Remote Shutdown Client-Server Concept

Remote Shutdown is shipped as a client-server application, thus allowing to run tasks on schedule with no logged-on user session required. The server part is represented with the EMCO Remote Shutdown Server 7 Windows service, and the client part is the program that is running in a user session.

The Enterprise edition of the program allows connecting to servers running on the local or remote computers. The Professional and Free editions can connect to a server running on the same computer only.

By default, the service is configured to start together with the underlying operating system, thus allowing you to run tasks on schedule as soon as the hosting PC is up and running provided that the corresponding automation option is enabled (it is enabled initially). When you launch the client program, it prompts you to choose if the server to connect to is located on the local or remote PC Pic 1.

Choosing the server to connect to

Pic 1. Choosing the server to connect to

For the server to accept remote connections, the following ports should be opened in the firewall for inbound TCP connections:

  • 48021 – this port is used to connect to the remote server using the Windows session credentials;
  • 48022 – this port is used to connect to the remote server via a SSL channel using the specified credentials.

If you would like to use custom ports, you can define the required ports in the following key of the Windows Registry on the PC hosting the EMCO Remote Shutdown server:

HKEY_LOCAL_MACHINE\SOFTWARE\EMCO\Remote Shutdown\v7

To override the port used for connection by using the Windows session credentials, you should specify it in the Port DWORD value. The SSLPort DWORD value should be defined to override the port used for connection via a SSL channel using the specified credentials. For the client to be able to connect to the server via a custom port, you should define this port in the server name, e.g. emco-server.local:3112.

After the connection is established, the client allows you to manage the machines and tasks if you account is authorized accordingly by the server access control configuration. You can disconnect from the current server and connect to another one at any time using the Switch Server button from the Application Menu or from the Server Ribbon group on the Program page.

When connecting to a remote server, you can choose if you would like to use the credentials of the Windows session the client program is executed in or to provide other credentials. When the current session credentials are used, all aspects of the Windows integrated security are applied to the client-server communication. Otherwise, when the credentials are provided manually, the transport layer of communication is secured with a SSL certificate provided by the server. By default, the self-signed certificate issued to RemoteShutdownServer.exe is used. It is not fully trusted, because the DNS match and the trusted root conditions are not met. Although it is possible to accept this certificate for communication, it is strongly recommended that you use the certificate issued to your server. It can be either your self-signed certificate issued by a certification authority trusted in your organization or the certificate issued to the server by one of the commonly known certification authorities. The certificate to be used by the server for authentication is selected on the Server Configuration page of the program preferences.

In the Server group, you can also find the Server Info button. When this button is pressed, a dialog is displayed containing information on the server and all the clients currently connected to it. Upon exiting the program, the client is disconnected from the server application that keeps running on the server PC.

In case the currently installed client is not compatible with the server you are connecting to, the program will prompt you that a compatible client needs to be installed, if it is not installed yet, otherwise the compatible client is automatically launched and connected to the specified server.