PortNumber=(port number)
Accept connections on port

VNC Server accepts incoming connection requests from clients on a particular TCP port. By default, this is port number 5900, which equates to VNC display number 0 (zero), but in practice, any available port number can be used.

IdleTimeout=(seconds)
Disconnect idle clients after

An idle client is one which has transmitted no keyboard or pointer events for more than a certain length of time. The VNC Server can be configured with a threshold, expressed in seconds, after which idle clients will be disconnected to conserve resources. If the threshold specified is zero seconds then connections will never timeout. The default idle timeout is one hour.

Note that pointer and keyboard events received from clients will prevent their connection timing out even if the VNC Server is configured to otherwiseignore those events (see below).

HTTPPortNumber=(port number)
Serve Java viewer via HTTP on port

If the port number specified is non-zero then VNC Server will accept incoming HTTP requests, allowing the Java VNC Viewer to be downloaded by a Java-aware web browser. The VNC Server Configuration interface will set the HTTP port to have a number one hundred lower than the specified VNC port number, but this may be overridden to use a custom port number if required.

LocalHost=true/false
Only accept connections from the local host

If the server is configured to only accept connections from the local host then the Access control setting is ignored, and VNC Server will be completely innaccessible via all network interfaces except the local loopback interface. This setting is only normally useful when tunnelling VNC sessions into the server, for instance via Secure Shell (SSH).

Hosts=(pattern)
Access Control

VNC Server can filter incoming connection attempts based upon the apparent IP addresses of their originators. Which IP addresses are allowed to connect and which are not is determined by the Hosts pattern. The pattern consists of a comma-separated list of IP address specifications. Each specification starts with an action, gives an IP address, and a subnet-style mask. The first specification to match the address of the new connection determines the action that will performed.

e.g. Hosts=+192.168.0.1/255.255.255.255,+192.168.1.0/255.255.255.0,-

The pattern given above allows the computer with address 192.168.0.1 to connect, as well as any computer in the 192.168.1 subnet. All other connections are rejected by the - term, which is actually redundant in this case - a connection will always be rejected if it doesn't match anything in the Hosts pattern.

Note that IP addresses and masks are specified in Type-A (xxx.yyyyyyyyy), Type-B (xxx.yyy.zzzzzz) or Type-C (xxx.yyy.zzz.www) form. The specification 192.168 will therefore be interpreted as 192.0.0.168 rather than 192.168.0.0 as one might expect.

The Authentication page allows you to configure the required level of authentication of incoming VNC Viewer connections. At present, only two levels are provided - no authentication or classic VNC authentication. Some new authentication methods are in development, so expect this page to grow.

SecurityTypes=None
No Authentication or Encryption

If your VNC Server is operating in a protected environment, such as a secure LAN or firewall-protected network, then you may wish to configure VNC Server to accept connections without requiring a username or password to be specified. This might be useful when tunnelling VNC over a secure protocol such as SSH, for example, to remove one redundant level of authentication.

We advise extreme caution when disabling authentication. Do not disable it unless you are absolutely sure that the host network is completely secure.

SecurityTypes=VncAuth
VNC 3.3 Authentication, no Encryption

Most VNC Server configurations should at least be protected by a password required in order to authenticate the remote user to the server. This setting requires that the user provide the correct password when connecting, but carries out the rest of the VNC session with no encryption.

The password to use can be configured by selecting Set Password and typing the new password twice. On platforms which support it, the password (and all other configuration options) are protected using native operating system security methods, so that the password cannot be read or tampered with by other users.

QueryConnect=true/false
Prompt local user to accept incoming connection

If this option is set then a dialog will be presented on the local desktop, prompting the user to accept or reject the connection. If no response is received while the dialog is displayed then the connection will be automatically rejected. If another connection is received while the dialog is displayed then it will be rejected automatically.

Inputs

AcceptPointerEvents=true/false
Accept pointer events from clients

If this option is unticked then incoming pointer movements from all clients will be ignored, preventing any remote VNC Viewer from affecting the pointer of the VNC Server's desktop. This can be used to configure a server to become effectively view-only.

Note that a client will still be deemed active for the purposes of the IdleTimeout setting if it is sending pointer events to the server, whether or not they are accepted.

AcceptKeyEvents=true/false
Accept keyboard events from clients

If this option is unticked then incoming keystrokes from all clients will be ignored, preventing any remote VNC Viewer from typing into the VNC Server's desktop. This can be used to configure a server to become effectively view-only.

Note that a client will still be deemed active for the purposes of the IdleTimeout setting if it is sending keyboard events to the server, whether or not they are accepted.

AcceptCutText=true/false
Accept clipboard updates from clients

If this option is unticked then incoming clipboard updates will be ignored from all clients. This option should be used when making a VNC Server effectively view-only, but may also prove useful to prevent clipboard changes made by clients from overriding the VNC Server's local clipboard when this would be undesirable or confusing.

SendCutText=true/false
Send clipboard updates to clients

This option, if unticked, prevents the VNC Server from informing clients of changes to its local clipboard contents. This can be useful when untrusted clients are to be allowed to connect to the VNC Server, since it prevents any private data being accidentally leaked via the clipboard.

