Remote Management vs. Screen Sharing

remote desktop

What is the difference between enabling remote management and enabling screen sharing?

Apple's support article, http://support.apple.com/kb/HT4715, says:

If the Apple Remote Desktop administrator authenticates with a name
that is different from the user logged on at the remote computer, the
following applies:

If the service was enabled by turning on Screen Sharing, the screen sharing user is presented with the option to request sharing access
from the user logged on at the display.

If the service was enabled by turning on Remote Management, the screen sharing user can simply choose to share the display.

The screen sharing user can always choose to log in to their own session.

…

It also states:

If the remote computer's display is at the login window, the Apple
Remote Desktop administrator will simply share the display. This is
equivalent to how screen sharing works in earlier versions of Mac OS
X.

A third party VNC viewer will always be connected to the login window.
If the login window is not on the display, a new login window is
started that is not shown on the display. The screen sharing user can
then log in with any valid account on that computer.

So, I presume that it is using the same protocol (VNC) underneath and just behaves a little different depending on which option you enable.

What is Apple's remote client? Is it the Screen Sharing app in CoreServices (/System/Library/CoreServices/Screen Sharing.app) or is there something else I might have missed?

Lastly, what is the Mac App Store "Apple Remote Desktop" product ($80, http://itunes.apple.com/us/app/apple-remote-desktop/id409907375?mt=12) and how does it differ from the above?

Thanks!

Best Answer

By default, Mac OS uses VNC combined with a few extras (e.g. auto-discovery via Bonjour) when you use Screen Sharing, and in most cases this is all an average user needs. For system administrators however, there is usually a need for more control over the computers they support; therefore Apple provides "Apple Remote Desktop" (ARD) which offers a lot more control mechanisms (like terminal sessions, remote installation of software, remote shutdown, remote execution of automator scripts) and this is possible with groups of many computers at the same time. For this feature to work, SSH and remote management needs to be activated.

So in short: Screen Sharing is roughly equivalent to VNC, while Apple Remote Desktop is a "high-end" remote administration software which requires "Remote Management" to be turned on. There is also a difference in how incoming screen sharing requests are handled: with "Screen Sharing" enabled, if an observer connects with a user account that's different than the one currently logged in and clicks Share Display, the user needs to confirm before the screen is shared. With "Remote Management", the screen is immediately shared without a prompt appearing.

Related Solutions

The difference between Apple Remote Desktop / Remote Management / Remote Login / Remote Events and Screen sharing

You are correct, VNC is a simpler version of Remote Desktop (note: Remote Desktop uses the VNC protocol in addition to adding a lot more features)

Remote Desktop offers more management features; ability to black out host computers screen, push updates, file transfers etc (think TeamViewer but by Apple). http://www.apple.com/remotedesktop/

VNC doesnt have any of these options, its just a simple way to access a remote screen.

Remote Login allows you to SSH to a remote computer (command line - you dont see the remote desktop)

eg You may want to run a command on a remote computer, you could connect using VNC and open terminal or instead you could remote login via SSH and run the command without actually interacting with the screen of the remote computer

Updated to include @Wheat Williams notes below

MacOS – How Do I Disable Remote Management and Enable Screen Sharing

I found the following code in a file I didn't open for a long time. It enables Remote Login on a remote device. Save the script somewhere (from now on referred to as /path/to/script/). Copy the script to the other device.

tell application "System Preferences" to set current pane to pane "com.apple.preferences.sharing"
tell application "System Events" to tell process "System Preferences"
    click checkbox 1 of row 6 of table 1 of scroll area 1 of group 1 of window "Sharing"
end tell

This enables remote login. Now, to disable remote management and enable screen sharing, use the same script, but remove the 3rd line and add these 2 lines:

tell application "System Preferences" to set current pane to pane "com.apple.preferences.sharing"
tell application "System Events" to tell process "System Preferences"
    click checkbox 1 of row 7 of table 1 of scroll area 1 of group 1 of window "Sharing"
    click checkbox 1 of row 2 of table 1 of scroll area 1 of group 1 of window "Sharing"
end tell

To copy this script on the remote device, use scp (secure copy). To use scp type
scp /path/to/script username@IP.of.other.device:/some/path
OR
scp username@hostnameOfDevice:/some/path/
The second option (using the device hostname) requires that the devices are on a computer-to-computer network, so it will not work on a normal wifi network. You will see a prompt requesting the password of username. When you type the password, you will not see any text appear (obviously to prevent people from seeing the password).

Once it is copied, remotely log into the device:
ssh username@IP.of.other.device
OR
ssh username@hostnameOfDevice
Again, the use of the hostname requires computer-to-computer network. Once logged in, run the script using osascript /some/path/theScript.scpt (remember that using scp we copied the script to /some/path, this will be different on your device). This will disable remote management and enable screen sharing.
Good luck!

Best Answer

Related Solutions

The difference between Apple Remote Desktop / Remote Management / Remote Login / Remote Events and Screen sharing

MacOS – How Do I Disable Remote Management and Enable Screen Sharing

Related Question