MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING PERFORMANCE, OR USE OF THIS DOCUMENTATION.
Licensing and registration If your Symantec product requires registration or a license key, access our technical support Web page at the following URL: www.symantec.com/techsupp/ent/enterprise.html Select your region or language under Global Support, and then select the Licensing and Registration page.
Page 4
North America and Latin America: supportsolutions@symantec.com Additional Enterprise services Symantec offers a comprehensive set of services that allow you to maximize your investment in Symantec products and to develop your knowledge, expertise, and global insight, which enable you to manage your business risks proactively.
Page 5
Consulting Services Symantec Consulting Services provide on-site technical expertise from Symantec and its trusted partners. Symantec Consulting Services offer a variety of prepackaged and customizable options that include assessment, design, implementation, monitoring and management capabilities, each focused on establishing and maintaining the integrity and availability of your IT resources.
Migrating from pcAnywhere 10.x in Windows 98/Me ....13 Upgrading from pcAnywhere 9.2.x in Windows NT/2000/XP ... 14 Upgrading from pcAnywhere 9.2.x in Windows 98/Me ....14 Using Symantec Packager to streamline migrations and upgrades ..14 Chapter 2 Creating custom installation packages About Symantec Packager ..............
Page 8
Contents Chapter 3 Deploying Symantec pcAnywhere custom installations About deployment ................ 43 About package installation file locations ........... 44 Deploying installation packages using Web-based deployment ....45 About Web-based deployment requirements ........ 45 Setting up the installation Web server ........46 Customizing the deployment files ..........
Page 9
Setting up the host computer to use directory services ....89 Setting up the remote computer to use directory services ....90 Chapter 6 Managing security in Symantec pcAnywhere Controlling access to pcAnywhere hosts ........... 91 Limiting connections to specific computer names or IP addresses ................
A system restart for migrations and upgrades is required only if system files need to be updated. Symantec pcAnywhere requires a system restart if you are migrating or upgrading to the new version in Windows 98/Me. Symantec Packager helps you simplify the process of uninstalling previous versions or distributing preconfigured settings to multiple users.
Page 12
Planning a migration and upgrade strategy About migrations and upgrades Migration and upgrade strategy matrix Table 1-1 Symantec Operating Restart required Data preserved pcAnywhere system automatically version 11.x Windows Host items NT/2000/2003 Caller items Server/XP Remote items Option sets Registry settings...
Planning a migration and upgrade strategy About migrations and upgrades Migrating from pcAnywhere 11.x in Windows NT/2000/2003 Server/XP Symantec pcAnywhere supports full migration of the full product version and host-only version of pcAnywhere 11.x to version 12.0 in Windows NT/2000/2000/2003 Server/XP.
9.2.x installed, pcAnywhere prompts you to uninstall the program. This is required to ensure proper functionality. To automate this process, you can use Symantec Packager to create a custom installation package to handle the uninstallation and installation process. You can also include preconfigured data files in the package and deploy it to other users.
Page 15
Planning a migration and upgrade strategy Using Symantec Packager to streamline migrations and upgrades The product installation does not support Create a custom installation package that preservation of preconfigured product includes preconfigured data files that settings. contain the settings that you need.
Page 16
Planning a migration and upgrade strategy Using Symantec Packager to streamline migrations and upgrades...
About Symantec Packager Symantec Packager lets you create, modify, and build custom installation packages that you can distribute to target systems. You can use Symantec Packager to tailor installations to fit your corporate environment by building packages that contain only the features and settings that your users need.
What you can do with Symantec Packager Note: Symantec Packager runs on Windows NT/2000/2003 Server/XP Professional platforms only. However, installation packages that are created with Symantec Packager can be installed on all Microsoft 32-bit platforms except for Windows 95/NT 3.51.
