Remote Control (Isscntr.exe) starts minimized and can't be open in full screen.

November 25, 2014, 11:49 pm

≫ Next: Clavier Qwerty et non Azerty lors d'une prise en main RC HTML5

≪ Previous: How to troubleshoot Remote Control Menu being grayed out

$

0

0

Description

When remote control to client machine, the windows will starts minimized and can't be open in full screen. Even double click the Isscntr.exe to launch the remote control, the remote control window can't open.

Cause

The window is opened unsuccessfully one time for some reason. Then the window remembered last setting of windows size.

 

Resolution

There is a registry key can control the windows size. Need to modify and reboot the core server. Do NOT copy this to your core server.

[HKEY_USERS\S-1-5-21-3461657420-2590047586-3954473000-1140\Software\LANDesk\Instant Support Suite Console\Container]

"style"=dword:00000003

 

"style"=dword:00000001, normal size

"style"=dword:00000003, maximized size

*The string value 'S-1-5-21-3461657420-2590047586-3954473000-1140' here need to be modify with you own.

Apply

LDMS 9.5, LDMS 9.6 and later

---

Clavier Qwerty et non Azerty lors d'une prise en main RC HTML5

February 10, 2014, 1:36 am

≫ Next: Trusting the LDMS Remote Control Certificate

≪ Previous: Remote Control (Isscntr.exe) starts minimized and can't be open in full screen.

$

0

0

Env:

LDMS 95 SP2 Francais

 

Description:

Vous demarrez une prise en main a distance HTML5 et  votre clavier Azerty n'est pas mappe.

Vous vous retrouvez avec un clavier Qwerty

 

Comment avoir un clavier AZERTY ?

Simplement en modifiant les parametres de langues et regions (voir image ci-dessous)

Cette action devra etre effectuee pour toute nouvelle session.

Trusting the LDMS Remote Control Certificate

May 14, 2013, 1:02 pm

≫ Next: Windows Authentication doesn’t work for remote control authentication (NTLMv2 Support of Remote Control)

≪ Previous: Clavier Qwerty et non Azerty lors d'une prise en main RC HTML5

$

0

0

The purpose of this document is to show how to trust a certificate so that when you are using the new HTML5 Remote Control you do not get the security warning. We have also attached the certificate that is to be trusted.

 

Adding certificates to the Trusted Root Certification Authorities store for a domain

 

Domain Admins is the minimum group membership required to complete this procedure.

 

To add certificates to the Trusted Root Certification Authorities store for a domain

 

1.     Open Server Manager, and under Features Summary, click Add Features. Select the Group Policy Management check box, click Next, and then click Install.

2.     After the Installation Results page shows that the installation of the GPMC was successful, click Close.

3.     Click Start, point to Administrative Tools, and then click Group Policy Management.

4.     In the console tree, double-click Group Policy Objects in the forest and domain containing the Default Domain Policy GPO that you want to edit.

5.     Right-click the Default Domain Policy GPO, and then click Edit.

6.     In the GPMC, go to Computer Configuration, Windows Settings, Security Settings, and then click Public Key Policies.

7.     Right-click the Trusted Root Certification Authorities store.

8.     Click Import and follow the steps in the Certificate Import Wizard to import the certificates.

 

The certificate for LDMS 9.6 and 9.6 SP1 can be found at C:\Program Files\LANDesk\ManagementSuite\rchtml5.cer

 

They can be found at this link as well… http://technet.microsoft.com/en-us/library/cc754841.aspx#BKMK_managedomain

 

This now has the certs required for 9.5, 9.5 SP1, and 9.5 SP2.

 

NOTE: If you would like to show the FQDN (ie. https://MachineName.domain:4343) instead of the short name (eg. https://MachineName:4343), Be sure that when you sign into the console, it is using the FQDN for the Core server

Windows Authentication doesn’t work for remote control authentication (NTLMv2 Support of Remote Control)

January 3, 2013, 4:09 am

≫ Next: Remote Control only seeing 'Black Screen' and on the client getting Visual C++ Runtime Error.

