Symantec 14541094 Administration Guide

Symantec 14541094 - pcAnywhere Host & Remote Manual

Get Symantec 14541094 - pcAnywhere Host & Remote PDF manuals and user guides
UPC - 037648640480
View all Symantec 14541094 manuals
Add to My Manuals
Save this manual to your list of manuals

Symantec 14541094 manual content summary:

  • Symantec 14541094 | Administration Guide - Page 1
    Symantec pcAnywhere™ Administrator's Guide
  • Symantec 14541094 | Administration Guide - Page 2
    Symantec pcAnywhere™ Administrator's Guide The software described in this book is furnished under a Hat, Inc. in the United States and other countries. SSH and Secure Shell are trademarks of SSH Communications Security, Inc. Additional company and product names may be trademarks or registered
  • Symantec 14541094 | Administration Guide - Page 3
    , the Technical Support group works with Product Engineering and Symantec Security Response to provide alerting services and virus definition that are enrolled in the Platinum Support program ■ Advanced features, including Technical Account Management For information about Symantec's Maintenance
  • Symantec 14541094 | Administration Guide - Page 4
    Symantec's technical support options ■ Nontechnical presales questions ■ Issues that are related to CD-ROMs or manuals Maintenance agreement resources before they occur. Managed Security Services These services remove the burden of managing and monitoring security devices and events, ensuring
  • Symantec 14541094 | Administration Guide - Page 5
    , each focused on establishing and maintaining the integrity and availability of your IT resources. Educational Services provide a full array of technical training, security education, security certification, and awareness communication programs. To access more information about Enterprise
  • Symantec 14541094 | Administration Guide - Page 6
  • Symantec 14541094 | Administration Guide - Page 7
    Contents Technical Support Chapter 1 Planning a migration and upgrade strategy About migrations and upgrades 11 Migrating from pcAnywhere 11.x in Windows NT/2000/2003 Server/XP 13 Migrating from
  • Symantec 14541094 | Administration Guide - Page 8
    script 62 Performing centralized management About centralized management 63 Managing pcAnywhere hosts remotely 63 Installing the pcAnywhere Host Administrator tool 64 Adding the Host Administrator snap-in to MMC 65 Creating a configuration group 65 Adding computers to a configuration group
  • Symantec 14541094 | Administration Guide - Page 9
    in pcAnywhere 88 Setting up the host computer to use directory services 89 Setting up the remote computer to use directory services 90 Managing security in Symantec pcAnywhere Controlling access to pcAnywhere hosts 91 Limiting connections to specific computer names or IP addresses 92 Leveraging
  • Symantec 14541094 | Administration Guide - Page 10
    10 Contents
  • Symantec 14541094 | Administration Guide - Page 11
    2003 Server/XP. During a migration, pcAnywhere lets you install over the previous version of the product and preserve user-defined settings. Symantec pcAnywhere supports upgrades from version 9.2.x to version 12.0 on Windows 98/Me/NT/2000/2003 Server/XP. An upgrade lets you install over the previous
  • Symantec 14541094 | Administration Guide - Page 12
    12 Planning a migration and upgrade strategy About migrations and upgrades Table 1-1 Symantec pcAnywhere version 11.x 10.x 10.x 9.2.x 9.2.x Migration and upgrade strategy matrix Operating system Restart required Data preserved automatically Windows No NT/2000/2003 Server/XP Host items
  • Symantec 14541094 | Administration Guide - Page 13
    from pcAnywhere 11.x in Windows NT/2000/2003 Server/XP Symantec pcAnywhere supports full migration of the full product version and host-only version of well as option sets. This migration requires a system restart to remove older pcAnywhere system files. You can use Symantec Packager to streamline
  • Symantec 14541094 | Administration Guide - Page 14
    9.2.x in Windows NT/2000/XP Symantec pcAnywhere supports upgrades of the full product and host-only and upgrades Symantec Packager is an administrator tool that lets you create, modify, and build to Create a custom installation package that manually uninstall a previous version of the includes