Page 19
Creating custom installation packages How Symantec Packager works Package creation process Table 2-1 Task Description Reference Import product modules into Product modules contain the “Importing a product Symantec Packager. installation binary and module” on page 20. product template files that are needed to create a custom installation of the product.
<version>.PMI) on the installation CD. If you install Symantec Packager from the pcAnywhere installation CD, Symantec Packager automatically imports this product module file. If no products appear on the Import Products tab when you open Symantec Packager, you must import the product module manually. To import a product module Open Symantec Packager.
Symantec Packager. Each product configuration file contains the features, installation options, and preconfigured settings that you want to include for that product. Symantec Packager uses this information to construct installation packages. You can edit the default product configuration file or create a new one.
Some features in pcAnywhere have dependencies on other components. Although Symantec Packager has a level of built-in dependency checking, it is possible to build a pcAnywhere installation package that does not include all required files.
Page 23
Required for all custom product installations. Communication protocols Required for all custom product installations. To select product features In the Symantec Packager window, on the Configure Products tab, do one of the following: Create a new product configuration. Double-click an existing product to edit it.
For product-specific configurations, you must configure these files in the product first, and then add them to the Configuration Files tab in Symantec Packager. Configuration files cannot be edited in Symantec Packager.
Page 25
This information is required to launch a host. For more information, see the Symantec pcAnywhere User's Guide. Symantec pcAnywhere configuration files are located in the following folders: Windows 2000/2003 Server/XP \Documents and Settings\All Users\Application Data\Symantec\pcAnywhere Windows NT 4.0...
Warning: Use caution when configuring a registry key file. An incorrect setting could make the operating system or product inoperable. To include a configuration file In the Symantec Packager window, on the Configure Products tab, do one of the following: Create a new product configuration.
“Implementing policy-based administration” on page 99. To integrity stamp a product configuration In the Symantec Packager window, on the Configure Products tab, do one of the following: Create a new product configuration. Double-click an existing product to edit it.
Page 28
Deploy and install the package. Generating a serial ID file Symantec pcAnywhere lets you generate a security code, or serial ID, which can be embedded into a custom installation. Serial IDs must be a numeric value between 0 and 4,294,967,296.
Page 29
Creating custom installation packages Customizing product settings To create a serialized installation file In the Symantec Packager window, on the Configure Products tab, do one of the following: Create a new product configuration. Double-click an existing product to edit it.
Preconfigured option sets can be used for custom installation packages created with Symantec Packager. They can also be used as the default preferences for the local computer. Configuring an option set in pcAnywhere Symantec pcAnywhere groups the option set properties by tabs.
Page 31
After the package or custom product is installed on the target computer, the option set can be applied on the local computer. To add an option set to a custom installation file In the Symantec Packager window, on the Configure Products tab, do one of the following: Create a new product configuration.
If prompted, type a file name, and then click Save. Applying an option set on the local computer Symantec pcAnywhere lets you maintain multiple option set files to accommodate unique configuration requirements. For example, if you work in different locations, you can avoid changing the default settings each time you change locations.
Page 33
Packager are installed by default in the Program Files directory under Symantec\pcAnywhere. You can specify a different directory. To change the target installation directory In the Symantec Packager window, on the Configure Products tab, do one of the following: Create a new product configuration.
Page 34
Manager feature in the product configuration. To prompt users to register upon startup In the Symantec Packager window, on the Configure Products tab, do one of the following: Create a new product configuration.
Page 35
If prompted, type a file name, and then click Save. Selecting the default template for host connections Symantec Packager lets you select the host configuration file that you want to use as a template for new host connection items that the user creates after installation.
Page 36
To select the default template for remote connections In the Symantec Packager window, on the Configure Products tab, do one of the following: Create a new product configuration.
Page 37
“Creating installation packages” on page 39. To preserve existing configuration settings In the Symantec Packager window, on the Configure Products tab, do one of the following: Create a new product configuration. Double-click an existing product to edit it.
