Remote operations do not require permission if user is not logged in

  • 7000787
  • 01-Jul-2008
  • 27-Apr-2012

Environment

Novell ZENworks 10 Configuration Management Remote Management

Situation

Device-based remote management policy is set to require permission, but a remote operator can launch a remote operation, such as file transfer, without a prompt appearing on the target workstation, if no-one is logged in.

Resolution

This is fixed in version 10.2 - see KB 7003225 "ZENworks 10 Configuration Management with SP2 (10.2)" which can be found at https://www.novell.com/support

The fix adds a new configuration option to ZCC, in Configuration> Remote Management
"Allow Remote Session when no user is logged on to the managed device" - see the ZCC online help for details.



Previous (partial fix), applies to ZCM 10.1.x only:
This is fixed in version 10.1 - see KB 7001200 "ZENworks 10 Configuration Management with SP1 (10.1)" which can be found at https://www.novell.com/support

In order to activate the new feature in ZCM 10.1.x, a registry entry needs to be created on the target workstation, "DisallowSessionInUserAbsence" of type DWORD under "HKLM\Software\Novell\ZENworks\Remote Management\Agent\Customizations" and the value should be set to anything greater than zero.

You should get the error message saying "No user is logged in to the managed device. The ZENWorks Remote Management policy does not allow a remote session when user is not logged in."

Status

Security Alert