NoMachine Support

Your questions answered

Knowledge Base

Searching in: Documents
Filter the search results
Version:
Last update:
Searching in: Documents
ID: DT06O00143
Version: NoMachine 6
Added on: 2017-06-19
Last update: 2017-12-22
NoMachine Terminal Server Node - Installation and Configuration Guide
Table of Contents
Introduction
1. NoMachine Terminal Server Node - Installation and Configuration Guide
1.1. About This Guide
How to set-up the Terminal Server Node
2. Install the Terminal Server Node
2.1. Prerequisites
2.2. Linux Installations
2.3. RPM Packages
2.4. DEB Packages
2.5. TAR.GZ Packages
2.6. Activating the License (for Customers)
Run Sessions on the Terminal Server Node
3. Initiating a NoMachine Connection (end-user's side)
3.1. Connecting by Browsers or NoMachine Client to the Enterprise Terminal Server
3.2. Load-Balancing vs. Manual Selection of the Node
4. Compression Techniques and Optimizations
4.1. Video Streaming Encoding in Web Sessions
4.2. Video Streaming Encoding in Client Sessions
4.3. The X11 Vector Graphics Mode in Client Sessions
4.4. Supporting OpenGL Applications in Virtual Session
Terminal Server Node's Administration
5. Terminal Server Node's Configuration
5.1. Configuration Files
5.2. Local and Network Ports
5.3. Hiding the NoMachine Monitor and Notification Messages
5.4. Hiding the Whiteboard and Chat Tools
6. Users Management
6.1. Managing Users on the Terminal Server Node Host
6.2. Greeting Messages
6.3. Notifications to Users
7. Supported Connection Protocols
7.1. Setting the Protocol for Server-Node Connections
8. Sessions' Management
8.1. Setting a Virtual Desktop Environment on Linux
8.2. Executing Custom Scripts on Server/Node Events
8.3. Limiting or Terminating Virtual Desktops Automatically
9. Device Sharing, Copy&Paste and File Transfer
10. Multimedia and Session Recording
10.1. Supporting Audio and Microphone
10.2. Recording your Screen
11. Automatic Updates
12. Logging Facilities
12.1. Using the System Logging Facilities
12.2. Redirecting Logs to a Custom File
12.3. Configuring the Automatic Clean-up of Session Directories


Introduction
1. NoMachine Terminal Server Node Installation and Configuration Guide

Welcome to the NoMachine Terminal Server Node - Installation and Configuration Guide v. 6.


What is NoMachine Terminal Server Node for?
NoMachine Terminal Server Node is designed to be specifically installed on a Linux remote node and be part of a multi-node environment ruled by a NoMachine Enterprise Terminal Server. It is not a standalone server and cannot accept direct connections to its host.

Once installed, the NoMachine Terminal Server Node has to be added to the Enterprise Terminal Server. Users will connect to the Enterprise Terminal Server which is the single point of access to all the available nodes. Depending on the Enterprise Terminal Server's configuration, users will be able to choose the node on which to run their virtual desktop and/or sessions will be automatically load-balanced among the nodes (default).

Setting-up a multinode environment made of a NoMachine Enterprise Terminal Server plus a scalable number of Terminal Server Nodes is a solution for centralizing access to multiple hosts and distributing the load among them.



A Graphical Interface
The NoMachine Terminal Server Node package includes the NoMachine GUI which provides the graphical interface (Server preferences) for administering the Terminal Server Node services. This GUI also acts as client for running sessions and connecting to remote desktops.

The most common operations detailed in this guide can be performed by the NoMachine UI and the Server preferences panel running on the local installation of the Terminal Server Node:

More details about the Server preferences GUI can be found in the dedicated guide available in the Documents section at: https://www.nomachine.com/all-documents



The Terminal Server Node is ready once installed
Installation provides a fully operative NoMachine node with a default configuration suitable for the majority of environments. All the necessary services are automatically started. Just add it to the Enterprise Terminal Server.



A node of the Enterprise Terminal Server
NoMachine Terminal Server Node, available for Linux only, supports unlimited concurrent virtual desktops. A virtual desktop is an individual instance of the remote desktop. Sharing of a virtual desktop is also supported. The number of users is not limited.



1.1. About This Guide

Document Conventions and Important Notices
The following conventions are used in this guide:

BaseDirectory
is the base directory where the NoMachine binaries and libraries are installed.
By default, BaseDirectory is: /usr.

InstallationDirectory
is: BaseDirectory/NX, i.e. /usr/NX.

The command line interface
NoMachine server and node programs have a command line interface to execute operations.


You need to be a privileged system user to access all these functionalities. These commands can be run from an xterm or similar using the sudo utility or as root.

On Linux invoke the 'nxserver' and 'nxnode' programs from /etc/NX, for example:

$ sudo /etc/NX/nxserver --status
Printing the server and node usage doesn't require to be a privileged user, instead:
$ /etc/NX/nxserver --help
$ /etc/NX/nxnode --help
The 'nxserver --help' and 'nxnode --help' display the list of all the available commands and options and their description.


