Starting a remote control session using a broker

To start a remote control session through the internet with a target, you do not have direct access to, you can initiate a remote control session from the Remote Control server UI and use a broker to make the required connection.

About this task

To start a remote control session by using a broker to make the connection, you do not select a target. Instead, select to start a broker session from within the BigFix® Remote Control Server UI. A request for a connection code is made. The code is generated by the remote control server, passed to the broker and is displayed on the controller computer. When the target user enters this connection code, it is passed to the remote control server along with the target data for authentication. When the session is authorized, the applicable policies and session information are passed back to the target and the session proceeds. This procedure describes how to initiate a remote control session from the BigFix® Remote Control Server, by using a broker to make the connection to the target and the steps that are required for the controller and target users.

Procedure

  1. Click Targets > Start Broker session in the server UI on the controller computer.
    If a successful connection is made to a broker, the Connection code window is displayed. The connection code to be used for the remote control session, field is displayed. A URL field might also be displayed. The connection timer begins to count down from 15 minutes, in seconds. Status shows waiting for target.

    While the Connection Code window is displayed the following options are available.

    • Click Request New for a new connection code.
      Note: The time resets to 15 minutes and begin to count down in seconds.
    • Click Extend Timeout to increase the time that is allowed for the session connection to take place.
      Note: The time resets to 15 minutes and begin to count down in seconds.
    • Click Cancel to remove the connection code window. The connection to the broker does not take place.
  2. Pass the connection code to the user on the target computer you want to start a remote control session with.
    For example, this can be done by email or phone.
  3. Enter the connection code on the target computer by following the steps relevant to the target operating system.
    Note: If the target is newly installed, the Enter Connection Code option is unavailable until the target contacts the server for the first time or you manually populate the ServerURL and BrokerList properties on the target.
    Windows target
    Choose the appropriate method to enter the connection code:
    • Right-click the target notification icon and select Enter Connection Code.
    • Open the target UI and select Actions menu > Enter Connection Code.
    Type the connection code and click Connect.
    Linux target
    • Open the target UI and select Actions menu > Enter Connection Code.
    • Type the connection code and click OK.
    Alternatively, you can also use the GUI command-line for this. For details, see Using the command-line to send actions to the target GUI.

Results

If a successful connection is made to a broker, the connection code is verified, and the session is authenticated by the server, the remote control session begins automatically. If the Enable user acceptance for incoming connections policy is enabled in the session policies, the target user can accept or reject the session request. After the session starts, the features and functions that are available depend on the server policies and permissions that are set for the session.

Note: If there are multiple brokers in the brokerlist and the controller computer is not connected to the same broker as the target, the controller connects to the same broker. The following message is displayed on the controller computer before the remote control session begins. Connecting to:hostname:port where hostname:port is the host name and port of the broker that the target computer is connected to.

If the broker connection cannot be made, the connection code cannot be verified or the target is not authenticated by the server, the target user is given the option to try the connection option again. When they click Try Again, the Connection Code window is displayed and they can enter a connection code. If they click Cancel, the connection attempt to the broker ends and the remote control session is not established.

Note: An Active session is started unless one of the following conditions are met.
  • The policies that are set for the session do not have Active enabled. In this case the next enabled session mode is used in the following order of precedence.
    • Guidance mode
    • Monitor mode
    • Chat mode
    • File transfer
  • User acceptance is enabled and the target user selects another session type on the acceptance window.