amestecate

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Friday, July 9, 2010

Silent deploying RealVNC. Free Installation And Administration In A Computer Network

Posted on 9:41 PM by Unknown
In a network based on Microsoft operating systems, administrators need sometimes that besides Remote Desktop tool offered by the manufacturer that allows remote access on any network computer station to use other access tools to allow them to interact with user because Remote Desktop block user access as long the administrator access remote that station. I know there is a tool provided by the manufacturer that require an email account on Hotmail or MSN based on launch and acceptance of invitations but it allows the user to determine the level of interaction with the managed station.
Thus appeared free tools which gives administrator the ability to establish rules for remote access and interact with the user directly on the working environment it works. In this way the administrator can view real-time event on a station or applications that a user may complain that not working properly. Often these solutions are used by consulting software firms as teaching tools, and user can view certain steps to be followed for operation of installed applications.
Among the most popular remote access solutions:
- TeamViewer - http://www.teamviewer.com/download/ - developed by TeamViewer GmbH
- RealVNC - http://www.realvnc.com/products/download.html - developed by RealVNC Ltd.
- UltraVNC - http://www.uvnc.com/download/ - developed under a free project by UltraVNC
- TightVNC - http://www.tightvnc.com/download.php - developed by TightVNC Group
Although some of the solutions may be easier to solve what I will present in this solution, I was stopped at the free version of RealVNC solution given the high degree of its use in different networks.
Because the free version of RealVNC application does not allow remote installation of the product on network stations or its management, I will present how you can install and manage free (without using other software with money) a free version of RealVNC product.
You must install the program on an independent station.
I chose version 4.1.2 from this location http://realvnc.brothersoft.com/download/RealVNC-4.1.-2.exe
After installing the program, performs the following steps:

01.Set a password for remote access station (eg. P@ssw0rd)
VNC Password Authentication/Configure

02.On the station which we performed program installation, call your system registry to view keys added to it.
Start/Run/regedit
My Computer\HKEY_LOCAL_MACHINE\SOFTWARE\RealVNC\WinVNC4
and record the key Password (31 7c 13 dd b5 44 c6 c7) - here the input string corresponding to the password (P@ssw0rd) introduced after installing the program.

03.Create a batch file VNCPdel.bat:
(We will use it to delete records from the registry if the program was already installed)
@ECHO OFF
REG DELETE HKLM\Software\RealVNC\WinVNC4 /v Password /f
REG DELETE HKLM\Software\RealVNC\ WinVNC4 /v QueryConnect /f
REG DELETE HKLM\Software\RealVNC\ WinVNC4 /v QueryOnlyIfLoggedOn /f
REG DELETE HKLM\Software\RealVNC\ WinVNC4 /v ReverseSecurityTypes /f
REG DELETE HKLM\Software\RealVNC\ WinVNC4 /v SecurityTypes /f
CLS

04.Create a batch file VNCPadd.bat:
(We will use it to add the program registry keys on the station that we installed the product)
@ECHO OFF
REG ADD HKLM\Software\RealVNC\WinVNC4 /v Password /t REG_BINARY /d 317c13ddb544c6c7 /f
REG ADD HKLM\Software\RealVNC\WinVNC4 /v QueryConnect /t REG_DWORD /d 0 /f
REG ADD HKLM\Software\RealVNC\WinVNC4 /v QueryOnlyIfLoggedOn /t REG_DWORD /d 0 /f
REG ADD HKLM\Software\RealVNC\WinVNC4 /v ReverseSecurityTypes /t REG_SZ /d none /f
REG ADD HKLM\Software\RealVNC\WinVNC4 /v SecurityTypes / t REG_SZ /d VncAuth /f
CLS

05.Create a batch file VNCPkey.bat:
(We will use it to create a service "VNC Server Version 4" on the station that we installed the product)
@ECHO OFF
C:\Progra~1\RealVNC\VNC4\winvnc4.exe -noconsole -register
CLS

06.Create a batch file VNCPdw.bat:
(We will use it to stop the service on stations that program was installed)
@ECHO OFF
net stop "VNC Server Version 4"
CLS

