Skip to content

Remote Application⚓︎

Note:JumpServer Community edition supports remote application with Website only.

1 Function Description⚓︎

  • The RemoteApp functionality, released by Microsoft after Windows Server 2008, is an integrated service feature within the system. It enables users to access remote desktops and applications from client, allowing them to use various desktops and applications published remotely without needing to install the operating system and applications on their local client machine.

remoteapp03

2 RemoteAPP machine⚓︎

  • RemoteApp need to configure an host for remote application.
  • The RemoteAPP server is the primary entity responsible for running web page assets or executing programs such as Navicat for connecting to Database remotely.

2.1 Edition Requirement⚓︎

  • The Remote Application Srver is a Windows Server,Windows edition requirement is as follows:
Windows Server 2016 Windows Server 2019

2.2 RemoteApp Server Creation⚓︎

  • Clicking on Create at page of RemoteAPP server then create a new Remote Application Server.

remoteapp04

  • We support deploying the application deployment server using the WinRM and OpenSSH protocols (it's recommended to use the WinRM service included with Windows Server).
  • If you deploy the RemoteAPP server with WinRM protocol, it need to add the WinRM protocol on the page of create remoteapp server page.

remoteapp12

  • WinRM configure successfully.
  • To deploy the application deployment server using the OpenSSH protocol, you need to install the OpenSSH protocol. You can find the OpenSSH installation package on the JumpServer page by navigating to Web Terminal - Help - Download.

remoteapp01

  • After uploading the OpenSSH installation package to the RemoteAPP server, double-click on it to start the installation process.

remoteapp02

  • OpenSSH configure successfully.
  • Detailed Parameter Description:
Parameter Description
Name Name of the RemoteAPP Server
IP/Host IP address of RemoteAPP Server
Protocol Group Protocol groups and ports supported by RemoteAPP Server
Account List The connection account information for the RemoteAPP Server, e.g, would be Administrator
Automatic Account Creation The account created through this option is used to connect to the RemotpAPP
The number of accounts created The number of accounts created for user shared
IP Address of Core service The communication address for the Agent on the RemoteAPP Server with the Core component of JumpServer is typically configured as the IP address or hostname of the JumpServer server
RDS License Enable RDS License
RDS License Sever Enable RDS License Server
RDS Authorization Mode Select "Device" or "User" to set the authorization mode.
A.Device:Allows one device (used by any user) to connect to the application deployment server.
B.User:Grants one user access to the application deployment server from an unlimited number of client computers or devices
RDS Single-User Session Choose between "Disable" or "Enable" to set the single-user single-session mode.
A.Disable:Allow each user to connect to the server's remote desktop from multiple client computers simultaneously.
B.Enable:Disallow each user from connecting to the server's remote desktop from multiple client computers simultaneously
RDS Maximum time of disconnection If a session connection reaches this maximum time, the connection will be automatically terminated
RemoteAPP logout time limit Logout time after a remote application session is disconnected

2.3 RemoteAPP Deployment⚓︎

  • After creating the application deployment server, you need to manually execute the deployment of the application deployment server by installing Python, Chrome, Navicat, DBeaver, or custom remote applications.
  • Click on the Name of RemoteAPP Server to enter the details page,Select the Deployment tab within the details page,Click the Initialize Deployment button in the "Quick Update Module" section to initialize the RemoteAPP server.

remoteapp05

2.4 View RemoteAPP server details⚓︎

  • Clicking on RemoteAPP Details button and enter the page of RemoteApp server details.
  • The page contains detailed information about the RemoteAPP, including a list of RemoteAPP accounts, RemoteAPP applications and deployment logs etc.

remoteapp06

  • Detailed Parameter Description:
Module Description
Details This module primarily includes the basic information of the RemoteAPP server and simple automated tasks such as updating hardware information and testing connectivity.
Account List This module primarily manages the accounts on the RemoteAPP server. By default, JumpServer creates 100 system users to support remote sessions
Remote Application This module contains default remote applications as well as custom remote application information. Within this module, you can directly deploy remote applications
RemoteAPP Deployment This module is primarily used for the initial deployment of the RemoteAPP server and for viewing deployment logs
Activity Logs This module records activity log for the RemoteAPP server. Clicking on it allows you to view the details of the activity

3 Remote Application⚓︎

  • Creating remote application resources allows for remote access to asset and implements password autofill functionality.
  • For example, here's the process of accessing JumpServer web page with password autofill:

3.1 Create Website Asset⚓︎

  • Click and switch to view of Console at Asset Management - Asset List Page.
  • Select Web tab,click to create Website asset.

remoteapp08

  • The Selector parameter needs to be obtained from the code parameters on the target URL page.
  • For elements details you can open the developer tools page for the target URL using F12 :

remoteapp09

  • Fill in the obtained parameters to the target website asset created, referring to the first image in the current page's 3.1 Tittle.

