Opening screen share sessions

Screen sharing is not yet available for on-premises installations of the Tanium™ Core Platform.

You can open a screen share session to perform troubleshooting on remote endpoints. Help desk agents can use the screen sharing tools to escalate between L1 and L2 support in the same screen share session.

You must purchase the ScreenMeet offering for this functionality to be enabled. With the ScreenMeet offering provided through Tanium, you must initiate all interactions with ScreenMeet through the Tanium console. Contact Tanium for details.

Requirements

  • Set up screen share users in Tanium. For more information about permissions provided by these roles, see Screen Sharing user role permissions.
    • Screen Sharing Administrator: Change settings, features, policies, can access data, join active sessions created by active users. A user assigned with this role in Tanium is automatically assigned ScreenMeet Admin role in ScreenMeet.
    • Screen Sharing Agent: Start sharing sessions and use standard ScreenMeet features. A user assigned with this role in Tanium is automatically assigned ScreenMeet Agent role in ScreenMeet.
    • Screen Sharing Support Session Unattended permission: Establish unattended sessions with Windows endpoints that do not require endpoint user permission. This permission is not assigned to any default role.
  • Verify endpoint operating systems. See Screen sharing operating systems.
  • Verify network requirements.
    • Allow ScreenMeet application traffic through port 443/TCP and 443/UDP. ScreenMeet application traffic goes through TLS-encrypted connections.
    • If security software is deployed in the environment to monitor and block unknown URLs, your security administrator might need to allow the following URLs for screen sharing.

      Allowing these URLs is not required for Direct Connect.

      If you deployed proxy servers to your network, for the best results, allow traffic from these URLs to bypass the proxy servers. Screen sharing traffic passed through proxy servers negatively impacts performance. For more information, see ScreenMeet Docs: ScreenMeet Enterprise Deployment Guide.

    • Check ScreenMeet network security requirements: ScreenMeet Docs: Security.

Open an endpoint screen share

To open a screen share session, you must have access to the endpoint in Tanium. After you initiate a connection, the connection screen for the endpoint shows the status. Establishing connections can take between one and three minutes.

You can establish an attended connection, which requires the endpoint user to accept the screen share connection, or an unattended connection, which allows you to establish the connection without endpoint user permission.

The first time a Tanium user establishes a screen sharing session with a macOS endpoint, the endpoint user must select ScreenMeetSupport in the Screen Recording and Accessibility permissions in System Preferences, then click Later when prompted. For more information, see ScreenMeet Docs: Connecting to Mac devices.

During the connection process, a ScreenMeet executable file is deployed to the endpoint with a Tanium Action. This executable file connects to the ScreenMeet services and establishes a connection with Tanium. The connection behavior depends on the endpoint operating system and whether you establish an attended or unattended connection:

  • For attended connections to Windows endpoints, the endpoint user must accept the screen share session to continue. This establishes an active session and the Tanium user takes control.

  • For attended connections to macOS endpoints, if the endpoint user has allowed the proper screen sharing permissions on the endpoint, a view-only session is initially established. The Tanium user must request control, and the endpoint user must accept, which then allows the Tanium user to take control.

  • For unattended connections to Windows endpoints, a new session is created without endpoint user permission and the Tanium user takes control.

If no endpoint users are logged in to an endpoint and you establish an unattended connection, after you enter operating system login information, the session displays a disconnection message. Wait several seconds for the login process to complete and reestablish the connection.

Open screen share from an endpoint

  1. From the Tanium home page, go to Search Endpoints and type the IP address or computer name of the computer, then click the computer name.

  2. Click Open Screen Share.
  3. If you have the Screen Sharing Support Session Unattended permission, you have the following options:
    • Select Ask the endpoint user for permission to start an attended session.
    • Clear Ask the endpoint user for permission to start an unattended session.
  4. Click Open.
  5. A Tanium action is deployed to the endpoint that includes an executable file that connects to ScreenMeet services. Establishing connections can take between one and three minutes. If the attended session is on an end user's computer, the user must accept the session on the endpoint to continue.

  6. When the screen share is connected, your screen switches to ScreenMeet in Tanium. You can use Support Tools in ScreenMeet to run Windows commands, tasks, tools, and so on.