07.Create a batch file VNCPup.bat:
(We will use it to start the service on stations that will install the program)
@ECHO OFF
net start "VNC Server Version 4"
CLS

08.Because some commands can be executed only with the administrator rights, we use free software developed by Robotronic Runasspc which allows, indeed even its encryption.
Download the package Runasspc produced by Robotronic from this location: http://robotronic.de/runasspc/runasspcEn.zip

09.Because batch files with .bat extension was transmitted in clear over the network, we will compile into executable files using the Bat2Exe program that can be downloaded from this location: http://www.f2ko.de/downloads/Bat_To_Exe_Converter.zip
This is extremely intuitive to use. We compile the previously .bat files into .exe files.

10.To hide trayicon, we use an executable recompiled of winvnc4.exe.
From this location will be download the executable winvnc4.exe-secret: http://www.jankratochvil.net/project/winvnc/vnc-4_1_2-x86_win32-winvnc4.exe-SECRET.zip and will change the extension to .exe

11.On a workstation or network server we create a shared location RealVNC and Tools location.

12.In shared location copy the following:
- in \\IP shared station\RealVNC\ we will copy the contents of the folder C:\Program Files\RealVNC\
- in \\IP shared station\RealVNC\VNC4\ we will copy the file winvnc4.exe recompiled downloaded in section 10
- in \\IP shared station\Tools\ we will copy the files: runasspc.exe, VNCPadd.exe, VNCPdel.exe, VNCPdw.bat, VNCPkey.exe, VNCPrem.exe, VNCPup.bat.
(.exe files are the result of compilation above)

13.We create RealVNC.bat file that will make all connections between them.
@ECHO OFF
IF EXIST C:\Progra~1\RealVNC\VNC4\ (
C:
CD \
CD C:\Progra~1\
RD Tools /S /Q
MD Tools
xcopy /q /z /y \\\IP shared station\\Tools C:\Progra~1\Tools\
C:\Progra~1\Tools\runasspc /program:"C:\Progra~1\Tools\VNCPdw.bat" /domain:"localhost" /user:"Administrator" /password:"local Administrator password" /quiet
RD RealVNC /S /Q
CLS
xcopy /q /z /y \\IP shared station\RealVNC\VNC4 C:\Progra~1\RealVNC\VNC4\
C:\Progra~1\Tools\runasspc /program:"C:\Progra~1\Tools\VNCPdel.exe" /domain:"localhost" /user:"Administrator" /password:"local Administrator password" /quiet
C:\Progra~1\Tools\runasspc /program:"C:\Progra~1\Tools\VNCPadd.exe" /domain:"localhost" /user:"Administrator" /password:"local Administrator password" /quiet
C:\Progra~1\Tools\runasspc /program:"C:\Progra~1\Tools\VNCPup.bat" /domain:"localhost" /user:"Administrator" /password:"local Administrator password" /quiet
CD \
CLS
) ELSE (
C:
CD \
CD C:\Progra~1\
MD Tools
xcopy /q /z /y \\IP shared station\Tools C:\Progra~1\Tools\
MD RealVNC
CD RealVNC
MD VNC4
xcopy /q /z /y \\IP shared station\RealVNC\VNC4 C:\Progra~1\RealVNC\VNC4\
C:\Progra~1\Tools\runasspc /program:"C:\Progra~1\Tools\VNCPkey.exe" /domain:"localhost" /user:"Administrator" /password:"local Administrator password" /quiet
C:\Progra~1\Tools\runasspc /program:"C:\Progra~1\Tools\VNCPadd.exe" /domain:"localhost" /user:"Administrator" /password:"local Administrator password" /quiet
C:\Progra~1\Tools\runasspc /program:"C:\Progra~1\Tools\VNCPup.bat" /domain:"localhost" /user:"Administrator" /password:"local Administrator password" /quiet
CD \
CLS
)
\\IP shared station\Tools\VNCPrem.exe
CLS