For more information about custom commands, see the Symantec Packager online Help. To create a custom command In the Symantec Packager window, on the Configure Products tab, on the File menu, click New Custom Command. In the Command Editor window, on the Parameters tab, double-click Description.
Package creation is optional for pcAnywhere custom installations. Symantec Packager lets you build the Symantec pcAnywhere product configuration file, which creates an .msi file that can be installed locally. You can deploy the Symantec pcAnywhere .msi file using a third-party deployment tool. The Symantec Packager Deployment Tool does not support MSI deployment.
Package Editor window, as well as any product requirements or conflicts. To add products and commands to a package definition In the Symantec Packager window, on the Configure Packages tab, do one of the following: Create a new package definition.
Symantec Packager stores the .msi files in the Symantec Packager data directory. You can view these files on the Deploy Packages tab if you edit the Symantec Packager preferences to list supported .msi files.
During installation, Symantec Packager checks for product conflicts and verifies that required products are present on the target computer. The installation fails if Symantec Packager encounters a conflict that it cannot resolve. You should test packages to verify that product requirements are met and that the installation sequence is correct.
Opening an .exe file or supported .msi file on the Deploy Packages tab in Symantec Packager starts the installation process. Ensure that the target computer meets the system requirements for pcAnywhere installation. For more information about using the Deploy Packages tab, see the Symantec Packager Implementation Guide on the pcAnywhere CD.
Preconfigured package and product installation files are stored in the Packages directory on the Symantec pcAnywhere CD. Packages and product installation files that you create with Symantec Packager are listed on the Deploy Packages tab in Symantec Packager. To view .msi files, you must edit the Symantec Packager preferences to list supported product .msi files.
Deploying installation packages using Web-based deployment Packages that are created with Symantec Packager can be deployed over your corporate intranet using a Web-based deployment tool that is provided by Symantec. All of the source files that are necessary to implement Web-based deployment are included on the Symantec pcAnywhere CD in the Tools/Web Deploy folder.
Deploying Symantec pcAnywhere custom installations Deploying installation packages using Web-based deployment Web server and target computer requirements (continued) Table 3-1 Deployment Requirements Target computer Internet Explorer 4.0 or later. Symantec pcAnywhere requires Internet Explorer 6.x or later for installation. Windows Installer 2.0 or later (required only for MSI installations).
Page 47
On the Web server, create a directory in which you want to place the deployment files. For example: Deploy From the Packages folder on the Symantec pcAnywhere CD, copy the installation files that you want to make available for deployment to the Webinst subfolder on the Web server. For example: Deploy\Webinst\Webinst Ensure that the default document for the virtual directory is Default.htm.
Page 48
Deploying Symantec pcAnywhere custom installations Deploying installation packages using Web-based deployment The Web-based deployment tool supports Microsoft Internet Information Server (IIS) or Apache HTTP Web Server. The procedures for creating a virtual directory on these servers vary. To create a virtual directory on a Microsoft Internet Information Server Do one of the following to launch the Internet Services Manager: In IIS version 4.0: On the Windows taskbar, click Start >...
Deploying Symantec pcAnywhere custom installations Deploying installation packages using Web-based deployment This file is installed by default in C:\Program Files\ Apache Group\Apache\conf. Type the following lines at the end of the file: DirectoryIndex default.htm <VirtualHost 111.111.111.111> #ServerName machinename DocumentRoot "C:\Client\Webinst"...
Page 50
Deploying Symantec pcAnywhere custom installations Deploying installation packages using Web-based deployment Customizing Start.htm The parameters in the Start.htm file contain information about the Web server and the location of the files that need to be installed. The configuration parameters are located near the bottom of the Start.htm file, inside the <object> tags.
Page 51
Deploying Symantec pcAnywhere custom installations Deploying installation packages using Web-based deployment You can also include additional files to support the deployment of third-party applications. To customize Files.ini for package deployment In a text editor, open Files.ini In the [General] section, edit the line LaunchApplication= so that it references the package executable file that you want to start after the download completes.