Online Resources
Visit the NoMachine Support Area to access a variety of online resources including the NoMachine Forums, tutorials and FAQs: https://www.nomachine.com/support

Find a list of all documents and tutorials: https://www.nomachine.com/all-documents

Use the Knowledge Base search engine to access articles, FAQs and self-help information: https://www.nomachine.com/knowledge-base


Leave Feedback About This Guide
Our goal is to provide comprehensive and clear documentation for all NoMachine products. If you would like to send us your comments and suggestions, you can use the contact tool available at https://www.nomachine.com/contact-request, selecting Web Quality Feedback as your option.

2. Install the Terminal Server Node
2.1. Prerequisites

Supported Operating Systems

Linux 32-bit and 64-bit
Red Hat Enterprise 4/5/6/7
SLED 10.x/11.x/12.x,
SLES 10/11/12
Open SUSE 10.x /11.x/12.x/13.x
Mandriva 2009/2010/2011
Fedora 10/11/12/13/14/15/16/17/18/19/20/21/22/23/24/25
Debian GNU Linux 4.0 Etch/5.0 Lenny/ 6.0 Squeeze/ 7.0 Wheezy/ 8.0 Jessie
Ubuntu 8.04 Hardy Heron/8.10 Intrepid Ibex/Ubuntu 9.04 Jaunty Jackalope/
9.10 Karmic Koala/10.4 Lucid Lynx/10.10 Maverick/11.04 Natty/11.10 Oneiric/
12.04 Precise Pangolin/12.10 Quantal Quetzal/13.04 Raring Ringtail/
13.10 Saucy Salamander/14.04 Trusty Tahr/14.10 Utopic Unicorn/15.04 Vivid Vervet/
15.10 Wily Werewolf/16.04 Xenial Xerus/16.10 Yakkety Yak/17.04 Zesty Zapus



Hardware requirements
Intel Core2 Duo or AMD Athlon Dual-Core or equivalent
1 GB RAM
Network connection (either a LAN, or Internet link: broadband, cable, DSL, etc...)
Size required on disk:
Linux 115 MB



Software requirements
Connections via web and by NoMachine clients are supported. Even if it's advisable to upgrade client installations to the same version 6 of the Enterprise Terminal Server and Terminal Server Node, compatibility with clients v. 4 and 5 is preserved. It's strongly advisable to keep version of Enterprise Terminal Server and of its Terminal Server Nodes always aligned. NoMachine v. 6 is not compatible with the legacy NX version 3.5.0 (no longer supported since December 2016).

2.2. Linux Installations

Installing for the first time
You can install, update and uninstall using the graphical package manager of your Linux distribution or from command line by running commands from an xterm or similar with the sudo utility, or as root user if you don't have sudo installed. Instructions below refer to installation by command line.

If you own a customer license we recommend you download the package from your Customer Area: https://www.nomachine.com/support#login.

Successive updates
The update procedure for server and node installations requires all NoMachine services to be stopped in order to correctly replace libraries and binaries. This implies that the Terminal Server Node is not accessible to users during the update procedure. Current sessions will be terminated, users will be able to connect again later.

There are two ways to update your current installation:

I Automatic updates

You can update your installation from our repositories. Just run the NoMachine GUI from your Programs Menu and access the 'Settings' panel and click on 'Server preferences'. Go to the 'Updates' GUI and click on the 'Check now' button.

NoMachine has the automatic check for updates enabled: it will check by default our repositories every two days to verify if updates are available. In this case, the server will prompt a dialog informing that a new version is available but it will never automatically update the current installation.

Checking for updates can be disabled from that dialog by selecting the 'Don't ask again for this version' option or in the Updates panel by unchecking the 'Automatically check for updates' option.

Detailed instructions for configuring the Automatic Updates are available in the Documents section on the NoMachine web site: https://www.nomachine.com/all-documents .

Note: Due to heavy changes between versions 5 and 6, the automatic updates are disabled: it's therefore necessary to upgrade NoMachine Terminal Server Node v. 5 by manually installing packages (see below).

II Update with NoMachine packages

Alternatively, download the latest available package from the NoMachine web site and click on the executable file to launch Setup. As for the installation, Setup will guide you through all steps necessary for updating your installation.

If you own a customer license we recommend to download the package from your Customer Area: https://www.nomachine.com/support#login.

2.3. RPM Packages

If you want to install to default location, namely /usr/NX/:

INSTALL

# rpm -ivh <pkgName>_<pkgVersion>_<arch>.rpm
To find out which NoMachine package you have installed (you will get the full name of the package), run:
# rpm -qa | grep nomachine


UPDATE

# rpm -Uvh <pkgName>_<pkgVersion>_<arch>.rpm


UNINSTALL

# rpm -e nomachine-terminal-server-node


TIP
To install to a non-default location, for example /opt/NX:
INSTALL
# rpm -ivh <pkgName>_<pkgVersion>_<arch>.rpm --prefix /opt
UPDATE
# rpm -Uvh <pkgName>_<pkgVersion>_<arch>.rpm --prefix /opt
UNINSTALL
# rpm -e nomachine-terminal-server-node


2.4. DEB Packages

If you want to install to default location, namely /usr/NX/:

INSTALL

$ sudo dpkg -i <pkgName>_<pkgVersion>_<arch>.deb
To find out which NoMachine package you have installed (you will get the full name of the package), run:
$ dpkg -l | grep nomachine


UPDATE

$ sudo dpkg -i <pkgName>_<pkgVersion>_<arch>.deb


UNINSTALL

$ sudo dpkg -r nomachine-terminal-server-node


TIP
To install to a non-default location, for example /opt/NX:
INSTALL
$ sudo NX_INSTALL_PREFIX=/opt dpkg -i <pkgName>_<pkgVersion>_<arch>.deb
UPDATE
$ sudo NX_INSTALL_PREFIX=/opt dpkg -i <pkgName>_<pkgVersion>_<arch>.deb
UNINSTALL
$ sudo dpkg -r nomachine-terminal-server-node
2.5. TAR.GZ Packages

If you want to install to default location, namely /usr/NX/, ensure that the package is placed there.

