Apple Remote Desktop
Any administrator who has been in charge of multiple Macs knows the repetitive chore of installing and updating software. Add in the inevitable phone calls requesting help, and you quickly wish you could shorten the distance between users’ computers and your chair.
Apple Remote Desktop 1.0 was Apple’s first foray into remote control and desktop management. However, its capabilities lagged behind those of Netopia’s stalwart Timbuktu Pro (mmmh3; August 2004), and the desktop management was riddled with glitches and lacked obvious tools that would’ve made the support job easier. Version 2.1 makes great strides to correct deficiencies in both areas.
The new version is a dramatic departure from the 1.x versions, so you should carefully plan this upgrade. First, OS 9 has been jettisoned. And second, this is a lockstep upgrade: the Remote Desktop administration application controls and manages only clients of the same version. Older clients can be upgraded over the network, as long as they are version 1.2 or later. (Make sure that the Remote Desktop application is in the Applications folder before you upgrade to 2.1, and make sure that you open the Remote Desktop ports in OS X’s firewall so you can manage the machine after upgrading.)
Version 2.1 adopts the open-source Virtual Network Computing (VNC) protocol for screen sharing and control. It is now noticeably faster than other VNC implementations, and it’s nearly as fast as Timbuktu. VNC broadens the Mac’s support options to other platforms, substantially increasing Remote Desktop’s value. Now any computer with a free VNC viewer can control a Mac running the free 2.1 client. (Do not confuse this Remote Desktop with Microsoft’s client for Windows terminal services; they don’t interoperate.)
In testing interoperability with other VNC programs, I found that TightVNC was the most compatible with Remote Desktop. Because it lacks Apple’s customization features, TightVNC isn’t quite as fast as Remote Desktop. Timbuktu is still unique in some ways: two-way file copying and dragging files to the display window.
Because VNC isn’t an encrypted protocol, security precautions are necessary. Adept administrators can tunnel their Remote Desktop sessions inside a Secure Shell (SSH) or virtual private network (VPN) connection, but we think Apple should provide an encrypted solution.
Apple Remote Desktop’s management operations are processed as tasks, and they can be saved or scheduled for later use. It locates clients with Rendezvous by searching IP ranges, or you can type in an IP number. Both Remote Desktop and VNC clients can be put on machine lists for later reference, and individual machines can be listed in multiple categories, such as Laptops and Marketing. Version 2.1 eradicates a bug that limited an administrator machine to only 29 network locations.
One of the program’s neatest tricks is its remote configuration of a client’s access settings from the administration application. You can specify which users have access, parcel different levels of access to different users, specify whether generic VNC viewers may access a machine, and even create users on the local machine just for Remote Desktop. Remote Desktop nicely leverages enterprise directories; you can assign privileges to groups, and version 2.1 adds authentication to Microsoft’s Active Directory. All these attributes can be pushed to client computers, or included in a stand-alone client installer.
Copying files to client machines is now easier, as you can drag files from the Finder to the Copy dialog box. A Remote Desktop administrator can install software that uses Apple’s installer packages; version 2.1 easily executes a restart after installation if one is needed.
The Send Unix Command menu item allows an administrator to execute a command or a shell script on client computers. Version 2.1 displays the full text results, making this feature truly useful at last. But there are security lapses: Send Unix’s communications with the client are not encrypted, and Remote Desktop cannot initiate an SSH session in Terminal.
Despite version 2.1’s many improvements, Remote Desktop doesn’t support AppleScript; the graphical interface cannot quit applications on a client machine; you can set a client’s startup disk, but you must type a partition’s name if there is more than one on a disk; and the software-version report still offers only comparisons with the administrator’s computer.
Remote Desktop 2.1 has matured nicely but could be improvemed. Adopting VNC makes Macs more accessible to other platforms and more appealing to IT departments. The price may seem expensive at first blush, but if you’re installing a bunch of Xserves, it’s cheaper than video cards and associated cabling.