How Remote Assistance Works in Windows
In Remote Assistance, the person needing help is referred to as the User (or Novice), and the support person providing assistance is called the Helper (or Expert). You start Remote Assistance from the Start menu by navigating to All Programs, selecting Maintenance, and then selecting Windows Remote Assistance. You can also start Remote Assistance from a command prompt by typing msra.exe.
Remote Assistance has two basic modes of operation:
- Solicited RA In Solicited RA (also known as Escalated RA), the User requests assistance
from the Helper by initiating the Remote Assistance session using e-mail, instant messaging
(IM), Easy Connect, or by providing the Helper with a saved copy of an invitation
file (*.MsRcIncident). Each of these methods uses a different underlying mechanism:
- Solicited RA using e-mail This method requires that the e-mail clients being used by the User support Simple Mail Application Programming Interface (SMAPI). Examples of SMAPI-compliant e-mail clients include Windows Mail, which is included in Windows Vista, and Microsoft Office Outlook 2007. Windows 7 does not have a built-in e-mail SMAPI-compliant client, but you can install Windows Live Mail, which is available for download as part of the Windows Live Essentials suite of applications (at http://get.live.com). Web-based e-mail services, such as Windows Live Hotmail, are not SMAPI-compliant and cannot be used for soliciting or offering Remote Assistance using e-mail. In this approach, the User starts the Remote Assistance UI to create an e-mail message that has a Remote Assistance invitation file (*.MsRcIncident) attached to the message. The User must specify a password for the Remote Assistance session, which must be communicated to the Helper using an out-of-band (OOB) method such as calling the Helper on the telephone. When the Helper receives the User's Remote Assistance invitation, she opens the attached ticket, enters the password that was conveyed by the User, and the Remote Assistance session starts. The Helper must respond to the invitation from the User within a specified time limit (the default is 6 hours), or the invitation will expire and a new one will need to be sent. In a domain environment, this ticket lifetime can also be configured using Group Policy. See the section titled "Managing Remote Assistance Using Group Policy" later in this tutorial.
- Solicited RA using file transfer This method requires that both the User and Helper have access to a common folder (such as a network share on a file server), or that they use some other method for transferring the file (for example, by using a USB key to manually transfer the file or by uploading the file to an FTP site). The user creates a Remote Assistance invitation file and saves it in the shared folder. The User must provide a password that must be communicated to the Helper using an OOB method such as a telephone call. The Helper retrieves the ticket from the shared folder, opens it, enters the password, and the Remote Assistance session starts. Again, the Helper must respond to the invitation within a specified time, or the invitation will expire and a new one will be needed. (The expiration time is configurable through Group Policy.)
- Solicited RA using instant messaging This method for soliciting assistance requires that the IM applications being used by both the User and the Helper support the Microsoft Rendezvous API. An example of an IM application that supports the Rendezvous API is Windows Live Messenger, which is available for download as part of the Windows Live Essentials suite of applications (at http://get.live.com). In this approach, the User requests assistance from someone on his buddy list. To ensure that the remote person is really the User's buddy (and not someone masquerading as the buddy), Remote Assistance requires that a password be relayed from the User to the Helper by other means (such as a phone call) before the Helper can connect. For more information on the Rendezvous API, see the Windows Software Development Kit (SDK) on MSDN at http://msdn.microsoft.com/en-us/library/aa359213.aspx.
- Solicited RA using Easy Connect This method for soliciting assistance is new in Windows 7 and uses Peer Name Resolution Protocol (PNRP) to enable direct P2P transfer of the Remote Assistance invitation using the cloud. To establish the initial Remote Assistance session, the User only needs to communicate a password to the Helper using an OOB method such as by telephone. The Helper uses this password to obtain the Remote Assistance invitation from the cloud and initiate the session. When the initial Remote Assistance connection has been made, a trust relationship is established between the Helper and the User. This trust relationship is established through the exchange of contact and certificate information. Subsequent interactions are simplified because the contact information can be used to pick a Helper who is currently available. For more information on this method for soliciting assistance, see the section titled "Scenario 1: Soliciting Remote Assistance Using Easy Connect" later in this tutorial. For information on how Easy Connect works, see the sidebar titled "Direct from the Source: How Easy Connect Works" later in this tutorial. For information on how PNRP works, see the sidebar titled "How It Works: PNRP and Microsoft P2P Collaboration Services" later in this tutorial.
- Unsolicited RA In Unsolicited RA (also known as Offer RA), the Helper offers help to the User by initiating the Remote Assistance session using Distributed Component Object Model (DCOM). Unsolicited RA is a typical corporate Help Desk scenario in which all the users are in a domain. The Helper enters either the fully qualified domain name (FQDN) or IP address of the User's computer to connect to the User's computer. This method requires that the Helper has been previously authorized as a domain administrator to be able to offer Remote Assistance to the Users. (For information on how to authorize Helpers for offering Remote Assistance, see the section titled "Managing Remote Assistance Using Group Policy" later in this tutorial.) This method also requires that the Helper either knows the name (the host name on a local subnet; the fully qualified name otherwise) or address (IPv4 or IPv6) of the User's computer.
In this tutorial:
- Supporting Users with Remote Assistance
- Understanding Remote Assistance
- Remote Assistance vs. Remote Desktop
- Improvements to Remote Assistance in Windows 7
- How Remote Assistance Works in Windows
- Remote Assistance Operational States
- User vs. Helper Functionality
- Remote Assistance and NAT Traversal
- Remote Assistance and IP Ports Used
- Remote Assistance and Windows Firewall
- Remote Assistance and the Secure Desktop
- Remote Assistance Logging
- Purpose of Remote Assistance Session Logging
- Session Log Path and Naming Convention
- Using Remote Assistance in the Enterprise
- Using Remote Assistance in the Corporate Help Desk Environment
- Other Possible Remote Assistance Usage Scenarios
- Interoperability with Remote Assistance in Windows Vista
- Interoperability with Remote Assistance in Windows XP
- Implementing and Managing Remote Assistance
- Initiating Remote Assistance Sessions
- Initiating Remote Assistance from the GUI
- Initiating Remote Assistance from the Command Line
- Managing Remote Assistance Using Group Policy
- Configuring Remote Assistance in Unmanaged Environments
- Additional Registry Settings for Configuring Remote Assistance