If a computer that you want to troubleshoot is in a remote location, you can use the tools alphabetically listed in Table D-12 to access computers running Windows XP Professional. Table D-12 lists only a few of the Windows XP Professional tools and features that you can use for remote troubleshooting.
Tool | Function | Tool Type, Interface |
---|---|---|
Computer Management Tool (Compmgmt.msc) | Viewing, troubleshooting, and managing local or remote computer settings. | Built-in, GUI |
Remote Desktop | Remotely accessing remote computers by using a GUI terminal session. Remote Desktop is a new feature for Windows XP Professional. | Built-in, GUI |
Remote Assistance | Remotely sharing input device access to a remote computer by using a GUI terminal session. This option requires two people to function: a remote helper, or expert, and another person seated at the computer experiencing problems. Remote Assistance is a new feature for Windows XP Professional. | Built-in, GUI |
Telnet | Establishing remote console sessions and running command-line programs and scripts on remote computers. | Built-in, command-line |
For more information about remote troubleshooting tools and features, click Tools in Help and Support Center. For more information about configuring remote connections, see Connecting Remote Offices and Configuring Remote Desktop in this book.
The Computer Management tool (Compmgmt.msc) provides a predefined set of MMC snap-ins for performing common computer management tasks or gathering useful information about local or remote computers for troubleshooting. By using Computer Management, you can view information about the following:
Event Viewer Logs
Shared Folders
Local Users and Groups Accounts
Performance Logs and Alerts
Device Manager
Storage Devices (including Removable Storage, Disk Defragmenter, and Disk Management MMC snap-ins)
Services and Applications (including the Services snap-in)
To view information or manage a remote computer
On the desktop, right-click My Computer, and then click Manage.
Right-click Computer Management (Local), and then click Connect to another computer.
In the Select Computer dialog box, click Another computer, and then enter the name of the remote computer to which you want to connect.
Select any of the tools listed to view and manage remote computer information.
You can also use Computer Management to view information gathered by applications or custom scripts that implement Windows Management Instrumentation (WMI), a unified architecture for describing and using Windows objects.
For more information about WMI, see the Driver Development Kits link on the Web Resources page at http://www.microsoft.com/windows/reskits/webresources
Although Remote Desktop is not specifically a troubleshooting tool, this feature does enable you to use a local keyboard, mouse, and video display to remotely diagnose and troubleshoot problems that do not require collaboration with someone logged on at the computer. For example, you can use Remote Desktop to verify a problem on a computer within a network domain.
While using Remote Desktop, the remote computer remains locked and any actions that you perform are not visible on the monitor attached to the remote computer. This is intended behavior because Remote Desktop was designed primarily for the following:
To enable you to work with or troubleshoot a computer (such as your office system) from a remote location by using a direct network, secure virtual private network (VPN), or remote access, connection to your organization s network.
To enable administrators or other designated users or groups (such as Help Desk) to manage or troubleshoot computers remotely.
To remotely access a computer without concern about unauthorized users viewing your actions or taking control of the remote system.
Remote Desktop uses Windows XP Professional security features to grant or deny access based on user permissions. Before using Remote Desktop, be aware of the following restrictions:
You typically cannot establish connections to external (non-domain) computers that are located outside your organization s firewall. To bypass this limitation use Internet Proxy or Microsoft Internet Security and Acceleration Server client software.
You typically cannot establish a session from your home computer on the Internet to your office system. To bypass this limitation, you must first establish a secure VPN connection to your office network.
You cannot establish Remote Desktop connections between two computers connected directly to the Internet.
Remote Desktop does not allow simultaneous remote and local access to the Windows XP Professional desktop, and one user must log off before another can log on. For members of the Administrators group, Windows XP Professional prompts for confirmation before logging the other user off to avoid loss of unsaved data. Whenever possible, notify the other user before logging the user off.
For more information about planning special Remote Desktop configurations, consult with your network administrator.
Windows 2000 Server based and Windows XP Professional based computers can host remote clients. However, Windows XP Professional based systems can host only one user session at a time.
To configure a computer to host a Remote Desktop session
Log on by using a user account that belongs to the local or domain Administrators group.
Do one of the following:
In Control Panel, click System.
In the Run dialog box, type sysdm.cpl, and then click OK.
Click the Remote tab, and in Remote Desktop, click Allow users to connect remotely to this computer check box if not enabled.
Click Select Remote Users, and then in Remote Desktop Users, click Add to grant Remote Desktop access to specific users.
When you click OK, changes take effect immediately; you do not need to restart your computer. Members of the local or domain Administrators group have Remote Desktop privileges by default.