≪ Previous: Trusting the LDMS Remote Control Certificate

$

0

0

This document applies to LDMS 9.0 and 9.5

 

Description

Some customers want to use local Windows Authentication to authenticate their remote control sessions via LANDesk. This might also be the case if the to be remote controlled device is not member of a domain (standalone) or not part of any trusted domain (untrusted) to the domain within the administrator and/or the LDMS core resits.

The usual configuration within the LANDesk Agent configuration would look like similar to this

                   

On the to be remote controlled device there are some local account added to the “Remote Control Operators” group (here LDAdmin and the local administrator).

 

But every time the customer wants to connect to the machine the “Credentials Required” window keeps popping up. And no successful remote control session can be established.

 

The issuser.log (in the LDClient directory) does show entries which imply that the user has established a successful remote control session.

These entries might look similar to this one:

Start Remote Control  Initiated from W2K3-CITRIX-EN by user \, Security Type: Windows NT

Cause

The cause of this was that the local machine was set to only accept network connection authenticated by NTLMv2 within the local group policy for “Network security: LAN Manager authentication level Properties”.

 

 

Solution

The solution is to set the authentication level to “Send LM & NTLM – use NTLMv2 session security if negotiated”

 

Remote Control only seeing 'Black Screen' and on the client getting Visual C++ Runtime Error.

April 12, 2011, 11:04 am

≫ Next: The Remote Control client intercepts the key combination Ctrl+Shift+Backspace and passes to the application listening for keystrokes only the Backspace key

≪ Previous: Windows Authentication doesn’t work for remote control authentication (NTLMv2 Support of Remote Control)

$

0

0

Description: When trying to remote control machines the remote control viewer only get's black screen. On the agents you sometimes get a Visual C++ Runtime error.

 

 

In the Application Event Log getting error:

 

Type:    Error
Source:    Application Error
Event ID:    1000
Event Time:    03/11/2011 6:34:13 AM
User:    n/a
Computer:    HOSTNAME
Description:
Faulting application name: rcgui.exe, version: 9.0.2.38, time stamp: 0x4ca31c26
Faulting module name: ntdll.dll, version: 6.1.7600.16695, time stamp: 0x4cc7ab86
Exception code: 0xc0000005
Fault offset: 0x00032a00
Faulting process id: 0x818
Faulting application start time: 0x01cbdfe89bbc0d84
Faulting application path: C:\PROGRA~2\LANDesk\LDClient\rcgui.exe
Faulting module path: C:\Windows\SysWOW64\ntdll.dll
Report Id: de787d70-4bdb-11e0-bc17-0050568e1eb4

 

 

Cause: Beyond Trust has seen this issue with some of their customers and LANDesk. PBWD will load the DLLs when the process executable starts, to enable detection if elevated rights are needed, and whenever other items are set to detect. After PBWD unloads from the process, some programs have problems with this. The two from LANDesk that has issues with this are rcgui.exe and issclipexec.

 

 

Resolution: BeyondTrust is aware of this conflict.  It can be resolved by  having at least client version 4.9.1 and creating the following  registry string value:

 

HKLM\SOFTWARE\Policies\BeyondTrust\PrivilegeManager
ExcludedProfilerApps=C:\PROGRA~2\LANDesk\LDClient\rcgui.exe;C:\PROGRA~2\LANDesk\LDClient\issclipexec.exe

 

Or you can create the following batch job to send out to your machines:

 

reg add "HKLM\SOFTWARE\Policies\BeyondTrust\PrivilegeManager" /v "ExcludedApps" /d "C:\Program Files\LANDesk\LDClient\issuser.exe;C:\PROGRA~1\LANDesk\LDClient\issuser.exe;C:\Program Files\LANDesk\LDClient\rcgui.exe;C:\PROGRA~1\LANDesk\LDClient\rcgui.exe" /f

The Remote Control client intercepts the key combination Ctrl+Shift+Backspace and passes to the application listening for keystrokes only the Backspace key

December 9, 2010, 1:04 am

≫ Next: Remote control viewer shows machine's screen incorrectly (with distortion). Screen is unreadable.

