It's working out, but a few more comments after initial testing. We have a lot of VPN users, that rarely log on to computers inside our internal network, which means the logon script doesn't run for them. We made a scheduled task to run the update script every hour, so when the user has a VPN connection the script will run and the information can be gathered. There is an issue with TeamViewer, it apparently cannot accept Nordic/Skandinavian characters (ä, ö, å, etc). So if the username has these kind of characters within the generated .bat file , it will not update any information to the management console. We will need to get around this somehow, maybe one solution could be to convert inside the PS script the characters "ä > a" and "ö > o". It's only a workaround, we run into the same issue before with the AD connector. Not sure how to implement it within the PS script though.
... View more
Thank you for your post and this great idea!
Since it is unfortunately not yet possible to copy existing policies in the Management Console, I moved your post to our Ideas board.
That way, our product management will be able to see it and take it into account as a feature request for future versions of TeamViewer.
If you have any other thoughts or suggestions, please do not hesitate to let us know.
All the best,
... View more
Hi We are seeking some advice on a corporate wide deployment. So far we have used TeamViewer in a very marginal manner, about 5-10 endpoints, with basic remote connections and maybe 1-2 policies. Now we are planning to use TeamViewer both internally (corporate personnel) and externally (suppliers, vendors, etc), with roughly 500 Windows endpoints (workstations/laptops/tablets) and about 50 Windows Servers. Total amount of users will be around 50-70 (not simultaneous). The idea is to use TeamViewer as a remote management and support tool. For online meetings we have MS Lync instead. Different user groups will most likely consist of: - internal ICT personnel (admin rights, access to all devices, perhaps 2-factor authentication) - internal superuser/sysadmin personnel (user rights, access to most devices, perhaps 2-factor authentication) - internal end user personnel (user rights, access to specific devices) - external personnel (user rights, access to specific devices) Endpoints consist of: - AD workstations (including laptops) - AD servers - Non-AD workstations - Non-AD servers - (Maybe) Android mobile devices in the future Below are some examples of our remote connection scenarios and who should be able to access these devices, just to give and idea of the different remote connection needs. Example 1: Basic AD workstation - remote access & support to ICT personnel - remote access & support to superuser personnel Example 2: Basic AD server - remote access to ICT personnel - remote access to superuser personnel - remote access to vendor X - remote access to vendor Y Example 3: Non-AD workstation or server (production computer for instance) - remote access to ICT personnel - remote access to end user personnel - remote access to vendor Z Example 4: Non-AD workstation or server (production computer for instance) - remote access to ICT personnel - remote access to vendor Z - remote access to vendor X - remote access to vendor Y How would you recommend creating and organizing groups, policies, users, and devices at the Management Console to accomplish an easy to manage and secure environment? Are there any examples or guides on how to build these the "correct" way = best practise thinking? How does everyone else use them, is there a per-site group thinking or similar that we should consider? Do we need a separate access policy for each unique device connection scenario? Is it recommended to have unique passwords to each user group that are connecting to same devices, if that's possible? External users who don't have a TeamViewer account, do they have to create one? Or can they just connect using the ID and password directly? What is the recommended procedure here? They might use TeamViewer connections to multiple different environments and sites, others than ours too. I believe there is much potential in this product if we manage design the basic structure correctly. Any help is appreciated, and examples from the real world are more than welcome. MSI package deployment, host settings, and other technical things are pretty clear, but the management side needs some thinking.
... View more