  • Symantec 14541094 | Administration Guide - Page 15
    Planning a migration and upgrade strategy 15 Using Symantec Packager to streamline migrations and upgrades The product installation does not support preservation of preconfigured product settings. Create a custom installation package that includes preconfigured data files that contain the settings
  • Symantec 14541094 | Administration Guide - Page 16
    16 Planning a migration and upgrade strategy Using Symantec Packager to streamline migrations and upgrades
  • Symantec 14541094 | Administration Guide - Page 17
    2 Chapter Creating custom installation packages This chapter includes the following topics: ■ About Symantec Packager ■ What you can do with Symantec Packager ■ How Symantec Packager works ■ Importing a product module ■ Customizing product settings ■ Creating a custom command ■ Creating installation
  • Symantec 14541094 | Administration Guide - Page 18
    3.51. What you can do with Symantec Packager Symantec Packager lets you do the following: ■ Tailor products to adhere to your security policy, giving users full access to all features, or limiting access where appropriate ■ Reduce deployment bandwidth and application footprint by creating a custom
  • Symantec 14541094 | Administration Guide - Page 19
    for each product. Configure commands that you want to include in a package. Custom commands let you add additional functionality that is not supported in the product templates, such as including a third-party program or batch file. See "Creating a custom command" on page 38. Configure packages
  • Symantec 14541094 | Administration Guide - Page 20
    Deployment tool in Symantec Packager and a Web-based deployment tool on the pcAnywhere CD. You can also use your current deployment tools. Products tab when you open Symantec Packager, you must import the product module manually. To import a product module 1 Open Symantec Packager. 2 In the Symantec
  • Symantec 14541094 | Administration Guide - Page 21
    features in pcAnywhere such as: ■ User interface (pcAnywhere Manager) ■ Remote components ■ Host components ■ Communications protocols ■ Documentation (online manuals and Help) ■ Symantec installation utilities Configuration Files The pcAnywhere product template includes default remote and host
  • Symantec 14541094 | Administration Guide - Page 22
    file creates a Microsoft Installer (.msi) file. Symantec Packager supports installation of pcAnywhere .msi files only. See "Building a you customize product installations by including the features that you want and removing the features that you do not need. The product size and installed
  • Symantec 14541094 | Administration Guide - Page 23
    include in the custom product. ■ Clear the features that you do not want to include. ■ Click the plus sign next to a feature to select or remove its subfeatures.
  • Symantec 14541094 | Administration Guide - Page 24
    Live Update file (LIVEUPDT.HST) Provides the information needed to support connections to the Symantec LiveUpdate server to receive automatic product updates add them to the custom product installation: Option sets Host Security IDs Lets you configure global options for pcAnywhere to accommodate
  • Symantec 14541094 | Administration Guide - Page 25
    item files (.bhf) Lets you preconfigure the connection and security settings needed to allow a connection from another computer. For more information, see the Symantec pcAnywhere User's Guide. Caller files (.cif) Lets you preconfigure a logon account for users who connect to the host computer and
  • Symantec 14541094 | Administration Guide - Page 26
    file with your preconfigured file. ■ Select the file that you want to remove, and then click Remove. This removes your preconfigured file and replaces it with the default file provided by Symantec, adding or deleting files, can result in denial of service. Use integrity management in conjunction with
  • Symantec 14541094 | Administration Guide - Page 27
    product installations and packages" on page 40. Serializing a pcAnywhere installation Symantec pcAnywhere lets you create a custom installation that contains an embedded security code, or serial ID. This serial ID number must be present on both the host and remote computers to make a connection.
