Apple Remote Desktop is the best way to manage the Mac computers on your network. Distribute software, provide real-time online help to end users, create detailed software and hardware reports, and automate routine management tasks — all without leaving your desk. Featuring Automator actions and Remote Spotlight search, Apple Remote Desktop makes your job easier than ever.
- Hi, I have a problem with these update 'Remote Desktop Client Update 3.9.2'. After install this update on my MacBook Air (os sierra) when I shut down or restart my MacBook does not want to boot. Laptop turns on but the screen is black.I need help with that.
- Just run the installer on the device you want to control from and follow the instructions, or there's MSIs for remote deployment under Windows. If you don't have permission to install VNC® Viewer on desktop platforms, choose the standalone option.
- Apple Remote Desktop (ARD) is a Macintosh application produced by Apple Inc., first released on March 14, 2002, that replaced a similar product called Apple Network Assistant. Aimed at computer administrators responsible for large numbers of computers and teachers who need to assist individuals or perform group demonstrations, Apple Remote Desktop allows users to remotely control or monitor.
Apple Remote Desktop is the award-winning OS X desktop management system for software distribution, asset management and remote assistance. Apple Remote Desktop offers a wide range of high-performance features, including lightning-fast Spotlight searches across multiple systems, more than 40 Automator actions for easy automation of repetitive tasks, and AutoInstall for automatically updating software on mobile systems once they return to the network.
Apple has their own remote access software called Apple Remote Desktop (ARD) which is a shareware that cost $79.99. It comes with some powerful features such as software distribution and automation to perform repetitive tasks on remote computers, but unfortunately it is meant for Mac to Mac. Remote Desktop Support Software for Mac. BeyondTrust has supported Mac OS X since 2007. And, unlike some remote support solutions that stop with basic support, BeyondTrust offers largely the same functionality for Mac as it does for Windows.
First-class upgrades
Installing software or updates to your network has never been this easy. Take an existing package, from either Apple or a third party, and simply use the Install Package to copy and install on your client computers. And it works with custom install packages as well. Apple Remote Desktop will alert your system's users to upgrades and even restart machines remotely.
AutoInstall allows you to stage software on a Task Server, which then takes care of distributing the packages for installation on client computers. You can even set a schedule for installation to occur at a time that is most convenient for your organization. And if a computer is not on the network, the Task Server will keep track and automatically install the package once the system is online.
Automation for your Mac computers
Those time-consuming administrative tasks will become a thing of the past, thanks to Automator actions in Apple Remote Desktop. To use Automator actions, all you need to do is drag and drop the actions to construct a workflow.
More than 40 Automator actions are included with Apple Remote Desktop, which you can apply to set desktop pictures, Finder preferences, Energy Saver preferences, default time zones and more.
No need to make house calls
The screen-sharing features of Apple Remote Desktop allow you to provide immediate help to remote users, saving time for both of you. Don't want your admin tasks to be seen? No problem. Turn on Curtain Mode to block the local user's view of their desktop. This is perfect when you're updating a public display. You'll have full control of the system, but your work will be hidden from view.
If you need to move files or folders to a single computer, the easy-to-use Remote Drag and Drop copy function makes the job a snap. You can also copy and paste between local and remote systems — no extra steps necessary.
Reporting for duty
Remote Spotlight search takes advantage of one of the most powerful features of OS X. Now you can perform lightning-fast, user-specified searches on remote client systems. Files from the results can be copied to the administrator system for reporting.
Apple Remote Desktop also makes it easy to compile reports on application usage, history, inventory and more. Hardware reports gather more than 200 attributes about networked Mac systems, while software reports collect information on 16 file system attributes. Inventory reports can be gathered even from mobile systems not connected to the network, and results are stored in the included SQL database for fast access.
Windows has supported TLS for server authentication with RDP going back to Windows Server 2003 SP1. When connecting to a Windows PC, unless certificates have been configured, the remote PC presents a self-signed certificate, which results in a warning prompt from the Remote Desktop client. An environment with an enterprise certificate authority can enable certificate autoenrollment to enable trusted certificates on the RDP listener, thus removing the prompt. To get OS X clients to accept the certificate takes a little extra configuration not required on Windows clients.
While I may only be configuring certificates in my lab environment, there's not much effort required to remove these certificate warnings.
