What platforms does DeviceView support?

DeviceView supports Android, iOS, macOS, Windows, and Linux from a single platform. All platforms are included at no extra cost, including full unattended remote control for Android Enterprise corporate-owned devices.

How does DeviceView compare to TeamViewer?

DeviceView includes mobile support, SSO (SAML 2.0 and OIDC), and SCIM provisioning as standard features. TeamViewer charges extra for mobile device support, locks SSO behind its most expensive Tensor tier, and does not support Android Enterprise corporate-owned devices even through Intune integration.

Does DeviceView include SSO and enterprise identity?

Yes. SAML 2.0, OIDC, and SCIM provisioning are included in every DeviceView plan. There is no separate enterprise tier required for SSO or directory sync.

Is DeviceView HIPAA-ready?

DeviceView is designed for HIPAA-regulated environments. Privacy Mode blacks out patient-facing screens during remote sessions, preventing PHI exposure. Optional session recording with full audit logs including operator, device, and timestamp is available and exportable for compliance audits.

Does DeviceView support unattended Android remote control?

Yes. DeviceView provides full unattended remote control for Android devices, including Android Enterprise corporate-owned (COPE and fully managed) devices. No end-user interaction is required to start a session.

What MDM and EMM integrations does DeviceView offer?

DeviceView integrates natively with Microsoft Intune, VMware Workspace ONE, SOTI MobiControl, Jamf Pro, and Samsung Knox. Remote view and control launch directly from your existing MDM console.

How does DeviceView handle session security?

DeviceView uses WebRTC peer-to-peer connections so sessions never route through DeviceView servers. Multi-tenant data is separated with cryptographic isolation. Every session is recorded with exportable audit logs.

Is DeviceView built for MSPs?

Yes. DeviceView supports multi-tenant environments with cryptographic isolation between tenants, making it suitable for managed service providers supporting multiple client organizations from a single platform.

Feature

Unattended Remote Control for Wayland Linux Devices

Connect to a Wayland Linux endpoint with no user logged in, including at the GDM or SDDM greeter, and after a reboot, on supported distributions.

Does DeviceView support unattended remote control on Wayland?

DeviceView provides unattended remote control of Linux endpoints running Wayland, including at the GDM and SDDM login screens and after a reboot, on supported distributions. Operator authentication, role-based access, and per-session audit logging are enforced. The DeviceView agent is installed before the unattended scenario is required; consent is granted at enrollment by IT, not per session by an end user. Validate compatibility for your specific distribution and greeter before rollout.

Last reviewed: 3 May 2026 · DeviceView Engineering

Validate Wayland support for your distro and greeter See supported environments

Background

Why unattended Wayland is hard (and what that means for your tool choice)

Most legacy remote control tools were built on X11. On X11, any authenticated client can read the framebuffer, capture keystrokes, and inject input events, by design. Remote support tools used those primitives directly.

Wayland reorganized the security model. The compositor (Mutter on GNOME, KWin on KDE) owns the screen. Clients cannot capture the display, inject input, or read other surfaces unless the compositor explicitly grants permission, typically through xdg-desktop-portal with end-user consent. That works for attended screen sharing on a video call. It is the wrong primitive for unattended IT support, where there is no end user to consent.

The hardest case in this category, and the one that distinguishes a real solution from a partial one, is the greeter: the device sits at GDM or SDDM with no user session at all. Tools that rely on a logged-in user session, including most that depend on xdg-desktop-portal, cannot reach the device in this state. After a reboot, the device returns to the greeter and the same problem recurs.

For a deeper architectural breakdown, see Why unattended remote desktop is hard on Wayland.

Architecture

How DeviceView handles it

DeviceView's unattended Wayland capability is delivered through a system-level agent that operates independent of any logged-in user session, paired with operator-side authentication, authorization, and audit. The agent is installed by IT before the unattended scenario is required; the consent decision is made at enrollment, on a known device, governed by RBAC and recorded.

Greeter and post-reboot reachable

The agent can present a session to an authenticated operator while the device is at the greeter, after a reboot, or with a screen lock active, without requiring an end user to dismiss a portal dialog.

Wayland isolation preserved

Per-app input isolation, no global keylogging surface, mediated screen capture. What changes is who makes the consent decision and when, not the underlying isolation properties.

Operator authentication, not OS bypass

Operator identity is enforced through SSO and MFA. Privileged actions inside the session still require local OS authentication via PAM, the greeter, or polkit as appropriate.

Wayland as shipped

DeviceView does not require disabling Wayland (WaylandEnable=false), forcing a switch to a non-default desktop environment, or routing the session through an X11 fallback.

DeviceView does not publish further implementation detail. Architecture-level disclosure is sufficient for an evaluation; deeper information is available to customers under NDA as part of a compatibility validation conversation.

