For the moment, we are allowing our Field Services / Service Desk personnel to remote machines using a packaged standalone CmRcViewer.exe. We've gotten the reg keys added that will enable auditing, however, we've noticed a minor issue:
All users have the ability to remote, regardless of what security is set in SCCM. So much that only one team (of 8 people) has Remote Control permissions, yet everyone is still able to use it without SCCM stopping them.
I have tried adding the site system into the command line launch parameters (CmRcViewer.exe computer \\sitecode), no luck.
My test user (which only has local admin rights, no permissions at all in SCCM) is still able to remote any machine.
Am I missing something?
Remember, mark posts that are helpful, or if it has answered your question, mark as answer.