Configuring the Remote Desktop Application
You can customize the Remote Desktop toolbar as you do the toolbars in Finder windows in Mac OS X—to provide easy access to the commands that you routinely use. To do so, select Customize Toolbar from the Window menu. You can then drag many of the Remote Desktop commands into the toolbar in the same way that you would customize the Finder toolbar in Mac OS X. By default, the toolbar contains the Observe, Control, Curtain, Copy, Install Packages, Send Unix Command, New Report, and Spotlight Search commands. It also includes a search box that can be used to locate specific computers or tasks in the main window.
You can also use the Remote Desktop preferences dialog box to customize the application further. To do so, select Preferences from the Remote Desktop menu. The preferences dialog box contains six panes: General, Observe & Control, Task Server, Label, and Security.
The General tab enables you to configure what Remote Desktop does when you double-click a computer, whether to show idle time as part of a computer’s status, whether to accept message requests from users, and whether to confirm success of drag-and-drop copying to computers. It also allows you to enable or disable various warning messages and change the license number/type of Remote Desktop.
Observe & Control, which we’ll discuss in more detail in the next article of this series, enables you to determine how observed workstations are displayed and interacted with.
Task Server enables you to designate that the computer running Remote Desktop should or should not be a network task server. To allow other computers to use it as a task server, you must select the Allow Remote Connections To This Server checkbox. If you choose not to use this computer as a task server, you need to select the Use Remote Task Server radio button and enter the address of the task server you want to use (you can also drag a computer from the main Remote Desktop window onto the text field to select it as a task server). You also can use this tab to specify how computers are to interact with the task server with regards to report data collection and change the default reporting policies (which we’ll cover in Part 3 of this series).
The Labels pane enables you to specify label colors and names for Remote Desktop. You can label computers in Remote Desktop the same way you label folders in the Finder or email messages in Apple’s Mail application. This can help you easily locate computers in large computer lists.
The Tasks pane enables you to specify how Remote Desktop responds to tasks that you issue to computers. This includes whether the focus of the application is always placed on actively running tasks, whether to use a task notification script (and for how long), and how many tasks remain in the task history in the sidebar.
The Security pane (shown in Figure 4) enables you to control a number of security aspects. Its first feature enables you to determine whether or not the computer running the Remote Desktop application can be controlled by another computer that is running Remote Desktop. When checked, this piggy-backed approach is allowed. This may be needed, for example, if you install Remote Desktop on a server for use as a task server and want to change the settings (particularly if the server is an Xserve without a monitor). However, for computers used solely for remote administration, it reduces the security and privacy of those computers.
Figure 4 Remote Desktop Security pane
The next two options enable you to encrypt all files that are copied to remote computers and all installer packages that are sent to remote computers for installation. If you ever copy files that contain sensitive information (such as student grades, personnel reviews, or installer packages that contain user or password information), you should check these to be certain that that information is kept secure.
The fourth option lets you determine how much Remote Desktop’s interaction with remote computers is encrypted. You can choose to encrypt only passwords and keystrokes or encrypt all traffic between computers. Encrypting all data ensures that messages, Unix commands, system settings, and other remote administration commands and features cannot be viewed by users on the network. It provides much higher security, but can cause interaction to be slower and commands to take longer to process. Encrypting only keystrokes and passwords ensures that when information is transmitted while observing or controlling a computer is secure, but not other administrative commands.
The largest section of the Security pane enables you to require that anyone who launches the Remote Desktop application be using an account that has local administrator access to the computer on which it is running. This supersedes the Remote Desktop privileges that the user has on remote workstations, which can be helpful to ensure that only authorized users of Remote Desktop can access features, even if someone else can log in at the workstation. If you choose to use this feature, you can choose to restrict which Remote Desktop privileges nonadministrator users are allowed to access. This can also allow granularly restricted access to certain functions when using network user accounts for Remote Desktop authentication.
Finally, you can use the Change Remote Desktop password button at the bottom of the pane to change the Remote Desktop password for the computer.