Page 52
Deploying Symantec pcAnywhere custom installations Deploying installation packages using Web-based deployment To customize Files.ini for MSI deployment In a text editor, open Files.ini In the [General] section, edit the line LaunchApplication= so that it references Launch.bat. For example: LaunchApplication=Launch.bat This launches the MSI installation after the download is complete. You must also edit the Launch.bat file to include the name of the .msi file that you want...
Edit the line @msiexec -i Package.msi so that it reflects the name of the .msi file that you want to deploy. For example, @msiexec -i Symantec Packager - Host Only.msi Save and close the file. Testing the installation on the Web server To test the installation, go to the Web site (for example, <your web...
Deploying Symantec pcAnywhere custom installations Deploying pcAnywhere using SMS 2.0 intranet must be set to Medium so that Symantec ActiveX controls can be downloaded to the client. When the installation is complete, the security level can be restored to its original setting.
SQL Server 6.5 or higher SMS 2.0 with Service Pack 1 or Service Pack 2 (recommended) Symantec Packager 1.0 or later with customized packages created for deployment All deployment clients must be members of the same domain as the SMS...
Page 56
Preparing the Package Definition File A default Package Definition File (pcAnywhere.pdf) is provided with pcAnywhere. This file can be modified to accommodate any package created with Symantec Packager. To use the supplied Package Definition File without modification, do one of the following: For .exe-based packages, rename the pcAnywhere package that you want to...
Page 57
Do not select This package does not contain any files. Click Browse to locate the folder that contains the pcAnywhere package that you created with Symantec Packager (or a supplied, preconfigured package). The Create Package from Definition Wizard uses this folder to point to the pcAnywhere package.
Deploying Symantec pcAnywhere custom installations Using Windows NT/2000/2003 Server/XP logon scripts Windows 9x/Windows NT to distribute the pcAnywhere package to Windows 9x and Windows NT clients. Click Browse, and then and pick the collection to which you want to advertise the installation.
Page 59
Deploying Symantec pcAnywhere custom installations Using Windows NT/2000/2003 Server/XP logon scripts @echo off setlocal REM ***** Package Variable -- Change to name of pcA Package ***** Set Package=Package.MSI REM ***** EXE or MSI Variable -- Change to package type (MSI or EXE)
Deploying Symantec pcAnywhere custom installations Using NetWare logon scripts rd pcapkg Net Use Z: /DELETE :End endlocal Testing the Windows logon script Test the completed script on one or two workstations before setting up the script for all users. Windows NT/2000/2003 Server/XP users must have local administrative rights on their computers to install the pcAnywhere package.
Deploying Symantec pcAnywhere custom installations Using NetWare logon scripts Writing the NetWare logon script Use the following sample logon script and deployment batch file to roll out pcAnywhere. The script creates the appropriate drive mappings to the local workstation and launches the deployment batch file. The batch file installs the pcAnywhere package and removes the installation files when complete.
Deploying Symantec pcAnywhere custom installations Using NetWare logon scripts REM ***** Creates a folder in the Temp dir, and copies the package ***** CD %TEMP% MD pcapkg CD pcapkg COPY %Package% c: REM ***** Launches package installation ***** IF %PkgType% == MSI msiexec -i %Package%...
About the Microsoft Distributed Component Object Model (DCOM) About centralized logging About centralized management Symantec pcAnywhere includes the pcAnywhere Host Administrator tool, which lets you remotely manage multiple pcAnywhere hosts on a network. The pcAnywhere Host Administrator tool is a Microsoft Management Console (MMC) snap-in and requires MMC to run.
In the Add/Remove Programs window, click Symantec pcAnywhere. Click Change. In the Modify or Remove Symantec pcAnywhere panel, click Next. In the Program Maintenance panel, click Modify, and then click Next. In the Custom Setup panel, under pcAnywhere Tools, click the down arrow next to Host Administrator, and then click This feature will be installed on local hard drive.
