Skip to main content
Version: 8.5.0

Motadata RDP Server Installation Guide

The RDP server communicates with the RDP Agent and ServiceOps to establish the RDP sesson. To do so, first install the RDP Server, configure the RDP Settings, and lastly install the RDP Agent from the RDP Agents or Discovery + RDP Agents tabs of the Agent Installation page.

Prerequisites

  • ServiceOps Server should be up and running
  • ServiceOps Server's IP Address is required
  • Internet access is required before RDP server installation to verify Wildcard certificate
  • Wildcard certificate is required
  • If Database is configured on a different server, the ServiceOps Database port 5432 should be acccessible from the Meshcentral server
  • For remote desktop functionality, local connection type 8443 port must be accessible
  • For remote connection type, 443 port must be accessible
  • If the ServiceOps server is not publicly accessible, host entry of the IP Address and Domain name must be done in the server and local machine.
note

This document is applicable for Ubuntu 22 and RedHat OS.

RDP Server Installation Setup

The RDP server can be installed in local machine and at remote location.

To install the RDP server in remote machine, follow the below steps. Here

  1. Download and run the Motadata RDP Server Installer on a Linux machine.

Download

  1. Assign executable permission and run the setup using the below command:

    chmod 777 MotadataServiceOpsMeshCentralU22

permission

  1. Add host entry for domain name and IP Address in your system using the below command.

    Command Syntax:

    echo “IPADDRESS DOMAINNAME” >> /etc/hosts

    Example:

    echo “172.16.12.83 mydomain.example.com” >> /etc/hosts

note
  • Ensure you have the Domain name.

host entry command

  1. Run the file using the below command:

    ./MotadataServiceOpsMeshCentralU22

    note

    Use root user to run the command.

Running Installer

Running Installer

  1. Enter the IP Address of the ServiceOps Server as shown below. The IP Address is required when the RDP Server and the ServiceOps Server are installed on different machines.

enter IP Address

note
  • The IP Address is not asked, if the RDP Server and ServiceOps Server are installed on the same machine.
  • Avoid installing the Nginx server on the remote machine that hosts the RDP server.
  1. Enter the DB Password of the ServiceOp Server as shown below.

DB Password

It is an encrypted password. To get the password follow the below steps:

  1. Go to the path cd /opt/flotomate/main-server/lib.

    lib folder

  2. Run the below command to get the password.

    cat boot-hosted-exec.conf | grep DB_PASSWORD

    password

note

The installer might take approx 5 minutes to install.

  1. The RDP server is now successfully installed. You can verify the service status using the below command.

    systemctl status meshcentral.service

service Status

  1. Once installed, configure the RDP settings from the Technician Portal, and then the RDP Server Agent.
note

If the RDP server is installed at a remote location, ensure the chown permission is applied to the meshcentral folder by going to the path cd /opt/, and using the following command:

Syntax: chown -R {user}:{usergroup} meshcentral

For example: chown -R flotomate:flotomate meshcentral

Ensure that the users in both the locations (local and remote) have the root access.

Additional Settings

Once the RDP Server is installed, you can perform the additional configurations like changing the domain name, port, and SSL Certificate of the RDP server.

Change Domain Name

To change the domain name,

Change the domain name in the following 3 files:

  • nginx.conf
  • hosts
  • config.json

Nginx Config File

  1. Open the Terminal server and go to the path /etc/nginx/conf.d/.
  2. Check the list of files in it using the ll command.

Path

  1. Open and edit the nginx.conf file using the command:

    vim mesh_nginx.conf

Edit File

The below screen appears.

change domain name

  1. Replace the server_name with the desired domain name. For example: rdp.example.com. By default the server domain name is rdp.motadataserviceops.com.

change domain name

  1. Once done, save the file using the :wq! command.
note

To replicate the changes, restart the nginx service whenever any changes are made in the nginx.conf file.

