Thanks for the info Alex. I have already planned on recompiling TighVNC with SSL for use on the Windows 2000 and XP machines. We will be offering remote support for our users. We use both profiles and policies in a domain that is currently managed by both NT 4.0 Servers and Red Hat Linux 7.0 servers. As far as the passwords for the local machines and per user, our logon scripts will allow us to force the passwords through a registry merge as the user logs in. This will give us an easy way of changing the password also. Actually, I can force any registry settings for VNC in this manor. In addition to this, I plan on routing all traffic running on VNC ports (5800-5999) through a proxy on a linux machine. By doing this, I can make the user trying to connect to the remote machine authenticate against the domain using their username and password. I will also be able to keep a centralized log of who connected where, and when. I am going to set up the proxy to release as soon as the connection is made in order to not hinder performance too much. I am also planning on using using a port scanner such as Nessus or Nmap (linux based) that will write a database of all machine names, ip's, and port numbers. I plan on using this database, in conjunction with PHP, to create a dynamic website that we will actually be able to click on the computer name and connect to the remote machine as a url.
If anyone has any suggestions or more questions, please let me know. Thanks, Nathan Hill --- "Alex K. Angelopoulos" <[EMAIL PROTECTED]> wrote: > Short story Nathan is - it will be a bleeding mess > with VNC - but it is the very > best of the possible choices for your type of > situation. > > In terms of raw connectivity and reliability, VNC is > absolutely superb when > configured correctly - particularly when using a > lightweight recent version such > as TightVNC. > > The issues are platform-specific maintenance ones, > and some of the details about > how you do it should be strongly influenced by your > plans for VNC. > > My experience base in entirely within the Windows > realm. Here are some > questions that will help answer yours: > > (1) On the Windows systems, are your plans for > remote support or for remote > desktop access for everyone? Remote support is > simplest; per-user remote > support is inherently messy in that environment due > to the need for a pre-login > general access password as well as per-user > passwords, which cannot be > automatically synchronized with Windows local or > network passwords unless you do > some work with the PAM VNC mod. > > (2) What flavors of Windows? > > (3) Do you do currently use profiles and/or > policies? Both can help > dramatically. > > > > Resources to look at first would include Richard > Harris' FastPush for VNC > http://www.darkage.co.uk > > and the ADM template created by Daniel Quinlan: > > http://projects.chaosengine.net/winvnc/winvnc.ADM > > > I have some remote monitoring and assessment tools I > am working on myself, but > they are still rudimentary and going through initial > "peer review". > > ----- Original Message ----- > From: "Nathan Hill" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Tuesday, 2002-04-23 12:45 > Subject: Large Scale Implementation > > > > Has anyone implemented VNC in a multiplatform > large > > scale environment? I work for a university and am > > getting ready to implement installing VNC on a > several > > thousand machines owned by the university, which > > include Mac, Windows, Unix, and Linux. Has anyone > > implemented VNC in a large scale (preferrably a > > university) that could possibly give me some > > suggestions or an idea of what to expect? > > > > Thanks, > > > > Nathan Hill > > > > __________________________________________________ > > Do You Yahoo!? > > Yahoo! Games - play chess, backgammon, pool and > more > > http://games.yahoo.com/ > > > --------------------------------------------------------------------- > > To unsubscribe, mail [EMAIL PROTECTED] > with the line: > > 'unsubscribe vnc-list' in the message BODY > > See also: > http://www.uk.research.att.com/vnc/intouch.html > > > --------------------------------------------------------------------- > --------------------------------------------------------------------- > To unsubscribe, mail [EMAIL PROTECTED] > with the line: > 'unsubscribe vnc-list' in the message BODY > See also: > http://www.uk.research.att.com/vnc/intouch.html > --------------------------------------------------------------------- __________________________________________________ Do You Yahoo!? Yahoo! Games - play chess, backgammon, pool and more http://games.yahoo.com/ --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html ---------------------------------------------------------------------