≪ Previous: Remote Control only seeing 'Black Screen' and on the client getting Visual C++ Runtime Error.

$

0

0

DESCRIPTION

 

The Remote Control client intercepts the key combination Ctrl+Shift+Backspace and passes to the application listening for keystrokes only the Backspacekey even if the device is not currently subject to a remote control session.

This represents a problem if the user is using an application that uses this particular combination to perform some particular tasks

 

RESOLUTION

 

Contact the support and ask for the patch CR51966

 

The patch is available for LD9 SP2 and LD 8.8 SP4

Remote control viewer shows machine's screen incorrectly (with distortion). Screen is unreadable.

August 11, 2010, 8:35 am

≫ Next: Machines getting locked after Remote Control Session Ends

≪ Previous: The Remote Control client intercepts the key combination Ctrl+Shift+Backspace and passes to the application listening for keystrokes only the Backspace key

$

0

0

Problem

When remote controlling a target device, the LANDesk Remote Control Viewer window shows a distorted image instead of the target device's screen.No error message is displayed in the viewer or the target device.

 

 

 

 

Cause

• Cause 1

          Unsupported 1600x900 resolution on the target machine

• Cause 2

          Compatibility between mirror driver and device's video hardware.

 

 

 

Resolution

• For cause 1

          Open a new incident with LANDesk Technical Support to request patch RC-48366

 

• For cause 2

1. Open the LANDesk Management Suite console
2. Launch the Agent Configuration tool
3. Open the respective agent configuration and browse to the Remote Control > Indicators section.
4. Make sure the option for "Mirror Driver" is not selected.
5. Save changes.
6. Right-click on the respective agent configuration and select the option to "Schedule Agent Deployment". A new task will be created.
7. Add the necessary system(s) to this new task.
8. Right-click on the new task and select 'Start Now'

 

 

Affected Products

LANDesk Management Suite 8.8

LANDesk Management Suite 9.0

Machines getting locked after Remote Control Session Ends

June 9, 2009, 9:39 am

≫ Next: Error: Unable to find the remote control web service on "."

≪ Previous: Remote control viewer shows machine's screen incorrectly (with distortion). Screen is unreadable.

$

0

0

Description

After remote controlling a computer, when we end session, the station locks and the user has to unlock their desktop.

 

Resolution

Change the Lock the remote computer when the session ends setting.

 

To do this follow these steps:

 

1. Start a remote control session.
2. Go to the Tools | Options | Change Settings tab.
3. There is a Lock the remote computer when the session ends check box. Uncheck that setting.

---

Error: Unable to find the remote control web service on "."

March 5, 2009, 9:11 am

≫ Next: How to create a resident remote control only agent for LANDesk Management Gateway clients that do not need a standard agent.

≪ Previous: Machines getting locked after Remote Control Session Ends

$

0

0

Description

Attempting to remote control a machine results in a message in the connection log that says:

Unable to find the remote control web service on "."

The user is prompted for credentials. Any combination fails to authenticate.

Cause

Custom tool was calling the isscntr.exe without the -s switch.

 

The -s"corename" switch is required for  Integrated Security so a certificate exchange may take place.  The -s switch is not required for  Local Template or  NT Security.

Resolution

Change the tool or shortcut to reflect the -s"coreserver" switch or use Local Template or NT Security for authentication.

Command line for Regular Remote Control

The following is the command line that must be used when connection to a device inside the corporate network that is accesible directly.

"C:\Program Files\LANDesk\ManagementSuite\isscntr.exe" –s"YourCoreName" -c"remote control"

Note: The -s parameter accepts the FQDN, host name, or IP address of the Core Server.  If FQND or host name is used, name resolution (such as DNS) must be functioning properly.

Command line for    Management Gateway Remote Control:

The following is the command line that must be used when connection to a device outside the corporate network that is NOT accessible directly.

" C:\Program Files\LANDesk\ManagementSuite\isscntr.exe" -agsb://<Gateway> –s"corename" -c"remote control"

Note: The -s parameter accepts the FQDN, host name, or IP address of the Core Server.  If FQND or host name is used, name resolution (such as DNS) must be functioning properly.

