LiveDesktop provides an unrivaled experience for remotely controlling macOS devices. Unlike third-party tools that install a separate application to control the device, LiveDesktop uses the Remote Management framework built into macOS. Then, LiveDesktop securely tunnels traffic from that service to a unique URL which you can access from Addigy.
LiveDesktop does not require Privacy Preferences Control Permissions to connect to macOS devices.
- Target device must have `Remote Management` enabled with full control (via MDM or manually).
With the absence of native OS apps for LiveDesktop to connect to devices, there maybe be a need to have certain URLs allow listed.
Changes on November 1, 2022, require admins to have the ability to access port 2053 for app.addigy.com in addition to the 40000-40199 port range for the tunnel server to utilize LiveDesktop.
- Port range for the tunnel server: 40000-40199
- app.addigy.com access Port 443 (changing on November 1, 2022)
Connecting to a LiveDesktop Session
Once LiveDesktop enabled, new sessions can be started from the Devices Page or from the GoLive page.
Clicking the LiveDesktop icon will present a prompt to initiate and start a session.
- Addigy automatically will try to select the best relay for connection (Best region found option), you can change this at any time.
- Addigy automatically checks to see if `Remote Management` is enabled on the device.
- If `Remote Management` is not enabled, Addigy will present the following dialog for you to try and enable it via Addigy MDM:
- If `Remote Management` is not enabled and the device is not enrolled in Addigy MDM, you will be presented with the following screen (As you need to enable Remote Management through the existing MDM or manually):
Enabling Remote Management
`Remote Management` can be enabled using the native dialog that appears during the session if we detect its not enabled, or navigating to GoLive > Networking:
Connecting from a macOS Device
If you are connecting from a macOS device, you must click "Start Session" to initiate a session. macOS will ask if you want to open the Screen Sharing application; click Allow.
Connecting from a Windows Device
When starting a LiveDesktop session, the pop-up will give you the VNC URL and the VNC password for the connection. This can be used from a Windows-based VNC application. Moreover, this URL can be used to connect to macOS devices from iOS, iPadOS among other OSes.
Authenticating to a LiveDesktop Session
When connecting to LiveDesktop from macOS Screen sharing or Remote Desktop (ARD), there are a few options for authenticating to the device.
Note: LiveDesktop sessions will time out after 1 hour and the address will no longer be valid. The following prompt may appear when LiveDesktop times out:
1. If you are connecting from Screen Sharing or Remote Desktop on a Mac and someone is already logged into the device, you make request permission to share their desktop session.
Please note: Due to Apple's Screen sharing functionality, when requesting permission using LiveDesktop there is a timeout of 10 minutes. Apples security measure will require this in intervals of 10 minutes with no activity.
2. You may always authenticate with a local username and password for the target macOS device, even if no one is logged into the device. If you provide the same username and password as someone logged into the device, the session will be shared. Otherwise, a new desktop session will be created.
Please note: This method will negate the 10 minute interval prompt when requesting permission.
Enabling Remote Management
LiveDesktop automatically enables Remote Management for devices when starting a new session for the first time. For devices running macOS 10.13 and older, LiveDesktop needs no additional settings to enable Remote Management. For devices running macOS 10.14 Mojave and newer, LiveDesktop requires MDM to function properly. For full details on how to enable Remote Management for LiveDesktop, see our article Enabling Remote Management for LiveDesktop.
Configuring LiveDesktop Privileges
When LiveDesktop has been enabled, all Addigy users with the owner or admin, and user role will be able to start sessions with macOS devices they can access.
To enable LiveDesktop access for custom roles, go to the Account -> Users page. Navigate down to the Roles table and Edit the desire custom role.
Add the Run LiveDesktop privilege to the role and Save the change.
Connecting to an Offline Device
While it is unlikely that you will be able to connect to a device which Addigy sees as offline, you may still attempt to start a LiveDesktop session. This is particularly useful when wanting to connect to a device immediately as it is turning on or coming online.
Before initiating the session, you may see hover-text above the LiveDesktop icon indicating the offline status of the device.
When initiating a session for an offline device, a message will be presented to remind you that the connection may not be successful. However, LiveDesktop will still queue the necessary commands to initiate the session.
If the device receives the commands, then LiveDesktop should continue to work normally as it would for a device detected as online.