Checking through my stats, Iâve seen alot of hits from Google related to TeamViewer. Iâm going to attempt to answer a few questions that I have seen results for, purely for traffic purposes đ
Authenticating with Windows Username/Password
I actually had to use this last week, cause for some odd reason, the password we configured for our custom TeamViewer app wouldnât work for this particular client⌠OddâŚ
Firstly, this only appears to be available on Windows â I tried doing this on my Mac TeamViewer client but it wouldnât work⌠Booooo. Might just be an old version, I couldnât be stuffed checking right nowâŚ
That said, on your Windows TeamViewer client, after entering the Client ID and connecting, click the âAdvancedâ button on the Authorization screen to bring up a bunch more options. You should now have a âAuthenticationâ drop down box, with TeamViewer and Windows as your options. Selecting Windows gives you a familiar, âUsername, Password, Domainâ style screen. Simple. Enter the details and click Log On. Youâre done!
Blocking TeamViewer Access
This is probably something Iâd not ever want to touch, purely because I have clients I NEED to connect to, but I understand that some systems administrators might feel the need to block their employees from setting up TeamViewer on their machines for remote access purposes, or just to stop outside parties from soliciting internal users into starting TeamViewer sessionsâŚ
The first way I can think of to block TeamViewer access, is by using Local Security Policies, or Group Policies. There is a nasty little policy option that enables you to block an application from running, if it matches a certain filename â obviously, use this with care!
The option you want to look for is located in User Configuration -> Administrative Templates -> System -> Donât run specified Windows applications.
Enable this policy, and simply add the TeamViewer executables (TeamViewer.exe, TeamViewer_Setup.exe, etc etc) to the âList of disallowed applicationsâ.
Obviously, renaming the files is going to circumvent this⌠So moving onâŚ
A quick NetStat on my Vista machine with the full TeamViewer client installed yielded the following result:
TCPÂ Â Â 192.168.1.10:53039Â Â Â Â server904:5938Â Â Â Â Â Â Â Â ESTABLISHED
[TeamViewer.exe]
The answer is quite simple â block outgoing connections to TCP port 5938⌠This will stop the TeamViewer client from connecting back to TeamViewerâs central servers, which is necessary to generate the client ID, and to punch a hole through the firewall to allow people to connect in the first place.
You could probably set this on the local firewall, using Windows Firewall or perhaps by using your chosen centrally managed endpoint security package (Trend/Sophos/Symantec etc all have firewall options with their antivirus clients).