview

....................................................................................................................21

About RemotelyAnywhere

...................................................................................................22

7. SECTION GUIDE - REMOTE CONTROL....................................................................................23

8. SECTION GUIDE - FILE TRANSFER.........................................................................................29

9. SECTION GUIDE - HELP DESK CHAT......................................................................................31

10. SECTION GUIDE - COMPUTER MANAGEMENT................................................................32

File Manager

............................................................................................................................32

User Manager

..........................................................................................................................33

Event Viewer

...........................................................................................................................33

Services & Drivers

.................................................................................................................34

Proceses

..................................................................................................................................35

Registry Editor

.......................................................................................................................36

Command Prompt

..................................................................................................................36

Reboot

......................................................................................................................................37

11. SECTION GUIDE - COMPUTER SETTINGS...........................................................................39

Environment Variables

..........................................................................................................39

Virtual Memory

.......................................................................................................................39

Time

..........................................................................................................................................40

Automatic Login

.....................................................................................................................40

Shared Resources

..................................................................................................................40

Automatic Priorities

..............................................................................................................41

12. SECTION GUIDE - SERVER FUNCTIONS.............................................................................42

FTP Server

...............................................................................................................................42

FTP Server Configuration

.....................................................................................................42

FTP Server Status

.................................................................................................................57

FTP Statistics

.........................................................................................................................58

Port Forwarding Server (Server Edition Only)

...............................................................57

Port Forwarding Configuration (Server Edition Only)

....................................................57

Port Forwarding Status (Server Edition Only)

..............................................................59

Active Directory

......................................................................................................................61

Copyright ©2005 • Send support questions to: [email protected]

Page 2

Copyright ©2005 • Send support questions to: [email protected]

Contents

Page 3

Copyright ©2005 • Send support questions to: [email protected]

Contents

Page 2

Contents

13. SECTION GUIDE - SCHEDULING & ALERTS.......................................................................62

System Monitoring

................................................................................................................62

Email Alerts

............................................................................................................................63

Task Scheduler

........................................................................................................................64

Scripting

..................................................................................................................................65

14. SECTION GUIDE - PERFORMANCE MONITORING...........................................................66

CPU Load

.................................................................................................................................66

Memory Load

..........................................................................................................................66

Disk Space

...............................................................................................................................67

Drive & Partition Info

............................................................................................................67

Open TCP/IP Ports

................................................................................................................67

Network

...................................................................................................................................67

PCI Information

......................................................................................................................67

Open Files

................................................................................................................................67

Registry Keys in Use

.............................................................................................................67

DLLS in Use

.............................................................................................................................67

RemotelyAnywhere Connections

........................................................................................68

Telnet/SSH Connections

......................................................................................................68

Installed Applications

Motherboard Status

.............................................................................................................68

................................................................................................................68

15. SECTION GUIDE - SECURITY................................................................................................69

Access Control

........................................................................................................................69

IP Address Lockout

...............................................................................................................72

IP Filtering

..............................................................................................................................73

RemotelyAnywhere Logs

......................................................................................................74

SSL Setup

................................................................................................................................75

16. SECTION GUIDE - PREFERENCES.......................................................................................77

Appearance

.............................................................................................................................77

Network

...................................................................................................................................78

Colors

.......................................................................................................................................81

Log Settings

License

............................................................................................................................81

ODBC Messages

.....................................................................................................................82

.....................................................................................................................................83

Remote Control

......................................................................................................................83

Telnet Server

...........................................................................................................................85

SSH Server

..............................................................................................................................87

Network Maintenance

............................................................................................................89

17. COMMAND LINE PARAMETERS............................................................................................90

18. PDA ACCESS.................................................................................................................................94

19. WAP ACCESS...................................................................................................................................99

20. APPENDIX A: MONITORING SCRIPT REFERENCE.......................................................94

21. APPENDIX B: SMALL SCRIPTING REFERENCE................................................................99

Copyright ©2005 • Send support questions to: [email protected]

Page 3

Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement

Table of contents