TightVNC Passwords

Hi All,

Could you tell me if the following is possible?

Scenario: VNC installed for admin purposes on all internal networked PC's
               and Servers. We are currently using developers PC's to demo
s/ware
               in development from our boardroom. We therefore require the
need
               to allow the user of the PC (on which the demo is running) to
change
               the password of TightVNC for the currently logged in user.
However
               on reboot of the developer's PC, after the demo, the password
for
               TightVNC reverts to the default password (used for admin).

Problem: How do we give the user the ability to change the password for the
               currently logged in user id but don't allow the default
password to get
               changed.

Also is it possible to get a list of registry entries that TightVNC uses?

TIA,
Rab.
===========================================================
Robert Jackson                                  Phone: +44 (0) 141 332 7999
Software Engineer                                 Fax:  +44 (0) 141 331 2820
Walker Martyn Ltd

Re: TightVNC Passwords

 I believe there will be announcements shortly regarding the
 ability to use available authentication such that username and
 password are possible.

 We have development versions that allow on UNIX Xvnc users to
 fully utilize the remote system's authentication. The vncviewer
 from windows is done as well. The Windows Xvnc and java based code is
 under development and close to completion by Const.

 We are working on a binary that will allow for UNIX users the
 ability to save their desktop settings and use any of the
 available window managers. We should have this work done within
 July.

 If you disable all but username/password access once the Windows
 Xvnc is available then you would not have to use the vnc password
 but local authentication.

 Jim

 

>
>Hi All,
>
>Could you tell me if the following is possible?
>
>Scenario: VNC installed for admin purposes on all internal networked PC's
>               and Servers. We are currently using developers PC's to demo
>s/ware

RE: TightVNC Passwords

Currently, tightVNC allows this to a degree
.
If you go to "Start > Programs > TightVNC > Show User Settings" you get the properties for the currently
logged in user which are stored in:  HKEY_CURRENT_USER/Software/ORL/WinVNC3/Password

If you go to "Start > Programs > TightVNC > Administration > Show Default Settings" you get properties for
the local PC which are stored in: HKEY_LOCAL_MACHINE/Software/ORL/WinVNC3/Default/Password

All password values are in ASCII.

The Registry entries are stored in:
HKEY_CURRENT_USER/Software/ORL
HKEY_LOCAL_MACHINE/Software/ORL
HKEY_USERS/......../Software/ORL
HKEY_CLASSES_ROOT/.vnc

After reboot the password will be the Default password as long as the previous user that set their own
password doesn't log in.  The password in "HKEY_CURRENT_USER/Software/ORL/WinVNC3/Password" isn't
populated until the current user sets it.  The Current User password appears to take precedence over the
default password.

You can also Hack the registry remotely using RegEdt32.  From the menu bar select "File > Connect Network
Registry", enter the name of the computer.  This will take you to the Registry Hive of that computer.

Go to "HKEY_USERS" and with a little investigation you should be able to find the Tree for that user.  You can
then Hack down to Software/ORL/WinVNC3/Password" in that tree and find the ASCII password and change it
to the system's default password thus preventing the user from entering that PC again without the proper password.

A word of caution about Hacking the registry.  You should backup the registry before attempting to make any
changes to it.

RE: TightVNC Passwords

>
>> -----Original Message-----
>> From: Jim Corrigan [mailto:corrigan <at> KiNETWORKS.com]
>> 
>>  I believe there will be announcements shortly regarding the
>>  ability to use available authentication such that username and
>>  password are possible.
>
>Sounds nice. Some design questions:
>
>Will the account name be provided to the user? or should he/she give that
>also, to validate the account?

Has to be account on that system. i will let Const detail how windows
will check password. On unix the code we added and provided Const allows
for username and password to be validated using the mechanism that
the access system uses.

>
>What authentication do you use? Can it somehow be automated like with the
>~/.rhosts file (used with rlogin, rsh, rexex and rcp) or similar as
>available with ssh?: A file with lines containing usernames and hostnames
>that are automatically authenticated?

Hadn't thought of doing that. But we can make it available. I would think
that was not to secure, however.

>
>Can a cross-platform authentication be automated?: M$Windows users should

RE: TightVNC Passwords

If the machine involved is a NT based machine (NT, 2000, XP, Server 2003)
then unless you grant the "user" account administrator or power user
privileges on the machine then they CANNOT change the registry settings for
the "Local Machine" - another case in point about not letting anyone having
any higher access than the minimum they need to work...