Administrator tool, you can add it as a snap-in to MMC. MMC is included with the operating system in Windows 2000/2003 Server/XP. If you need to install MMC, you can install it from the Symantec pcAnywhere CD. To add the Host Administrator snap-in to MMC On the Windows taskbar, click Start >...
These files contain the connection and security settings needed to support connections between the pcAnywhere Host Administrator console and the host computers that you want to manage. Symantec pcAnywhere provides the following preconfigured host and remote connection items that you can use as templates:...
Page 67
In the Remote Properties window, on the Connection Info tab, select one of the following network protocols: TCP/IP NetBIOS In the Remote Properties window, configure the other settings that you want to use. When you are finished, click OK. For more information, see the Symantec pcAnywhere User's Guide.
Page 68
A user name and password is required for all host sessions. You can configure other settings. For example, access privileges. For more information, see the Symantec pcAnywhere User's Guide. In the Host Properties window, configure the other settings that you want to use, and then click OK.
Configuring a host item in pcAnywhere Host Administrator The pcAnywhere Host Administrator tool lets you create a host item that you can distribute to the host computers in your configuration group. Symantec pcAnywhere requires that you set up a logon account for users who connect to your computer, and select an authentication method to verify their identities.
Performing centralized management Managing pcAnywhere hosts remotely In the Distribute pcAnywhere Files dialog box, select the computers to which you want to distribute the file. Select the file that you want to distribute. Click OK. Managing hosts in a configuration group Once you have configured the computers in your configuration group, use the pcAnywhere Host Administrator console to start, stop, or connect to any managed host in the group.
Management Server (SMS). SMS is a scalable change and configuration management system for Microsoft Windows-based computers and servers. Symantec pcAnywhere provides the support files needed to integrate with SMS. These files are offered only on the Symantec pcAnywhere CD. Importing the package definition file into SMS Symantec pcAnywhere provides a package definition file (pcAnywhere.pdf), which...
File and print sharing for Microsoft Windows Networks should be installed and enabled on the Windows 98/Me computer. Modifying DCOM settings Symantec pcAnywhere configures DCOM during the installation process. The default settings should be sufficient for pcAnywhere management applications to function normally and maintain a sufficient level of security. However,...
Performing centralized management About the Microsoft Distributed Component Object Model (DCOM) administrators can modify the default security settings in DCOM to allow or deny access to a system. Modifying DCOM security settings on a managed computer might require adjustments to the DCOM settings on the administrator computer. Ensure that all managed computers are authenticating on the same Windows NT domain or on trusted domains.
The pcAnywhere Host Administrator tool lets you retrieve log files from a host computer on the network . You can then view and process them locally. Symantec pcAnywhere also supports logging to a Simple Network Management Protocol (SNMP) console. SNMP is used to send SNMPv1 traps to a compatible console that records the information.
Repeat this process for each computer that you want to add. Click OK. Select the events that you want to log. For more information, see the Symantec pcAnywhere User's Guide. Click OK. About the pcAnywhere MIB file The pcAnywhere MIB file outlines the SNMP traps that pcAnywhere can generate.
Page 76
Performing centralized management About centralized logging...
Chapter Integrating pcAnywhere with directory services This chapter includes the following topics: About directory services Using directory services with pcAnywhere Configuring the directory servers Configuring pcAnywhere to use directory services About directory services The directory services capability in pcAnywhere is an example of a Lightweight Directory Access Protocol (LDAP) client application, which stores and retrieves information about users.
Integrating pcAnywhere with directory services Configuring the directory servers When the remote starts, a new application, the directory services browser, launches and connects to an LDAP server. The directory services browser queries all entries that satisfy its filter criteria and displays the entries in a list view. You can then select the host to which you want to connect from this list.