Compatibility

Expected environments

The distributions and desktops below are expected to work with DeviceView's unattended Wayland capability based on the underlying architecture (system-level agent, GDM and SDDM integration, gnome-remote-desktop and KRdp primitives). Ubuntu 24.04, Ubuntu 26.04, and Debian 12 are verified today; remaining rows are expected to work based on the underlying architecture and will be marked verified as test runs complete. We will validate your specific distribution, version, default desktop, and greeter as part of evaluation.

Distribution / Version	Default desktop	Display server	Default greeter	Status
Ubuntu 24.04 LTS	GNOME 46	Wayland	GDM	✓ Verified
Ubuntu 26.04 LTS	GNOME 50	Wayland (only)	GDM	✓ Verified
Fedora Workstation 40	GNOME 46	Wayland	GDM	Expected to work, not yet verified
Fedora Workstation 41	GNOME 47	Wayland	GDM	Expected to work, not yet verified
RHEL 9 (workstation)	GNOME 40	Wayland (default)	GDM	Expected to work, not yet verified
RHEL 10 (workstation)	GNOME 47	Wayland (only)	GDM	Expected to work, not yet verified
Debian 12 (GNOME)	GNOME 43	Wayland	GDM	✓ Verified

For distribution-specific deployment notes, see Unattended remote control on Ubuntu 24.04 Wayland, Unattended remote control on Fedora Workstation Wayland, and the parent platform page Remote access for Linux devices running Wayland.

KDE Plasma, Xfce, Cinnamon, MATE, Sway, and other Wayland compositors are also expected to work where the underlying portal and display-manager primitives are present, on the same not-yet-verified basis. KDE-specific roadmap details are available under NDA. See limitations.

Security and consent

What an end user sees, what is logged, and who can override

Consent

For unattended sessions, the consent decision is made at enrollment by IT, on a known device, recorded in the audit trail. This replaces the per-session xdg-desktop-portal dialog that an absent user cannot answer. Wayland's structural isolation properties are preserved.

Operator authentication

SSO via SAML or OIDC, MFA enforcement, and SCIM provisioning are supported. Operator identity flows through to the audit record on every session.

Authorization

Role-based access controls (RBAC) at the operator, group, and device-group level. Technician permission scopes can be configured to separate read-only viewing, file transfer, clipboard access, remote shell, and full control.

Audit

Per-session connection events, operator identity, endpoint identity, session start and end timestamps, and where enabled, in-session activity logs and session recording (a usage-based add-on). Audit artifacts are exportable. Where SIEM integration is configured, events land alongside other security telemetry.

End-user visibility

What the end user sees during an unattended session, including any operator banner, post-session notification, or absence of either, is configurable by IT policy and should be aligned with internal acceptable-use policy and applicable regulation.

For the full control catalog, see Audit, RBAC, and consent controls for unattended Wayland access.

Use cases

Where unattended Wayland support changes the work

Five concrete operational scenarios where unattended Wayland support changes whether the work is doable remotely or requires a truck roll.

Recovering an endpoint that has rebooted overnight

A scheduled patch leaves the endpoint at the greeter. The on-call technician connects, authenticates as a privileged local or directory account at the endpoint, validates state, and closes the ticket, with no user.

Troubleshooting a locked Linux laptop

An end user is on PTO; their workstation is locked. A help-desk technician connects, completes work that does not require the user's data, and disconnects.

Supporting kiosk and signage endpoints

A kiosk reboots after a power blip and waits at the greeter. The DeviceView agent allows remote validation and remediation without dispatching a technician.

Pre-deployment configuration on a freshly imaged device

A new Linux endpoint is enrolled, agent-installed, and reachable for unattended configuration before any user logs in for the first time.

Out-of-hours remediation in regulated environments

Healthcare, lab, or research workstations remediated outside operating hours, where waiting for an end user to consent is not operationally viable. Operator identity, optional session recording, and audit export support evidence requirements for SOC 2, HIPAA, or ISO 27001 review.

Limitations and requirements

What is in scope, and what is not

The list below is not exhaustive; configurations outside it should be validated.

01
Agent must be installed before the unattended scenario is required
DeviceView is not a remote-attach tool that can recover an endpoint with no agent installed.
02
GNOME Wayland is the supported compositor today
KDE Plasma, Xfce, MATE, Cinnamon, Sway, and other Wayland compositors are not in the same support tier. KDE-specific roadmap details are available under NDA.
03
Distributions outside the supported environments matrix are unsupported until verified
A distribution being Linux and shipping Wayland is not sufficient: the verification has to exist in the compatibility matrix.
04
OS-level authentication still applies inside the session
Privileged actions require PAM, greeter, or polkit authentication on the endpoint. Unattended is about the display server consent layer, not bypassing OS authentication.
05
Network requirements
The DeviceView agent requires outbound connectivity per the documented network specification. NAT traversal, proxy support, and air-gapped deployment models should be validated against your environment.
06
Compliance
DeviceView markets HIPAA-aligned operator controls and provides exportable audit artifacts. DeviceView does not certify your organization's compliance with SOC 2, HIPAA, ISO 27001, PCI, or any other framework. FedRAMP and DoD IL4 authorization are not currently marketed; federal and DoD evaluators should ask for the current posture.
07
GNOME release tracking
Major GNOME releases can affect the integration surface. The DeviceView Linux engineering team runs continuous validation against current and pre-release GNOME builds. SLA-grade compatibility commitments can be discussed during procurement.
08
Implementation disclosure
DeviceView does not publicly disclose implementation specifics of the Wayland integration. Architecture-level information is sufficient for evaluation; deeper detail is available to customers under NDA.

Era comparison

How this differs from X11-era remote control

A short comparison of the two display-server eras for the same operational job. This is not a vendor comparison; for that, see TeamViewer alternative for Linux fleets on Wayland and other entries in the cluster.

Aspect	X11-era remote control	Wayland unattended (DeviceView)
Display capture and input injection	Available to any authenticated X client by design	Mediated by the compositor; requires explicit authorization
Default consent model	None for trusted clients on the local server	Per-session user dialog via xdg-desktop-portal
Login-screen access	Via display manager configuration (e.g., xhost, XDMCP)	Requires architecture that does not depend on a logged-in user session
After reboot	Tool reattaches to the X session if running	Requires the agent to be present and operational independent of a user session
Security implications	Global keylogging and screen scraping latent in the protocol	Structural isolation; consent layer is the operator-managed surface
Common workaround on modern Linux	Switch back to X11 / Xorg	Not available on the default desktop in Ubuntu 26.04, RHEL 10, or any distribution whose default GNOME no longer ships an X11 backend

The displacement is not "Wayland is harder, so use a workaround." It is "Wayland reorganized the security model; the workaround era is closing on the default desktop, and the durable answer is a tool architected for Wayland."

Frequently asked questions

Can DeviceView remote-control a Linux device at the GDM login screen?

Yes, on supported distributions in the compatibility matrix above. The DeviceView agent operates independent of a logged-in user session.

Does DeviceView work on Wayland after a reboot, before any user logs in?

Yes, on supported distributions. The agent re-establishes operability after the OS is back up, including while the device is at the greeter.

Does DeviceView support SDDM (KDE's default greeter)?

SDDM is in the same support category as the underlying compositor. KDE Plasma is not in the same support tier as GNOME Wayland today. See limitations.

Does DeviceView require disabling Wayland or setting WaylandEnable=false?

No. DeviceView operates with Wayland as shipped by the distribution.

Does the end user see a consent dialog when an operator connects unattended?

By default, no, that is the definition of unattended. End-user visibility (banner, post-session notification, etc.) is configurable by IT policy. Operator identity, session start/end, and where enabled, session recording are written to the audit trail regardless of end-user visibility.

How is the unattended session authorized?

Through a combination of operator authentication (SSO + MFA), operator authorization (RBAC), and the agent's enrollment-time authorization on the endpoint. OS-level authentication (PAM / greeter / polkit) still applies for privileged actions inside the session.

What audit artifacts are produced?

Per-session connection metadata, operator identity, endpoint identity, timestamps, and where enabled, in-session activity logs and session recording. Artifacts are exportable and can be forwarded to SIEM where integration is configured.

Does DeviceView support headless Linux endpoints (no monitor attached)?

Yes, on supported distributions where the compatibility matrix lists headless as verified.

Does DeviceView claim to be the only commercial tool that does unattended Wayland?

No. Several vendors are working on Wayland unattended capability; some have shipped partial support, and gnome-remote-desktop is the underlying primitive on GNOME. DeviceView's position is that it is one of the few enterprise platforms with verified unattended support including the greeter and post-reboot scenarios on the GNOME Wayland desktop. Verify against your distribution and greeter before procurement.

How often is the compatibility matrix re-verified?

Every row is reviewed for refresh on a 90-day cycle. Major GNOME releases trigger an out-of-cycle review. The verification date for each row is recorded in page metadata.

Internal links

Validate DeviceView for your Wayland fleet

Validate Wayland support for your distro and greeter. Bring the specifics of your fleet (distribution, version, default desktop, greeter, MDM, IdP, compliance scope) and a DeviceView Linux engineer will tell you what is supported today, what should be validated in a pilot, and what is not in scope. This is a technical conversation, not a sales demo.

Get the Wayland remote access evaluation checklist. A vendor-neutral checklist of what to verify before choosing any remote control tool for a Wayland Linux fleet: greeter access, reboot persistence, GNOME and KDE divergence, audit and consent model, agent footprint. Useful even if DeviceView is not on your shortlist.

Validate compatibility Get the checklist

Reviewed every 90 days. Next review: August 2026.