INSTALL

$ cd /usr
$ sudo tar xvzf <pkgName>_<pkgVersion>_<arch>.tar.gz
$ sudo /usr/NX/nxserver --install


UPDATE

$ cd /usr
$ sudo tar xvzf <pkgName>_<pkgVersion>_<arch>.tar.gz
$ sudo /usr/NX/nxserver --update


UNINSTALL

$ sudo /usr/NX/scripts/setup/nxserver --uninstall
$ sudo rm -rf /usr/NX


TIP
To install to a non-default location, for example /opt/NX:
INSTALL
$ sudo NX_INSTALL_PREFIX=/opt /usr/NX/nxserver --install
UPDATE
$ sudo NX_INSTALL_PREFIX=/opt /usr/NX/nxserver --update
UNINSTALL
$ sudo /opt/NX/scripts/setup/nxserver --uninstall
$ sudo rm -rf /opt/NX
2.6. Activating the License (for Customers)

The evaluation version
includes a 30-days license which is automatically activated during the installation. No further action is necessary.

Customer packages
include a temporary (30-days) node.lic file for evaluation.
Such license file has to be replaced with the customer's license file acquired from NoMachine. This can be done via the NoMachine server GUI in the 'Updates' panel: click on the node.lic links to open its license panel and replace the license.

You can find a Guide for GUI usage in the Documents section on the NoMachine web site: https://www.nomachine.com/all-documents. Look for the keyword 'license' to find out in the knowledge base, section 'Articles' how to activate licenses manually: https://www.nomachine.com/knowledge-base.

To verify from command line that node.lic is correctly in place and check its validity, you may run:

$ sudo /etc/NX/nxnode --subscription
$ sudo /etc/NX/nxnode --version


3. Initiating a NoMachine Connection (end-user side)

First of all, ensure that the user has a system account on the Terminal Server Node host: you can create it by using system tools or by using nxserver commands. Empty password is not supported. Note that users need to have a valid system account on the Enterprise Terminal Server host and on each of the Terminal Server Nodes. Username must be the same on all machines but the password can be different.



3.1. Connecting by Browsers or NoMachine Client to the Enterprise Terminal Server

Once added to the Enterprise Terminal Server, the Terminal Server Node is ready to go.

To connect via web, the end-user should point the browser on his/her device to the name or IP address of the Enterprise Terminal Server host.

In a similar way, when connecting form a client device, the user will have to specify the IP or hostname of the Enterprise Terminal Server while creating the connection.

TIPS
I Auto-reconnection is supported: when the connection is lost for whatever reason (including when the client host has entered sleep mode), the client will automatically try to reconnect for as long as the user keeps the GUI or the web page open. If reconnecting is not possible, then the user will have to reconnect manually.
II IPv6 is supported: specify the IP address of the server host in IPv6 format (e.g. 2001:0:5ef5:79fb:30c6:1516:3ca1:5695) if you want to use it instead of IPv4.




3.2. Load-Balancing vs. Manual Selection of the Node

By default, the NoMachine Enterprise Terminal Server makes available the Terminal Server Node for the automatic load-balancing of virtual desktops. This means that the server, based on its load-balancing algorithm, will select the node where the new virtual desktop will be started. The server can be also configured to let the user choose the node. See the NoMachine Enterprise Terminal Server guide for instructions to configure multi-node access: https://www.nomachine.com/all-documents



4. Compression Techniques and Optimizations


4.1. Video Stream Encoding in Web Sessions

In the case of web sessions, by default, session data is streamed in video frames compressed and decompressed by using the MJPEG lossy algorithm, which is the video-format widely supported by browsers.

Oher video codecs like VP8 and H.264, require a browser which supports WebRTC and HTML5.

NoMachine web sessions use the H.264 video streaming when the following requirements are all met, otherwise VP8 is used. In practice, when WebRTC is enabled, the H.264 or VP8 encoding will be used, otherwise MJPEG will be the codec:

I WebRTC is enabled.
II The software or hardware H.264 encoding is supported on the node host. (*)
III The browser supports WebRTC and the H.264 decoding

(*) Terminal Server Node packages for customers provide the H.264 libraries necessary to support the SW H.264 encoding. Packages for evaluation, instead, don't provide such libraries. In that case it's possible to add them by installing the NoMachine AVC pack or by compiling them manually.