Integrating pcAnywhere with directory services Configuring the directory servers In the ObjectClass Name field, type pcaHost In the Available Attributes list, locate the objectclass attribute, and then click Add to include it in the Required Attributes list. In the Available Attributes list, locate the pcaHostEntry attribute, and then add it to the Allowed Attributes list.
Integrating pcAnywhere with directory services Configuring the directory servers On the Tasks tab, click Restart the Directory Server. At the prompt, click Yes. Configuring Novell v5.0 server The following procedures only apply if LDAP is installed, configured, and functioning on the Novell server with Novell Directory Services (NDS) 8.0. Administrator rights to the server are needed to perform the following procedures: Configuring the pcaHostEntry Configuring the pcaHost object...
Page 81
Integrating pcAnywhere with directory services Configuring the directory servers Creating the pcaHost object in ConsoleOne Follow this procedure to create the pcaHost object. To create the pcaHost object in ConsoleOne Open ConsoleOne from the following location: sys:public\mgmt\ConsoleOne\1.2\bin\ConsoleOne.exe On the Tools menu, click Schema Manager. On the Class tab, click Create.
Page 82
Integrating pcAnywhere with directory services Configuring the directory servers In the LDAP attribute field, type pcaHostEntry This entry is case-sensitive and must be entered exactly as it appears above. In the NDS Attribute box, click pcaHostEntry. Click OK. Do one of the following: Click Apply to map other attributes.
Page 83
Integrating pcAnywhere with directory services Configuring the directory servers To create an LDIF file In Notepad, type the following lines for each user: DN:cn=user,ou=organization_unit,o=organization Changetype:modify Add:objectclass Objectclass:pcaHost Save this file locally, and then copy it to the following location: sys:system\schema\ At the server prompt, type the following: Load Bulkload.nlm Click Apply LDIF file.
Integrating pcAnywhere with directory services Configuring the directory servers To assign rights to multiple users Click the container in which to place the group. Right-click the container, and then click New > Group. Type a name for the group. Right-click the group name, and then click Properties. On the Members tab, click Add to include other users.
Page 85
Integrating pcAnywhere with directory services Configuring the directory servers To add the snap-in On the Windows taskbar, click Start > Run. Type mmc Click OK. On the Console1 toolbar, click Console > Add/Remove Snap-in . In the Add/Remove Snap-in dialog box, click Add. Click Active Directory Schema, and then click Add.
Page 86
Integrating pcAnywhere with directory services Configuring the directory servers Creating the pcaHost object Follow this procedure to create the pcaHost object. To create the pcaHost object In the Common Name entry field, type pcaHost This is case-sensitive. In the LDAP Display Name field, type pcaHost In the Unique X500 Object ID field, type the following: 1.3.6.1.4.1.393.100.9.8.2...
Page 87
Integrating pcAnywhere with directory services Configuring the directory servers Setting the rights for the pcAnywhere user To set up the rights for the pcAnywhere user, you must first set up view rights, and then set up edit rights. To set up view rights for the user On the Windows taskbar, click Start >...
Integrating pcAnywhere with directory services Configuring pcAnywhere to use directory services On the Object tab, in the Apply onto list, click Child objects only . Click OK until you close the Security property page. Configuring pcAnywhere to use directory services Configuring pcAnywhere to use directory services involves the following process: Set up directory services in pcAnywhere preferences so that all connection items use the same settings.
Click OK. Symantec pcAnywhere attempts to connect to the directory server and search for the entry specified in the Name field. If multiple entries are found, users must select the one that represents them. Once the entry is identified, pcAnywhere stores its Distinguished Name in the registry for easy identification, and labels the entry as Verified.
Integrating pcAnywhere with directory services Configuring pcAnywhere to use directory services Setting up the remote computer to use directory services When you set up a remote connection to use directory services, the remote looks on the directory server for waiting host connections. Configure the directory server entries before beginning this procedure.
