product icon

Connecting to On-LAN Computers

    This article gives guidance to Rescue technicians.

    How to Connect to a Computer on a Local Area Network

    Access computers on your Local Area Network and provide support and maintenance without end-user interaction.

    Before you begin: The agent's Technician Group must have Connect On LAN permission.
    Restriction: The Connect On LAN feature is not available for Technician Console for Mac.
    1. On the Session Toolbar, click the Computers icon.

      Result: The Computers panel is displayed.

    2. On the Computers list, click the Connect On LAN tab to see a list of accessible computers.
    3. Filter computers by name or IP address.
      Tip: You can search and connect at any time. You do not need to wait for the entire list of computers to load.
    4. Select the computer you want to access and click Connect.
      Important: If you do not have Administrator rights, you are prompted to enter the login credentials of the computer you want to access.

      Result: The session appears in the Technician Console in Connecting status. The applet launches on the remote computer and the session starts. The customer does not have to grant access to the computer, so you can manage it without customer interaction.

    Example: Technical Information for Advanced Users

    • Required Windows settings:
      • File and Printer sharing must be allowed on the customer's firewall.
      • Network access: Sharing and security model for local accounts must be set to Classic - local users authenticate as themselves on the customer's computer (Control Panel > [System and Security in Win7] > Administrative Tools > Local Security Policy > Local Policies > Security Options > Network access: Sharing and security model for local accounts).
      • Both the technician and customer computer must use a compatible NTLM authentication method: Control Panel > [System and Security in Win7] > Administrative Tools > Local Security Policy > Local Policies > Security Options > Network security: LAN Manager authentication level (for example, set both to Send NTLMv2 response only).
      • If the Remote Registry service is enabled on the remote computer, the Technician Console will use that. (Go to Control Panel > Administrative Tools > Services, right-click Remote Registry and click Properties. Set Startup type to Automatic or Manual.) If the Remote Registry service is disabled, the Technician Console can also use Windows Management Instrumentation command line utility (WMIC) as a fall-back solution. WMIC is more secure, but slower.
    • NetBIOS uses ports 135, 137, 138, 139
    • Windows uses NTLM authentication to acquire administrator rights. This authentication uses randomly allocated TCP ports: 1024-65535, or 49152-65535 on Vista and Windows Server 2008. Communication through these ports must be allowed by firewalls.
    • Computer Detection modes
      Technician Console version 7.12.3351 or lower
      Previous versions of the Technician Console used the command line tool net.exe to detect computers on a network. The latest versions of Windows disable the SMBv1 protocol, on which the tool is based. To restore the original functionality, the customer needs to re-enable SMBv1 on the remote computers.
      Technician Console version 7.12.3352 or above
      If the Active Directory Lightweight Directory Services Windows feature is enabled on the technician's computer, the Technician Console can read the computer list from Active Directory.
    Article last updated: 5 January, 2023