HW H.264 encoding is possible when the Terminal Server Node host machine has a hardware accelerated video card (GPU) with any of the supported microarchitectures: Nvidia Kepler microarchitecture onward and Intel Quick Sync processors. Enabling HW acceleration by Quick Sync requires however a manual configuration as explained here: https://www.nomachine.com/AR09O00938



Optimizations
Optimizations can be done in two ways: (I) by adjusting display settings in the session or (II) by enabling WebRTC.

I Adjusting display settings in the web sessions
To access NoMachine display settings, open the NoMachine menu inside the web session: press ctrl+alt+0 or click on the page peel in the upper right corner of the window to open it. Then click on the 'Display' button and finally on 'Display settings'. From this panel you can do the following.

Change the display image quality
Increasing the quality will mean to apply a minor compression ratio, the image will be clearer, but more bandwidth will be used.

Disable network-adaptive display quality
This will anchor the display quality to the fixed value specified in the Display quality slider, making it independent from the current network congestion. This is not recommended when there is a very limited bandwidth.

Disable multi-pass display encoding
Default settings within the encoding will work to refine the image progressively to the target quality (as specified in the Display quality slider) starting from a lower quality version of the image during moments of inactivity of the desktop. Disabling this refinement sends the image directly with target quality. Not recommended when there is limited bandwidth.
II Enabling WebRTC on Enterprise Terminal Server
NoMachine web sessions use by default the classic web media exchange protocol for the two-way browser/web server communication. WebRTC (Real-Time Web Communication) is also supported and can be enabled as explained in the next paragraph.
Enabling WebRTC allows to use the H.264 video streaming (when possible) or VP8 which optimize the user experience with multimedia applications and contents.


TIP
You may verify which encoding method is in use from the NoMachine menu inside the session: press ctrl+alt+0 or click on the page peel in the upper right corner of the window to open it. Then click on the 'Display' button and finally on 'Display settings'. The codec actually in use is reported at the bottom left of the menu.


4.2. Video Streaming Encoding in Client Sessions

Sessions run by NoMachine client use a combination of video and image encoding based on standard codecs and a number of techniques developed by NoMachine. Frames are encoded into a video stream optimized by means of a compression and decompression algorithm of real-time image and audio data. VP8, H.264 and MJPEG encoding are supported.

In general VP8 and H.264 are suitable for all situations, while MJPEG can be an alternative when the end-user's computer is less powerful and the user is experiencing slow responsiveness.

The display encoder can be changed on the server:

from the GUI
In the GUI in the Server Performance panel.

or in the node configuration file
Enable the use of a specific codec by editing the node configuration file and enabling the following two keys:

EnableDisplayServerVideoCodec 1
DisplayServerVideoCodec CODEC

where CODEC can be: 'vp8','h264' or 'mjpeg'. For example:
EnableDisplayServerVideoCodec 1
DisplayServerVideoCodec mjpeg



4.3. The X11 Vector Graphics Mode in Client Sessions

The X11 vector graphics mode (previously called 'lightweight mode') is enabled by default for (i) virtual desktops and (ii) custom sessions in floating window mode. This mode is mainly a set of NoMachine techniques to compress and optimize the X11 protocol (by applying the same alghoritms available with the NX compression protocol v. 3). These compression techniques are applied to all non-video contents like textual elements, while multimedia content is encoded in a video stream (VP8 or H.264).

The X11 vector graphics mode is useful for avoiding loss of image quality and in general is the best option when working with traditional GUIs or a large amount of text. However it's not advisable for multimedia content or applications with many graphical effects.

This mode can also help to reduce bandwidth usage, decrease the HW requirements on client and server (expensive video encoding/decoding operations are applied only to multimedia contents), increase responsiveness on slow link and end-users' clients without hardware accelerated video encoding/decoding capabilities.

You can disable/enable the X11 vector graphics mode
via the GUI
in the Server preferences GUI -> Performances panel

or in the node configuration file
for disabling the X11 vector graphics mode, edit the node configuration file, uncomment and set:
AgentX11VectorGraphics 0

or to enable it:
AgentX11VectorGraphics 1

TIPS
I In the case of slow bandwidth, decreasing the quality level of images could help but if you need to have a perfect image without quality loss, you have to increase the display quality instead. It's also suggested to disable multi-pass encoding to avoid the 'out of focus' effect: multi-pass is an encoding technique which uses multiple passes to reach progressively the best definition of the image.
II Quality level and multi-pass encoding can be tuned from the NoMachine menu inside the session in the Display -> Change settings panel. (Ctrl+alt+0 or click on the right upper corner of the window to open the NoMachine menu).


4.4. Supporting OpenGL Applications in Virtual Session

In NoMachine virtual desktops and custom sessions, OpenGL rendering is done by default by software components. This means that rendering tasks are accomplished by CPU and not offloaded onto GPU. Such operations could be resource-demanding, especially in the case of 3D desktop graphics effects, and make the user interface look slow.

A possible alternative is to configure the NoMachine server to use the VirtualGL libraries (included in the NoMachine package) and therefore activate support for HW accelerated OpenGL applications. This allows OpenGL applications, namely 3D applications, to use server side graphics hardware.

