We'll respond shortly.
There are several ways to enable screen sharing on OS X El Capitan from the command line. The first method is an old standby:
sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -off -restart -agent -privs -all -allowAccessFor -allUsers
This will work in 99% of the cases, but there may be some situations when it’s not quite enough. The above command enables Screen Sharing by enabling Remote Management; however, we lose the ability to add fine-grained control to who can connect & those who can’t.
Here’s another way to enable screen sharing from the command line:
sudo defaults write /var/db/launchd.db/com.apple.launchd/overrides.plist com.apple.screensharing -dict Disabled -bool false
sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.screensharing.plist
In the second example, we enable only Screen Sharing, not Remote Management. This allows us to use System Preferences to restrict who can screen share to our machine (e.g. local administrators, network administrators). We use the second example when configuring our authentication servers remotely.
Trying to remotely connect to a Mac OS X 10.7.4 from another mac (10.8)
So, the target machine had screenshare already set from a previous user. I only had ssh and sudo access to it. Here’s the command I ran to reset the password to 123pass (last param) for the VNC:
sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -off -restart -agent -privs -all -allowAccessFor -allUsers -clientopts -setvncpw -vncpw 123pass
And then I’m using the chicken (AKA Chicken of the VNC) as my vnc client.
Thank you so much for posting this.
I think you’re supposed to load the agent, too.
Here’s a script I’m using:
#!/bin/bash
/usr/libexec/PlistBuddy -c ‘Set :com.apple.screensharing:Disabled NO’ /private/var/db/launchd.db/com.apple.launchd/overrides.plist
launchctl load /System/Library/LaunchDaemons/com.apple.screensharing.plist
for userid in $(ps -Ajc | grep loginwindow | grep -v grep | awk ‘{print $1}’); do
if [ “$userid” = “root” ] ; then
launchctl load /System/Library/LaunchAgents/com.apple.screensharing.agent.plist
else
su “$userid” -c ‘launchctl load /System/Library/LaunchAgents/com.apple.screensharing.agent.plist’
fi
done
Alessandro, nice script. And yes, you’re right: the agent needs to be loaded. Although in my second example I load the agent explicitly using launchctl, in the first example it isn’t necessary—kickstart loads it on my behalf.
Thank you for this, just saved me a trip.
Guys,
a question to the experts, who helped me to find out one strange behavior:
Remote Management:
Admin uses ARD to get the screen, logs in via the OS X login-screen and works.
Ordinary User uses the screen-sharing.app, logs in via HIS user and password and ist confronted with the question wether to open his own space or to take over Admins Screen! Admin will NOT be asked to confirm, that User is allowed to do so!
Screen Sharing:
Admin uses ARD to get the screen, logs in via the OS X login-screen and works.
Ordinary User uses the screen-sharing.app, logs in via HIS user and password and ist confronted with the question wether to open his own space or to take over Admins Screen AFTER BEEING GRANTED PERMISSION! Admin WILL be asked to confirm, that User is allowed to do so! THIS is (in my opinion) the correct behavior!
Now the question: Is there any way to configure Mac OS X (Mavericks Server) to have the described Screen-Sharing behavior WHILE using and having configured Remote Management?
Thanks in advance guys! (Your article made it possible to reconfigure my headless Mac mini server!)
Tom
Tom,
I don’t have a good answer. Let me know what you find out.
How do i reset this?
Hi Uncivil,
When you say, “How do I reset this?”, do you mean, “How do I disable screensharing from the command line?”
Thanks for posting this Brian. I found it while trying to debug a problem where screensharing has stopped working on my Mac Mini. After executing the above commands, is there a way to confirm that the screen sharing setup is now active?
For example, I do:
ps ax | grep screen
and still don’t seen screensharingd in the list.
Thx,
Ramon
Brian, you just saved me tons of work!
I was able to ssh to my machine at work and enable screensharing and then connect to it. For security reasons, I normally have Remote Management Disabled…
Brian, you’re awesome! That first command is exactly the command I needed today to get into a headless mac mini while outside the office! Thanks ^_^
@Ramon: it’s launchd, not screensharingd, that’s listening on the port.
@Hiraldo: Glad it’s helpful.
@James: We miss you here at Pivotal Labs.
Brian, first of all, thanks. This works great. But how do I get this to run as a cron event? Any ideas? I’ve setup my timing and included the command you have provided. I’m looking to restart remote login every so often in the event is gets turned off. Thanks in advance.
Nevermind. I got it to work. Thanks anyway for your post. It helped me to get on the right track. Good day.
I run the command:
sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -off -restart -agent -privs -all -allowAccessFor -allUsers
and it set some permissions, enabled services and stuff. How can restore the system at the exact previous state, undoing the permissions granted and enabled services?
@Giovanni:
“How can restore the system at the exact previous state, undoing the permissions granted and enabled services?”
The answer is: I don’t know for the technique `sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -off -restart -agent -privs -all -allowAccessFor -allUsers`
I think if you’re concerned about restoring to a previous state, you should use the OTHER technique to enable screensharing. The way to reverse that technique is as follows:
sudo defaults write /var/db/launchd.db/com.apple.launchd/overrides.plist com.apple.screensharing -dict Disabled -bool true
sudo launchctl unload /System/Library/LaunchDaemons/com.apple.screensharing.plist
Another question to the experts: Is it possible to force VNC to start with the login screen? The reason is that I want to open a VNC session to my own machine to a test user. Currently it looks like the login screen is only shown on coincidence. And without it will simply show a recursive picture (nice but not useful).
Hi Thomas,
I don’t know if OS X has a way to accomplish what you’re asking (screensharing to yourself but with a different login screen).
If you ever find a way, let me know—I’m curious.
Interestingly, Linux/UNIX has a way to do it because it can run multiple Xservers (i.e. displays)
—Brian
Hey brian
Would it be possible to do it the other way around on Mavericks 10.9, to actually disable screen sharing through the command line, using your second example?
I tried running the same command but setting option to ‘true’ instead of ‘false’ but not sure if that is how it’s done. It doesn’t seem to work.
Hi Brian,
Thanks.
I actually solved it…I had the luxury of being able to move it so plugged it into my tv via HDMI cable. Of course i needed to find a USB mouse and keyboard initially. However once that was established and logged into the admin account, i realised, that i’d disabled the screen sharing, even though remote management was still enabled (still no clue how to use that), hence the reason why no screen sharing was available. However once established, i used my MBA to connect via screen sharing, and i could even control the server via screen sharing from my MBA using the MBA keyboard and track pad and showing on the tv.
I reconnected to my ISP router, and bob’s your uncle, access and screen sharing working just fine.
I just thought i’d share, as i’m sure others have done the same thing by turning off screen sharing.
cheers
Karl
Working in ARD … Worked liked a charm, Thanks for the time saver.
thanks, saved my day
Thanks. This saved me a trip into the office to reset a machine !! Awesome!
[…] of the first articles my favorite search engine turned was https://blog.pivotal.io/labs/labs/enabling-os-x-screen-sharing-from-the-command-line. It’s really helpful and attracted a few comments which give further insights into how to […]
desperately trying to change remote management option to admin rather than all users via command line, but im not having much joy. Does anyone know what the command line from remote desktop unix command would be to do this