Client Warnings for Untrusted Certificates
Here are the client certificate warnings on various Microsoft Remote Desktop clients, including OS X. First up the original Remote Desktop Connection (mstsc) on Windows:
The new Remote Desktop Universal app on Windows 10:
And the Remote Desktop client on OS X 10.11:
Configuring the Certificate Template
I won't cover installing and configuring an enterprise certificate authority here; however, here are a number of articles worth reading on this topic:
To configure a certificate for use with Remote Desktop Services (or RDP into any Windows PC), you'll need to create a new certificate template and enable both the Server Authentication and the Remote Desktop Authentication application policies. This was key for OS X clients - both of these policies must exist. Some articles will walk through this configuration and recommend removing the Server Authentication policy; however, the certificates will then not work on non-Windows clients.
This article has a great walk-through of the entire process and more: RDP TLS Certificate Deployment Using GPO. In my lab, I've created a ‘Remote Desktop Computer' certificate template and enabled it to be autoenrolled via Group Policy.
Certificate Template Options
To create the new template, open the Certificate Templates console and duplicate the Computer template. Use this template because it already has the Server Authentication policy enabled.
Apple Remote Desktop Client Mac Os Sierra Installer
Here are the client certificate warnings on various Microsoft Remote Desktop clients, including OS X. First up the original Remote Desktop Connection (mstsc) on Windows:
The new Remote Desktop Universal app on Windows 10:
And the Remote Desktop client on OS X 10.11:
Configuring the Certificate Template
I won't cover installing and configuring an enterprise certificate authority here; however, here are a number of articles worth reading on this topic:
To configure a certificate for use with Remote Desktop Services (or RDP into any Windows PC), you'll need to create a new certificate template and enable both the Server Authentication and the Remote Desktop Authentication application policies. This was key for OS X clients - both of these policies must exist. Some articles will walk through this configuration and recommend removing the Server Authentication policy; however, the certificates will then not work on non-Windows clients.
This article has a great walk-through of the entire process and more: RDP TLS Certificate Deployment Using GPO. In my lab, I've created a ‘Remote Desktop Computer' certificate template and enabled it to be autoenrolled via Group Policy.
Certificate Template Options
To create the new template, open the Certificate Templates console and duplicate the Computer template. Use this template because it already has the Server Authentication policy enabled.
Apple Remote Desktop Client Mac Os Sierra Installer
Navigate to the Extensions tab, edit the ‘Application Policies' extension and remove ‘Client Authentication' from the list.
After you added the ‘Remote Desktop Authentication' policy, you should see the policies and see in the following dialog box. See below for the actual 'Remote Desktop Authentication' policy.
Adding the 'Remote Desktop Authentication' policy requires adding a new extension named ‘Remote Desktop Authentication' (or similar) with an object value of '1.3.6.1.4.1.311.54.1.2' (excluding quotes). and enter the values as above.
Save the template and configure your CA to issue the new template. In my lab my certificate template display name ‘Remote Desktop Computer'. Since my first template failed, it's actually called ‘Remote Desktop Computer v2'. However, the important name to note for the next step is the actual template name, which can be found on the General tab of the template. In my case this is ‘RemoteDesktopComputerv2' (the display name, minus the spaces).
Configure Autorenrollment
To configure autoenrollment, I've created a new GPO dedicated to the autoenrollment setting and linked it to the organisational units containing server and workstation computer account objects. Edit the policy and enable the following setting:
Computer Configuration / Administrative Templates / Windows Components / Remote Desktop Services / Remote Desktop Session Host / Security / Server authentication certificate template
Add the name of the certificate template and shown in the screenshot below:
Once a Group Poliy refresh occurs or on the next boot, the target Windows machines will autoenroll for the certificate and configure their RDP listener.
OS X Configuration
Apple Remote Desktop Client Mac Os Sierra Os
Now that my Remote Desktop certificates are configured for autoentrollment and Windows machines are picking up the certificates, I can import the root CA certificate into my MacBook running OS X.
Navigate to the URL of your certificate server (e.g. http://cert1/certsrv) and download the certificate via ‘Download a CA certificate, certificate chain, or CRL'. Download the CA certificate in DER format. Find the downloaded certificate in Finder and open the certificate to install it into Keychain.
Once installed the certificate is not automatically trused as you can see below:
Set the certificate to be trusted by selecting ‘Alway Trust' from the ‘When using this certificate' option. Close the certificate properties window and you should be prompted for your password to save the changes. Now when connecting to PCs via the Remote Desktop client, you should no longer receive certificate warnings.
This article shows how to install the root CA certificate via Terminal, which should assist in automating the import across a number of Macs.