Unlike members of the Administrators group, nonadministrators granted Remote Desktop access cannot end another user s session. If another user is logged on, a Remote Desktop session requested by a nonadministrator is refused by the remote system.
To connect to a computer by using Remote Desktop
In the Run dialog box, type mstsc.
Type the name of the computer to which you want to connect, and then click Connect.
A session window opens, and a Log On to Windows dialog box prompts you to supply valid user credentials. After you log on to the remote computer, the session window displays the contents of the remote computer s desktop. You can then interact with the remote computer, with your activities limited only by user permission settings.
Remote Desktop also includes these features:
Bandwidth efficiency. Remote Desktop caches and compresses data to enhance performance.
Terminal Services Compatibility. Remote Desktop can host sessions with clients running Terminal Services client software. For example, you can use Remote Desktop to establish remote sessions with Windows NT Workstation 4.0 based and Windows 2000 Professional based computers running Terminal Services client software.
For more information about Remote Desktop, see Configuring Remote Desktop in this book and Windows XP Professional Help and Support Center.
Remote Assistance for x86-based computers allows you to invite a trusted person (a friend or computer expert) to remotely and interactively assist you with a problem. You can also use Remote Assistance to remotely assist a user who trusts you. This feature is useful in situations where detailed or lengthy instructions are required to reproduce or resolve problems.
A user requesting assistance reports a problem that is reproducible only under specific circumstances. Instead of having the user describe the problem to you, you can remotely view the problem computer while the user shows you the steps that cause the error to occur.
A user describes a problem that you know can be fixed by adjusting video display settings. You describe the steps required, but the inexperienced user cannot follow your instructions. You can help by interactively demonstrating the steps required to correct the problem.
In Remote Assistance terminology, the user sending the request for assistance, an invitation, is called the novice, and the person providing assistance is known as the expert. The key distinctions between Remote Assistance and Remote Desktop are:
Remote Desktop establishes new sessions, while Remote Assistance attaches another user (the expert) to an existing session.
To use Remote Assistance, both the novice and expert need to be present at their computers and must cooperate with each other. Remote Desktop relies on Windows security features and users with the appropriate privileges do not require permission before establishing new sessions.
Remote Assistance requires that both computers are running a version of Microsoft Windows XP.
You can establish the following types of connections by using Remote Assistance:
A local area network (LAN) connection between the expert and novice.
A direct Internet connection between the expert and novice.
A connection between an expert located behind a firewall and a novice on the Internet.
A connection between an expert and a novice located behind different firewalls.
Establishing Remote Assistance connections through a firewall might require network configuration changes such as opening TCP Port 3389. Consult your network administrator for more information.
To send a Remote Assistance invitation to an expert
Notify the expert (by a method such as e-mail, telephone, or instant messaging), that you intend to send a Remote Assistance invitation and provide the password you plan to use (if any). For security purposes, Remote Assistance does not include password information with the invitation, an omission based on the assumption that the expert knows the invitation password.
From the Start menu, click Remote Assistance.
Follow the instructions for Remote Assistance and, when prompted, specify options, such as the delivery method, time until expiration, expert s e-mail address, and a message.
Click Send Invitation to send the invitation to the expert.
The novice has several options when sending the invitation, including:
Invitation delivery method (by means of e-mail or instant message notification).
Time until expiration (in hours, minutes, or days).
Password protection feature (optional).
If a problem occurs when you send invitations, verify that Remote Assistance is enabled.
To verify that Remote Assistance is enabled
Do one of the following:
In Control Panel, click System.
In the Run dialog box, type sysdm.cpl, and then click OK.
On the Remote tab, in Remote Assistance, select the Allow Remote Assistance invitations to be sent from this computer check box if it is disabled, and then click OK.
To respond to a Remote Assistance invitation sent from a novice
Using e-mail or instant messaging software that is installed on the expert computer, wait for the Remote Assistance invitation to arrive from the novice.
Open the invitation message and double-click the attachment that is included to start the session. If prompted to do so, provide password information. The following prompt appears on the novice computer:
User has accepted your Remote Assistance invitation and is ready to connect to your computer.
Do you want to let this person view your screen and chat with you?
If the information you provided is correct and the novice confirms the preceding prompt, a terminal window appears and displays the novice s desktop. You can now use the Remote Assistance Chat window to send or receive text messages.
Although you can view the remote computer s desktop content, you are initially in read-only mode and are not able to move windows, or manipulate on-screen objects, such as the Start menu or desktop icons, until the novice gives you permission to do so.
To interact with the novice s desktop, click Take Control, and then ask the novice to confirm the Allow Expert Interaction button in the Remote Assistance window. After the novice clicks this button, you and the novice share access to the novice s desktop, and you can now interact with on-screen objects by using your local mouse and keyboard. At any time, the novice can restrict you to view-only mode by pressing a user-defined hot key (by default, the ESC key).
