Home
Remote Control
BigFix Remote Control application helps to communicate between different components, clients, and endpoints within BigFix environment.
Remote Control Administrators Guide
This guide is for users who want to administer Remote Control.
Unattended Target Support
The Unattended Target Support feature allows you to take remote control sessions of targets that are connected through a broker, without the need to provide a connection code. In strict remote control terminology, an unattended target is a managed target that performs Call Home through a broker.
Security Features for the Unattended Targets
The following table shows a summary of the security features that are available when operating on Unattended Targets in different usage scenarios.
The Controller UUID
When enabled, this function provides an additional level of authorization for operating on the Unattended Target Lists from the Controller.

Remote Control
BigFix Remote Control application helps to communicate between different components, clients, and endpoints within BigFix environment.
- Release notes
  A summary of changed or new features and enhancements included in BigFix Remote Control.
- Remote Control Installation Guide
  By using Remote Control you can remotely support and control thousands of PCs and servers, on an enterprise scale, from a central location or directly, in peer to peer mode.
- Remote Control Administrators Guide
  This guide is for users who want to administer Remote Control.
  - Set a secure environment
    Set a secure environment when you are using Remote Control.
  - Secure target registration
    To prevent unauthorized targets from registering with the Remote Control server, you can use tokens to authenticate the target.
  - Configure SAML 2.0 authentication on the server
    Remote Control V9.1.3 introduced support for SAML 2.0 authentication on the Remote Control server.
  - Access the server web interface
    After you install the BigFix® Remote Control Server software and the BigFix Remote Control Target software, you can log on to the server application. For more information about installing and configuring the server and target software, see the Remote Control Installation Guide
  - Using the Deployment Status Dashboard
    The Deployment Status Dashboard provides a quick view of the system and brokers health status.
  - Unattended Target Support
    The Unattended Target Support feature allows you to take remote control sessions of targets that are connected through a broker, without the need to provide a connection code. In strict remote control terminology, an unattended target is a managed target that performs Call Home through a broker.
    - Unattended targets guidelines
      Unattended targets are useful if you need to establish a session with a target in some specific scenarios.
    - Operating requirements
      Unattended Target Support requires that all components (Server, Broker, Target, and Controller) are at Remote Control Fix Pack 5 (build 10.0.0.0514) or higher.
    - Enable unattended target support
      This topic describes how to enable Unattended Target Support.
    - Start Unattended Target sessions
      Learn how to start an Unattended Target session.
    - Manage the Unattended Target environment
      Learn how to manage the Unattended Target environment.
    - Security Features for the Unattended Targets
      The following table shows a summary of the security features that are available when operating on Unattended Targets in different usage scenarios.
      - The Controller Instance ID
        This feature is always enabled when operating on Unattended Targets. Every time the Controller is started, controller generates a temporary and unique Controller Instance ID that is bound to the session being established. Only one Controller Instance ID can be bound to a session. Subsequent attempts to re-initiate the same session by re-starting the controller throws the error “the Controller Instance ID is invalid for the session.” The Controller Instance ID is not visible to the user.
      - The Controller UUID
        When enabled, this function provides an additional level of authorization for operating on the Unattended Target Lists from the Controller.
      - Two Factor Authentication via Mail
        This feature is only available when operating from the Lite Web Portal, and it requires the configuration of an SMTP server in the Remote Control Server.
  - Unlocking user accounts
    When a user account is locked, you can unlock the account by using the Unlock locked userid feature.
  - Manage targets and target groups
  - Manage users and user groups
  - Server session policies
  - How session policies are determined
  - Starting a managed session by using an installed controller
    When you start a managed session, you can configure the server to use an installed controller rather than using the Java™ Web Start method. This feature makes starting a session faster and it removes any warning message windows that are displayed while the session is starting.
  - Manage permission sets for temporary access to targets
  - Requests for temporary access to targets
  - Generate custom reports
  - Manage the home page for a user or group
  - Adding tables and columns to queries
  - Configuration and troubleshooting options in the Admin menu
  - Ensure targets are registered correctly
  - Record the session on the target
  - Set up for exporting recordings
  - Audit log distribution
  - Access targets on different networks
  - Editing the properties files
    You can use the properties files in Remote Control to customize your environment, configure LDAP, set debug options, and set controller and on-demand target properties. The files can be edited in the BigFix® Remote Control Server UI.
  - Reduce the volume of target connections to the server
  - Broker configuration
    When you install broker support you can use the installed trc_broker.properties file to configure your environment for using the broker function.
  - Managing brokers
    After installing broker support you can register the broker machines in the Remote Control server. When they have been registered you can view the list of brokers, edit the broker details and delete brokers that are no longer required.
  - Certificate management
    Remote Control uses certificates in the Server and in the Broker to address the authentication and verification required for ensuring secure connections between the different product components.
  - Migrating to a new certificate
    If your existing certificates are due to expire, you can create new certificates. Distribute the new certificates to the relevant endpoints so that they can continue to successfully establish remote control sessions through the broker.
  - Configuring the session connection code
    You can define the number of characters required and the timeout value, for the connection code used when starting a remote control session through a broker.
  - Target registration before a remote control session
    When you have targets that are on the internet or third-party networks and cannot register directly with the Remote Control server you can configure server properties to allow the target to register with the server. When the target registers, you can start a remote control session with the target, by using a broker.
  - Configure target properties
  - Importing data from other sources
  - Database table and column descriptions
  - Troubleshooting and Help
  - Gateway sample scenarios
  - Properties for configuring logging activity
    Use properties to determine what type of information and how much is written to the broker, gateway, and target component log files.
  - Override proxy
    The controller uses the proxy defined at system level by default. In some conditions, this may not be desirable. Creating a file named “override.proxy” in the controller install folder changes the default behavior and the system proxy is ignored
- Remote Control Console User Guide
- BigFix Remote Control Controller Users Guide
- Remote Control Target Users Guide
- Remote Control On-demand Target Guide
  Use Remote Control to start remote control sessions over the internet with targets that do not have the target software installed.
- Remote Control V10 Readme

