Jump to content
mcmcghee

ScreenConnect - Direct Connection

Recommended Posts

I've been using ScreenConnect with LT similar to how Shadoxity shared in his post.

 

It works great; however, two minor things have always bugged me:

 

1. A new browser window is opened for each connection. After awhile I realize I have a bunch of tabs open and have to constantly close them.

2. If you are logged out of ScreenConnect, you have to log in and initiate the connection from LT again.

 

Again, minor stuff really, but annoyed me. Last night I was able to get around these issues and make ScreenConnect open similar to VNC, here is how:

 

Tested On/Requirements:

Labtech:

ScreenConnect already integrated and pulling the GUIDs into an EDF. Click here for the scripts

 

ScreenConnect Server:

Tested with ScreenConnect 4.4.7175.5302

 

Technician's Workstation:

REQUIRES/Tested with Powershell 4.0 on Windows 7 & 8. (May work with v3 on Win7)

 

Step 1:

Create a file called "LaunchHostClient.ashx" on your ScreenConnect server with the below code.

 

Credit for the code goes to a thread on the ScreenConnect forums. I had to change/fix a few things, below is my modified version.

 

<%@ WebHandler Language="C#" Class="LaunchHostClient" %>

using System;
using System.Web;
using System.Collections.Generic;
using System.Linq;
using System.Configuration;
using Elsinore.ScreenConnect;

public class LaunchHostClient : IHttpHandler
{
   public void ProcessRequest(HttpContext context)
   {
       Permissions.AssertPermission(PermissionInfo.JoinSessionPermission, false);

       var sessionID = context.Request.QueryString["ID"];
       var relayUri = ServerExtensions.GetRelayUri(ConfigurationManager.AppSettings, HttpContext.Current.Request.Url, true, true);

       using (var sessionManager = ServiceChannelPool.Instance.Borrow())
       {
           var sessionSummary = sessionManager.GetSessions("All Machines", new Dictionary(), null).First(ss => ss.SessionID.ToString() == sessionID);

           var clp = new ClientLaunchParameters();
           clp.Host = relayUri.Host;
           clp.Port = relayUri.Port;
           clp.SessionID = sessionSummary.SessionID;
           clp.ProcessType = ProcessType.Host;
           clp.EncryptionKey = ServerCryptoManager.Instance.PublicKey;
           clp.AccessToken = ServerCryptoManager.Instance.GetAccessToken(clp.SessionID, clp.ProcessType, context.User.Identity.Name, SessionPermissions.HostWithoutRemoteConsent | SessionPermissions.RunSharedTool | SessionPermissions.TransferFiles | SessionPermissions.ManageSharedToolbox, DateTime.MinValue);

           clp.SessionTitle = sessionSummary.Name;

           var url = new Uri(context.Request.Url, "Bin/Elsinore.ScreenConnect.WindowsClient.application" + ClientLaunchParameters.ToQueryString(clp));
           context.Response.Write(url.AbsoluteUri);
       }
   }

   public bool IsReusable { get { return false; } }
}

 

Step 2:

The above referenced thread uses curl and a .cmd to connect to a machine. It was also requiring that you pass authentication credentials to the .cmd. I didn't want to prompt the technician for their ScreenConnect credentials every time, yuck. I wanted it to work as natively as possible- without needing third party executables, password prompts, or manual configuration on each technician's machine.

 

Not a problem, we are going to create a custom menu command and use powershell instead.

 

qWFCDyl.png

 

Name: ScreenConnect

Program: powershell

Location: command

Arguments:

$F=$env:USERPROFILE+'\ScreenConnectCredentials.xml';$E=Test-Path $F;if($E -eq $false){get-credential|EXPORT-CLIXML $F};$c=IMPORT-CLIXML $F;$a=$c.GetNetworkCredential().password;$r=invoke-webrequest -uri http://your.screenconnect.com/LaunchHostClient.ashx?ID=%eScreenConnect GUID% -Headers @{"Authorization"='Basic '+[system.Convert]::ToBase64String([system.Text.Encoding]::UTF8.GetBytes($c.username+':'+$a))};Invoke-Expression 'rundll32 dfshim.dll,ShOpenVerbApplication $r.content'

 

Make sure to replace "your.screenconnect.com" in the code above to your ScreenConnect server URL!

So what does the above powershell do?

1. Determines if your ScreenConnect credentials are already saved by checking if the file %userprofile%\ScreenConnectCredentials.xml exists. If not, it prompts for your credentials and saves them.

NOTE: Your password will be encrypted using the Windows Data Protection API and can only be decrypted by the Windows user account it was created with. Read more here.

 

2. Imports your saved credentials and makes a web request to LaunchHostclient.ashx from step 1.

 

3. LaunchHostClient.ashx returns a connection string, which is passed to dfshim.dll, which then launches ClickOnce and directly opens the target computer.

 

Step 3: (Optional)

 

If you mistype or change your ScreenConnect password, you can simply delete the %userprofile%/ScreenConnectCredentials.xml file. On the next launch of ScreenConnect it will prompt to save them again.