In order to activate support for VirtualGL, follow instructions at http://www.nomachine.com/AR11K00737



5. Terminal Server Node Configuration


5.1. Configuration Files

The configuration files for the Terminal Server Node are mainly node.cfg. In some cases it may be necessary to adjust some settings also in the server configuration file, server.cfg. In effect, the Terminal Server Node package includes the nxserver program as well, which still manages users and sessions on localhost but doesn't accept connections unless they come from the Enterprise Terminal Server.

Configuration files are placed in the:
BaseDirectory/NX/etc directory on Linux: /usr/NX/etc/server.cfg
/usr/NX/etc/node.cfg

The Default Configuration
NoMachine Terminal Server Node comes with a default configuration that is sufficient to grant a working setup in the majority of environments. NoMachine administrators can tune their installation at any moment and according to their specific needs by setting the related configuration keys. In some cases this will require to restart all NoMachine services.

Edit the Configuration Files
NoMachine configuration files are text files made up of a number of key-value pairs. All the configuration files can be edited manually by a text editor, e.g. 'vi'.

Be sure to uncomment the configuration key (i.e., remove the '#' pre-pended to the key) to set a value different from the default.

When a configuration key supports an on/off status, set value to '0' to disable it and to '1' to enable it.

Make Changes to the Default Configuration Effective
Changes will be effective with the next new connection without the need to restart services if not otherwise specified.



5.2. Local and Network Ports

For each session, NoMachine uses ports that are used only locally on the node host and network ports.

Some ports are mandatory and must be free, e.g. the session display number and the connection port. Other ports are used for services that can be disabled, e.g. USB forwarding.

Local port Description How to change the default
11000 + DisplayBase Session display. If this port is already in use, NoMachine will look for a free port by incrementing DisplayBase up to the value set in the DisplayLimit server configuration key. DisplayBase (by default 1001) and DisplayLimit (200) are defined in server.cfg
20000 Communication port between the session's nxserver process and the main server process. Add the ServerSlaveBase key to the end of server.cfg and specify a value
24000 + DisplayBase Session's monitor port. DisplayBase (by default 1001) and DisplayLimit (200) are defined in server.cfg
5473 and 5483 USB devices forwarding. Disable USB sharing by setting EnableUSBSharing none in node.cfg


Network port Description How to change the default
6000 + DisplayBase TCP port for the NoMachine display service. If this port is already in use, NoMachine will look for a free port by incrementing DisplayBase up to the value set in the DisplayLimit server configuration key. DisplayBase (by default 1001) and DisplayLimit (200) are defined in server.cfg.
4000 TCP port for the NoMachine Network service (nxd) and connections via NX protocol. This port must be open in the firewall and mapped to the external IP of the server host. Set NXPort in server.cfg and restart the nxd service.
4011 - 4999 UDP port range. Set UDPPort in server.cfg to define a different range. UDP can be disabled on client side. Note that UDP is not used if the node is behind a firewall.
22 TCP port for connections via SSH protocol. This port must be open in the firewall and mapped to the external IP of the server host. Set a different port for the system SSH server and align value set for SSHDPort in server.cfg. Then restart the NoMachine server.
4080 and 4443 HTTP and HTTPS port for web connections. These ports must be open in the firewall and mapped to the external IP of the server host. Change 'Listen' directives in htd.cfg and restart the nxhtd service.
20000 - 30000 External ports range for UPnP port mapping. Set NXUPnPPort in server.cfg to define a different range. Set EnableUPnP none in server.cfg to disable port mapping.
5040 + x Port opened between client and server for each USB device. Port number is defined by 5040 + x where 'x' is the first free port retrieved starting from port number 5040. N/A
4000 Automatic updates from NoMachine repositories. Updates are managed by nxd. Disable automatic updates by setting UpdateFrequency 0 in server.cfg.
5473 and 5483 USB devices forwarding. Disable USB sharing by setting EnableUSBSharing none in node.cfg.
5.3. Hiding the NoMachine Monitor and Notification Messages

It is possible to hide or show the !M (the Monitor) icon in the system tray. When the icon is hidden, notification messages will still be displayed when users are connecting. This can be configured
from the GUI:
In the Server status -> Server preferences -> Security panel by selecting 'Hide the NoMachine icon in the system tray'. When the icon is hidden, notification messages will still be displayed when users are connecting.

or in the node configuration file
This setting is ruled by the DisplayMonitorIcon key in the node configuration file. If you change them manually by editing the file, you then need to restart the server to make changes effective.

To hide the !M in the system tray set:
DisplayMonitorIcon 0

To display the !M in the system tray set:
DisplayMonitorIcon 1

In both cases, then restart the server:

nxserver --restart


By default NoMachine issues a balloon message to notify about events like user's disconnection or user's requests for connecting. You can disable notification messages by setting the following key in the node configuration:
DisplayMonitorNotifications 0

TIP
If the displaying of monitor's notification messages is disabled, the desktop owner will be unable to accept connection's requests by other users. Configure trusted users on the Enterprise Terminal Server if you need to allow connections without explicit authorization.


5.4. Hiding the Whiteboard and Chat Tools

If you want to disable the launching of the Whiteboard from the Monitor menu, edit the node configuration file to have:
EnableWhiteboard 0

Then restart the server:

nxserver --restart


6. Users Management


6.1. Managing Users Terminal Server Node Host

You can manage create and delete user accounts by using tools provided by your Operating System or the NoMachine server commands as explained below. Note that the user who will connect by NoMachine must have an account also on the Enterprise Terminal Server (username must be the same, password can be different).