  • Symantec 14541094 | Administration Guide - Page 28
    the serial ID configuration file. ■ Build the package. ■ Deploy and install the package. Generating a serial ID file Symantec pcAnywhere lets you generate a security code, or serial ID, which can be embedded into a custom installation. Serial IDs must be a numeric value between 0 and 4,294,967,296
  • Symantec 14541094 | Administration Guide - Page 29
    . ■ Click the plus sign next to a feature to select or remove its subfeatures. To configure a custom product installation or package that includes host , select only Host or Remote. 3 On the Configuration Files tab, click Host Security IDs File (*.SID) , and then click Add. 4 Browse to the folder
  • Symantec 14541094 | Administration Guide - Page 30
    , file transfer, logging, and other functions to improve performance, enhance security, or manage connections. Symantec pcAnywhere lets you create multiple option sets to Enables logging of events that occur during pcAnywhere sessions Directory Services Controls settings for using a directory
  • Symantec 14541094 | Administration Guide - Page 31
    the settings that you want to use. 5 When you are finished, click OK. For more information about a feature, see the Symantec pcAnywhere User's Guide . Adding an option set to a custom installation file You can add the option sets that you create in pcAnywhere to a custom installation file. After
  • Symantec 14541094 | Administration Guide - Page 32
    32 Creating custom installation packages Customizing product settings 3 Browse to the folder that contains the option set files (*.opt) that you created in pcAnywhere, select the one that you want to use, and then click Open. The option set file is added to the list of data and configuration files.
  • Symantec 14541094 | Administration Guide - Page 33
    Creating custom installation packages 33 Customizing product settings Start online registration at startup Prompts users to register the product when they start the program for the first time See "Prompting users to register upon startup" on page 34. Host object to use as template Lets you select
  • Symantec 14541094 | Administration Guide - Page 34
    34 Creating custom installation packages Customizing product settings ■ Double-click an existing product to edit it. 2 In the Product Editor window, on the Installation Options tab, double-click Target location. 3 In the Target Location dialog box, select one of the following: ■ Program Files
  • Symantec 14541094 | Administration Guide - Page 35
    Creating custom installation packages 35 Customizing product settings ■ Click Apply to save your changes and continue the product configuration. 6 If prompted, type a file name, and then click Save. Selecting the default template for host connections Symantec Packager lets you select the host
  • Symantec 14541094 | Administration Guide - Page 36
    36 Creating custom installation packages Customizing product settings installation. Remote connection items contain the configuration settings needed to connect to another computer remotely. You can select the pcAnywhere program default settings, select a preconfigured remote connection item
  • Symantec 14541094 | Administration Guide - Page 37
    Creating custom installation packages 37 Customizing product settings ■ Double-click an existing product to edit it. 2 In the Product Editor window, on the Installation Options tab, double-click Run LiveUpdate after installation. 3 In the Run LiveUpdate after installation dialog box, select Run
  • Symantec 14541094 | Administration Guide - Page 38
    38 Creating custom installation packages Creating a custom command Creating a custom command In addition to creating custom products, you can create custom commands to include in your packages. Examples of custom commands include batch files, third-party executables, command-line arguments, or
  • Symantec 14541094 | Administration Guide - Page 39
    , type the fully qualified path to the remove.exe file that is located in the pcAnywhere configuration information and installation instructions that Symantec Packager requires using a third-party deployment tool. The Symantec Packager Deployment Tool does not support MSI deployment. Creating a
  • Symantec 14541094 | Administration Guide - Page 40
    40 Creating custom installation packages Building product installations and packages For more information about configuring package settings, see the Symantec Packager online Help. Adding products and commands to a package definition Symantec Packager lets you create a custom installation package
  • Symantec 14541094 | Administration Guide - Page 41
    supported .msi files. You can use an industry-standard, third-party deployment tool to deploy the pcAnywhere .msi file. The Symantec Packager Deployment Tool does not support progress of the build and logs any problems that have occurred. If the product features, installation instructions, and custom
  • Symantec 14541094 | Administration Guide - Page 42
    2 On the File menu, click Build. The Package Build Status window appears, which provides information about the progress of the build and logs any problems that have occurred. If the package build is successful, the last line in the Build Status window reads as follows: Package was built successfully
  • Symantec 14541094 | Administration Guide - Page 43
    using any of the following methods: ■ Local computer installation Opening an .exe file or supported .msi file on the Deploy Packages tab in Symantec Packager starts the installation process. Ensure using the Deploy Packages tab, see the Symantec Packager Implementation Guide on the pcAnywhere CD.
