+ Post New Thread
Page 1 of 4 1234 LastLast
Results 1 to 15 of 50
Network and Classroom Management Thread, How To Guide: Deploy VNC via Group Policy in Technical; Hi, I have had a few people ask how to deploy VNC via group policy. If you have a large ...
  1. #1

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,408
    Thank Post
    797
    Thanked 1,593 Times in 1,395 Posts
    Blog Entries
    10
    Rep Power
    428

    How To Guide: Deploy VNC via Group Policy

    Hi,

    I have had a few people ask how to deploy VNC via group policy. If you have a large network where you want to install VNC on a large amount of computers this would be an ideal solution.

    For this guide i used TightVNC - the website is here: tightvnc.com

    I decide to go for TightVNC becuase
    • Easy to use
    • Free
    • Ability to hide the icon in the system tray
    • Built in access control options
    • Very lightweight
    • Ability for the end user to approve connections
    • Fully compatible with Windows 7


    I have tested this on the following systems
    • Windows XP x32
    • Windows 7 x32
    • Windows 7 x64
    • Windows Server 2008 R2


    With the below guide, anything in red are paths you need to change to make it suitable for deployment in your network.
    Once this script has installed VNC it is designed to automatically quit when you run it again.

    Creating the installer files

    1. Create a network share on a server to store the script and installers. You will need to give the group "Domain Computers" the right to read and execute.
    2. Download TightVNC and save it in the above share and install onto 1 computer.
    3. On the computer you installed TightVNC, configure to how you like it (eg set a password). Click Here for Documentation & Click Here for FAQ
    4. Once configured go to regedit and export the following folder. "HKEY_LOCAL_MACHINE\Software\TightVNC" & save it in the above share. To export right click the TightVNC folder and press export.
    5. Open NotePad and copy the below code. Please change the red areas to the path of your network share. The script will remove the VNC stuff from the program files to stop users from playing. If you do not want to do this remove the last line of the code.
      Code:
      if exist "C:\Program Files (x86)\TightVNC" goto :eof ELSE
      if exist "C:\Program Files\TightVNC" goto :eof ELSE
      "c:\vnc\tightvnc-2.0.2-setup.exe" /S
      regedit /S "c:\vnc\tightvnc.reg"
      net stop "TightVNC Server"
      net start "TightVNC Server"
      rmdir /s /q "C:\Documents and Settings\All Users\Start Menu\Programs\TightVNC\"
    6. Save the file in your shared folder. You need to save it as a .bat file. For example mine is called installvnc.bat


    Adding to a group policy

    1. Open up an appropriate group policy that applied to your computers or create a new one.
    2. Navigate to: Computer Configuration > Policies > Windows Settings > Scripts > Startup
    3. Press add, then browse and find the .bat file we created before in the shared folder. Then press ok & ok again.
    4. Make sure the following group policy is enabled. Computer Configuration > Policies > Administrative Templates > System > Logon > Always wait for the network at computer startup & Logon


    When your computer startup it should install VNC and be configured.

    Enjoy!
    Last edited by FN-GM; 17th April 2011 at 07:15 PM.

  2. 4 Thanks to FN-GM:

    bodminman (30th October 2011), enjay (26th July 2011), lafleur1977 (12th July 2012), speckytecky (23rd March 2012)

  3. #2
    enjay's Avatar
    Join Date
    Apr 2007
    Location
    Reading, Berkshire, UK
    Posts
    4,461
    Thank Post
    279
    Thanked 196 Times in 167 Posts
    Rep Power
    75
    Does this allow you to connect to computers which are not logged in, or just those which are in use?

  4. #3

    Steve21's Avatar
    Join Date
    Feb 2011
    Location
    Swindon
    Posts
    2,662
    Thank Post
    324
    Thanked 506 Times in 474 Posts
    Rep Power
    177
    Quote Originally Posted by enjay View Post
    Does this allow you to connect to computers which are not logged in, or just those which are in use?
    From how I read it, it "should" be on startup, not login, aka yes those not logged in.

    "2.Navigate to: Computer Configuration > Policies > Windows Settings > Scripts > Startup" Isn't a login script as such, however obviously depends if the VNC server has a service option, or if it's only an exe style :P Then it wouldn't I guess.

    Steve

  5. #4

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,408
    Thank Post
    797
    Thanked 1,593 Times in 1,395 Posts
    Blog Entries
    10
    Rep Power
    428
    Quote Originally Posted by enjay View Post
    Does this allow you to connect to computers which are not logged in, or just those which are in use?
    If the machines are not logged on it will allow you to connect to them yes.

    But if you have the option selected to prompt the user to allow you on it wont. There will be nobody on the other end to press ok

  6. #5
    enjay's Avatar
    Join Date
    Apr 2007
    Location
    Reading, Berkshire, UK
    Posts
    4,461
    Thank Post
    279
    Thanked 196 Times in 167 Posts
    Rep Power
    75
    Thanks, I'll give that a try then - VNC is one thing I'm really missing from our Win7 network...

