Home
Remote Control
BigFix Remote Control application helps to communicate between different components, clients, and endpoints within BigFix environment.
BigFix Remote Control Controller Users Guide
Auditing
Remote control session events are saved for auditing purposes if the AuditToSystem policy is enabled for the session.
Authentication audit events
The following audit events are triggered for peer to peer remote control sessions that require user ID and password authentication against the target system.

Remote Control
BigFix Remote Control application helps to communicate between different components, clients, and endpoints within BigFix environment.
- Release notes
  A summary of changed or new features and enhancements included in BigFix Remote Control.
- Remote Control Installation Guide
  By using Remote Control you can remotely support and control thousands of PCs and servers, on an enterprise scale, from a central location or directly, in peer to peer mode.
- Remote Control Administrators Guide
  This guide is for users who want to administer Remote Control.
- Remote Control Console User Guide
- BigFix Remote Control Controller Users Guide
  - The BigFix Remote Control server interface
  - Remote control sessions
    Use remote control sessions to establish a connection to a computer in your environment to observe or actively control the computer remotely. In the session the controller user's keyboard and mouse become the primary keyboard and mouse for the remote system. Functions such as chat, guidance, reboot, and file transfer are some of the options available for use in a remote control session.
  - Using the controller interface as a controller user
  - Use remote control commands from the command line
    You can install tools that you can use to start a remote control session from the command line. You can also use the tools to run a command on a target and see the output of the command on your computer.
  - Configuring global controller properties
    Edit the trc_controller.cfg file to create and configure global controller properties. The properties are used by the Remote Control controller component during a peer to peer remote control session. The property values are the same for every user who runs the controller.
  - Auditing
    Remote control session events are saved for auditing purposes if the AuditToSystem policy is enabled for the session.
    - User acceptance audit events
      The following audit events are triggered by the user acceptance process during the start of a remote control session.
    - Authentication audit events
      The following audit events are triggered for peer to peer remote control sessions that require user ID and password authentication against the target system.
    - Smart card audit events
      The following audit events can be triggered during a remote control session where smart card authentication is enabled.
  - Ensuring that current data is reported
  - Error messages
    In most of cases, connectivity problems that are experienced in Remote Control are related to the surrounding network infrastructure. Error messages in Remote Control help to pin point these problems.
  - Session resilience for sessions that are connected by using a broker
    During a remote control session that is connected by using a broker, when connection failure is detected, reconnection to the session is attempted automatically. The controller user and target user are informed of what is happening with the session connection through various message windows.
  - Smart card status messages
    The following status messages can be displayed on the controller during a remote control session in which smart card authentication is enabled. A Hide button is displayed on some of the message windows. Click Hide to minimize the message window and continue in the session.
  - Keyboard shortcuts for the BigFix® Remote Control Target for macOS
    During a remote control session with a BigFix® Remote Control Target for macOS, you can inject the following keyboard shortcuts. The shortcuts are displayed in the Perform Action in Target menu in the controller UI.
  - Override proxy
    The controller uses the proxy defined at system level by default. In some conditions, this may not be desirable. Creating a file named “override.proxy” in the controller install folder changes the default behavior and the system proxy is ignored
- Remote Control Target Users Guide
- Remote Control On-demand Target Guide
  Use Remote Control to start remote control sessions over the internet with targets that do not have the target software installed.
- Remote Control V10 Readme

Authentication audit events

The following audit events are triggered for peer to peer remote control sessions that require user ID and password authentication against the target system.

That is, those sessions where the target property CheckUserLogin is enabled. The session rejected audit event was improved to allow authentication to be audited in sufficient detail. To improve auditing, the following audit event was deprecated and replaced with new audit events.

Table 1. Deprecated audit event
Event ID	Event Description
ibm.trc.audit.0002	Session Rejected by{\0}

Table 2. New audit events
Event ID	Event Description
ibm.trc.audit.005A	Authenticating user ID {0} using system logon. Allowed groups: {1}
ibm.trc.audit.005B	Session rejected because the user ID or password is incorrect
ibm.trc.audit.005C	Session rejected because the user is not a member of an allowed group.
ibm.trc.audit.005D	Session rejected by {0}
ibm.trc.audit.005E	Session rejected automatically after {0} seconds
ibm.trc.audit.005F	Session rejected because the session token is invalid
ibm.trc.audit.0060	Session rejected because the session token has expired
ibm.trc.audit.0061	Session rejected because the session token is for a different target
ibm.trc.audit.0062	Session rejected by the server for unknown reason {0}
ibm.trc.audit.0063	Session rejected because {0} mode is not allowed
ibm.trc.audit.0064	Session rejected due to a connection error

The following audit message is written to the audit log by the controller. This message shows which user is logged in to the target computer and which user ID they used to log in Remote Control to control this session.

Table 3. New controller audit event
Event ID	Event Description
Audit.logged.user	User {0} is logged in as {1} in the controller machine