 

OR to make it easier on others and not have to remember where that file is, create the below custom menu command to delete it for you:

 

Name: ScreenConnect - Del Cred

Program: powershell

Location: Command

Arguments:

Remove-Item $env:USERPROFILE\ScreenConnectCredentials.xml

 

That's it!

I haven't had any problems with this setup so far, and now there are no browser windows opening or typing in credentials! Let me know if I missed anything or if you have any questions.

Edited by Guest

Share this post


Link to post
Share on other sites

I got a message saying "Application cannot be started. Contact the application vendor" I clicked on details and the following was provided

 

PLATFORM VERSION INFO

Windows : 6.1.7601.65536 (Win32NT)

Common Language Runtime : 4.0.30319.18444

System.Deployment.dll : 4.0.30319.18408 built by: FX451RTMGREL

clr.dll : 4.0.30319.18444 built by: FX451RTMGDR

dfdll.dll : 4.0.30319.18408 built by: FX451RTMGREL

 

ERROR SUMMARY

Below is a summary of the errors, details of these errors are listed later in the log.

* Activation of resulted in exception. Following failure messages were detected:

+ Invalid URI: The URI is empty.

 

COMPONENT STORE TRANSACTION FAILURE SUMMARY

No transaction error was detected.

 

WARNINGS

There were no warnings during this operation.

 

OPERATION PROGRESS STATUS

No phase information is available.

 

ERROR DETAILS

Following errors were detected during this operation.

* [9/25/2014 6:49:18 PM] System.UriFormatException

- Invalid URI: The URI is empty.

- Source: System

- Stack trace:

at System.Uri.CreateThis(String uri, Boolean dontEscape, UriKind uriKind)

at System.Deployment.Application.ApplicationActivator.ActivateDeploymentWorker(Object state)

 

COMPONENT STORE TRANSACTION DETAILS

No transaction information is available.

Share this post


Link to post
Share on other sites
Love it!!!! This is great. It is now a truely seamless experience. Thanks for documenting the last piece!

 

Yes it is! It feels like an integrated product in LT now. Glad I could help.

 

I got a message saying "Application cannot be started. Contact the application vendor" I clicked on details and the following was provided

 

Do you have Powershell v4 installed?

 

Also is their a way to place these in a sub folder under commands?

 

I don't believe there is, but maybe someone else can chime in.

Share this post


Link to post
Share on other sites
I can confirm that installing PS v4 and deleting the %userprofile%/ScreenConnectCredentials.xml file fixed the URI error for me.

 

Great, I should note for others that another reason this could happen is if the GUID isn't stored in a "ScreenConnect GUID" EDF.

Share this post


Link to post
Share on other sites
I can confirm that installing PS v4 and deleting the %userprofile%/ScreenConnectCredentials.xml file fixed the URI error for me.

 

Yep I needed to install Powershell v4 durrr! haha! Thanks!

Share this post


Link to post
Share on other sites

I had an issue where I got a message saying "Application cannot be started. Contact the application vendor" and thought I should post in case anyone came across the same issue. The connection requires clickonce so if your default browser is set to chrome (chrome discontinued support for code connected to click once plugin) you will have to set it to IE to get this to work. I set mine then set it back to chrome and it continues to work fine.

 

Any way to hide that poweshell screen?

Share this post


Link to post
Share on other sites
Any way to hide that poweshell screen?

 

Probably could, but the above powershell was the max # of characters I could fit in the arguments field. I suppose you could have it call a powershell script that is saved on your system. I didn't want to have to tell all the techs they needed a script or anything, just wanted it to work.

Share this post


Link to post
Share on other sites
Any way to hide that poweshell screen?

 

Probably could, but the above powershell was the max # of characters I could fit in the arguments field. I suppose you could have it call a powershell script that is saved on your system. I didn't want to have to tell all the techs they needed a script or anything, just wanted it to work.

 

 

Got it. How about if it were in the L:\ drive that everyone should have access to? Not like it's the end of the world. Just a thought.

Share this post


Link to post
Share on other sites

This is awesome, thank you. FYI, there is a typo in the powershell command and if your ScreenConnect server is running on a non-Windows platform it will throw an error. In this line, the .ashx page has a capitalization error:

 

-uri http://your.screenconnect.com/LaunchHostClient.ashx?ID=%eScreenConnect'>http://your.screenconnect.com/LaunchHostclient.ashx?ID=%eScreenConnect GUID%

 

It should be:

 

-uri http://your.screenconnect.com/LaunchHostClient.ashx?ID=%eScreenConnect GUID%

 

Where LaunchHostclient.ashx will give a bad URL you need to capitalize the C to make it LaunchHostClient.ashx. We have our SC server running on Ubuntu 14.04. Hope that helps someone out with a similar issue. Thanks again mcmcghee!

Share this post


Link to post
Share on other sites

This is great! I greatly appreciate this. We have two factor authentication turned on for our ScreenConnect users. Unfortunately, this doesn't seem to work when that is enabled. Can anyone think of a workaround outside of disabling two factor authentication?