Creating Accounts

nxserver --useradd USERNAME --system
Modifying the User's Password:
nxserver --passwd USERNAME --system
Listing the NoMachine Users:
nxserver --userlist
Removing Accounts:
nxserver --userdel USERNAME --system




6.2. Greeting Messages

It is possible to welcome users when session is started by issuing a greeting message, either only the first time the user logs in or every time the user connects to the Terminal Server Node. Update the node configuration file by writing the text of your message in any of the following keys:

NodeFirstLoginGreeting "Welcome to your first NX session"
NodeLoginGreeting "Welcome to your NoMachine session"



6.3. Notifications to Users

NoMachine provides an instant messaging tool, named whiteboard which allows also drawing and sharing files with connected users and fast-track access to file transfer. To access it, connect to the user's desktop and from the Monitor (!M icon) in your system tray click on 'Show the whiteboard'. Note that if multiple users are connected at the same time to the same session, they will all see the message.

As an alternative, it's possible to issue a dialog in the connected sessions to show a custom message by sending it from command line.

Sending a message to all running sessions:

nxserver --broadcast "Your message goes here"
or sending a message only to the session specified by its session id:
nxserver --message "Your message goes here"


7. Supported Connection Protocols

NX Protocol
Server-node connections use by default the NX protocol for secure communication over the network. Encryption in the NX protocol is implemented using OpenSSL TLS/SSL, based on ECDHE-RSA-AES128-GCM-SHA256 as the default cipher suite. ECDHE-RSA-AES128-GCM-SHA256 is an AES (Advanced Encryption Standard) block cipher with 128 bits key in GCM (Galois/Counter Mode).


SSH Protocol
As an alternative, it's possible to tunnel server-node connections using SSH.



7.1. Setting the Protocol for Server-Node Connections

Protocol to be used for server-node connections has to be defined while adding the Terminal Server Node to the Enterprise Terminal Server.

Use the NX protocol
If not otherwise specified, the Terminal Server Node is added with: NX protocol and port 4000. On the node host, the Network Server (nxd) is listening on port 4000. It's mandatory that this port is open between server and nodeto allow connections by NX protocol.

It's possible to change the listen port for nxd, in this case it will be necessary to add the Terminal Server Node by specifying the port. On the Enterprise Terminal Server host, execute:

nxserver --nodeadd NODE --port PORT

You can change port for nxd
from the GUI:
in the Server status -> Server preferences -> Network services GUI

or in the server configuration file by editing this key:
NXPort 4000

Restarting the nxd service is necessary to make this change effective:

nxserver --restart nxd


Use the SSH protocol

In order to use the SSH protocol, it's necessary to add the Terminal Server Node by specifying the protocol, and in some cases the port. If port is not specified, the default port 22 is used. Execute on the Enterprise Terminal Server host:

nxserver --nodeadd NODE --protocol SSH --port PORT


8. Sessions' Management

Each session is uniquely identified by a session id (which can look like: B253864E822F5A235825F3AB8853AF00) and a display id (e.g.,1002).

A session on the NoMachine Terminal Server Node can be in any of the following statuses:
Connected - when it's connected to the remote display.
Disconnected - this status is available only for virtual desktop sessions and custom sessions. A session is marked as disconnected when it's disconnected from the remote display. A disconnected session can be reconnected at any time even from a different machine (migration). While a session is disconnected, applications on the remote server stay running.
Finished - the session has been closed in a clean way and all NoMachine processes have been shut-down smoothly.
Failed - any of the NoMachine processes has failed to start or it has been "un-cleanly" terminated.
Transitional statuses are Connecting, Disconnecting and Terminating.

Sessions on the Terminal Server Node can be monitored and managed on the Enterprise Terminal Server.



8.1. Setting a Virtual Desktop Environment on Linux

Pre-requisite to connecting by NoMachine is that a desktop environment is installed on the system even if the host is headless or it's not started in graphics mode.

During its installation, NoMachine detects the default desktop environment set on the system and configures the node accordingly. Path and command to start the system desktop environment is defined in the node configuration file by the DefaultDesktopCommand key. The Terminal Server Node is able to detect GNOME, Unity, KDE and LXDE. If you have a different desktop environment, it's necessary to edit the DefaultDesktopCommand key accordingly.

For example to run MATE:
DefaultDesktopCommand "/usr/bin/mate-session"

or to run Pantheon:
DefaultDesktopCommand "/usr/bin/gnome-session --session=pantheon"


If there are multiple desktop environments installed, you can specify in the same key the desktop to be launched. For example if you have KDE, GNOME and Xfce installed installed on Ubuntu 16.04 and want users to be able to run new virtual KDE desktops, set the configuration key to:
DefaultDesktopCommand "/etc/X11/Xsession startkde"

If you want they create new GNOME virtual desktops instead, set:
DefaultDesktopCommand "/etc/X11/Xsession 'gnome-session --session=gnome'"

or for creating Xfce virtual desktops:
DefaultDesktopCommand "/etc/X11/Xsession startxfce4"

TIP
If you want to let users choose between creating new KDE or GNOME virtual desktops (given that they are both installed) set desktop=1 in the ConnectPolicy key in the server configuration of the Enterprise Terminal Server. With this setting, the following keys (in node.cfg) are used to start respectively KDE and GNOME virtual desktop: CommandStartKDE and CommandStartGnome.