Explanation for this .bat:
- Check existing previous program installation
- If it is installed, the service will stop "VNC Server Version 4", will be copied files from the \\IP shared station\Tools into a local created location C:\Program Files\Tools\, will be removed existing program files from C:\Program Files\RealVNC\, will be copied fom the location specified in \\IP shared station\RealVNC\VNC4 in the local location C:\Program Files\RealVNC\VNC4\. From the registry will be deleted existing keys and will be created new ones, and then restart the "VNC Server Version 4" service.
- If it is not installed, will be created local folders C:\Program Files\RealVNC\ and C:\Program Files\RealVNC\VNC4\, will be copied all files from the \\IP shared station\Tools in a local created location C:\Program Files\Tools\, will be copied all files from the location \\IP shared station\RealVNC\VNC4 in the local location C:\Program Files\RealVNC\VNC4\. Will be created a local service called "VNC Server Version 4", will be created registry keys associated with desired application and then will be started "VNC Server Version 4" service.
- Will be deleted the local content and location C:\Program Files\Tools\.

14. Create the policy called "RealVNC Policy" which will contain:
a. Computer Configuration/Policies/Windows Settings/Security Settings/File System and we will add
-%ProgramFiles%\RealVNC
-%ProgramFiles%\Tools
on which we will give full rights to Authenticated Users
b. Computer Configuration/Policies/Windows Settings/Security Settings/System Services/ and we will add WinVNC4 service and will specify to start automatically and give full rights to Authenticated on this service.
c. User Configuration/Policies/Windows Settings/Scripts/Logon
where we copy the batch file RealVNC.bat created earlier.

15.We apply group policy for computers that we want to install this application.

16.To have the same local administrator password for all stations in the network, you can create a file AdminPwd.bat like:
@ECHO OFF
C:\WINDOWS\system32\net user administrator [password of your choice]
C:\WINNT\system32\net user administrator [password of your choice]
CLS

and will create a new policy "Local Admin Password"
Computer Configuration/Policies/Windows Settings/Scripts/Logon where we copy the file AdminPwd.bat

After achieving its purpose, you can disable these policies or re-apply to another group as needed.

With the help of SmartCode VNC Manager (Enterprise Edition) I could only view PCs where RealVNC was installed and remote password reset. The remote installation failed, and I was forced to use the solution presented above.In addition to install and manage remotely using SmatCode application must be activated on each network station DCOM service that requiring a new policy "DCOM Settings" which should include:
a. Computer Configuration/Policies/Windows Settings/Security Settings/Local Policies/Security Option
- DCOM: Machine Access Restrictions in Security Descriptor Definition Language
by adding the Everyone group and SYSTEM access rights locally and remotely by activating the "Edit Security .."
- DCOM: Machine Launch Restrictions in Security Descriptor Definition Language
by adding the Everyone group and SYSTEM rights to launch and activate local and remote by activating the "Edit Security .."
b. Computer Configuration / Policies / Windows Settings / Security Settings / System Services / DCOM Server Process Launcher
- Automatic startup - no additional settings
Great care with this policy "DCOM Settings"! Once activated on the network stations it will override existing security permissions.

If you want to change your password again, it will be created a different locally password, read its value from the registry and the file will be changed with the corresponding value in VNCPadd.bat as shown in Section 3 and 4 and we will compile the file again, following as VNCPadd.exe to be copied over in \\IP shared station\Tools\. Of course not all content will be necessary in RealVNC.bat file and not all .exe files created earlier.
a. VNCPdel1.bat will be:
@ECHO OFF
REG DELETE HKLM\Software\RealVNC\WinVNC4 /v Password /f
CLS

b. VNCPadd1.bat will be:
@ECHO OFF
REG ADD HKLM\Software\RealVNC\WinVNC4 /v Password /t REG_BINARY /d 89D58D7D0F5E5C23 /f
CLS

corresponding character string of "Remote13" password readed from the registry in accordance with item 2

