Friday, January 26, 2024

RDP (Remote Desktop) Connections Management Without a Local Software Installation

 Managing RDP Connection Files.

RDP makes connecting to desktops and Applications Easier


Use the capabilities and best practices offered by the native Remote Desktop Protocol (RDP) client (mstsc.exe) to ease the process of managing RDP connections without the assistance of a management console. The first and most crucial step in organizing your RDP connections is to save them as distinct RDP files with meaningful names. This makes it possible to quickly identify and access various workstations or servers. Second, using the built-in history feature for "Remote Desktop Connection" can facilitate a speedy reconnect to frequently used systems. By avoiding the login question for established connections, the native client expedites the connection procedure and permits the safe storage of login information.


Windows RDP Client - Using the Native Default RDP Client

Users can utilize the shortcut "Alt+Tab" to navigate between open remote connections and their local desktop, making it easier to manage many RDP sessions. Performance and usability can be balanced by adjusting the resolution and color depth in the connection settings. Updating the native RDP client in conjunction with operating system upgrades is essential if you want to take advantage of the newest functionality and security improvements. Knowing how to use the built-in "mstsc /admin" command will help you troubleshoot by giving you access to the console session for administrative activities. Finally, if it is not possible to establish a direct RDP connection, secure options such as port forwarding or VPNs can be employed to access remote systems without the need for further management tools.

Sharing RDP Connections without Shares or a File Server

Without having to manage individual.rdp files, share RDP connections. Without requiring the sharing of RDP files and shortcuts, grant access to the most popular RDP connections on servers, desktops, and even rarely utilized RDP connections. Without the aid of a management console, manage Remote Desktop Protocol (RDP) connections more easily by utilizing the features and best practices provided by the native client (mstsc.exe). Keeping your RDP connections organized starts with saving them as unique RDP files with descriptive names. This facilitates the rapid identification and access of different workstations and servers. Second, a quick connection to regularly used systems can be facilitated by utilizing the "Remote Desktop Connection" built-in history capability. 

RDP File Generator - Dynamic file Creation

With a single button click, RDP files can be created automatically and dynamically. The web browser creates and downloads the file with the.rdp extension. The locally installed RDPClient, such as Windows' default mstsc.exe, can then open the file. 

There are screen resizing features in the native Microsoft RDP client, mstsc.exe. These weren't in the client's original or previous iterations. The ability to resize has been quite helpful with the release of new RDP client editions. Windows for RDP Remote Desktop can be adjusted to better fit the screen. This feature makes it possible to have many RDP connection sessions open on a single desktop.  Full screen RDP sessions resize automatically when autoscaling is enabled. 






Tuesday, June 14, 2022

Update Active Directory Changes to Azure Manually using PowerShell

Using PowerShell to sync changes to Azure from local Active Directory


PowerShell to sync changes to Azure from local Active Directory

PowerShell Command to initiate an Azure AD Sync

Running  Active Directory and Azure AD Connect to sync local changes to Azure can sometimes require manually updating or submitting those changes to Azure. 

This can be done using PowerShell and a simple command that will send changes to Azure. