Tranquil IT Forum

Hello,
please note this package has a problem:
- the IP allow doesn't work because the deny is missing from the rest of the settings... so it's allowed everywhere
- a regular user can easily modify the TightVNC server configuration.
Thank you

. https://store.wapt.fr/store/tis-vncrestricted

Hello,

I confirm that you need to specify a prohibited range in addition to allowing it, and you can also specify a password to block modification of the parameters.

This file lists the arguments to provide:
https://tightvnc.com/doc/win/TightVNC_2 ... ptions.pdf

Here is an example of an installation command line with some parameters specified:
/quiet /norestart ADDLOCAL=Server SERVER_REGISTER_AS_SERVICE=1 SERVER_ADD_FIREWALL_EXCEPTION=1 SERVER_ALLOW_SAS=1 SET_USEVNCAUTHENTICATION=1 VALUE_OF_USEVNCAUTHENTICATION=1 SET_PASSWORD=1 VALUE_OF_PASSWORD=toto SET_USECONTROLAUTHENTICATION=1 VALUE_OF_USECONTROLAUTHENTICATION=1 SET_CONTROLPASSWORD=1 VALUE_OF_CONTROLPASSWORD=toto SET_QUERYTIMEOUT=1 VALUE_OF_QUERYTIMEOUT=0 SET_LOOPBACKONLY=1 VALUE_OF_LOOPBACKONLY=0 SET_IPACCESSCONTROL=1 VALUE_OF_IPACCESSCONTROL="10.0.1.1-10.0.1.128:0,0.0.0.0-255.255.255.255:1"

Alternatively, after deploying the base package, the desired parameters can be configured via GPO.

I'm looking into modifying the existing package; it's a shame the Mirage Driver is missing, but it's not free, although it's easy to install silently to optimize remote connections.
DFMirage-2.0.301-32bits.exe /VERYSILENT /NORESTART

To be continued...