  • Symantec 14541094 | Administration Guide - Page 44
    about installing pcAnywhere, see the Symantec pcAnywhere User's Guide. ■ Symantec Packager deployment tool This tool lets you deploy packages to one or more computers on your network. The Symantec Packager deployment tool supports deployment to Microsoft 32-bit computers only (for example
  • Symantec 14541094 | Administration Guide - Page 45
    Notify users of the download location. The Web-based deployment tool supports the deployment of Symantec Packager packages and Microsoft Installer (.msi Deployment Requirements Web server ■ HTTP Web server. ■ Microsoft Internet Information Server (IIS) version 4.0/5.0. ■ Apache HTTP Server version
  • Symantec 14541094 | Administration Guide - Page 46
    Internet Explorer 4.0 or later. Symantec pcAnywhere requires Internet Explorer 6.x or later for installation. ■ Windows Installer 2.0 or later (required only for MSI installations). ■ Browser security You must copy the installation files required to support Web-based deployment to a directory on the
  • Symantec 14541094 | Administration Guide - Page 47
    Deploying Symantec pcAnywhere custom installations 47 Deploying installation packages using Web-based deployment Deploy/Webinst Deploy\Webinst\Webinst ■ brnotsup.htm ■ default.htm ■ intro.htm ■ logo.jpg ■ oscheck.htm ■ plnotsup.htm ■ readme.htm ■ start.htm ■ webinst.cab ■ files.ini ■ Launch.bat (
  • Symantec 14541094 | Administration Guide - Page 48
    Web-based deployment The Web-based deployment tool supports Microsoft Internet Information Server (IIS) or Apache HTTP Internet Information Server > Internet Service Manager . ■ In IIS version 5.0: On the Windows taskbar, click Start > Programs > Administrative Tools > Internet Services Manager
  • Symantec 14541094 | Administration Guide - Page 49
    specify the DocumentRoot. If the quotation marks are omitted, Apache services might not start. Customizing the deployment files You must edit the following files to deploy and install packages using the Web-based deployment tool: Start.htm Files.ini Launch.bat Contains the parameters for the Web
  • Symantec 14541094 | Administration Guide - Page 50
    for package deployment Modify Files.ini to contain the name of the package executable file that you want to deploy. Additional information is required to support MSI deployment. See "Customizing Files.ini for MSI deployment" on page 51.
  • Symantec 14541094 | Administration Guide - Page 51
    that it references the name of the package that you want to deploy. For example: File1=Symantec pcAnywhere - Full Product.exe Long file names are supported. 5 For each additional file, add a new Filen= filename line, where n is a unique number and filename is the name of the file. 6 Save and close
  • Symantec 14541094 | Administration Guide - Page 52
    it references the name of the .msi file that you want to deploy. For example: File2=Symantec pcAnywhere - Host Only.msi Long file names are supported. 7 For each additional file, add a new Filen= filename line, where n is a unique number and filename is the name of the file. 8 Save and close the
  • Symantec 14541094 | Administration Guide - Page 53
    guidelines to troubleshoot the problem: ■ If there is a problem with the instructions to your users to download the package that you want to deploy. To install a pcAnywhere installation package, users must have Internet Explorer 6.0 or later on their computers. The Internet Explorer security
  • Symantec 14541094 | Administration Guide - Page 54
    be downloaded to the client. When the installation is complete, the security level can be restored to its original setting. Make sure that that points to the client installation as follows: ■ For Internet Information Server: http://Server_name/Virtual_home_directory/Webinst/ where Server_name is the
  • Symantec 14541094 | Administration Guide - Page 55
    SMS client computers SMS packages can be any type of software program that supports installation using SMS. An SMS-specific information file used by SMS to be installed on Windows NT 4.0 with Service Pack 5 or higher. It is recommended that you obtain the SMS Service Pack 2 or higher from Microsoft.