8.2. Executing Custom Scripts on Server/Node Events

The server configuration and the node configuration provide a number of keys that can be activated to execute a custom script upon a certain event.

In case of Terminal Server Node, only scripts related to login events can be set in server.cfg. Scripts related to session events have to be set in the node.cfg. A number of parameters can be specified for each script. Scripts set on the Terminal Server Node are executed on that host and apply only to those users who are connecting to it.

Available for Configuration key Accepted parameter (server.cfg) Accepted parameter (node.cfg)
server UserScriptBeforeLogin remote ip -
server UserScriptAfterLogin username -
node UserScriptBeforeSessionStart session id, username, node host, node port, main session id(*), main session type(*) session id, username, session type, display, main session id(*), main session type(*)
node UserScriptAfterSessionStart session id, username, node host, node port, main session id(*), main session type(*) session id, username, session type, display, main session id(*), main session type(*)
node UserScriptBeforeSessionDisconnect session id, username, node host, node port session id, username, session type, display
node UserScriptAfterSessionDisconnect session id, username, node host, node port session id, username, session type, display
node UserScriptBeforeSessionClose session id, username, node host, node port, main session id(*), main session type(*) session id, username, session type, display, main session id(*), main session type(*)
node UserScriptAfterSessionClose session id, username, node host, node port, main session id(*), main session type(*) session id, username, session type, display, main session id(*), main session type(*)
node UserScriptBeforeSessionReconnect session id, username, node host, node port session id, username, session type, display
node UserScriptAfterSessionReconnect session id, username, node host, node port ssession id, username, session type, display
node UserScriptAfterSessionFailure session id, username, node host, node port,main session id(*), main session type(*) session id, username, session type, display, main session id(*), main session type(*)

(*) 'main session id' and 'main session type' parameters are available only when the user connects to an already running virtual desktop (session shadowing). They indicate respectively the id and type of the session to which the user is connected with his/her own session qualified by 'session id' and 'session type'.



Note that the order of parameters is relevant. For example, a custom script to be run on node event 'UserScriptBeforeSessionStart' should use the $2 variable to retrieve username and $4 to retrieve display.

Pre-requisites to run custom scripts
Custom scripts must be executable. Custom scripts set-up in server.cfg are executed by the nxserver program. Since nxserver is running as the nx user, you have to grant this user the necessary permissions in order to execute the custom script.

Custom scripts set-up in node.cfg are executed by the nxnode program, which is run as the connected user. Place the script in a directory that is accessible by the node, i.e. accessible by the connected user(s).

By default if the execution of the scripts fails, the nxserver and nxnode will terminate. This means that the user's session will not start. You can override this behavior by forcing exit 0 inside the custom script and let the session start even if the custom script is failed.

TIP
If custom scripts triggered on login events have to be applied to all users connecting to the multi-node system, they have to be placed in the server.cfg file of the Enterprise Terminal Server.


8.3. Limiting or Terminating Virtual Desktops Automatically

In order to limit the number of virtual desktops on this Terminal Server Node, it's advisable to use profile rules. They have to be executed on the Enterprise Terminal Server.

Note that the server.cfg file on the Terminal Server Node provide the following keys:
VirtualDesktopsLimit 20
VirtualDesktopsUserLimit 20
ConnectionsLimit 20 ConnectionsUserLimit 20
which respectively limit by default to 20 the maximum number of: concurrent virtual destkops, users who can run a virtual desktop, connections (virtual desktops + sharing of virtual desktops + connections to physical desktop if any) and users (who run virtual desktops + connect to a virtual desktops + special users who can connect to the physical desktop of the Terminal Server Node host).

TIP
To limit the maximum number of concurrent virtual desktops on this node for example to 60:
Increase the value set for the virtual desktop limit in the server.cfg of the Terminal Server Node to for example 100:
VirtualDesktopsLimit 100
or set it unlimited:
VirtualDesktopsLimit 100
Then execute on the Enterprise Terminal Server host the following command. NODE:PORT is the name of the Terminal Server Node, as it appears in the ouput of 'nxserver --nodelist' executed on the Enterprise Terminal Server:
nxserver --ruleadd --class node --type virtual-desktops-limit --value 60 --node NODE:PORT

 

Disconnecting or Terminating Virtual Desktops Automatically
To disconnect a virtual desktop or custom sessions after a certain time of inactivity, uncomment and set a proper timeout value, in seconds, in the following node configuration key. For example, if you want to terminate sessions after 10 minutes of inactivity you need to set:
DisplayServerExtraOptions "-timeout 600"

If the NoMachine display agent doesn't receive any input from the user in the given timeout, it will either disconnect or terminate the session. Termination of the session will be carried out if the session is not persistent or no X application is connected to the display. Otherwise the agent will disconnect the session so that the X applications will be left running.

Note that the DisplayServerExtraOptions key is only for virtual desktops or custom sessions with X11 vector graphics enabled (default).

