Goverlan is a powerful tool. It allows one to take full control of your environment from a central location. However, even if Goverlan provides the means to do powerful administrative tasks, it doesn't mean that it provides automatic access to its features.
Every action in Goverlan is authorized against native Windows permission. The user credentials used to authorize a task are the same credentials used to run Goverlan (or the alternate credentials specified in Goverlan). If the user account doesn't hold enough privileges to perform an action, Goverlan rejects it with an 'Access Is Denied' message. For instance, if the user account doesn't hold the privilege to reset a user's password, then attempting to do so will fail.
If the management task requested is to be processed by the Goverlan Agents on the target machine, the Goverlan user credentials are transferred over (via Microsoft SSPI) and impersonated. Consequently, the management task is still performed under the credentials of the Goverlan user and not the Local System Account. Additionally, every communication between the Goverlan Management Console and the Goverlan Agents are encrypted using the strongest encryption cipher commonly available between both machines. This makes Goverlan communications extremely secure and safe against malicious hacking.
A large set of universal settings are available to control many aspects of Goverlan both on the administrator's side and on the client side. For instance, you can control if a remote control session must be approved by the local user, or, you can choose to disable the Chat feature for a set of Goverlan users. These settings can be distributed via a Goverlan Scope Action, a Group Policy, the Goverlan Central Server, or it can be part of an installation package.
See: Settings Distribution.
The Goverlan Remote Administration Suite allows you to perform domain account management and machine management. Domain account management features have no pre-requirements. They do not require the Goverlan Agents or an Active Directory Schema change. Machine management features are performed either via WMI (which is built-in to Windows) or via the Goverlan Agents.
For features which require the Goverlan Agents:
The remote machine must be equipped with the Goverlan Agents. However, you do not need to pre-install these agents. Goverlan can automatically install as needed (see Goverlan Agents.)
If a Firewall exists between your machine and the remote machine, or if the target machine has the Windows Firewall activated, the firewall must be configured to allow for Goverlan communication (see Firewall Configuration.)
Note: The Goverlan Agents, once installed, will automatically configure the local Windows Firewall with the appropriate exceptions to authorize Goverlan communication.
Windows XP Professional
Windows 2003 Server
Windows Vista
Windows 2008 Server
Windows 7
Windows 2000 Professional / Server / Advanced Server
Windows XP Professional
Windows 2003 Server
Windows Vista
Windows 2008 Server
Windows 7
No, you can install Goverlan on any desktop machine. In fact, Goverlan doesn't need Active Directory to perform machine remote administration.