Allow input events to affect the screen-saver

This option determines whether keyboard and mouse events received from VNC Viewers can cause the screen-saver to be hidden. This option is actually a system-wide setting and is not implemented by VNC Server itself, so there is no equivalent command-line option. Some older Win32 platforms do not support this option. It is recommended that this check-box be ticked, so that the screen-saver can be disabled by VNC Viewer input.

DisableLocalInputs=true/false
Disable local inputs while server is in use

AlwaysShared=true
Always treat new connections as shared

If this option is set then all incoming connections will be treated as shared, and thus not disconnect any existing connections, regardless of whether the connecting VNC Viewer requested that the connection be shared.

NeverShared=true
Never treat new connections as shared

If this option is set then all incoming connections will be treated as non-shared. VNC Server will therefore either disconnect any existing connections, or refuse the incoming connection, depending on whether non-shared connections are configured to replace existing ones (see below).

AlwaysShared=false, NeverShared=false
Use client's preferred sharing setting

When connecting, VNC Viewer specified whether the connection should be shared or non-shared. If this setting is configured then the VNC Viewer's preference will be respected.

DisconnectClients=true/false
Non-shared connections replace existing ones

If an incoming connection is to be shared (either by choice or because AlwaysShared is set) then existing connections remain active. If a connection is non-shared (either by choice or because NeverShared is set) then either the new connection must be rejected, or existing clients disconnected.

While connected

RemoveWallpaper=true/false
Remove wallpaper

This option causes the desktop wallpaper or Active Desktop background to be removed while there is at least one VNC session active. When the final session ends, the wallpaper or Active Desktop will be restored.

RemotePattern=true/false
Remove background pattern

This option causes the desktop pattern to be removed while there is at least one VNC session active. When the final session ends, the pattern will be restored.

DisableEffects=true/false
Disable user interface effects

This option causes most user interface effects such as alpha-blending, faded menus, scrolling menus, anti-aliased text and window animation to be switched off while there is at least one VNC session active. When the final session ends, these effects will be restored.

Note that the range of effects disabled depends heavily on the operating version and applications.

When last client disconnects

DisconnectAction=None
Do nothing

Don't perform any special action when the last client disconnects.

DisconnectAction=Lock
Lock workstation

Lock the workstation when the last client disconnects. Note that this functionality is only available on Windows 2000 and above.

DisconnectAction=Logoff
Logoff user

UseHooks=true/false
Use VNC Hooks to track graphical updates

VNC Server is designed to support a variety of techniques for tracking changes to the local desktop. This release supports the classic VNC Hooks technique. VNC Server can either be configured to use VNC Hooks, or to continually poll the screen for changes.

PollConsoleWindows=true/false
Poll console windows for updates

The VNC Hooks hooking technique cannot track console windows because of limitations in the operating system. Instead, console windows may be polled for changes. If this option is set then VNC Server will track the visible parts of console windows and poll those areas for changes.

Note that if you choose to disable VNC Hooks then you should also disable polling of console windows.

CompareFB=true/false
Filter out updates that have no effect

Heuristic change tracking techniques, such as those used by VNC Hooks, often report changed areas that have changed very little. Even fully accurate tracking systems can report areas have changed even when they have simply been re-drawn and hence have not actually changed.

Import VNC 3.3 Settings

If you have configured WinVNC 3.3 on a machine then you can automatically have VNC Server 4 configure itself to match your existing 3.3 settings as closely as possible. VNC Server 4 will warn you when it cannot match existing settings completely, or if they are no longer relevant.

If you choose to import settings to configure a User-Mode VNC Server then VNC Server will attempt to import your personal WinVNC 3.3 settings. If you choose to import settings to configure a Service-Mode VNC Server then the WinVNC 3.3 Default settings on the local machine will be used.

Note that you must separately uninstall the WinVNC 3.3 service if you import the settings into VNC Server 4, or configure VNC Server 4 to operate on a different port number.

Protocol3.3=true/false
Only use protocol version 3.3

VNC Server 4 supports both the original VNC version 3.3 protocol, and the new VNC protocol versions 3.7 and 3.8. Some third-party VNC software use non-standard version numbers which may cause incompatibility issues. VNC Server 4 can therefore be configure to only ever use the original VNC protocol version 3.3, ensuring compatibility even with non-standard VNC Viewers.

DisableOptions=true/false

If DisableOptions is set to true then the Options item in the tray icon menu will be greyed out. The VNC Server Configuration will still be accessible by running the VNC Config application, but will not be accessible via the tray menu.

Windows 3.11 / Windows NT 3.51

VNC Server 4 is not designed to operate on 16-bit versions of Windows. It will therefore not operate on Windows 3.11 or older.

VNC Server 4 is not designed to operate on Windows NT 3.51. It may work on NT 3.51 but don't count on it. The older VNC 3.3.7 release can be used on Windows NT 3.51.

VNC Server 4 is designed to be compatible with Windows 2003 Server.