When you use the Windows XP, Help and Support, Offer Remote Assistance to offer assistance to a computer running Windows XP Service Pack 2, you get the message "The remote server machine does not exist or is unavailable".
This happens even when the following are true on the target computer:
1. The Windows Firewall configuration has these Exceptions enabled:
a. File and Print Sharing
b. Remote Assistance
and
2. This policy setting is Enabled (either locally using gpedit.msc, or in a Windows 2000 or 2003 Domain using Group Policies):
Computer Configuration/Administrative Templates/System/Remote Assistance/Offer Remote Assistance
and
3. The (expert) user logged on at the source computer (the user making the Offer of Remote Assistance) is in the list of "Helpers" in the "Offer Remote Assistance" policy setting.
CAUSE
The Windows XP SP2 Firewall Exception Remote Assistance does not include all of the settings required so that the Windows Firewall will allow the incoming Remote Assistance offers to be received.
RESOLUTION
Add these Exceptions to the Windows Firewall configuration (Start, Control Panel, Windows Firewall, Exceptions):
1. Programs
a. %systemroot%\system32\sessmgr.exe
b. %systemroot%\PCHEALTH\HELPCTR\Binaries\helpsvc.exe
2. TCP 135
Note: The pre-defined Exception - Remote Assistance - includes the exception for sessmgr.exe; in most cases, you do not have to explicitly add the Program Exception for sessmgr.exe.
To configure these exceptions using local policies or Group Policies (in a Windows 2000 or 2003 Domain), add the following settings under Computer Configuration\Administrative Templates\Network\Network Connections\Windows Firewall. For computers in a Windows 2000 or 2003 domain, these would normally be added under the Domain profile. For computers not in a Windows domain, these must be added under the Standard profile (see http://www.microsoft.com/technet/community/columns/cableguy/cg0504.mspx for how a computer determines which profile to use).
Windows Firewall: Define program exceptions: Enabled:
%systemroot%\system32\sessmgr.exe:*:enabled:sessmgr.exe
%systemroot%\PCHEALTH\HELPCTR\Binaries\helpsvc.exe:*:enabled:helpsvc.exe
Windows Firewall: Define port exceptions: Enabled
135:TCP:*:enabled:Port 135
Note: the "*" enables the exception for any IP address (including any on the public Internet). To limit access to these exceptions only from computers in the same IP subnet (the local network - LAN), replace the * with the word localsubnet.
MORE INFORMATION
There are two modes of Remote Assistance:
- Solicited, in which the novice sends a request for assistance to an expert (e.g. via email) and the expert responds to start the Remote Assistance session
- Offered, in which the expert initiates the Remote Assistance session by sending an offer to the novice's computer
In Windows XP, there is no shortcut pre-defined for Offer Remote Assistance. To Offer Remote Assistance from a Windows XP workstation:
1. click Start, Help and Support
2. click Use Tools to view your computer information and diagnose problems or key the word offer in the Search text box and press Enter (or click the button with the white arrow on the green button)
3. click Offer Remote Assistance under Tools or Suggested Topics
The pre-defined Windows Firewall Exception Remote Assistance allows Solicited Remote Assistance to work, but not Offered Remote Assistance.
To receive Offers of Remote Assistance, the target (novice's) computer must accept incoming connections to sessmgr.exe, helpsvc.exe and on TCP port 135. By default, the Windows XP SP2 Windows Firewall feature blocks incoming connections to sessmgr.exe, helpsvc.exe and TCP port 135.
If the pre-defined Exception called Remote Assistance is enabled, incoming connections to sessmgr.exe are already allowed.
No comments:
Post a Comment