  • Symantec 14541094 | Administration Guide - Page 56
    .msi. For information on customizing the Package Definition File, see your SMS documentation. The following values must not be removed or changed in the supplied Package Definition File: ■ AfterRunning=ProgramRestart ■ CanRunWhen=UserLoggedOn ■ AdminRightsRequired=TRUE Creating an SMS deployment
  • Symantec 14541094 | Administration Guide - Page 57
    name. 4 In the drop-down menu, select one of the following: ■ Windows Me/Windows 2000 to distribute to Windows Me and Windows 2000 clients that support MSI-based installations.
  • Symantec 14541094 | Administration Guide - Page 58
    5 Click Browse, and then and pick the collection to which you want to advertise the installation. 6 Set the schedule, requirements, and appropriate security rights of the package. After the advertisement is created, pcAnywhere should deploy to all of the selected clients. Using Windows NT/2000/2003
  • Symantec 14541094 | Administration Guide - Page 59
    Deploying Symantec pcAnywhere custom installations 59 Using Windows NT/2000/2003 Server/XP logon scripts @echo off setlocal REM ***** Package Variable -- Change to name of pcA Package ***** Set Package=Package.MSI REM ***** EXE or MSI Variable -- Change to package type (MSI or EXE) ***** Set PkgType
  • Symantec 14541094 | Administration Guide - Page 60
    60 Deploying Symantec pcAnywhere custom installations Using NetWare logon scripts rd pcapkg Net Use Z: /DELETE :End endlocal Testing the Windows logon script Test the completed script on one or two workstations before setting up the script for all users. Windows NT/2000/2003 Server/XP users must
  • Symantec 14541094 | Administration Guide - Page 61
    the appropriate drive mappings to the local workstation and launches the deployment batch file. The batch file installs the pcAnywhere package and removes the installation files when complete. The following examples assume default installation folders. Modify them, as necessary, to work in your
  • Symantec 14541094 | Administration Guide - Page 62
    62 Deploying Symantec pcAnywhere custom installations Using NetWare logon scripts REM ***** Creates a folder in the Temp dir, and copies the package ***** C: CD %TEMP% MD pcapkg CD pcapkg Z: COPY %Package% c: REM ***** Launches package installation ***** C: IF %PkgType% == MSI msiexec -i %Package%
  • Symantec 14541094 | Administration Guide - Page 63
    pcAnywhere hosts on a network. The pcAnywhere Host Administrator tool is a Microsoft Management Console (MMC) snap-in and requires MMC to run. Symantec pcAnywhere supports integration with Microsoft Systems Management Server. It also supports centralized event logging using the SNMP monitor. See
  • Symantec 14541094 | Administration Guide - Page 64
    after pcAnywhere installation. To install the pcAnywhere Host Administrator Tool 1 On the Windows taskbar, click Start > Settings > Control Panel. 2 In the Control Panel window, double-click Add/Remove Programs. 3 In the Add/Remove Programs window, click Symantec pcAnywhere. 4 Click Change. 5 In the
  • Symantec 14541094 | Administration Guide - Page 65
    Follow the on-screen instructions to continue the installation administrator tools from a central location. Upon installation of the pcAnywhere Host Administrator tool, you Click OK. 4 On the Console menu, click Add/Remove Snap-in. 5 In the Add/Remove Snap-in dialog box, on the Standalone tab, click
  • Symantec 14541094 | Administration Guide - Page 66
    can use the pcAnywhere Host Administrator tool to remotely manage the hosts on your network, you must first configure the administrator host and remote connection items. These files contain the connection and security settings needed to support connections between the pcAnywhere Host Administrator
  • Symantec 14541094 | Administration Guide - Page 67
    information, see the Symantec pcAnywhere User's Guide. Host Administrator template for the computer item contains the connection and security information needed to connect to CMS folder to use it with the pcAnywhere Host Administrator tool or include it in a packaged installation. To create
  • Symantec 14541094 | Administration Guide - Page 68
    item The administrator host connection contains the connection and security information needed to allow a remote administrator to connect , access privileges. For more information, see the Symantec pcAnywhere User's Guide. 7 In the Host Properties window, configure the other settings that you
  • Symantec 14541094 | Administration Guide - Page 69