Share this post


Link to post
Share on other sites
This is awesome, thank you. FYI, there is a typo in the powershell command and if your ScreenConnect server is running on a non-Windows platform it will throw an error. In this line, the .ashx page has a capitalization error:

 

-uri http://your.screenconnect.com/LaunchHostClient.ashx?ID=%eScreenConnect'>http://your.screenconnect.com/LaunchHostclient.ashx?ID=%eScreenConnect GUID%

 

It should be:

 

-uri http://your.screenconnect.com/LaunchHostClient.ashx?ID=%eScreenConnect GUID%

 

Where LaunchHostclient.ashx will give a bad URL you need to capitalize the C to make it LaunchHostClient.ashx. We have our SC server running on Ubuntu 14.04. Hope that helps someone out with a similar issue. Thanks again mcmcghee!

 

Thanks! Updated post

Share this post


Link to post
Share on other sites

Thanks so much to shadoxity and you for posting all of this! We're just getting started with screenconnect and these lt integrations are incredible!

 

Sent from my SAMSUNG-SGH-I747 using Tapatalk

Share this post


Link to post
Share on other sites
I got a message saying "Application cannot be started. Contact the application vendor" I clicked on details and the following was provided

 

PLATFORM VERSION INFO

Windows : 6.1.7601.65536 (Win32NT)

Common Language Runtime : 4.0.30319.18444

System.Deployment.dll : 4.0.30319.18408 built by: FX451RTMGREL

clr.dll : 4.0.30319.18444 built by: FX451RTMGDR

dfdll.dll : 4.0.30319.18408 built by: FX451RTMGREL

 

ERROR SUMMARY

Below is a summary of the errors, details of these errors are listed later in the log.

* Activation of resulted in exception. Following failure messages were detected:

+ Invalid URI: The URI is empty.

 

COMPONENT STORE TRANSACTION FAILURE SUMMARY

No transaction error was detected.

 

WARNINGS

There were no warnings during this operation.

 

OPERATION PROGRESS STATUS

No phase information is available.

 

ERROR DETAILS

Following errors were detected during this operation.

* [9/25/2014 6:49:18 PM] System.UriFormatException

- Invalid URI: The URI is empty.

- Source: System

- Stack trace:

at System.Uri.CreateThis(String uri, Boolean dontEscape, UriKind uriKind)

at System.Deployment.Application.ApplicationActivator.ActivateDeploymentWorker(Object state)

 

COMPONENT STORE TRANSACTION DETAILS

No transaction information is available.

 

 

Has anyone figured out how to fix this error?

Share this post


Link to post
Share on other sites
Yes, Windows 8.1 has it built in.

 

Try setting your default browser to IE and connecting. If it works, you can set it back to your normal browser and it will continue to work.

Share this post


Link to post
Share on other sites

IE is already default browser.

 

If it helps, I get the error below when I run the menu command directly in Powershell.

 

Invoke-WebRequest : A positional parameter cannot be found that accepts argument 'GUID%'.

At line:1 char:181

+ $F=$env:USERPROFILE+'\ScreenConnectCredentials.xml';$E=Test-Path $F;if($E -eq $f ...

+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+ CategoryInfo : InvalidArgument: (:) [invoke-WebRequest], ParameterBindingException

+ FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.InvokeWebRequestCommand

Share this post


Link to post
Share on other sites
IE is already default browser.

 

If it helps, I get the error below when I run the menu command directly in Powershell.

 

Invoke-WebRequest : A positional parameter cannot be found that accepts argument 'GUID%'.

At line:1 char:181

+ $F=$env:USERPROFILE+'\ScreenConnectCredentials.xml';$E=Test-Path $F;if($E -eq $f ...

+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+ CategoryInfo : InvalidArgument: (:) [invoke-WebRequest], ParameterBindingException

+ FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.InvokeWebRequestCommand

 

That won't work because of the %eScreenConnect GUID% variable that Labtech replaces. Replace that with a GUID and see what happens.

 

Speaking of which, do you have an EDF in Labtech called "ScreenConnect GUID" that has been populated for each computer?

Share this post


Link to post
Share on other sites

added an actual GUID but it still did not work. I get the error below.

 

invoke-webrequest : Server Error in '/' Application.

Runtime Error

Description: An application error occurred on the server. The current custom error settings for this application

prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be

viewed by browsers running on the local server machine.

Details: To enable the details of this specific error message to be viewable on remote machines, please create a

tag within a "web.config" configuration file located in the root directory of the current web

application. This tag should then have its "mode" attribute set to "Off".

Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect"

attribute of the application's configuration tag to point to a custom error page URL.

At line:1 char:181

+ $F=$env:USERPROFILE+'\ScreenConnectCredentials.xml';$E=Test-Path $F;if($E -eq $f ...

+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [invoke-WebRequest], WebExc

eption

+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand

 

 

I do have the following EDFs under Computer:

 

ScreenConnect GUID and ScreenConnect Linked

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×