One of Windows XP’s potentially most useful new features is Remote Assistance. This feature is particularly suited for help desk personnel on a corporate network because it allows them to view users’ desktops and take control remotely to perform troubleshooting tasks and resolve problems. Home users can use the feature to allow a more technically knowledgeable friend to provide assistance across the Internet. Remote Assistance works over a LAN or WAN and is supported by both Windows XP Home and Professional Editions.

In this Daily Drill Down, you’ll learn how to deploy, configure, and use this new XP feature to make the whole process easier for both those who provide technical support and those who need assistance.

Remote Assistance: What it is and what it isn’t

The Remote Assistance feature is new to XP, but it’s based on a technology that has been around for quite a while.


Planning for deployment of Remote Assistance
Consider several issues before deploying Remote Assistance, including system and configuration requirements and understanding the available modes and options.

System and configuration requirements
The following requirements must be met to use Remote Assistance:

  • ·        Both computers must be running XP Home or Pro, or .NET Server.
  • ·        If the user is using XP Home Edition, he or she must be logged on with an Owner account.
  • ·        To request assistance, the user must have Outlook, Outlook Express, or Windows Messenger installed or have another way, such as IM, to transfer a file to the helper.


If you’re on a LAN, the firewall configuration might prevent you from using Remote Assistance. Remote Assistance uses the same port as Terminal Services (3389); you may need to have an administrator open that port for you.

Remote Assistance options

Figure A
On the user’s computer, make sure that Allow Remote Assistance Invitations To Be Sent From This Computer is selected.

Remote Assistance options can be configured on the user’s computer via the Control Panel | System Properties | Remote tab, shown in Figure A.

Figure B

Clicking the Advanced button gives you a few more options, as shown in Figure B.

By default, Remote Assistance is configured to allow helpers to view the desktop but not control it. To allow the helper to take control, select the Allow This Computer To Be Controlled Remotely check box in the Advanced settings. You can also specify a maximum number of minutes, hours, or days that your invitations to assist will remain open. The default setting is 30 days; the maximum is 99 days.

Remote Assistance modes
A helper can assist a user in one of two modes:

  • ·        View Only: The helper can connect to the user’s desktop and see everything being done in a terminal window but can’t do anything (open or close programs, move items, perform actions on the computer, etc.).
  • ·        Remote Control: The helper can perform tasks on the user’s computer as if he or she were sitting at it locally.

See the previous section for instructions on allowing Remote Control. If you attempt to take control of an XP computer that is set to the defaults (Remote Control disabled), you’ll see a message box advising that Remote Control is not allowed. If Remote Control is enabled, you’ll see the message shown in Figure C.

Figure C
You can take control of a user’s computer if it’s configured to allow Remote Control.

Security issues
Remote Assistance, like any other service that opens a computer to access across a network, can present a security risk if improperly configured.

Microsoft has built-in security safeguards; for example, when a helper offers to assist a user, the user will be required to give permission before the helper can connect to his or her computer. When a user sends a request for assistance, it’s encrypted using public key technology and sent using XML. Users can configure settings for more security, such as using passwords to protect assistance invitations.

If you’re in a high-security environment in which very sensitive data is stored on your computer or on the network, your organization’s policies may require that Remote Assistance be disabled.

Setting invitations to expire
When users send invitations to helpers to assist them, they can increase security by configuring the invitations to expire in a specified time period. The default setting is one hour.

Using password protection
When users send invitations, they can require that the helper enter a password before being allowed to connect to their computers. This should always be a secure password. I’ll illustrate the process of setting a password in the section titled Requesting Remote Assistance.


The password you specify will not appear in the text of the invitation. You must inform the recipient of the password in some other manner.


Taking back control and disconnecting a Remote Assistant
If a user has granted the helper permission to remotely control the computer, the user can end the Remote Control by either clicking Stop in the chat window or pressing [Esc]. This stops the helper from controlling the computer, but he or she will still be able to view the user’s desktop and chat or talk with the user.

The user can also disconnect the remote helper entirely by clicking the Disconnect button in the Remote Assistance window, shown in Figure D.

Figure D
The user disconnects the remote helper by clicking the Disconnect button.

Requesting Remote Assistance
A Remote Assistance session can be initiated in two ways. Either the user can send a request, or the helper can send an offer. The first is the more common method. When a user needs help, he or she can request Remote Assistance by sending an invitation to a helper/administrator.

Figure E
A user can ask for assistance using the XP Help And Support Center.

To request assistance, the user opens the Help And Support Center from the Start menu and, under the Ask For Assistance section, clicks Invite A Friend To Connect To Your Computer With Remote Assistance, as shown in Figure E.

Figure F

The user sends the request in one of three ways:

  • ·        Windows Messenger
  • ·        E-mail
  • ·        By saving the invitation as a file and transferring it to the helper (see Figure F).

Sending invitations via Windows Messenger
If the user chooses to send the invitation via Windows Messenger, both the user and helper must be using Windows Messenger Service. Both will be prompted to log on to the service using .NET passport accounts.


If you already have Windows Messenger open and online for sending instant messages, you can click the Tools menu and select Ask For Remote Assistance instead of going through the Help And Support Center.