    configuration group. Symantec pcAnywhere requires that you set up a logon account for users who connect to your computer, and select an authentication Symantec pcAnywhere User's Guide. Distributing pcAnywhere configuration files The pcAnywhere Host Administrator tool lets you distribute pcAnywhere
  • Symantec 14541094 | Administration Guide - Page 70
    70 Performing centralized management Managing pcAnywhere hosts remotely 3 In the Distribute pcAnywhere Files dialog box, select the computers to which you want to distribute the file. 4 Select the file that you want to distribute. 5 Click OK. Managing hosts in a configuration group Once you have
  • Symantec 14541094 | Administration Guide - Page 71
    Windows-based computers and servers. Symantec pcAnywhere provides the support files needed to integrate with SMS. These files are the pcAnywhere.pdf file. The default location on the installation CD is as follows: \tools\SMS folder 4 Click Open. 5 In the Package Definition panel, click Next. 6
  • Symantec 14541094 | Administration Guide - Page 72
    configure and control pcAnywhere on Windows 98/Me using a centralized management tool, you must meet the following system requirements: ■ The Windows 98 with user-level access. This access is required to adjust the DCOM security settings when running the dcomcnfg.exe utility. ■ File and print sharing
  • Symantec 14541094 | Administration Guide - Page 73
    connection problems because of access denied errors, run the dcomcnfg.exe utility to check the security settings for the client. Edit the default security and and the centralized management integration. The pcAnywhere Host Administrator tool uses AwShim to start and stop host and remote sessions
  • Symantec 14541094 | Administration Guide - Page 74
    . About centralized logging Security, accountability, and logging are supports centralized event logging. An administrator can collect logging information from every pcAnywhere host on the network and store this information on a secure, centralized server. The pcAnywhere Host Administrator tool
  • Symantec 14541094 | Administration Guide - Page 75
    that you want to log. For more information, see the Symantec pcAnywhere User's Guide. 7 Click OK. About the pcAnywhere MIB file The pcAnywhere MIB file outlines that pcAnywhere can generate. Use the pcAnywhere MIB file as a tool to help build automated responses to pcAnywhere events that occur on
  • Symantec 14541094 | Administration Guide - Page 76
    76 Performing centralized management About centralized logging
  • Symantec 14541094 | Administration Guide - Page 77
    and retrieves information about users. It facilitates looking up host computers that are waiting for a connection on the Internet or intranet. The benefit of using directory services with pcAnywhere is increased speed. Normally, when you launch a remote connection, it scans the network for waiting
  • Symantec 14541094 | Administration Guide - Page 78
    to connect from this list. Configuring the directory servers Before you can use directory services in pcAnywhere, you need to configure a directory server so that it works with pcAnywhere. The configuration instruction depends on the type of directory server that you use. Configuring the LDAP server
  • Symantec 14541094 | Administration Guide - Page 79
    Integrating pcAnywhere with directory services 79 Configuring the directory servers 10 In the ObjectClass Name field, type pcaHost 11 In the Available Attributes list, locate the objectclass attribute, and then
  • Symantec 14541094 | Administration Guide - Page 80
    configured, and functioning on the Novell server with Novell Directory Services (NDS) 8.0. Administrator rights to the server are needed to from the following location: sys:public\mgmt\ConsoleOne\1.2\bin\ConsoleOne.exe 3 On the Tools menu, click Schema Manager. 4 On the Attribute tab, click Create. 5
  • Symantec 14541094 | Administration Guide - Page 81
    services 81 Configuring the directory servers Creating the pcaHost object in ConsoleOne Follow this procedure to create the pcaHost object. To create the pcaHost object in ConsoleOne 1 Open ConsoleOne from the following location: sys:public\mgmt\ConsoleOne\1.2\bin\ConsoleOne.exe 2 On the Tools
  • Symantec 14541094 | Administration Guide - Page 82
    82 Integrating pcAnywhere with directory services Configuring the directory servers 7 In the LDAP attribute field, type pcaHostEntry This entry is case-sensitive and must be entered exactly as it appears above. 8
  • Symantec 14541094 | Administration Guide - Page 83
