After choosing a hand phaser to deal with troublesome users, the Star Trek technology that the majority of network administrators would probably want most is the transporter. What better way to access a problematic server that’s a hundred miles (or a hundred million light years) away? Just beam over, fix the problem, and then beam back to the office in time for lunch.
Unfortunately, by the time the Star Trek suite is actually available, it’ll come with exorbitant licensing fees, so you might as well get used to using the next best thing: a remote administration utility. While VNC and PC Anywhere have typically been strongholds in this niche, there is a new tool in the market: Remote Administrator (RA). In this Daily Drill Down, I’ll introduce you to RA and show you how you can use it to fix problems on remote servers without having your molecules scrambled.
What is RA?
When it comes to remote administration, you have several alternatives. VNC, PC Anywhere, and Windows 2000’s Terminal Services in remote administration mode all allow you to remotely manage a Windows server. VNC has become a very popular choice for network administrators mostly because of its price, which is a most attractive $0. However, RA, produced by a small company called Famatech, provides a new alternative and, while it’s not free, it’s impressive enough to warrant a close look.
VNC is a great product, especially since it is free, but when comparing the original, unmodified VNC to RA, there is a noticeable difference in performance. RA’s documentation claims that LAN speeds reach 100 to 500 screen updates per second, while modem speeds reach 5 to 10 updates per second. In my practical usage of the product, I’ve found this claim to be accurate. I’ve also found that RA is significantly faster than VNC in terms of overall speed including screen redraws.
Other than speed, RA has additional impressive features including:
- Built-in file transfer.
- 128-bit encryption for all traffic passed over the client/server link.
- User Level Windows authentication.
- IP filtering to allow the restriction or access of certain IP addresses.
Unlike VNC, these features don’t come free. RA has a price tag starting at $35 for a single license that covers one client and one server. You can also purchase site, corporate, and help desk licenses.
Famatech’s site license costs $900 and covers an unlimited number of computers located at a single site. The company license covers up to 1,000 of your company’s computers and costs $4,500. Famatech’s help desk license allows you to purchase server-only versions of RA to access computers that may not be directly owned by your company. This can be a good choice for consulting agencies that need to access client sites. Help desk licenses cost up to $15, but Famatech will calculate a customized price based on your company’s situation.
You can obtain RA by downloading it from Famatech’s Web site. Famatech provides a 30-day evaluation version that’s fully functional. That way, you can kick RA’s tires a bit to make sure it’s for you before investing in the product.
Installing and using RA
Download the evaluation version to a temporary directory on your administration workstation. It’s only 1.3 MB, so it won’t take that long to download. Extract the radmin21.zip file that contains RA’s installation file. You’ll then see three files: a Readme file, an ID file that doesn’t really do much, and Radmin21.exe, which is RA’s installation file.
RA only runs on computers running Windows 9x, NT, 2000, or XP. Make sure you’ve installed TCP/IP on the computers with which you’ll be accessing RA. RA can run on as little as 8 MB of memory on a 386-based workstation if the workstation runs Windows 95. If you’re installing RA on an NT-based server, you must have Service Pack 4 or later installed on the server.
If you plan to install the RA as a service on remote servers, you must first uninstall remote access programs that use a video hook driver. If you don’t, RA’s video hook driver can conflict with the video hook driver of the other program, causing a system crash. Programs you’ll have to remove include PC Anywhere, LapLink, Timbuktu, and SMS. You’ll also have to remove NetMeeting, because NetMeeting’s driver can also conflict with RA.
In order to remotely administer a server, you must do at least two installations of RA: one on the server you’ll be administering and one on the administration workstation you’ll be using to attach to that server.
To install RA, double-click on the Radmin21.exe file. RA’s Setup program works like most Windows programs. There are only a few things you’ll encounter during installation that you should watch for. For example, during the installation of this product, Setup will give you the option to run RA as a system service. I prefer to run RA as a service on the computer you want to remotely administer. This ensures that RA stays active even when no one is logged on to the server.
When you configure RA to run as a service, Setup will also ask you to choose an authentication method. RA has two methods to handle this. First, you can configure RA to use a general password that everyone who connects to the machine will use. Or, second, you can configure RA to use authentication passed from the connecting workstation.
Each method has its pros and cons. Setting up a general connection password is easier, but it is also less secure. Using the Windows pass-through authentication requires a little more up-front planning and the creation of user accounts on the managed server, but users will not be required to authenticate as long as the password on the server matches the local workstation password.
In either case, the network traffic between the client and the remote machine uses 128-bit strong encryption. Also note that only members of the Administrators group on the remote machine will have the ability to remotely manage it. That way, rogue users who try to download their own copies of RA won’t be able to access your server and wreak havoc on it behind your back.
