Internet Based Remote Control
Internet based remote control with options such as file transfer and reboot. This could be accomplished using a reverse connection from a client to a new site role hosted in the DMZ.
Stephen McGuigan commented
It is extremely important, in a support scenario, to be able to assist a user who is having issues. enabling the user to gain access to software etc is all well and good, but if the support person cannot assist the user when they are having issues - the user needs to be on VPN and it defeats the purpose of the CMG and cloud distribution points
Tobias Furhem commented
or as a function/addition to the Cloud mgmt gateway?
Would be very handy and should be easier now to implement using the Quick Assist technology.
Kevin Kaminski commented
DirectAccess is indeed a way of doing it, but the push I am getting is something that is more simple to set up.
Cory Tomlinson commented
Better yet, published to Azure Application Proxy, no DMZ required.
Oliver Kieselbach commented
Windows 10 brings the tool Quick Assist. There is a RDP Broker in the backend (Internet) which handles the connection setup between two parties. So maybe SCCM could utilize the internet based RDP broker to support internet clients... at least for Windows 10. It would be a lot easier than a complete DA setup...
Brian Booher commented
We have been wanting the same thing to help make support for our home users easier. SCCM can already do internet clients, so this should be an easy feature to add in. Have it use a user selected port for Internet Based Remote Control and this would make support easier for many people.
This would be great!
Jarrod Beebe commented
I was originally going to state that Direct Access is not an option for the use case I had in mind. There are security requirements that prohibit its use within my organization. The other benefit to having it native within Remote Control is to reduce the level of complexity in an environment by not needing to set up a separate solution such as DA. In our case, we have multiple organizations that have separate domains/forests which adds an additional layer of complexity for DA. The preferred solution would be all self contained in the SCCM Remote Control.
Steve Whitcher commented
I'm not trying to knock this idea at all, but wanted to mention that this can be accomplished using DirectAccess. If you don't want or need the users to have corporate connectivity remotely, DA can be configured for Manage-Out only, so that you have full management access without giving them access to corporate resources.