    Integrating pcAnywhere with directory services 83 Configuring the directory servers To create an LDIF file 1 In Notepad, type the following lines for each user: DN:cn=user,ou=organization_unit,o=organization
  • Symantec 14541094 | Administration Guide - Page 84
    84 Integrating pcAnywhere with directory services Configuring the directory servers To assign rights to multiple users 1 Click the container in which to place the group. 2 Right-click the container, and then
  • Symantec 14541094 | Administration Guide - Page 85
    Integrating pcAnywhere with directory services 85 Configuring the directory servers To add the snap-in 1 On the Windows taskbar, click Start > Run. 2 Type mmc 3 Click OK. 4 On the Console1 toolbar, click Console > Add/Remove Snap-in . 5 In the Add/Remove Snap-in dialog box, click Add. 6 Click Active
  • Symantec 14541094 | Administration Guide - Page 86
    86 Integrating pcAnywhere with directory services Configuring the directory servers Creating the pcaHost object Follow this procedure to create the pcaHost object. To create the pcaHost object 1 In the Common Name
  • Symantec 14541094 | Administration Guide - Page 87
    Integrating pcAnywhere with directory services 87 Configuring the directory servers Setting click Start > Programs > Administrative Tools > Active Directory Users and Computers. 2 On the View menu, make sure that Advanced Features is selected. This enables the Security tab in the property pages. You
  • Symantec 14541094 | Administration Guide - Page 88
    Security property page. Configuring pcAnywhere to use directory services Configuring pcAnywhere to use directory services involves the following process: ■ Set up directory services the Name field, type the account name specified on the directory server. 6 In the Password field, type
  • Symantec 14541094 | Administration Guide - Page 89
    , click Hosts. 2 Right-click a host connection item that uses a network connection, and then click Properties. 3 On the Settings tab, check Use directory services. 4 Select the appropriate directory server in the list. The directory server that you select is used to register the host when it starts
  • Symantec 14541094 | Administration Guide - Page 90
    . 2 Right-click a remote connection item that uses a network connection, and then click Properties. 3 On the Settings tab, click Use directory services. 4 Select a directory server in the list. The list contains only the directory servers that have been preconfigured and verified. 5 Click Filter to
  • Symantec 14541094 | Administration Guide - Page 91
    networking infrastructure. This objective can be achieved by limiting the number of network hosts that are available for remote access, and by implementing secure, remote access server (RAS) and Virtual Private Network (VPN) solutions in place of individual dial-up devices. The following are some of
  • Symantec 14541094 | Administration Guide - Page 92
    security in Symantec pcAnywhere Controlling access to pcAnywhere hosts ■ Implement an authentication method. Symantec pcAnywhere supports a number of centralized authentication types, including Active Directory, Novell Directory Services see the Symantec pcAnywhere User's Guide. ■ Limit the time to
  • Symantec 14541094 | Administration Guide - Page 93
    account Services, Novell Bindery, NT, and RSA SecurID, giving you the flexibility of using the authentication measures already in place on your network. Using two-factor authentication Symantec pcAnywhere supports RSA SecurID two-factor authentication. SecurID validates users against a security Guide
  • Symantec 14541094 | Administration Guide - Page 94
    security by checking a list stored in an Active Directory Service. Users can browse an ADS tree for user Access Protocol names. (LDAP) 3.0-compliant directory service. NT (For Windows NT/2000 only) Validates a server using NT authentication to support callers from the local administrator user
  • Symantec 14541094 | Administration Guide - Page 95
    security in Symantec pcAnywhere 95 Controlling access to pcAnywhere hosts This configuration option is less time-consuming than adding an individual account for each administrator to the local administrator group. This feature is supported in a Novell tree for user or group names. Directory Service.
  • Symantec 14541094 | Administration Guide - Page 96
    Users must specify a server an HTTPS Web server name and a valid user name. validate a user by checking a list associated with an HTTPS service. This method is more secure than FTP and HTTP authentication because the user name and password are encrypted before they are sent over the network.