How to create a resident remote control only agent for LANDesk Management Gateway clients that do not need a standard agent.

January 15, 2008, 7:02 am

≫ Next: Not able to send Ctl-Alt-Del during remote control in Windows 7 or Server 2008

≪ Previous: Error: Unable to find the remote control web service on "."

$

0

0

 

  Subject

How to create a resident remote control agent on LDMG clients that do not have/need a standard agent.

 

  Description

How to create a resident remote control agent on LDMG clients that do not have/need a standard agent.

I.E. Used for machines that do not need to be managed, that are on the internet and need to be waiting for a remote control connection through a Management Gateway at all times.

Applies to:
LANDesk Management Gateway iso or appliance
LDMS 8.7 and 8.8

 

 

 

  Resolution

• Download the agent cab file from a management gateway -
o http://gatewayname
o example http://ldmg.landesk.com
o click tools or utilities
o click support tools
o click and save LANDesk remote assistance agent (cab)

 

Steps to install a resident RC agent.

 

• Copy the contents of the cab to anywhere on the target resident client pc.
o (For Example C:\Program Files\LANDesk\RCAgent)

 

• From a run prompt run the following command:
o issuser.exe /resident /b /lBROKERADDRESS
o for example issuser.exe /resident /b /lldmg.landesk.com
o This will install the service to windows
o NOTE: no space after the /l (l= lower case L)
o You will need to type the full path to the ISSUSER.exe!!

 

• To uninstall run the following command
o Issuser.exe /remove
o You will need to type the full path to the ISSUSER.exe!!
o This will uninstall the service AND delete all of the files from the machine.

 

Note: If the issuser command line is run incorrectly or if changes are needed to an existing resident agent, run the remove command and then re run the resident command line as shown above.

 

  Advanced Settings

 

Security Type:
• Choose whether to use NO security (Local Template) or NT Security
o If NT security is desired then a /y2 is needed at the end of the command line, by default it is local template.
o If Integrated security is desired then a /y9 is needed at the end of the command line.
o You can change this at anytime by modifying the security type registry key then restarting the RC agent service
o hklm/software/intel/landesk/wuser32 - Security type dword
o If you use NT security the remote controlling users must be in the “HDAllowed Operators” local NT group

 

Organization
• If you configure your Management Gateway users with Organizations other than * because you only want them to be able to see machines of a specific Org in the RCViewer then see the example below.
o In this example we only want our client to be seen by Users with the Severs Organization on the Gateway.
o issuser.exe /b /oServers /lGatewayName

 

Example using all switches
issuser.exe /b /oServers /lGatewayName -y9

Not able to send Ctl-Alt-Del during remote control in Windows 7 or Server 2008

November 18, 2007, 11:35 pm

≫ Next: Remote Control option not available for Windows 10 client

≪ Previous: How to create a resident remote control only agent for LANDesk Management Gateway clients that do not need a standard agent.

$

0

0

Description

During a remote control session you are not able to send Ctrl-Alt-Del

 

Cause

This is controlled through the "software Secure Attention Sequence" policy.

This can either be set through a domain policy or local policy.

When set to Disabled, you will not be able to send Ctrl-Alt-Del remotely.

 

Solution

There are two ways of setting the needed group policy setting, depending on whether the remote computer is connected to a domain or is a member of a workgroup. Please follow the appropriate section depending on your setup.

 

Domain Procedure (change domain group policy setting)

If the remote computer is connected to a domain, the domain administrator can enable this group policy setting for subdomains or for the entire domain. Please follow these steps:

 

Important: Only a domain administrator can modify the domain group policy

Important: The domain group policy overrides the local group policy. If the domain group policy is not set, you can use local group policy setting mentioned in the next section.

1. Login to the remote computer as the domain administrator.
2. Click the Start Windows button, select Run, type gpmc.msc and press enter.
3. In the left section, select the desired domain, then right-click and choose Create a GP) in this domain, and link it here.
4. Right-click the new GPO and select Edit.
5. In the left section, please navigate to: Computer Configuration - Administrative Templates - Windows Components - Windows Logon Options
6. In the right section, please double-click on the Disable or Enable software Secure Attention Sequence policy and click on Enabled.
7. Set the policy option to Services.
8. Click OK and close the Group Policy Object Editor.