-----Original Message-----
From: Sterner, Gregg [mailto:gsterner <at> trlx.com] 
Sent: Tuesday, July 01, 2003 8:28 AM
To: Robert Jackson; Vnc-Tight-List
Subject: RE: TightVNC Passwords

Currently, tightVNC allows this to a degree
.
If you go to "Start > Programs > TightVNC > Show User Settings" you get the
properties for the currently logged in user which are stored in:
HKEY_CURRENT_USER/Software/ORL/WinVNC3/Password

If you go to "Start > Programs > TightVNC > Administration > Show Default
Settings" you get properties for the local PC which are stored in:
HKEY_LOCAL_MACHINE/Software/ORL/WinVNC3/Default/Password

All password values are in ASCII.

The Registry entries are stored in: HKEY_CURRENT_USER/Software/ORL
HKEY_LOCAL_MACHINE/Software/ORL HKEY_USERS/......../Software/ORL
HKEY_CLASSES_ROOT/.vnc

After reboot the password will be the Default password as long as the
previous user that set their own password doesn't log in.  The password in

Ctrl-Alt-Del

I have tightVNC running as a Service on my Win2000 machine.  If I log off or
lock the computer, I need to hit Ctrl-Alt-Del to enter my username password.
If I try doing this through the tightVNC window on a remote machine, only
the remote machine accepts the command, not the host computer.  Any way to
get around this?  I do not want to keep the host computer logged in.

	-n-


-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01
___________________________________________________________
TightVNC mailing list, VNC-Tight-list <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list

RE: Ctrl-Alt-Del

Please ignore question below.

>  -----Original Message-----
> From: 	Nishantha Ranatunga  
> Sent:	Tuesday, July 01, 2003 11:56 AM
> To:	'vnc-tight-list <at> lists.sourceforge.net'
> Subject:	Ctrl-Alt-Del
> 
> I have tightVNC running as a Service on my Win2000 machine.  If I log off
> or lock the computer, I need to hit Ctrl-Alt-Del to enter my username
> password.  If I try doing this through the tightVNC window on a remote
> machine, only the remote machine accepts the command, not the host
> computer.  Any way to get around this?  I do not want to keep the host
> computer logged in.
> 
> 	-n-


-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01
___________________________________________________________
TightVNC mailing list, VNC-Tight-list <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list

unable to open desktop, error=2

unable to open desktop, error=2

  Has anybody encountered the following error or can point me to 
documentation that can explain the problem I am running into?

unable to open desktop, error=2

Does this have anything to do with the resolutions my different machines 
are running at?

Basically I attempt to start a session remotely to view my desktop 
machine.  My desktop is running at a resolution of 1280x1024, while my 
notebook is running at a resolution of 1024x768.  The following is the 
log from my attempt to connect:

Mon Jun 30 22:40:45 2003
vncSockConnect.cpp : accepted connection from 10.21.99.250
vncClient.cpp : vncClient() executing...
vncServer.cpp : AddClient() done
vncClient.cpp : client connected : 10.21.99.250 (id 3)
WinVNC.cpp : message 1026 received
vncClient.cpp : negotiated protocol version
vncPasswd.h : PASSWD : ToText called
vncPasswd.h : PASSWD : ToText called
Mon Jun 30 22:40:47 2003
WinVNC.cpp : message 275 received
vncMenu.cpp : tray icon added ok
Mon Jun 30 22:40:48 2003
vncClient.cpp : non-shared connection - disconnecting old clients
vncServer.cpp : KillAuthClients() done
vncDesktop.cpp : initialising desktop server
vncDesktop.cpp : KillScreenSaver...
vncDesktop.cpp : SCR-WBB: current display: w=1280 h=1024 bpp=24 vRfrsh=85.
vncService.cpp : unable to open desktop, error=2
vncService.cpp : SelectHDESK() to Default (3c) from 3c
vncService.cpp : SelectHDESK failed to close old desktop 3c, error=170
vncServer.cpp : failed to initialize desktop object
VSocket.cpp : closing socket
vncDesktop.cpp : killing desktop server
vncServer.cpp : Authenticated() done
vncServer.cpp : RemoveClient() done
vncClient.cpp : ~vncClient() executing...
vncClient.cpp : deleting socket

-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01
___________________________________________________________
TightVNC mailing list, VNC-Tight-list <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list

Re: TightVNC Proxy help - solution

Hello,

I don't know what your are meaning with "isa-server", but I think a http proxy 
server like squid. Such proxy's are only for http and https, and sometimes 
for ftp.

So you can load and start the java viewer applet, and the applet tries to 
connect direct to the server and doesn't use the proxy, which won't work.

The solution is to use http and not the rfb-protocol between the applet and 
the server. This is not possible with the standart tightVNC, but patches are 
available at http://www.online-marketwatch.com/HttpTunnel4vnc/ . One hint:
add "-target 1.1" to the java-compiler in the Makefile, because the JVMs in 
the browsers are only version 1.1.

Greetings
H-HB

-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01
___________________________________________________________
TightVNC mailing list, VNC-Tight-list <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list