On the RemotelyAnywhere toolkit, select Security > Access Control to define who can access RemotelyAnywhere.
Users
Security > Access Control
The upper portion of this page lists users with access to RemotelyAnywhere.
Click Add to create a new user or group.
Click Delete next to any entry to remove that user or group from the access list.
Settings
Security > Access Control
Allow full control to administrators
This is enabled by default. It adds Full Control permission to all
administrators of the computer. If you turn it off, only users explicitly granted permission to use RemotelyAnywhere will have access.
NT LAN Manager Authentication
RemotelyAnywhere supports Windows Challenge/Response type authentication. You must use Internet Explorer to take advantage of this feature. You need not worry about exposing your password to
eavesdroppers if you are using HTTPS to secure all communications between your browser and RemotelyAnywhere.
Save user name in a cookie You can configure RemotelyAnywhere to remember your user name in a cookie.
Do Not List Domains on Logon Screen
When logging on to a Host, users will be prompted to enter a username and password for a computer on a given domain. By default, RemotelyAnywhere provides a list of active domains in the Log on to field.
When the Do Not List Domains on Logon Screen box is selected, the list of active domains will not be displayed, thus forcing the user to type the exact name of the chosen domain in the Log on to field. This provides an extra layer of security by forcing would-be hackers to know exact domain names.
Adding a New User: Access Control Permissions
Security > Access Control
Permission R(ead) W(rite) D(elete)
Login
Allows the user to log into LogMeIn. By revoking
Allows the user to view LogMeIn Preferences. You must be an Administrator to change this setting.
Allows the user to change LogMeIn Preferences. You must be an Administrator to change this setting
Scripts
Allows the user to view and execute monitoring and maintenance scripts.
Allows the user to edit, compile, enable and disable monitoring and maintenance scripts.
Allows the user to delete monitoring and
maintenance scripts.
Event Viewer Allows the user to read event log entries.
Allows the user to clear and backup event logs.
File System
Allows the user to list drives, folders and files;
Allows the user to copy, paste, rename and edit files; create and share folders; edit attributes and access control lists
Allows the user to delete files; remove shares; and disconnect users from shared files.
Registry
Allows the user to view the registry keys and values; and list installed applications.
Allows the user to create and rename registry keys;
add and change registry values.
Allows the user to delete registry keys and values.
Performance Data
Allows the user to view system performance data, graphs and detailed hardware information.
Processes
Allows the user to view running processes, services and drivers; list DLLs and objects that these processes use; and view scheduled tasks.
Allows the user to change process priorities and service startup parameters; control services; create and modify scheduled tasks.
Allows the user to kill running processes and services; delete scheduled tasks
Permission R(ead) W(rite) D(elete)
Reboot
Allows the user to restart the LogMeIn service;
initiate and schedule system reboots; and hard-reset the computer.
Remote Control
Allows the user to view and monitor the remote desktop; and use the chat applet.
Allows the user to view and interact with the remote desktop.
Allows the user to take control over the remote
Allows the user to chat with the person in front of the computer
User /Group Accounts
Allows the user to list and view user groups and accounts.
Allows the user to create new user groups and accounts; and modify their details.
Allows the user to delete user groups and
accounts.
System Configuration
Allows the user to list and view system
Allows the user to modify system configuration
Allows the user to delete environmental variables.
SSH Shell
Allows the user to use a command prompt via SSH.
SSH Port Forward Allows the user to use port forwarding via SSH.
SSH Privileged Port Forward
Allows the user to use port forwarding for ports below 1024 via SSH
SCP
Allows the user to use SFC (Secure File Copy) via SSH.
Permission R(ead) W(rite) D(elete)
SFTP
Allows the user to use SFTP (Secure File Transfer) via SSH.
Command Prompt
Allows the user to use the secure LogMeIn telnet applet to open a remote command prompt.
Telnet
Allows the user to use any unsecured telnet client to open a remote command prompt.
Mini Meeting
Allows the user to create and delete Mini Meeting invitations.
Other Access options Security > Access Control
Full Control Specifying full control is the equivalent of granting all the above permissions to the user. Setting this option overrides the individual options selected above.
Force Basic Interface
Users with this flag set will get a simplified interface of RemotelyAnywhere, which offers only a limited set of features and was designed for novice users. Note; this setting only hides certain RemotelyAnywhere features, but does not disable them, so users can still access them by typing their URLs into the browser’s address bar.
Members of the Administrators group are not affected by this setting.
SSH Does Not Emulate Stream Mode
Set this flag to disable emulated stream mode for the SSH Server. The option is helpful if you want SSH to execute non-interactive shell scripts which must not include terminal emulation.
SSH uses an emulated stream mode when the command shell is cmd.exe. Emulation is turned off by setting this flag, and this allows you to use an alternate shell (such as bash.exe) in stream mode. (You can control the shell interpreter used by changing the ComSpec environment variable for this user.) This flag, when set, overrides the system-wide Console Mode parameter under Telnet Server and will enable Stream Mode for this user.
By default, stream mode in RA SSH is emulated, meaning that it does not directly relay I/O between the shell and the SSH client, but does some pre-processing in order to properly display the original command-line shell of Windows (cmd.exe).