c. RemoteVNC1.bat will be as follows:
@ECHO OFF
C:
CD \
CD C:\Progra~1\
RD Tools /S /Q
MD Tools
xcopy /q /z /y \\IP shared station\Tools C:\Progra~1\Tools\
C:\Progra~1\Tools\runasspc /program:"C:\Progra~1\Tools\VNCPdw.bat" /domain:"localhost" /user:"Administrator" /password:"local Administrator password" /quiet
C:\Progra~1\Tools\runasspc /program:"C:\Progra~1\Tools\VNCPdel.exe" /domain:"localhost" /user:"Administrator" /password:"local Administrator password" /quiet
C:\Progra~1\Tools\runasspc /program:"C:\Progra~1\Tools\VNCPadd.exe" /domain:"localhost" /user:"Administrator" /password:"local Administrator password" /quiet
C:\Progra~1\Tools\runasspc /program:"C:\Progra~1\Tools\VNCPup.bat" /domain:"localhost" /user:"Administrator" /password:"local Administrator password" /quiet
\\IP shared station\Tools\VNCPrem.exe
CD \
CLS

in the Tools folder must exist following files: runasspc.exe, VNCPadd1.exe, VNCPdel1.exe, VNCPdw.bat, VNCPrem.exe, VNCPup.bat.

In the same way you can install any free application on network PCs always looking at:
- Location where application was installed
- Files to be installed
- Registry keys and their value

Good luck!
Read More
Posted in Tehnic | No comments

Sunday, July 4, 2010

Silent Uninstalling/Removing AVG 8.xx over the network

Posted on 7:50 PM by Unknown
For six years I have used in my company computer network product offered by Symnatec, AntiVirus Corporate version 7.5, 8.0, 9.0, 10.0 and finally 11.0 Enpoint Protection.
Since late last year more than 200 stations in the network were infected with Brontok virus whose signature was not recognized at all Symantec product although it was a version dated 2005, creating big problems on infected computers, we decided not to prolong acquisition Symantec product which for us was a big disappointment and purchase another more efficient AntiVirus suite.
So we decided to install the freeware version of AVG 8.xx product on all affected stations until the new AntiVirus suite was to be acquired
All well and good until we purchase the new product which could not uninstall AVG product on network stations.
About a week searching the Internet and on various forums to a solution, I created an own method for automatic silent removal by all stations AVG product that requires no user interaction.
Since AVG does not offer support for freeware versions, we found the tool AVG8_Kleaner produced by Kaspersky Lab as automatic removal of the product succeeded only problem is that network users don't have permissions to install and uninstall software on workstations.
Because Microsoft created runas command but without the possibility writing password on the command line, I found a product file called Runasspc free developed by Robotronic that allow to specify the password, even it's encryption.
Next I present the steps to be followed:

1. Download AVG8_Kleaner produced by Kaspersky Lab from the following location:
http://download857.mediafire.com/dt1yve1munqg/yjjvjjmorxo/AVG8_Kleaner.exe
or archived version:
http://support.kaspersky.com/downloads/products2009/avg8.zip

2.Download package Runasspc produced by Robotronic Runasspc from the following location:
http://robotronic.de/runasspc/runasspcEn.zip

3.On a network station or a network server create a shared location for Everyone called AVGREM
In a subfolder of AVGREM called PROG will copy the files unpacked
- AVG8_Kleaner.exe
- Runasspc.exe
and in another subfolderof AVGREM called TXT we place a text file AVGREM.txt with the following message:
"AVG product was successfully uninstalled! "

4. Create a batch file called AVGREM.bat that contain the following lines:
@ECHO OFF
IF NOT EXIST C:\AVGREM (
C:
CD \
MD AVGREM
copy \\"shared location"\avgrem\prog\*.* C:\avgrem
C:\AVGREM\runasspc /program:"C:\AVGREM\avgrem.exe" /domain:"localhost" /user:"Administrator" /password:"local Administrator password-between quotas" /quiet
CLS
) ELSE (
C:
CD AVGREM
DEL C:\AVGREM\avgrem.exe
DEL C:\AVGREM\runasspc.exe
copy \\"shared location"\avgrem\txt\avgrem.txt C:\avgrem
CD \
RD /S /Q C:\$AVG
RD /S /Q C:\$AVG8.VAULT$
RD /S /Q C:\Program Files\AVG
CD \
CLS
)

