Difference between revisions of "UltraVNC"
(Clarify certificate export directions) |
(→Package for UltraVNC 1.1.8 x86/x64) |
||
Line 13: | Line 13: | ||
This version will also set your (pre-encoded) password in ultravnc.ini using "replacetext.vbs", which can be found [[http://www.howtogeek.com/51194/replace-text-in-plain-text-files-from-the-command-line/ here]]. Note that I've set the %VNC_PASSWORD% variable in the profiles/userprofile.xml for security reasons, but you can create a variable directly in the package definition. | This version will also set your (pre-encoded) password in ultravnc.ini using "replacetext.vbs", which can be found [[http://www.howtogeek.com/51194/replace-text-in-plain-text-files-from-the-command-line/ here]]. Note that I've set the %VNC_PASSWORD% variable in the profiles/userprofile.xml for security reasons, but you can create a variable directly in the package definition. | ||
+ | |||
+ | CAVEAT: I tested this on Windows XP, which doesn't require signed drivers. It turns out that devcon.exe comes in both x86 and x64 flavors - so this will almost certainly fail on 32-bit Vista or Win7. I will update this in early December 2012 with devcon.exe working on both architectures! | ||
<source lang="xml"> | <source lang="xml"> |
Revision as of 23:40, 28 November 2012
UltraVNC is one example of a VNC Server and Client, a standard means of remote access.
Running VNC server software on Windows allows you to connect to the Windows graphical environment using VNC client software on a remote computer. There are various VNC client and server softwares, such as TightVNC and UltraVNC. There are VNC clients for probably every operating system, so you don't need to be running Windows to connect to and use Windows. VNC uses the RFB protocol, a defined standard method for remote access, so generally speaking any VNC client will connect to any VNC server, however occasionally some VNC implementations have added non-standard features that other clients may not support, examples of this are UltraVNC's remote login and file transfer features.
VNC clients connect into the session currently running on Windows, so the remote user and the person who might be sat at the computer see the same thing; the client doesn't get a separate login prompt, if someone is already logged into the computer then you see that, otherwise you get to login.
For remote administration or remote staff working, for security reasons you are strongly advised not to enable remote access to desktop computers directly over the Internet, instead you should have a firewall in place (for example pfSense), running a VPN server, which clients are required to securely VPN into before they have unfettered access to connect to VNC on desktop computers running Windows (or other operating systems).
Downloads can be done from the UltraVNC website.
Package for UltraVNC 1.1.8 x86/x64
This is a modification of the 1.1.7 example below. In theory, this should work for both x86 and x64 architectures, but I haven't tested it yet on x64.
This version will also set your (pre-encoded) password in ultravnc.ini using "replacetext.vbs", which can be found [here]. Note that I've set the %VNC_PASSWORD% variable in the profiles/userprofile.xml for security reasons, but you can create a variable directly in the package definition.
CAVEAT: I tested this on Windows XP, which doesn't require signed drivers. It turns out that devcon.exe comes in both x86 and x64 flavors - so this will almost certainly fail on 32-bit Vista or Win7. I will update this in early December 2012 with devcon.exe working on both architectures!
<package id="ultravnc" name="Ultra VNC" revision="118" priority="0">
<variable name="INSTALLER_NAME" value="UltraVNC_1_1_8_x86_Setup.exe" />
<variable name="INSTALLER_NAME" value="UltraVNC_1_1_8_x64_Setup.exe" architecture="x64" />
<variable name="ADDONS_INSTALLER_NAME" value="UltraVNC_1_1_8_x86_Addons.exe" />
<variable name="ADDONS_INSTALLER_NAME" value="UltraVNC_1_1_8_x64_Addons.exe" architecture="x64" />
<check type="uninstall" condition="versiongreaterorequal" path="UltraVnc" value="1.1.8" />
<install cmd="net stop uvnc_service">
<exit code="any" />
</install>
<install cmd="sc delete uvnc_service">
<exit code="any" />
</install>
<install cmd='%SOFTWARE%\ultravnc\%INSTALLER_NAME% /verysilent /loadinf="%SOFTWARE%\ultravnc\setup.inf"' />