Open screen share from Direct Connect

  1. From the Direct Connect Home page, search for the computer by IP address or computer name.

  2. In the result list, click Open Screen Share for the endpoint.
  3. If you have the Screen Sharing Support Session Unattended permission, you have the following options:
    • Select Ask the endpoint user for permission to start an attended session.
    • Clear Ask the endpoint user for permission to start an unattended session.
  4. Click Open.
  5. A Tanium action is deployed to the endpoint that includes an executable file that connects to ScreenMeet services. Establishing connections can take between one and three minutes. If the attended session is on an end user's computer, the user must accept the session on the endpoint to continue.

  6. When the screen share is connected, your screen switches to ScreenMeet in Tanium. You can use Support Tools in ScreenMeet to run Windows commands, tasks, tools, and so on.

Open screen share from Reporting

When you view, create, or edit a report that contains the Computer Name column, you can click an endpoint in the column to view details for the endpoint and to deploy an action to it. For information about Reporting, see Tanium Reporting User Guide: View and manage a single endpoint.

  1. Open a report that contains the Computer Name column.
  2. Click Endpoint Details next to the name of an endpoint in the Computer Name column.
    An Endpoint Details dialog opens with basic details for the endpoint. If multiple endpoints have the same Computer Name, click Previous Previous or Next Next in the Multiple Results Found banner to find the details for a specific endpoint.
  3. Click View Details to open a page that shows a single endpoint view with detailed information.
  4. Click Open Screen Share to connect to the endpoint.


  5. If you have the Screen Sharing Support Session Unattended permission, you have the following options:
    • Select Ask the endpoint user for permission to start an attended session.
    • Clear Ask the endpoint user for permission to start an unattended session.
  6. Click Open.
  7. A Tanium action is deployed to the endpoint that includes an executable file that connects to ScreenMeet services. Establishing connections can take between one and three minutes. If the attended session is on an end user's computer, the user must accept the session on the endpoint to continue.

  8. When the screen share is connected, your screen switches to ScreenMeet in Tanium. You can use Support Tools in ScreenMeet to run Windows commands, tasks, tools, and so on.

View and join screen share sessions

If you have Screen Sharing Administrator role, you can see all sessions, and you can join sessions that were started by other Tanium users.

If you have Screen Sharing Agent role, you can see and rejoin sessions that you started.

Multiple Tanium users can join an endpoint screen share session, but only one user at a time can take control of the session.

Join active sessions in the list of sessions

  1. From the Direct Connect Home page, go to the Screen Share Sessions tab. A list of sessions is displayed that includes active sessions.

  2. Select one or more active sessions to an endpoint, then click Join Screen Share to join the sessions.

Search for an endpoint to join the active session

  1. From the Direct Connect Home page, search for the computer by IP address or computer name.

  2. In the result list, click Join Screen Share for the endpoint.

View screen share session history

If you have Screen Sharing Administrator role, you can go to the Audit Log page to view a history of screen share sessions.

From the Direct Connect menu, go to Audit Log > Screen Share Sessions.

End an endpoint screen share

When you stop a session, screen sharing processes are removed from the endpoint.

For attended connections to macOS endpoints, after the Tanium user ends the session, a message is displayed to the endpoint user that the session is closed. The endpoint user must close the ScreenMeet application before a Tanium user can establish another connection to that endpoint.

End active sessions in the list of sessions

  1. From the Direct Connect Home page, go to the Screen Share Sessions tab. A list of sessions is displayed that includes active sessions.

  2. Select one or more endpoints and click End Screen Share.

Search for an endpoint to end the active session

  1. From the Direct Connect Home page, search for the computer by IP address or computer name.

  2. In the result list, click End Screen Share for the endpoint.

Configure ScreenMeet settings

To configure settings in ScreenMeet, you must have Screen Sharing Administrator role.

  1. From the Direct Connect Home page, click Settings , then the ScreenMeet tab.
  2. Click the ScreenMeet Console link. In the ScreenMeet console, you can view session history, detailed logging of actions taken during a session, and so on. For more information, see ScreenMeet Docs: Remote Support Settings.

Contact support

If you require assistance with ScreenMeet tools, contact ScreenMeet support.