3.2 Create rule of asset authorization⚓︎

  • Click and switch to Permission Management - Asset Authorization page.
  • Create a new rule of authorization,following the figure:

remoteapp10

3.3 Access Website asset⚓︎

  • To access the target Website asset through the Web Terminal, you'll need to follow these steps:
  • Accessing Website assets requires the local client to install the JumpServer client program. The installation package can be found on the JumpServer page - Web Terminal - Help - Download page.

remoteapp11

3.4 Page Layout⚓︎

  • The current RemoteAPP page layout is:

remoteapp06

4 Customized Applet⚓︎

4.1 Applet Introduction⚓︎

  • Applet is a directory that contains Python scripts and must include at least the following files:
├── i18n.yml
├── icon.png
├── main.py
├── manifest.yml
└── setup.yml
  • Description of the purpose of file name:
File Name Description
main.py Auto filled executed script of Python
icon.png ICON of Applet
manifest.yml Applet elements
setup.yml Installation description
i18n.yml The file for manifest.yml internationalization

4.2 Metadata Description with Manifest.yml⚓︎

  • Manifest.yml defines the metadata of Applet, such as name, author, version, and supported protocols.
name: mysql_workbench8 (required)
display_name: MySQL Workbench8
comment: A tool for working with MySQL, to execute SQL and design tables (required)
version: 0.1 (required)
exec_type: python (reserved,Not yet used)
author: Eric (required)
type: general (required)
update_policy: none (Not yet used)
tags: (required)
  - database
protocols: (required)
  - mysql
  • Detailed Parameter Description:
Parameter Description
name The name should preferably be alphabetical and not contain special characters
protocols Protocols supported by Applet script
tags Labels
type Mainly option is General or Web。
i18n.yml The file for manifest.yml internationalization

4.3 Installation conditions with setup.yml⚓︎

  • setup.yml defines the installation type of programs called up by Applet
type: msi # exe, zip, manual
source: https://jms-pkg.oss-cn-beijing.aliyuncs.com/windows-pkgs/mysql-workbench-community-8.0.31-winx64.msi
arguments:
  - /qn
  - /norestart
destination: C:\Program Files\MySQL\MySQL Workbench 8.0 CE
program: C:\Program Files\MySQL\MySQL Workbench 8.0 CE\MySQLWorkbench.exe
md5: d628190252133c06dad399657666974a
  • Detailed Parameter Description:
Parameter Description
type Installation type of software
msi:Installable softwar.
exe:Installable software.
zip:Unzip to install software。
manual:Installation manually
source Softwaer download address
arguments Arguments need by installation of msi or exe with silent installation
destination Program installation directory
program Specific software address。
md5 Md5 of the program,Mainly used to verify whether the installation was successful
  • If you choose manual installation, keep the source and other fields empty, and do not verify the MD5 value. You need to manually login to the Apple host (application publishing machine) to install the software.

4.4 Script execut with main.py⚓︎

  • main.py is the main program with python
  • The remoteapp program Tinker on JumpServer will be executed by calling 'Python main.py base64_json_data'.
  • Base64_json_data is a string of JSON data after base64, containing authentication information such as assets and accounts. The data format is as follows, and adjustments should be made according to API changes:
{
  "app_name": "mysql_workbench8",
  "protocol": "mysql",
  "user": {
    "id": "2647CA35-5CAD-4DDF-8A88-6BD88F39BB30",
    "name": "Administrator",
    "username": "admin"
  },
  "asset": {
    "asset_id": "46EE5F50-F1C1-468C-97EE-560E3436754C",
    "asset_name": "test_mysql",
    "address": "192.168.1.1",
    "protocols": [
      {
        "id": 2,
        "name": "mysql",
        "port": 3306
      }
    ]
  },
  "account": {
    "account_id": "9D5585DE-5132-458C-AABE-89A83C112A83",
    "username": "root",
    "secret": "test"
  },
  "platform": {
    "charset": "UTF-8"
  }
}