<install cmd='%comspec% /c mkdir "%PROGRAMFILES%\uvnc bvba\UltraVNC\driver"'>
<exit code="any" />
</install>
<install cmd='%SOFTWARE%\ultravnc\%ADDONS_INSTALLER_NAME% /verysilent /loadinf="%SOFTWARE%\ultravnc\addons.inf"' />
<install cmd='%comspec% /c %SOFTWARE%\ultravnc\certmgr.exe -add %SOFTWARE%\ultravnc\ultravnc.cer -s -r localMachine trustedpublisher' architecture="x64" />
<install cmd='"C:\Program Files\uvnc bvba\UltraVNC\driver\setupdrv.exe" installs' />
<install cmd='"%SOFTWARE%\ultravnc\devcon.exe" update "C:\Program Files\uvnc bvba\UltraVNC\driver\driver\mv2.inf" mv_hook_display_driver2' >
<exit code="any" />
</install>
<install cmd='%comspec% /c copy /Y %SOFTWARE%\ultravnc\ultravnc.ini "%PROGRAMFILES%\uvnc bvba\UltraVNC"' />
<!-- Set the password in ultravnc.ini. Note that the %VNC_PASSWORD% variable is set in the profile. Then restart UltraVNC. -->
<install cmd='%comspec% /c %SOFTWARE%\ultravnc\replacetext.vbs "%PROGRAMFILES%\uvnc bvba\UltraVNC\ultravnc.ini" CHANGEME %VNC_PASSWORD%' />
<install cmd='net stop uvnc_service' />
<install cmd='net start uvnc_service' />
<upgrade include="install"/>
<remove cmd='net stop uvnc_service'>
<exit code='0' />
<exit code='2' />
</remove>
<remove cmd='sc delete uvnc_service' />
<remove cmd='"C:\Program Files\uvnc bvba\UltraVNC\unins000.exe" /verysilent /norestart' />
<remove cmd='%comspec% /c rmdir /S /Q "C:\Program Files\uvnc bvba"' />
</package>
Package for UltraVNC 1.1.7 x64
This builds slightly on the example from 1.0.6.4 and was tested with Windows 7 x64 Clients.
You need UltraVNC_1_1_7_x64_Setup.exe and UltraVNC_1_1_7_x64_Addon.exe and create two install files (installer.exe /saveinf=file for both Setup and Addon). For the mirror Driver you need two Windows files certmgr.exe and devcon.exe (x64 Version) which you can find via Google. To get rid of the certificate warning from Windows 7 during the driver Installation we need the .cer file. Extract it from the setupdrv.exe (Right click on the file -> properties -> digital signature -> Details -> View Certificate -> Details ->Copy to File). After the Installation I had the problem that the driver wasn´t recognized by the System. So i manually had to update it with the devcon.exe.
In the end there should be the Setup.exe, addon.exe, both .inf files, .cert file, certmgt.exe and devcon.exe in your setupfolder.
<package id="ultravnc" name="Ultra VNC" revision="117" priority="0">
<check type="uninstall" condition="versiongreaterorequal" path="UltraVnc" value="1.1.7" />
<install cmd="net stop uvnc_service">
<exit code="any" />
</install>
<install cmd="sc delete uvnc_service">
<exit code="any" />
</install>
<install cmd='%SOFTWARE%\ultravnc\UltraVNC_1_1_7_x64_Setup.exe /verysilent /loadinf="%SOFTWARE%\ultravnc\setup.inf"' />
<install cmd='%comspec% /c mkdir "C:\Program Files\uvnc bvba\UltraVNC\driver"'>
<exit code="any" />
</install>
<install cmd='%SOFTWARE%\ultravnc\UltraVNC_1_1_7_x64_Addons.exe /verysilent /loadinf="%SOFTWARE%\ultravnc\addons.inf"' />
<install cmd='%comspec% /c %SOFTWARE%\ultravnc\certmgr.exe -add %SOFTWARE%\ultravnc\ultravnc.cer -s -r localMachine trustedpublisher' />
<install cmd='"C:\Program Files\uvnc bvba\UltraVNC\driver\setupdrv.exe" installs' />
<install cmd='"%SOFTWARE%\ultravnc\devcon.exe" update "C:\Program Files\uvnc bvba\UltraVNC\driver\driver\mv2.inf" mv_hook_display_driver2' >
<exit code="any" />
</install>
<install cmd='%comspec% /c copy /Y %SOFTWARE%\ultravnc\ultravnc.ini "C:\Program Files\uvnc bvba\UltraVNC"' />
<upgrade include="install"/>
<remove cmd='net stop uvnc_service'>
<exit code='0' />
<exit code='2' />
</remove>
<remove cmd='sc delete uvnc_service' />
<remove cmd='"C:\Program Files\uvnc bvba\UltraVNC\unins000.exe" /verysilent /norestart' />
<remove cmd='%comspec% /c rmdir /S /Q "C:\Program Files\uvnc bvba"' />
</package>
Windows Firewall
[Note: This may not be necessary as of UltraVNC 1.1.8.]
When installing silently the Windows Firewall won't prompt you to allow the VNC Server. You can script allowing traffic to the VNC server (on TCP port 5900, from all sources) using:
:: allow incoming TCP connections to port 5900
netsh advfirewall firewall add rule name="VNC SERVER" dir=in protocol=TCP localport=5900 action=allow
old command (out-of-date)
netsh firewall add portopening TCP 5900 "VNC server" enable all