  • Symantec 14541094 | Administration Guide - Page 97
    to protect the host from unauthorized access and intentional disruption of service. Table 6-4 includes information about the ways in which pcAnywhere can protect session security. Table 6-4 Session security options Option Description Strong encryption Protect the data stream, including the
  • Symantec 14541094 | Administration Guide - Page 98
    groups Protect the host from a malicious user's intent on disrupting service, as well as from innocent users who inadvertently forget to end at the caller level. Secure end-of-session options Securely end host sessions to prevent potential security breaches. You can pcAnywhere User's Guide.
  • Symantec 14541094 | Administration Guide - Page 99
    Symantec pcAnywhere supports centralized logging, so you can archive the logs on a secure, central server. Although logging can be a useful tool, be Directory container. The operating system provides a software wizard to guide you through this process. For more information about adding the Group
  • Symantec 14541094 | Administration Guide - Page 100
    XP and Windows 98/Me/NT4 to support registry-based policy management. The pcAnywhere.adm is located on the pcAnywhere CD in the Tools\Policy folder. You can copy this file to a secure location, and then import it into MMC. Before Add/Remove Templates. 4 In the Add/Remove Templates window, click Add.
  • Symantec 14541094 | Administration Guide - Page 101
    click Open. 6 In the Add/Remove Templates window, click Close. Importing the pcAnywhere.adm file for Windows 98/Me/NT4 The pcAnywhere.adm file for Windows 98/Me/NT is located on the pcAnywhere CD in the Tools\Policy\NT4_9x_Me folder. You can copy this file to a secure location, and then import it
  • Symantec 14541094 | Administration Guide - Page 102
    102 Managing security in Symantec pcAnywhere Implementing policy-based administration Table 6-5 command queue features Actions\pcAnywhere Tools Contains policy settings to prohibit users from using the following tools in pcAnywhere: ■ Package Deployment Tool ■ Host Administrator ■ Activity
  • Symantec 14541094 | Administration Guide - Page 103
    Managing security in Symantec pcAnywhere 103 Implementing policy-based administration Table 6-5 Location of to remove specific device types (for example, Infrared, TAPI) from the list of available connection types. UI Changes\Help Lets you use a custom URL for the Service and Support option on
  • Symantec 14541094 | Administration Guide - Page 104
    104 Managing security in Symantec pcAnywhere Implementing policy-based administration 4 Under User the System Policy Editor. On Windows 98/Me/NT 4 computers, you might need to install this tool separately. To apply policy settings to users upon system logon, you must create a directory share in
  • Symantec 14541094 | Administration Guide - Page 105
    Managing security in Symantec pcAnywhere 105 Implementing policy-based administration 5 Under Symantec pcAnywhere, expand a list by clicking the plus sign next to the policy type that you
  • Symantec 14541094 | Administration Guide - Page 106
    106 Managing security in Symantec pcAnywhere Implementing policy-based administration
  • Symantec 14541094 | Administration Guide - Page 107
    28 A ACE/Agent. See SecurID ACE/Server. See SecurID Active Directory Services 84 Admin.bhf 67 Admin11.chf 67 administrative template 100 alias 54 authentication overview 38 custom installations. See packages D DCOM modifying security settings 73 overview 71 requirements Windows 98/Me 72 Windows
  • Symantec 14541094 | Administration Guide - Page 108
    64 managing a host 70 sending commands 70 using AwShim 73 host computers limiting connections 92 securing 91 host items adding to packages 25 configuring 66 host sessions securing 97 I installation files. See packages installation options custom products 32 installation packages 39 integrity
  • Symantec 14541094 | Administration Guide - Page 109
    templates 36 serializing 27 setting global options 30 testing 42 pcAnywhere Tools Host Administrator 63 pcAnywhere.adm file 100-101 PMI file 20 items adding to packages 25 configuring 66 remote management 63 S SecurID 93 security ID adding to packages 28 generating 28 serial ID adding to packages
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
Symantec pcAnywhere™
Administrator's Guide