Sending invitations via e-mail

Figure G
You can set expiration and password protections on an e-mailed request.

If one or both parties don’t use Windows Messenger, the easiest way to request assistance is via an e-mail invitation. When the user selects this method, he or she will need to type in the helper’s e-mail address. Then the E-mail An Invitation wizard will appear, as shown in Figure G.

Figure H
The helper will receive the e-mailed invitation with an attachment.

The e-mailed invitation will include an attachment. When opened, the attachment will contain a button the helper can click to connect to the user’s computer. An example of an e-mail invitation appears in Figure H.

Sending invitations as saved files
In addition to using Windows Messenger or e-mailing the Remote Assistance request, users can save the request as a file and transfer it across the network to the helper by placing it in a shared folder to which the helper has access, or manually attaching it to an e-mail message, for example.


With Web-based e-mail, such as Hotmail, users will need to save the assistance request as a file and then e-mail it as an attachment.

Figure I
The .msrcincident file contains a dialog box that allows the helper to connect to the user’s computer.

When users select this option, by default the file is saved in their My Documents folder, with the .msrcincident extension. The helper can open the file by accessing it and double-clicking it (and entering the password, if the user has set one). When the helper opens the file, a dialog box similar to the one in Figure I will be displayed.

Offering Remote Assistance
In a corporate environment, it may be desirable for the tech support personnel to initiate Remote Assistance sessions. Several additional requirements exist for offering assistance that don’t apply to user-initiated requests:

  • ·        Both computers must be in the same Windows domain.
  • ·        The helper must have administrative privileges.
  • ·        The helper must know the computer name or IP address of the machine for which assistance is being offered.
  • ·        The user’s computer must be configured to receive Remote Assistance offers.

Configuring the user’s computer to receive offers
By default, XP computers aren’t configured to receive Remote Assistance offers. You must edit the local group policy to enable receipt of offers. To do so, follow these steps:

  1. 1.      Open the Group Policy console by selecting Start | Run and typing gpedit.msc.
  2. 2.      In the Group Policy MMC’s left console pane, expand the Computer Configuration node, expand the Administrative Templates subnode, double-click System, and then double-click Remote Assistance.

Figure J
You must edit the local group policy to enable receipt of Remote Assistance offers.

  1. 3.      In the right details pane, double-click Offer Remote Assistance, as shown in Figure J.

Figure K
You must enable the policy before you can receive assistance offers.

  1. 4.      In the Offer Remote Assistance Properties box, select the Enabled radio button. Select whether to allow helpers to remotely control the computer or only view the desktop, using the drop-down box. Then click the Show button, as illustrated in Figure K.

Figure L
You must specify which users are allowed to initiate Remote Assistance offers.

  1. 5.      You can add users who are allowed to initiate Remote Assistance sessions in the Show Contents box, shown in Figure L.

Sending the offer
Once the user’s computer is configured to allow Remote Assistance offers, the helper can send an offer by clicking on Offer Remote Assistance in the Help And Support Center. The system displays a dialog box in which you can insert the IP address of the machine you want to connect to. Click Start Remote Assistance and follow the same procedure you would if a user had invited you to assist. The user will see a dialog box, as shown in Figure M.

Figure M
The user can choose whether to allow the helper to connect to the computer.

It’s important to note that the administrator cannot connect unless the user gives permission.

Connecting to and controlling the remote computer
Whether initiated by the user or the helper, once connected to the remote desktop, the session will begin in View Only mode.


To improve viewing, the helper can use the Actual Size or Scaled buttons, which appear in the status bar at the top of the terminal window when you’re connected, to improve viewing; the scaled size option allows you to see more of the user’s screen but in a reduced size.

View Only mode

Figure N
Type a message in the Message Entry field and click Send to chat.

In View Only mode, the helper can see the user’s desktop and any actions the user performs. The helper and user can chat by typing text messages in the Message Entry field and clicking Send, as shown in Figure N.

Figure O
You can use a voice connection to talk over the Internet.

To use voice communications, click the Start Talking button. The dialog box shown in Figure O will appear. Click Yes to talk. You may be prompted to configure your hardware at this time.


If you want to communicate by voice, both computers must have a full-duplex sound card or USB port, speaker, and microphone. A high-speed connection is desirable.

Taking control
If the user’s computer was configured in the Control Panel | System applet to allow Remote Control, the helper can take control by clicking Take Control at the top of the terminal window.

The user will see a dialog box asking him or her to give permission for the helper to take control. If the user clicks Yes, a message will appear announcing that control will now be shared, and both the user and helper can move the cursor and perform tasks on the user’s computer. Remember, though, that the user can revoke Remote Control or disconnect the helper at any time.

We’ve all been there. The user has a machine that keeps locking up and can’t really explain the problem over the phone. When you can’t be there to shoulder-surf someone having difficulty, Remote Assistance gives you a unique way to connect to and assist users. Remote Assistance is rich with features, including chat and voice communications, and allows View Only or Remote Control sessions. Sessions can be initiated either by users (using three different methods) or by helpers who have administrative privileges, if both computers are in the same domain and group policy on the user’s computer is properly configured.