Host File

To edit the host file,

  1. Go to the path /etc/hosts.

  2. Edit the file using the below command:

    vim hosts

edit host file

  1. Edit the domain host name and also add the server IP Address before it, as shown below.

edit host name

  1. Once done, save the file using the :wq! command.

Config File

To edit the RDP config file,

  1. Navigate to the path /opt/meshcentral/meshcentral-data and view the files in it using the ll command as shown below.

rdp folder

  1. Next, edit the config.json file using the below command.

    vim config.json

rdp folder

  1. Change the Domain name in the config file as shown below.

change domain name

  1. Next, in the same file change the Email address and Domain name in the "letsencrypt" section as shown below.

change email address and domain name

  1. Once done, save the file using the :wq! command.

  2. Navigate to the path "/opt/meshcentral/meshcentral-data" and ensure that SSL key and SSL certificate are present in the following files on the RDP server:

    SSL key

    • agentserver-cert-private.key
    • webserver-cert-private.key

    SSL CRT

    • agentserver-cert-public.crt
    • webserver-cert-public.crt

note

The user should have administrator rights.

  1. Apply chown permission to the user and user group using the below command:

    chown -R fmtuser:fmtusergroup meshcentral-data

    For example: chown -R flotomate:flotomate meshcentral-data

  2. Restart the Nginx and RDP server services using the below commands and wait for 30 seconds approx:

    systemctl restart meshcentral.service
    systemctl restart nginx

  3. Now, access the ServiceOps URL, and click on "Reload Certificate" in Admin > Asset Management > RDP Configurations.

  4. Restart the RDP agent service (RDPWrapper.exe) to immediately reflect the changes made with the new signed agent in the asset. If not restarted manually, these changes will automatically be applied after the configured refresh cycle.

note

To ensure the self-signed certificate works correctly, the domain associated with the certificate should be resolvable from any PC where the RDP agent is installed.

The simplest way to achieve this is by adding the IP address and domain name to the hosts file located at the path "C:\Windows\System32\drivers\etc\hosts".

You can verify this by pinging the domain name (rdp.example.com.) associated with the certificate from the PC where the RDP agent is installed.

12.Once the certificate is changed, verify it by accessing both the ServiceOps URL and the RDP Server URL, and checking the certificate names displayed.

Change SSL Certificate

To change the SSL Certificate file for RDP,

  1. Navigate to the path /etc/nginx/conf.d/.
  2. Open the mesh_nginx.conf file.

certificate

  1. Edit the ssl_certificate as shown below.

new certificate

  1. Once done, save the file.

  2. Restart the Nginx server service and wait for 30 seconds approx.

Change Port Number

ServiceOps uses the default 8443 and 4330 port numbers. In case, these are not free you can change the port to the desired one by following the below procedure.

  • To change the port numbers, edit the following 3 files:
    • nginx.conf
    • fmt_nginx.conf
    • config.json
note
  • Before editing, kindly take the backup of config files.
  • Ensure that the port is not used by any services or the ServiceOps Server.

RDP Nginx Config File

To edit the file,

  1. Navigate to the path /etc/nginx/conf.d/.

conf folder

  1. Open the mesh_nginx.conf file. It contains the default port number 8443.

old port

  1. Next, edit the file and change the port number from 8443 to 8089 as shown below. Here, port number 8089 is used as an example.

new port

  1. Once done, save the file.
  2. Restart the Nginx Server service.

Fmt Nginx Config File

To edit the fmt_nginx.conf file,

  1. Navigate to the path /etc/nginx/conf.d/.

conf folder

  1. Open the fmt_nginx.conf file. It contains the default port number 8443.

change port

  1. Next, edit the file, and change the port number from 8443 to 8089 as shown below. Here, port number 8089 is used as an example.

new port

  1. Once done, save the file.
  2. Restart the Nginx server service.
note

Ensure the same port numbers are updated in the fmt_nginx.conf and mesh_nginx.conf files.

Config.json

To edit the RDP config file,

  1. Navigate to the path /opt/meshcentral/meshcentral-data and view the files in it using the ll command as shown below.

rdp folder

  1. Next, edit the config.json file using the below command.

    vim config.json

rdp folder

  1. Change the aliasPort in the config file as shown below. Here, port number 8443 is replaced with 8089.

old aliasport

new aliasport

  1. Once done, save the file using the :wq! command.

  • Once the port number is changed in all the 3 files, allow it from Firewall using the below commands.

    ufw status
    ufw allow 8089

  • Restart the Nginx and RDP server services using the below commands:

    systemctl restart meshcentral
    systemctl restart nginx

  • Similarly, using the above steps, you can change the port number 4430 in all the 3 files.

port config.json

proxypass mesh_nginx.conf

proxypass fmt_nginx.conf