|
Introduction If you
employ Microsoft's Active Directory on your network, you will find
that its Group Policy is a great tool for keeping all of your VNC
installations standard. You can assign the settings to an
Organization Unit or to your whole domain. This tutorial
explains how to do this. Administrative
Template You really
have two choices for deploying and standardizing the VNC settings
using Group Policy. The first is to use an administrative
template. You can download a free one created by Adam Moore
here. You may need to right-click it and 'Save As' if your
browser attempts to open it instead of save it.
Save it into your 'Windows\inf'
folder or 'winnt\inf' if yours is that way. For information on
how to use custom .ADM templates with Active Directory, please
reference
this Microsoft knowledge base article.
Before you get too excited about this possibility, let it be known
that the Group Policy does not allow REG_BINARY registry settings so
you can not set the VNC password using this or any other
administrative template. For this, you will want to use a
script method described below. Computer
Script Before
you get started, you will want to have an exported registry file of
the settings that you wish to deploy. To do this, you'll need
to go to a computer that has the brand of VNC that you want to
standardize on, set the settings how you wish them to be set on all
of the computers, and then export those settings to a file.
To export them to a file, open the
Registry Editor (regedit.exe from the start/run menu). Browse
in the registry editor to "HKEY_LOCAL_MACHINE\SOFTWARE\orl".
For this tutorial, we will be dealing with ultraVNC RC20 and only
with the machine global settings. All of our VNC deployments
are running as a service so this is really all that we need.
Once you have an exported .reg
file, you will need to save it to a network location that all of
your computers have access to. This needs to be a folder where
the NTFS and share permissions are set to allow 'EVERYONE' at least
read access. Machine scripts run as the local system user on
each computer and therefore appears as an anonymous user on the
network. For this tutorial, we've set it up at
\\fileserver\public as
vnc.reg.
- Create a .CMD file with the command: regedit /s
\\fileserver\public\vnc.reg and save it in
\\fileserver\public.
- Open up Active Directory Users and Computers
and select the OU that you want this group policy applied to.
- Right-click it and choose properties
- Select the Group Policy tab
- Click to create a new policy and give it a name
- Double-click on your new policy in the list
- In the new policy window, navigate to the
Computer Configuration
- Click Windows Settings
- Click Scripts
- In the right pane, double-click the Startup
icon
- In the new window, browse to find your .cmd
file
- Choose OK and close all of the windows
It may take a little while
for the changes to propagate throughout your network depending on
your replication schedule and how many domain controllers you have.
Once the changes have been applied, though, your domain computers
will begin standardizing on the settings that you save in that .reg
file. |
