Click ‘Configuration Templates’ > ‘Profiles’ > open a Windows profile > Click ‘Add Profile Section’ > ‘Remote Tools’
Add a 'Remote Tools' section to a profile
- Login to Comodo One/ Dragon
- Click 'Applications' > 'Endpoint Manager'
- Click 'Configuration Templates' > 'Profiles'
- Click the 'Add Profile Section' button > 'Remote Tools'
OR
- Click the 'Remote Tools' tab if the section has already been added
- The remote tools section lets you configure whether connections are allowed, how the connection is handled, and what information is shown to the end-user:
Remote Tool Options
- File Explorer – Enable or disable the ability to manage files on remote endpoints. If disabled, admins will not be able to access files on endpoints which use the profile.
- Perform actions: create, delete, rename - Enable or disable the ability to create/rename/delete files on the remote system.
- File/Folder Transfer – Enable or disable the ability to copy or move files between the remote device and the management computer.
- Process Explorer - Enable or disable the ability to manage running processes on remote endpoints. If disabled, admins will not be able to view or terminate processes on endpoints which use the profile.
- Commands Interface - If enabled, you can run command lines and power shell commands on remote devices’ command prompt.
- Alternatively, use the 'Apply to all' switch at the top to enable or disable all at-once.
- Establish Remote tools session without asking permission - Connect in the background to endpoints which use the profile. The user of the endpoint is not made aware of the connection.
- Ask user, wait and deny access -
- User logged in: A message is shown to the user which requests them to accept the connection. An example message is show below:
- The connection proceeds anyway if the user does not respond within the timeout period.
- User not logged in: Endpoint manager will auto-connect to the device without showing a notification.
- Ask user, wait and deny access
- User logged in: A message is shown to the user which requests them to accept the connection.
- The connection is aborted if the user does not respond within the timeout period. (see screenshot above).
- User not logged in: Endpoint manager will auto-connect to the device without showing a notification.
Message to Device User:
Client Notification Options:
- Choose whether or not a notification box which is shown on the endpoint when a remote session is active. An example is shown below:
- The end-user can view the actions taken on the endpoint by clicking the down arrow at the right of the notification box.
Show notification to device user about who connected to his/her workstation - Enable or disable the notification box
- Allow user to terminate the connection – Choose whether or not the 'End Session' button is shown in the box. If enabled, end-users are able to close the connection.
- Keep notification window open after session ends - Choose whether or the box is shown on the endpoint after the session is completed.
Click 'Save' to apply your changes.
The new settings are immediately deployed to all endpoints which use the profile.
You can access the remote tools feature in the 'Device List' area:
- Click 'Devices' > 'Device List'
- Select a Windows device from the list
- Click the 'Remote Tools' button in the menu above the table
- Select 'File Explorer' 'Process Explorer', 'Service Explorer' or 'Commands Interface' to initiate a connection to the device
- See this wiki for help to remotely access files/folders, processes and services and run command prompt commands/powershell scripts on a remote device
Further reading:
How to manage files, processes and services on remote devices
How to perform remote file and folder operations in Endpoint Manager
How to set Remote control options in a profile
How to take Remote Control of a device