VNC® Enterprise Edition User Guide
Chapter 1: Introducing VNC Enterprise Edition
What is VNC Enterprise Edition?
Getting VNC Enterprise Edition ready to use
VNC Enterprise Edition 4.5 connectivity
Chapter 2: Getting Started: Connecting A Client To A Host Computer
Step 1: Ensure VNC Server is running on the host computer
Step 2: Start VNC Viewer on the client computer
Step 3: Identify VNC Server on the host computer
Step 4: Select an encryption option
Step 5: Connect and authenticate to VNC Server
Configuring VNC Viewer before you connect
Connected: The VNC Viewer experience
Using the VNC Viewer shortcut menu
Using the VNC Viewer Properties dialog
Managing the current connection
Changing the appearance and behavior of VNC Viewer
Restricting access to functionality
Chapter 4: Connecting From A Web Browser
Connected: The VNC Viewer for Java experience
Working with VNC Viewer for Java
Chapter 5: Exchanging Information
Printing host computer files to a local printer
Transferring files between client and host computers
Copying and pasting text between client and host computers
Communicating securely using VNC Chat
Chapter 6: Setting Up VNC Server
Running multiple instances of VNC Server
Configuring network communications
Preventing connections to VNC Server
Restricting functionality for connected users
Authenticating connections to VNC Server
Relaxing the authentication rules
Bypassing the authentication rules
Preventing particular connections to VNC Server
Restricting functionality for particular connected users
Uniquely identifying VNC Server
Appendix A: Saving Connections
Saving connections to VNC Address Book
Using VNC Address Book to connect
Preventing particular connections to VNC Server
You can prevent particular users connecting to VNC Server. To do this, you can either:
• Prevent connections from particular client computers. See below for more information.
• Prevent particular users connecting. See Preventing particular users connecting for more information.
Note: You can prevent all users connecting to VNC Server. For more information, see Preventing connections to VNC Server.
Preventing connections from particular client computers
You can prevent all connections originating from one or more particular client computers by filtering the network addresses of those client computers.
Note: If you filter network addresses, IPv6 network addresses for the host computer become unavailable. A user cannot enter an IPv6 network address in order to connect to VNC Server (even from an authorized client computer).
To filter network addresses, open the VNC Server Properties dialog. For more information on this dialog, see Using the VNC Server Properties dialog. On the Connections tab, click the IP Filter button. The Configure IP Address Filtering dialog opens:
(Windows XP)
By default, connection requests are accepted from all client computers. To reject connection requests from a particular client computer, click the Add button. The Configure IP Address or Subnet dialog opens:
(Windows XP)
Enter the network address, or a range of addresses, in IPv4 format, and choose one of the following options:
Option |
Explanation |
|---|---|
Accept the connection |
Accepts connection requests from the client computer(s). |
Reject the connection |
Rejects connection requests from the client computer(s). |
Ask the VNC Server user what to do |
Prompts a host computer user to either accept connection requests from the client computer(s), allow them ‘view only’ access, or reject requests. If no host computer user is present, connection requests are automatically rejected after 10 seconds. For more information on connection prompts, see Preventing particular users connecting. |
Note that if you filter network addresses, the order of rules in the Configure IP Address Filtering dialog is important. The first matching rule determines what happens to connection requests from a particular client computer. For example, if a rule rejecting a client computer is encountered before one accepting it, then all connection requests from that client computer will always be rejected. You can move rules in the dialog using the Up and Down arrows.
By default, the Default rule accepts connection requests from all client computers. You can change this so that it rejects or queries all connection requests instead. To do this, select the Default rule, and click the Edit button. You cannot move this rule in the dialog.
Preventing particular users connecting
You can prevent a particular user connecting by causing a connection prompt to appear on the host computer’s desktop:
(Windows XP)
A connection prompt enables a host computer user, if one is present, to either accept the connection request, allow ‘view only’ access to the host computer, or reject the request. If no host computer user is present, or if no response is received within ten seconds, then the connection request is automatically rejected. Note if you are setting up VNC Server on your own computer for remote access then enabling this feature may prevent you connecting.
Note that a user supplying credentials granting a Full set of VNC permissions is able to bypass connection prompts. A host computer user cannot prevent these users connecting by default. You can configure the Connect without accept/reject prompt permission to either permit other users to bypass connection prompts, or to submit all users, including users with Full VNC permissions, to them. For more information, see Customizing VNC permissions.
To cause connection prompts to appear, open the VNC Server Properties dialog. For more information on this dialog, see Using the VNC Server Properties dialog. On the Connections tab, turn on Prompt VNC Server user to approve connections:
(Windows XP)
Clearly, this feature is only useful if a host computer user is present.
Note: Under UNIX or Linux, for VNC Server in Virtual Mode, no host computer user is ‘present’. This feature is therefore only useful if at least one user is able to bypass connection prompts. Such a user can then accept or reject subsequent connection requests.
For VNC Server in Service Mode, if a host computer user is only likely to be intermittently present, you should also turn on Only prompt when there is a user logged on. This means connection prompts will only appear if a host computer user is logged on (and therefore likely to be present). If no host computer user is logged on, connection prompts will not appear. In these circumstances, all users are able to connect, though note they must then log on to the host computer in order to continue.