How to bypass the required permissions to give the Remote Control Agent control of specific Systems Management Server 2.0 clients (833178)


The information in this article applies to:

  • Microsoft Systems Management Server 2.0
Important This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows Registry

SUMMARY

You can configure the Microsoft Systems Management Server 2.0 (SMS 2.0) site-wide setting for the Remote Control Agent so that SMS 2.0 clients prompt for permission to give the Remote Control Agent control of client desktops. However, you may want to disable prompting on certain types of SMS 2.0 clients, such as servers, where a user rarely logs on. This article describes how to modify registry settings so that specific SMS 2.0 client computers do not prompt for permission to give the Remote Control Agent control of the client desktop.

MORE INFORMATION

Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

By default, the Permission Required registry setting is site-wide. Permissions are either required for the whole SMS 2.0 site or they are not. On each SMS 2.0 client, the Permission Required setting is a DWORD value that is contained in the following registry subkey:

HKEY_LOCAL_MACHINE\Software\Microsoft\SMS\Client\Client Components\Remote Control

Permission settings work as follows:
  • When the Permission Required value is set to 0, permissions are not required to control the client.
  • When the Permission Required value is set to 1, permissions are required to control the client.
The SMS 2.0 client receives these settings at each Client Configuration Installation Manager (CCIM) cycle or at each client update cycle. By default, each CCIM cycle is 23 hours. You can change the Permission Required value on the client computer to reflect the configuration that you want, but as soon as the CCIM update cycle runs on the client, the site-level setting overwrites the local setting. The Remote Control Security Munger, a CCIM component, enforces the site-wide remote-control settings on each client.

To prevent the Remote Control Security Munger service from updating this setting as part of the CCIM update, follow these steps:
  1. Locate the following registry subkey:

    HKEY_LOCAL_MACHINE\Software\Microsoft\SMS\Client\Client Components\Remote Control

  2. If the registry REG_SZ value UpdateEnabled does not exist, add the value, and then set the entry to No.
  3. If the UpdateEnabled setting exists, set the entry to No.
  4. Quit Registry Editor.

REFERENCES

For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

199922 SMS: How to disable Remote Control Security Munger on Windows NT clients

Modification Type:MajorLast Reviewed:9/6/2006
Keywords:kbhowto kbinfo KB833178 kbAudITPRO
©2004 Microsoft Corporation. All rights reserved.