“Limiting connections to specific computer names or IP addresses” on page 92. Serialize pcAnywhere installations. Symantec pcAnywhere lets you create custom installation packages with an embedded security code, or serial number. This serial number must be present on both the host and remote computers to make a connection.
Limiting the number of consecutive times that a remote user can attempt to log on to the host computer helps protect against hacker and denial of service attacks. Symantec pcAnywhere ends the connection if a remote user is not able to log on successfully before reaching the limit.
Click OK. Leveraging centralized authentication in pcAnywhere Symantec pcAnywhere requires you to create a caller logon account for each remote user or user group who connects to the host computer and to select an authentication method for verifying the user's identity. This information is required for all host sessions to prevent unauthorized access.
Page 94
Setting up Windows NT authentication for global users Symantec pcAnywhere lets you configure a server using NT authentication to support callers from the local administrator user group and any global groups that are included in the local group.
Page 95
Managing security in Symantec pcAnywhere Controlling access to pcAnywhere hosts This configuration option is less time-consuming than adding an individual account for each administrator to the local administrator group. This feature is supported only for Windows NT authentication. To set up Windows NT authentication for global users In the pcAnywhere Manager window, on the left navigation bar, click Hosts.
Page 96
Managing security in Symantec pcAnywhere Controlling access to pcAnywhere hosts Novell-based authentication types (continued) Table 6-2 Novell-based Explanation Implementation in authentication types pcAnywhere Novell LDAP Validates a user or group by Users must log on to the checking a user list stored in LDAP server, and then they an LDAP 3.0-compliant...
Protecting session security Symantec pcAnywhere provides a number of options to protect the privacy of a session and prevent users from performing specific tasks that might interfere with the host session. These security measures provide an additional layer of security, but are most effective when used in combination with stronger security features in pcAnywhere.
Page 98
You can do the following: Cancel the host or continue to wait for connections. Log off the host user. Restart the host computer. Lock the computer. For more information, see the Symantec pcAnywhere User's Guide.
Depending on your environment, you can send information about events that occurred during a session to a pcAnywhere generated log file, the Windows Event Log, or a Simple Network Management Protocol (SNMP) console. Symantec pcAnywhere supports centralized logging, so you can archive the logs on a secure, central server.
For more information about the System Policy Editor, see the online documentation for your operating system. Symantec pcAnywhere defines policy settings in an administrative template. After you start the System Policy Editor, you can import the pcAnywhere.adm file. “Importing the pcAnywhere administrative template”...
Open. In the Policy Template Options window, click OK. Managing user policies Symantec pcAnywhere lets you control whether users can access certain portions of the user interface or perform certain functions in pcAnywhere. Table 6-5 lists information about the policy settings that pcAnywhere lets you...
Page 102
Managing security in Symantec pcAnywhere Implementing policy-based administration Location of pcAnywhere policy settings Table 6-5 Folder Description Actions Contains policy settings to prohibit users from doing the following: Launching the pcAnywhere Manager window, which is the main user interface for pcAnywhere...
Page 103
Managing security in Symantec pcAnywhere Implementing policy-based administration Location of pcAnywhere policy settings (continued) Table 6-5 Folder Description UI Changes\Remote Objects Contains policy settings to prohibit users from doing the following: Editing remote objects Creating remote objects Changing the directory location of remote objects...
Page 104
Under User Configuration, click the plus sign next to Administrative Templates to expand the list. Click the plus sign next to Symantec pcAnywhere to expand the list. Open the folder that contains the policy settings that you want to edit.
Page 105
Managing security in Symantec pcAnywhere Implementing policy-based administration Under Symantec pcAnywhere, expand a list by clicking the plus sign next to the policy type that you want to edit. Select the policy settings that you want to enable. Enabling a policy setting typically prevents users from viewing or performing a task.
Page 106
Managing security in Symantec pcAnywhere Implementing policy-based administration...