5. On the domain controller create a new policy called AVG Remover that contain:
a. Computer Configuration / Policies / Windows Settings / Security Settings / File System and we will add the following folders:
-% ProgramFiles%\AVG
-% SystemDrive%\$ AVG
-% SystemDrive%\$AVG8.VAULT$
-% SystemDrive%\AVGREM
and give Users full control
b. User Configuration / Policies / Windows Settings / Scripsts / Logon
where we copy the batch file created earlier AVGREM.bat

6. Enable policy in the domain or group of computers on which you wish to uninstall.
At first user logon will be uninstalled AVG product, the user is prompted by the need to restart your computer after uninstallation.

At the next user logon will be erased files and folders used for removal left sterile after uninstall.
The program Runasspc can encrypt the password too! (you can read how to make that in program documentation)

Read More
Posted in Tehnic | No comments
Newer Posts Older Posts Home
Subscribe to: Posts (Atom)

Popular Posts

  • In viata trebuie sa fii persuasiv
    Persuasivitatea , asa cum este explicata si in DEX inseamna “Care urmărește sau are darul să convingă pe cineva să creadă, să gândească sau ...
  • Şefia...transformare şi efemeritate
    Exemplu de organigramă la o societate de stat (şi eu sunt pe acolo...dar nu mă văd de atâta găinaţ) Mulţi dintre cei ajunşi în posturi de ...
  • Silent Uninstalling/Removing AVG 8.xx over the network
    For six years I have used in my company computer network product offered by Symnatec, AntiVirus Corporate version 7.5, 8.0, 9.0, 10.0 and fi...
  • Ce este fericirea pentru noi? Ce ne face fericiti? Exista in viata fericirea sau e doar un vis?
    Cu siguranta toti, la un moment dat, ne-am intrebat ce este fericirea... Si totusi, toti cunoastem notiunea de „fericire”, toti o simtim, da...
  • Queen - Live At Wembley 1986
    Queen - formata in 1971 in Londra, Anglia Perioada de activitate: 1971 - 1995. Membri : Freddie Mercury - voce, pian, Brian May - chitara,...
  • Increderea si limitele acesteia.
    " Ai incredere in tine insuti. Perceptiile tale sunt mai precise decat esti dispus sa crezi... " (Claudia Lee Black) Acest subiect...
  • Despre relationare si socializare
        Astazi ascultand Kiss-FM si tema zilei propusa pentru dezbatere "De ce apar certuri intr-un cuplu?" m-am amuzat teribil la tot...
  • Măsurile anticriză ce amplifică criza!
    Urmărind zilele acestea desele anunţuri difuzate pe toate posturile de televiziune privind scumpirile începutului de an, am realizat ca la n...
  • Reinoiti-va contractele sau luati cartele telefonice
    Scriu acest post deoarece foarte multe persoane cunoscute de-ale mele nu stiu de noile tipuri de abonamente telefonice sau de avantajul cart...
  • Katie Melua - Piece By Piece (live concert)
    Acest concert se poate descarca din urmatoarea locatie: http://torrents.thepiratebay.org/6367042/Katie_Melua_Piece_by_Piece_(Concert)_TBS.63...

Categories

  • Actiuni
  • Blogging
  • Evenimente
  • Felicitari
  • Ganduri
  • Impresii
  • Literar
  • Muzica
  • Noutati
  • Senzational
  • Tehnic

Blog Archive

  • ►  2012 (23)
    • ►  June (1)
    • ►  April (1)
    • ►  March (3)
    • ►  February (3)
    • ►  January (15)
  • ►  2011 (7)
    • ►  December (5)
    • ►  November (1)
    • ►  April (1)
  • ▼  2010 (41)
    • ►  December (3)
    • ▼  July (2)
      • Silent deploying RealVNC. Free Installation And Ad...
      • Silent Uninstalling/Removing AVG 8.xx over the net...
    • ►  May (3)
    • ►  April (7)
    • ►  March (3)
    • ►  February (4)
    • ►  January (19)
  • ►  2009 (2)
    • ►  December (2)
Powered by Blogger.

About Me

Unknown
View my complete profile