After you install RA on the server, the server still will go about its daily routine, but it will also be prepared for an incoming RA connection. To make the connection from the managing workstation, choose Start | Program Files | Remote Administrator v2.1 | Remote Administrator Viewer. If you are using the demo version, you’ll see a splash screen that you’ll have to click past to continue.
Once you are inside the program, an empty window with a menu and toolbar is displayed, as shown in Figure A. Using the viewer program you can connect to remote servers that are running the RA server.
|The RA Viewer has a very simple window layout.|
To connect to an RA server, select Connect To from the Connection menu. When you do, you’ll see the screen shown in Figure B. Choices on this screen include:
- IP Address Or DNS Name: You’ll enter the name or IP address of the remote server you want to connect to in this field.
- Port: This field is where you enter the TCP port used to make the TCP/IP connection. If you want to use a port other than the default, you’ll enter it here.
- Use Default Port: Remote Administrator uses port 4899 by default. This can be changed to something else for an extra layer of security. To change it, uncheck this box and enter the desired port in the box above.
- Connect Through Host: While it looks simple, this can be a very powerful option that can also allow control of servers that would otherwise not be accessible from outside the organization. Using this option, a central server could be deployed that acts as nothing more than a management station for the other servers in the enterprise.
- Full Control: This is exactly what it sounds like and allows full remote control of the managed server.
- View Only: This option allows a remote administrator to view what is happening on the remote machine. This can be useful in help desk scenarios where the help desk wants the user to actually perform a task and the help desk is only going to act as an observer.
- Telnet: This option allows an administrator to telnet to the remote machine. This is not supported on remote Windows 95, 98, and Me machines, but it does work with Windows 2000 and XP, assuming that the Telnet service is enabled on those machines. This is also useful for connecting to UNIX hosts.
- File Transfer: Instead of connecting to the remote machine and controlling it, this option allows the transfer of files between the host and the client. This is similar to PC Anywhere’s file transfer feature.
- Shutdown: This allows a client computer to shut down, restart, hard power down, or log off the user on the remote system.
- Add To Connection List: This choice forces RA to keep the entered information for a future connection.
|Select Connect To from the Connection menu to access a remote server.|
After you’ve entered the information in the Connect To dialog box, click Connect. Once the connection is completed, the remote server’s desktop will be presented, appearing exactly as if you’re sitting right in front of the server.
After you connect to the remote server, you can change such things as the color depth of the display. This is useful if your workstation is running at different color depth than the remote server, such as when you have 256 colors on your workstation and 32,000 colors on the remote server. You can also copy the clipboard from the remote server to your workstation using the RA menu at the top left-hand corner of the screen.
From the RA menu, you can change the view of the remote server as follows:
- Normal: RA runs within a window on your workstation, appearing as a regular Windows program.
- Full screen: Makes the remote server’s desktop expand to fill your entire workstation’s screen.
- Stretch: Allows dynamic resizing of the window to take place.
RA allows you to send a [Ctrl][Alt][Del] key combination to the server to enable such options as the Task Manager or to log on to the system. To exit a session, just click the close button in the upper right-hand corner of the window.
Personally, I find RA’s ability to transfer files to be one of its best and most useful features. I have been in more than one situation where I have needed to send a file to a remote server and have been unable to when I was using either VNC or Terminal Services. Before you can use this option, you must assign the right to transfer a file. By default, this right is not assigned to anyone.
To change this option, you must log in to a session to the remote server, choose Start | Programs | Remote Administrator v2.1 | Settings for Remote Administrator Server. Click the Set Password button. When the Password For Remote Administrator Server screen appears, make sure Enable NT Security is checked and then click the Permissions button. You’ll then see the Registered Users screen appear as shown in Figure C.
|To transfer files, you must set permissions for access.|
For this example, I have given the Administrators group the All Access right. This right grants members of the Administrators group full rights to the remote server. To add individual users, use the Add button and assign appropriate rights.
After you’ve given the rights to transfer files, you can start a file transfer session by right-clicking the remote system’s icon on the client and choosing File Transfer.
The file transfer window is also very straightforward, showing two panes: one for the local client machine and one for the remote system. Transferring a file is as simple as dragging and dropping it in either direction. For example, to transfer a file from the Administrator’s desktop on the remote server to the local client’s C: drive, simply locate the file, click and hold it, and drag it to the C: drive icon in the local pane, as shown in Figure D.
|RA allows you to transfer files to and from a remote server.|
To end a file transfer session, simply close the window. You can have both a file transfer session as well as a remote control session operating simultaneously.
RA is an excellent, very inexpensive choice for remote management of servers and client workstations. At $35 per license with discounts offered for corporate purchases, it is well worth the price, especially when compared to other commercial packages such as PC Anywhere. For a Windows-only solution to the remote management problem that has plagued Windows since Windows NT 3.1 came out, you’d do well to add RA to your remote management toolkit.