For sessions connected to a virtual desktop (sharing of the virtual desktop), virtual desktops with X11 vector graphics disabled and connections to the physical desktop set instead:
DisplayAgentExtraOptions "-timeout 600"

 

9. Device Sharing, Copy&Paste and File Transfer

The Terminal Server Node allows users to access and share their devices and resources from locale to remote and vice-versa. Disks, printers, USB devices and more can be connected inside the session to easily access them from both client and server side. At present device sharing is not available with web sessions and is only available in connections by NoMachine client.

Two-way copy and paste is fully supported. Web sessions implement the NoMachine virtual clipboard which allows copying text from/to the session running in the browser and the local computer.

Download/upload files from the session to the local computer and vice-versa is also fully supported in client and web sessions, as well as drag and drop of a file from remote to locale and from locale to remote.

By default device sharing, copy&paste and file transfer are always permitted. You can however completely disable any of these services or disable it only partially, for example to prevent users from sharing their local printer in the NoMachine session but permitting them to use the remote printer.

Limiting or forbidding device sharing, copy and paste and file transfer can be done on the Enteprise Terminal Server by means of profile rules. Please refer to the Enterprise Terminal Server guide here: https://www.nomachine.com/all-documents for detailed instructions.

 

10. Multimedia and Session Recording

 

10.1. Supporting Audio and Microphone

On Linux, NoMachine audio framework is integrated with PulseAudio sound server. If PulseAudio is not available on the system, NoMachine is able to use ALSA (Advanced Linux Sound Architecture). This is automatically managed by the NoMachine server so that multimedia support can work out of the box without the need for any configuration. If both PulseAudio and Alsa are available, the administrator might want to configure the node to use one or the other.

Disabling or Setting Audio Support
To disable audio and microphone support, uncomment and set the AudioInterface key to 'disabled' in the node configuration file:
AudioInterface disabled

On Linux it is possible to define whether PulseAudio Server or ALSA has to be used by setting AudioInterface key to 'pulseaudio' or 'alsa' respectively. For example:
AudioInterface pulseaudio

 

10.2. Recording your Screen

NoMachine can record in a video all activity made inside the session or on the desktop. To start the recording of the session, users should open the NoMachine menu inside the session (ctrl+alt+0) and click on the 'Recording' button icon to access the Recording panel. From this panel it's possible to open the recording bar, change audio and video quality and open the recording directory to access all recorded files. Session recording is not available with sessions on the web.

To record activity made on the desktop, start the recording from the !M icon menu in the system tray of the Terminal Server Node host and show the Recording bar from there. Desktop activities can also be registered on the physical desktop without the need to be connected via NoMachine.

Recorded files are saved by default in WebM format and can be played back directly with NoMachine or any other player supporting that format. Video streams can be encoded only with VP8 or H.264 when supported. Recorded files are saved by default on the user's device in the NoMachine directory under the 'Documents' directory.

Disabling session recording
To prevent users from recording their session activities, edit the node configuration to set:
EnableSessionRecording 0

Disabling desktop recording
To prevent users from recording desktop activities, even when physically logged into the Terminal Server Node host, edit the node configuration to set:
EnableLocalRecording 0

 

11. Automatic Updates

The Terminal Server Node, as well as the other NoMachine client and server products, periodically checks NoMachine repositories (by default every two days) to verify if updates are available and will prompt a dialog informing the user that a new version is available.

It will never automatically update the current installation. Also the download in background of a new software version will not lead to an automatic update of the current installation.

A separate guide which deals specifically with all the possible options for the automatic software updates is available on the web site in this section:

https://www.nomachine.com/all-documents

 

12. Logging Facilities

Two separate guides, available in the Documents section on the NoMachine web site (https://www.nomachine.com/all-documents) provide step-by-step instructions for that.

TIP
When debug mode is enabled, nxserver.log may increase consistently. It's suggested to keep debug level only for the time necessary to reproduce the problem and collect logs.

 

12.1. Using the System Logging Facilities

By default the nxserver and nxnode programs log to the file defined in the SystemLogFile key in their configuration files (server.cfg and node.cfg).

It's possible to configure these applications to log to the system log file instead. Edit the server.cfg and node.cfg files, uncomment and set:

EnableSyslogSupport 1

Then restart the server and all services to make the change effective:

nxserver --restart

 

12.2. Redirecting Logs to a Custom File

You can redirect logs of nxserver and nxnode programs to a custom file by uncommenting and setting the path to that file in the SystemLogFile key available in the server and node configuration files. By default this key is set to:

SystemLogFile /usr/NX/var/log/nxserver.log

Change it to point to a different file, for example:

SystemLogFile /tmp/NX.log

TIP
The custom file must be accessible (writable) to the 'nx' user and to the connected user.

 

12.3. Configuring the Automatic Clean-up of Session Directories

In its default configuration, the Terminal Server Node removes the session directory from the user's home/.nx directory once the session has been correctly terminated.

You can preserve it, for example for log purposes, by uncommenting and disabling the following key in the node configuration file. In this case, the session directory in user's home/.nx is renamed as T-C*:

SessionLogClean 0

TIP
While investigating an issue affecting a session on the Terminal Server Node, logs from that host are usually needed.