You have now enabled the sending of Ctrl-Alt-Del on all computers that are connected to the domain you selected in step 3.

 

Workgroup procedure (change local group policy setting)

If the remote computer is a member of a workgroup or is connected to a domain with no domain group policy set, you should follow these steps:

1. Login to the remote computer as a local or domain administrator.
2. Click the Start Windows button, select Run, type gpedit.msc and press enter.
3. In the left section, please navigate to: Computer Configuration - Administrative Templates - Windows Components - Windows Logon Options
4. In the right section, please double-click on the Disable or Enable software Secure Attention Sequence policy and click on Enabled.
5. Set the policy option to either Service or Services and Ease of Access applications.
6. Click OK and close the Group Policy Object Editor.

You have now enabled the sending of Ctrl-Alt-Del on the remote computer.

Remote Control option not available for Windows 10 client

February 2, 2018, 11:53 am

≫ Next: Remote Control session from Core responds with "The remote computer is not managed by your server" error from the client device.

≪ Previous: Not able to send Ctl-Alt-Del during remote control in Windows 7 or Server 2008

$

0

0

We installed the EPM agent on our first Windows 10 client but the ability to Remote Control from the Ivanti Management Console is not available (completely not listed vs. greyed out). We also noticed that even forcing a full Inventory scan does not report anything back to the Core. Based on the last update timestamp, it looks like it only registered with the core on the initial install of the agent which we ran manually on the machine.

 

Remote Control does work, however, via the web console. Not sure where to start. Appreciate any inputs.

Remote Control session from Core responds with "The remote computer is not managed by your server" error from the client device.

April 17, 2009, 10:23 am

≫ Next: Unable to remote control to any machines after upgrading to 2017.x

≪ Previous: Remote Control option not available for Windows 10 client

$

0

0

Description

When a remote control session is started to a client machine ISSCNTR.exe responds with the following status error:

 

"The remote computer is not managed by your server"

 

Cause

This issue is most commonly caused by device's with a corrupted, or mismatched DeviceID in the Inventory Database.  You can try verifying that the core server can "ldping" the target machine by opening a web browser and going to the following page:

http://machine-name:9595/allowed/ldping

This should return an XML document with the client's DeviceID.

Resolution

1. Delete the device Name from the Core Server device listing.
2. Run a Full Inventory scan from the client Machine using the /F and /SYNC switches:

"C:\Program Files\Landesk\LDClient\LDISCN32.EXE" /NTT=%server%:5007 /S="%server%" /I=HTTP://%server%/ldlogon/ldappl3.ldz /NOUI /NOCD /F /SYNC

 

Once the full inventory scan has finished and is processed by the Core server, the client machine will show back up in the device listing and remote control will no longer reply with the error.

Unable to remote control to any machines after upgrading to 2017.x

February 13, 2018, 9:57 am

≫ Next: Windows 10 1703&1709 unbarably slow remote control using LANDesk Remote Control

≪ Previous: Remote Control session from Core responds with "The remote computer is not managed by your server" error from the client device.

$

0

0

Problem

 

When you attempt to legacy remote control a machine after upgrading to 2017.3, you may see the following error:

"Authentication failed because a certificate was not found on the remote computer".

 

Cause

 

We changed the Remote Control certificate to SHA256 in 2017.1 and older agents are unable to decrypt the certificate. Click here for more detail.

 

We see this issue more often with customers who upgrade from 9.6 to 2017.3, but this can affect anyone upgrading from previous versions of LANDesk to Ivanti 2017.x

 

Solution

 

Upgrade your agents by clicking Rebuild all under Tools>Configuration>Agent Configuration. Once that completes, right click your agent configuration and choose schedule agent deployment.

 

Non-Supported workaround

 

You may be able to get the older clients to function again if you replace the following file with the one from %LDMS_HOME%ldlogon on the core server.