  7. #6
    ricki's Avatar
    Join Date
    Jul 2005
    Location
    uk
    Posts
    1,466
    Thank Post
    20
    Thanked 164 Times in 157 Posts
    Rep Power
    51
    You could also look at the following site and create a msi for ultravnc and deploy it through group policy. VNCed - News

  8. Thanks to ricki from:

    speckytecky (23rd March 2012)

  9. #7
    enjay's Avatar
    Join Date
    Apr 2007
    Location
    Reading, Berkshire, UK
    Posts
    4,461
    Thank Post
    279
    Thanked 196 Times in 167 Posts
    Rep Power
    75
    @FN-GM - works a treat, thanks so much.

    As an aside, I didn't need to create a share for it, just a regular folder inside an existing share and then reference that location, e.g. \\servername\netsoft$\tightvnc\tightvnc.bat

  10. #8

    Join Date
    Jan 2011
    Posts
    22
    Thank Post
    1
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Works a treat however has anyone found a way to hide the icon from the systray? I've tried a variety of methods found online however had no luck at all.

  11. #9

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,408
    Thank Post
    797
    Thanked 1,593 Times in 1,395 Posts
    Blog Entries
    10
    Rep Power
    428
    Quote Originally Posted by Alpha2x View Post
    Works a treat however has anyone found a way to hide the icon from the systray? I've tried a variety of methods found online however had no luck at all.
    There is a preference in tight VNC to remove it. You set that then you export the registery and deploy it as shown on post one.

  12. #10

    Steve21's Avatar
    Join Date
    Feb 2011
    Location
    Swindon
    Posts
    2,662
    Thank Post
    324
    Thanked 506 Times in 474 Posts
    Rep Power
    177
    If you're using the newer version there's a tick box under server I think

    Steve

  13. #11

    Join Date
    Jan 2011
    Posts
    22
    Thank Post
    1
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Hi Steve,

    I've seen this, but its not really practical to have to set this on every machine manually, only way I guess would be to incorporated a pre-configured VNC into our build.

  14. #12

    Steve21's Avatar
    Join Date
    Feb 2011
    Location
    Swindon
    Posts
    2,662
    Thank Post
    324
    Thanked 506 Times in 474 Posts
    Rep Power
    177
    Unless it's changed recently it just sets a reg value by clicking the box. Think it's HKLM\SOFTWARE\ORL\WinVNC3\DisableTrayIcon DWORD "1" ?

    Not 100% though, stopped using Tight a while ago :P

    Steve

  15. #13

    Join Date
    Jan 2011
    Posts
    22
    Thank Post
    1
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Spent ages trying to get the DisableTrayIcon to work, got absolutely nowhere with it. Did you more to anything more... preferable?

  16. #14

    Steve21's Avatar
    Join Date
    Feb 2011
    Location
    Swindon
    Posts
    2,662
    Thank Post
    324
    Thanked 506 Times in 474 Posts
    Rep Power
    177
    Quote Originally Posted by Alpha2x View Post
    Spent ages trying to get the DisableTrayIcon to work, got absolutely nowhere with it. Did you more to anything more... preferable?
    Which version you using atm?

    Try:

    Code:
    HKEY_CURRENT_USER\SOFTWARE\TIGHTVNC\SERVER\RUNCONTROLINTERFACE = 0
    (or HKLM w/e you want)

    Think it's 0, but may be 1 (Try 0 first)

    Steve
    Last edited by Steve21; 28th July 2011 at 04:57 PM.

  17. #15
    enjay's Avatar
    Join Date
    Apr 2007
    Location
    Reading, Berkshire, UK
    Posts
    4,461
    Thank Post
    279
    Thanked 196 Times in 167 Posts
    Rep Power
    75
    Guys, read FN-GM's post above - if you follow his instructions and export the reg key, then the clients won't have the icon. RTFM :-)

SHARE:
+ Post New Thread
Page 1 of 4 1234 LastLast

Similar Threads

  1. Deploy printer using group policy - won't work
    By KevWCFE in forum Windows Server 2008
    Replies: 22
    Last Post: 1st November 2012, 11:22 AM
  2. Deploy Corel Paint Shop Pro X2 By Group Policy
    By FN-GM in forum Educational Software
    Replies: 10
    Last Post: 20th October 2010, 01:01 PM
  3. Deploy ActivInspire by group policy
    By FN-GM in forum Promethean Direct Support
    Replies: 16
    Last Post: 13th September 2010, 07:47 PM
  4. How to use the quiet silent switch to deploy software through group policy
    By thom in forum Network and Classroom Management
    Replies: 5
    Last Post: 13th August 2008, 05:31 PM
  5. Deploy TuxType with Group Policy
    By garym2000 in forum Windows
    Replies: 3
    Last Post: 19th February 2008, 08:18 PM

Thread Information

Users Browsing this Thread

There are currently 2 users browsing this thread. (0 members and 2 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •