You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

screen sharing broken again after update to 3.7 without Mavericks upgrade

I did the standard updates tonight - which included a remote desktop update (to version 3.7 I think) - the ARDagent.app in the System -> LIbrary -> CoreServices -> Remote management folder.


After the update (I'm still running Mountain Lion) - screen sharing doesn't work with any of my other Macs in the house. It basically sits there and never connects - saying "connecting to...." - similiar to what it did a long time ago after the 3.6 updates from 3.5. Eventually it gives this error... "connection failed to ..." and "Please make sure that Screen Sharing (in the Sharing section of System Preferences) is enabled on the computer to which you are attempting to connect. Also make sure your network connection is working properly."


I have already tried to restore that folder from time machine to version 3.6.2, as well as restored the screensharing.app file to the older version, but to no avail. Have already rebooted all the machines, restarted my airport, network hubs, etc. Tried stopping and restarting sharing already as well. No go on any option. Was working just fine before the updates tonight.


Any one else have similar issues and know how to fix?


Thanks.

OS X Mountain Lion (10.8.5), Screen sharing not connecting

Posted on Oct 22, 2013 10:59 PM

Reply
106 replies

Oct 25, 2013 6:47 AM in response to keg001

The app firewall is not playing nice.


/usr/libexec/ApplicationFirewall/socketfilterfw --listapps


ALF: total number of apps = 6



1 : /System/Library/CoreServices/Finder.app

( Allow incoming connections )



2 : /Applications/iTunes.app

( Allow incoming connections )



3 : /System/Library/Java/JavaVirtualMachines/1.6.0.jdk/Contents/Home/bin/java

( Block incoming connections )



4 : /Applications/Utilities/Migration Assistant.app

( Allow incoming connections )



5 : /Applications/Safari.app

( Allow incoming connections )



6 : /System/Library/CoreServices/RemoteManagement/screensharingd.bundle/Contents/Ma cOS/screensharingd

( Allow incoming connections )




So the firewall reports that connections are allowed. But...



tail -f appfirewall.log


Oct 25 09:35:02 [my_managed_client] socketfilterfw[103] <Info>: Deny screensharingd connecting from [mydesktopmac]:51387 to port 5900 proto=6

Oct 25 09:35:11 --- last message repeated 12 times ---

Oct 25 09:35:11 [my_managed_client] socketfilterfw[103] <Info>: Deny screensharingd connecting from [mydesktopmac]:51388 to port 5900 proto=6

Oct 25 09:35:41 --- last message repeated 12 times ---

Oct 25 09:35:41[my_managed_client] socketfilterfw[103] <Info>: Allow sshd-keygen-wrapper connecting from [mydesktopmac]:51397 to port 22 proto=6

Oct 25 09:36:39 [my_managed_client] socketfilterfw[103] <Info>: Deny screensharingd connecting from [mydesktopmac]:51402 to port 5900 proto=6

Oct 25 09:36:48 --- last message repeated 12 times ---

Oct 25 09:36:48 [my_managed_client] socketfilterfw[103] <Info>: Deny screensharingd connecting from [mydesktopmac]:51404 to port 5900 proto=6

Oct 25 09:37:18 --- last message repeated 12 times ---


So the app firewall reports that it will allow connections, then denys them anyway.

Oct 25, 2013 8:36 AM in response to MightyDane

Did you upgrade the client using the ARD Upgrade client command or did you install the .pkg that was available on the Apple Website.

With the first approach, my clients get 370A61, with the second, they get 370A71.

With the first, screensharingd is disabled in the built-in firewall. It looks like there is a codesigning issue.

Everything is fine with the second approach.


Reinstalling the client through the Apple web site version corrected the issue on 95% of my machines (one still stubonrly refused to allow screen sharing).


Corentin

Oct 25, 2013 9:48 AM in response to macadmin78

Yeah, I saw that software update now offers yet another version of the client.

Can you run this:

codesign -d -v --verify /System/Library/CoreServices/RemoteManagement/screensharingd.bundle

to check whether there might be a problem with the codesigning of the bundle, which could explain why the process is still not allowed to communicate through the firewall?


It doesn't return any error for me on the computers that are fine for screen sharing, but it does on the 370A61 ones.

It also does on the 1 machine I have with 370A71 that still doesn't play nice with the firewall:


/System/Library/CoreServices/RemoteManagement/screensharingd.bundle: a sealed resource is missing or invalid

In architecture: x86_64

resource modified: /System/Library/CoreServices/RemoteManagement/screensharingd.bundle/Contents/Su pport/SSFileCopyReceiver.bundle/Contents/version.plist

resource modified: /System/Library/CoreServices/RemoteManagement/screensharingd.bundle/Contents/Su pport/SSFileCopySender.bundle/Contents/version.plist





Corentin


Message was edited by: Cortig

Oct 25, 2013 9:56 AM in response to Cortig

yep:


/System/Library/CoreServices/RemoteManagement/screensharingd.bundle: a sealed resource is missing or invalid

In architecture: x86_64

resource modified: /System/Library/CoreServices/RemoteManagement/screensharingd.bundle/Contents/Su pport/SSFileCopyReceiver.bundle/Contents/version.plist

resource modified: /System/Library/CoreServices/RemoteManagement/screensharingd.bundle/Contents/Su pport/SSFileCopySender.bundle/Contents/version.plist


I'll see if I can locate a current version that works. I have a bug filed with Apple as well. Almost certainly will get dropped into the "duplicate" pile.

Oct 25, 2013 12:31 PM in response to MightyDane

There could be a lot of things at play here but we are seeing the same issue that we have with another recent application and it has something to do with the Firewall, actually. The ApplicationFirewall is not honoring the commands you send it. If you look, you can remove the item but it isn't actually being removed. You can, however, remove it through the GUI just fine and then add it back in from Terminal and when you do it this way the app defaults to allow incoming connections.


If you try, you'll notice that --blockapp and --unblockapp no longer work either. I have submitted a bugreport a few weeks ago on the state of the firewall and the command-line. This isn't just an issue with Mavericks, we're seeing it in 10.8.5 also but haven't gone further back to see where it breaks exactly.


To recap:


/usr/libexec/ApplicationFirewall/socketfilterfw --remove /System/Library/CoreServices/RemoteManagement/screensharingd.bundle/Contents/Ma cOS/screensharingd


Does not work.


/usr/libexec/ApplicationFirewall/socketfilterfw --unblockapp /System/Library/CoreServices/RemoteManagement/screensharingd.bundle/Contents/Ma cOS/screensharingd


Does not work.


Remove via the GUI and then run the following


/usr/libexec/ApplicationFirewall/socketfilterfw --add /System/Library/CoreServices/RemoteManagement/screensharingd.bundle/Contents/Ma cOS/screensharingd


Does work and defaults to "Allow Incoming Connections"


If you want to block the app


/usr/libexec/ApplicationFirewall/socketfilterfw --blockapp /System/Library/CoreServices/RemoteManagement/screensharingd.bundle/Contents/Ma cOS/screensharingd


Does not work.

Oct 25, 2013 12:49 PM in response to Jason Pelletier

I should restate a little.


Although there might be a bug in the code signing of ARD, the agent or ScreenSharing, the ARD developers might be getting bitten by a bug from the ApplicationFirewall where the agent gets added to the FW in a manner that sets its state to blocked by default and when they try to unblock it the command-line response is that its been done when in reality it hasn't.

Oct 25, 2013 1:30 PM in response to Jason Pelletier

That could be, but if it is, the bug is not cli only. I tested an affected machine and set the app firewall to allow the connections via the gui. Both CLI and GUI show that the connections should be allowed. But they are still being blocked.


I'm seeing issues with the Remote Desktop app as well. The new version sometimes refuses to launch after being quit. dmesg tells me that it is being denied write/create on a file (by sandbox). I sometimes have the same problem with Mail. It really looks as if Apple's sandbox has some issues.


I haven't yet discovered the correct incantation to allow for relaunch of affected apps. I have to logout or restart to get back to work.

Oct 26, 2013 1:34 PM in response to MightyDane

My screen sharing does not work with the firewall turned on.


Turning the firewall off allows it to work.


Turning it back on stops it from working.


Tried to repair permissions and recived this warning


"Warning: SUID file “System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/MacOS/ARDAg ent” has been modified and will not be repaired."


Oct 28, 2013 10:12 AM in response to macadmin78

I found something odd in my Security & privacy/Firewall options, on two different machines. In the options, "Screen sharing" is set to "Allow incoming connections", and "screensharingd" is set to "Block incoming connections".


I never added the entry for "screensharingd", and certainly never set it to "Block incoming connections". But the entry shows up both on my Mac Mini and my Macbook Pro. These settings are locked and changeable only by a user with admin rights. I am the only user who could change them, and I do not remember changing them. Why change them in the first place?


Digging a little further, it appears that "screensharingd" is part of the RemoteManagement service, specifically the "screensharingd.bundle" in the "/System/Library/CoreServices/RemoteManagement" folder.


Here's the fun thing: changing "screensharingd" to "Allow incoming connections" instantly made screen sharing work again on both machines.

screen sharing broken again after update to 3.7 without Mavericks upgrade

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.