The Controller UUID

When enabled, this function provides an additional level of authorization for operating on the Unattended Target Lists from the Controller.

Each controller provides a unique Universally Unique Identifier, named Controller UUID.

When this security feature is enabled, the Controller UUID of the Controller that is about to start the session must be listed among the authorized Controller UUID for the user.

To activate the feature on the Remote Control Server:

From the web interface menu select Admin > Edit Properties File, and then select trc.properties
At the bottom of the page, in the Unattended Target - Security Options section, set the property rc.unattended.check.controller.uuid to True.
At the top of the page click Submit.
From the web interface menu select Admin > Reset Application

To find the Controller UUID in the controller:

From the Controller menu bar select the Configure Controller > Configure.
At the bottom of the page, you find the Controller UUID. Copy this value and use it to update your user information on the Server Interface or provide this value to your system administrator.
Note: This field appears editable to allow copying, but do not edit it. If the field is edited it has no effect.

To update the user detail on the Server Interface:

As an Administrator user from All Users list, select Edit User.
A User can edit its own information from the My Details option available from the User Icon on the web interface menu.
Insert the Controller UUID in the User Controller UUIDs: field. More than one Controller UUID can be added using the “;” separator.
Click Submit at the bottom of the page.

Additional Options

The generation of the Controller UUID is based on unique machine information.
Setting the property rc.unattended.force.customized.uuid to True introduces a personal pass code element in the computation of the UUID.
The personal or custom pass code is user defined.
When the controller is started, the user is asked to input a personal pass code that is used in the computation of the Controller UUID along with other elements. Every time the controller is started, the user must insert the same personal pass code to compute the same Controller UUID.
The same personal passcode used in different controller machines creates different Controller UUID.