Forum / NoMachine for Windows / Collaboration use case questions
- This topic has 1 reply, 2 voices, and was last updated 5 years, 5 months ago by Britgirl.
-
AuthorPosts
-
August 8, 2019 at 08:31 #23230gdungeParticipant
We are an eight-person company that is geographically separated and multiplatform (Windows, Linux, Mac). We have set up an old Windows 7 laptop as a simple collaboration server, for central file storage, access to Windows apps, and simultaneous editing of documents. We were using TeamViewer, but now we need to pay for a commercial license and they want thousands of dollars per year.
I installed the free NoMachine client package and it seems to work really well – fast, stable, encrypted connection, and with a clean interface.
NoMachine looks like a huge improvement over something cobbled together out of SFTP, SSH, and VNC. I’ve been reading the documentation and forum posts and I’d like to ask some questions about our use case (and access control for our Windows user accounts).
Here come the questions, at last.
- If I understand correctly, we need to purchase an Enterprise Desktop Subscription for our shared Windows laptop so that several of us can attach to it at the same time (other users can use the free client). Is this correct?
- If we want to start out with the free client on the shared laptop, how can we upgrade to the Enterprise client when we decide we need simultaneous connections?
- We have one user account for our accounting people that is the only user that can access financial records. Is there a way to configure NoMachine to lock the current session and return to the Windows login screen when the NoMachine session terminates, so that the next user needs to authenticate to Windows to get in?
- I am not clear on how Windows access controls work when simultaneous users attach to the machine. If the accounting user attaches first and logs in, what happens when a less-privileged user attempts to connect? I would hope they won’t be able to silently connect and spy on the accounting user. What are my options here?
- Maybe I’m missing something obvious. Can anyone suggest a low-cost collaboration solution for me to investigate? Note that public cloud solutions won’t work for us because of some inconvenient US laws regarding our industry, and the US-compliant cloud solutions generally cost rather more than an old laptop.
I think that’s all for now. Many thanks for reading, and thanks in advance for any help!
– Doug W.
August 8, 2019 at 12:18 #23242BritgirlKeymasterHi Doug,
welcome aboard π Let me answer some of the questions that you have about NoMachine software.
1. If I understand correctly, we need to purchase an Enterprise Desktop Subscription for our shared Windows laptop so that several of us can attach to it at the same time (other users can use the free client). Is this correct?
Yes. That’s correct. Installing Enterprise Desktop on the host that you want to access allows unlimited connections to that PC. All those connecting see the same desktop. Users who need to connect only to the hosted desktop can download either the free Enterprise Client (which is used just for connecting) or the free NoMachine package for their operating system. If these users’ PCs will also need to accept multiple remote connections from other users, similarly to the Windows shared laptop you mention, just install Enterprise Desktop. All our ‘server side’ software provides the connection GUI to avoid having to install multiple packages by hand.
2. If we want to start out with the free client on the shared laptop, how can we upgrade to the Enterprise client when we decide we need simultaneous connections?
Uninstall the free version and install Enterprise Desktop on the server host π You get 30 days evaluation period when you install any of the Enterprise range. After which you can consider purchasing a subscription which will allow you to replace the evaluation license. The subscription lasts a year and it includes all software updates and technical assistance via the customer area. For more information about ‘what you get’ and renewing, you should reach out to the sales team.
Just so it’s clear, if you are now testing out the free NoMachine version and have installed it on all your computers (both connecting clients and your shared laptop hosts), when you are ready to purchase, the computers that you want to be able access remotely must switch to Enterprise Desktop.
3. We have one user account for our accounting people that is the only user that can access financial records. Is there a way to configure NoMachine to lock the current session and return to the Windows login screen when the NoMachine session terminates, so that the next user needs to authenticate to Windows to get in?
You should be activating the last box in the Security panel of the server. See fig. 3 in https://www.nomachine.com/DT10O00155. To do this in the server configuration file (server.cfg), please see Enterprise Desktop Config Guide: https://www.nomachine.com/DT02O00125#12.1
I am not clear on how Windows access controls work when simultaneous users attach to the machine. If the accounting user attaches first and logs in, what happens when a less-privileged user attempts to connect? I would hope they wonβt be able to silently connect and spy on the accounting user. What are my options here?
NoMachine’s out-of-the-box configuration is that the desktop owner must authorize different users requesting to connect to the same desktop. A pop-up will appear to the owner of the desktop (see image below). Furthermore, connected users are always visible in the section Connected Users of the Service Status. Additionally, the administrator can set different levels of access, exactly who gets access and how. So in your case, “accounting user attaches first and logs in”, assuming that the accounting user is also the owner of the desktop, a pop-up will appear to the owner when different users request to connect to the same desktop session.
Security preferences can be configured in the server GUI (https://www.nomachine.com/de/DT10O00155#2.2.). Advanced configuration can be done at the server.cfg level where it’s possible to pre-set trusted users. In that case, take a look at #12.3 of the document DT02O00125.
Attachments:
-
AuthorPosts
This topic was marked as solved, you can't post.