 

C:\Program Files (x86)\LANDesk\LDClient\issuser.exe

 

NOTE: This is a non-supported workaround meaning that support will not assist with this and wont be able to help if this breaks the agent. Please continue at your own risk. The better solution is to reinstall the agent.

Windows 10 1703&1709 unbarably slow remote control using LANDesk Remote Control

February 25, 2018, 11:38 am

≫ Next: ISSUSER Application Error

≪ Previous: Unable to remote control to any machines after upgrading to 2017.x

$

0

0

LANDesk Management Console 9.6 SP3 running on Windows Server 2008R2.

 

We consistently have to fallback to other remote control methods to help users remotely on our team.  There seems to be no rhyme or reason this occurs.  The response time from a click can take up to 30seconds, I've seen it!

 

We have ran the remote control from various machines around the network, even from the main landesk server and the problem still exists.

 

This happens on hundreds of newly installed Windows 10 Enterprise 64bit machines.  This can happen on machines that are on the same subnet as the current remote management console as well.  We have removed the posibility that this is network related.  The computers in question are all gigabit connected, SSD/i7 desktops that perform excellently locally.

 

One noticable nuance is that this problem often occurs on computers that have graphics cards installed.  Nvidia or AMD seems to make no difference.

 

Has anyone else noticed these issues?

---

ISSUSER Application Error

January 5, 2012, 3:03 pm

≫ Next: Black screen

≪ Previous: Windows 10 1703&1709 unbarably slow remote control using LANDesk Remote Control

$

0

0

I have a lenovo t510 that is having an issue with the issuer.exe processs.  Whenever it starts up for the first time it consistently gives an error of:  The instruction at "0x004167ca" referenced memovery at "0x0000000c" The memory could not be "read". The computer is on SP3.  I have uninstalled and re-installed the client as well.  The computer's OS is Windows XP SP3.  Any thoughts would be appreciated.

Black screen

January 10, 2012, 11:57 am

≫ Next: 2 consoles connecting to the same client

≪ Previous: ISSUSER Application Error

$

0

0

Some of my servers do not display for remote control.  I have three identical servers.  One works correctly.  Two display only a black screen when using remote control.  Web console does not work.  Mirror driver and screen blanking is off.  Any ideas?

2 consoles connecting to the same client

August 7, 2012, 3:44 am

≫ Next: Is there anyway the end user can initiate a remote control request to the admin?

≪ Previous: Black screen

$

0

0

Hi,

 

We have different departments within our IT support (in different physical locations in the city).  Sometimes our teams need to work together to resolve issues and having to travel so 2 members of staff can see 1 client screen is quite inconvenient, to say the least.

 

Is there any way of allowing 2 consoles to connect to the same client?  This would be very useful for us.

 

Thanks.

Is there anyway the end user can initiate a remote control request to the admin?

August 26, 2012, 8:43 pm

≫ Next: remote agent not working -canno conenct to win7 64 machines

≪ Previous: 2 consoles connecting to the same client

$

0

0

LDMS 9.0.

Looks like the RC activities is initiated by the admin, is there anyway the end user can ask the admin to RC his computer? (both in direct mode and gateway mode) Thanks!

remote agent not working -canno conenct to win7 64 machines

August 24, 2012, 1:45 am

≫ Next: Windows 7 Mirror Driver breaks Aero - would like patch.

≪ Previous: Is there anyway the end user can initiate a remote control request to the admin?

$

0

0

We have introduced some windows 7 64 bit machines to the network, joined them to the domain and so forth, but we cannot remote connect to them, any ideas?

 

Landesk 9.0 remote agent, i did accidently install

 

 

12/10/2012 10:05:12 Unable to find the remote control Web service on ''.

 

23/08/2012 17:07:02 Unable to send a request to the remote computer.

 

works fine on existing win7 64 levano laptops, but not on our new levano thinkcentre m82 workstations, able to telnet and connect to the core server

 

when creating this win7 build I did accidently install the wrong software ENURsetup.exe , so I unisntalled this and then installed LANDESK 9.0