An expert can reuse a Remote Assistance invitation ticket multiple times as long as both of the following conditions are met:
The invitation ticket has not expired.
The IP address of the expert computer has not changed since the novice issued the invitation ticket.
The second condition is mainly a concern for experts that use computers that require dial-up connections to Internet service providers (ISPs). Computers that use dial-up connections are typically assigned different IP addresses by Dynamic Host Configuration Protocol (DHCP) servers each time they connect to the Internet. A separate ticket for each IP address is required.
When using Remote Assistance, consider the following security issues:
When the novice clicks the Allow Expert Interaction button, a Remote Assistance expert performs all actions under the novice s user security context and has the same level of network access and local computer privileges.
To allow experts outside of your organization to establish Remote Assistance connections (for example, outsourced technical support), the preferred connection method is by VPN account. This is the preferred method because it avoids opening TCP Port 3389 to allow traffic through your firewall. Consult your network administrator for more information about your organization s policies towards external technical support providers.
An added feature for Windows XP Professional, known as Offer Remote Assistance, enables an expert with Administrators group privileges to initiate a session without first receiving an invitation from the novice. This feature allows experts (for example, Domain Administrators) to provide assistance within an organization. Offer Remote Assistance is disabled by default, but you can enable it by modifying a Group Policy setting.
To enable Offer Remote Assistance
In the Run dialog box, type gpedit.msc.
Expand Local Computer Policy, expand Computer Configuration, and then expand Administrative Templates.
Expand System, and then expand Remote Assistance.
In the details pane, double-click Offer Remote Assistance, click Enabled, and then click OK.
You can also grant Offer Remote Assistance privileges to nonadministrators, by using the following procedure.
To enable Offer Remote Assistance for nonadministrators
In the Run dialog box, type gpedit.msc.
Expand Local Computer Policy, expand Computer Configuration, and then expand Administrative Templates.
Expand System, and then expand Remote Assistance.
In the details pane, double-click Offer Remote Assistance and then click Enabled.
Click Show and then click Add. In the Add Item dialog box, type the name of the user or group that you want to grant Offer Remote Assistance privileges to by using the following syntax:
domain\username
or
domain\groupname
The computers of the novice and expert users must be members of the same domain, or members of domains that trust each other.
Click OK and repeat Steps 1-5 for each user or group.
For more information about Group Policy, see Authorization and Access Control, Planning Deployments, and Managing Desktops in this book. Also, see the Deployment Planning Guide of the Microsoft Windows 2000 Server Resource Kit and the Change and Configuration Management Deployment Guide link on the Web Resources page at http://www.microsoft.com/windows/reskits/webresources
To offer remote assistance to a novice
You, an expert, inform the novice that you intend to offer Remote Assistance.
In Help and Support Center, click Pick a task, click Use Tools, and then click Offer Remote Assistance.
Follow the instructions and provide the name or IP address for the computer to which the novice is logged on.
The following prompt appears on the novice s computer:
The network administrator Domain\User would like to view your screen and chat with
you in real time, and work on your computer.
Would you like to give Domain\User access to your computer?
A Remote Assistance session starts after the novice confirms the prompt.
Note | The Offer Remote Assistance feature does not remove the requirement that the novice be present to accept the session request from the expert. The novice can end the session at any time by clicking Disconnect or by pressing the disconnect hot key. |
In addition to sharing control of the desktop, Remote Assistance also provides these features useful for troubleshooting problems affecting the novice:
File transfers. This enables the novice and the expert to send or receive files.
Voice over IP. This feature lets the novice and expert to communicate verbally in real-time by using an Internet connection.
Chat. Chat enables the novice and the expert to establish two-way real-time text communication.
Desktop scaling. This feature enables the expert to scale the view of novice s desktop to fit the Remote Assistance view window. This allows the expert to choose between different views, depending on the situation.
Bandwidth efficiency. Remote Assistance automatically senses connection speed and configures settings such as color depth and voice data rate, depending on the available bandwidth.
For more information about Remote Assistance, click Support or Tools in Help and Support Center.
The Microsoft Telnet client (Telnet.exe) and server enable you to establish command console sessions to a remote host. You can then use this session to run command-line programs and scripts on the remote computer. Telnet benefits include low system resource and bandwidth requirements, as well as interoperability with Telnet clients and servers running on other operating systems, such as UNIX.
The Windows XP Professional Telnet client and server are more robust than their Windows 2000 Professional and Windows NT Workstation 4.0 counterparts and add new features such as auditing.
For more information about Microsoft Telnet, click Tools in Help and Support Center.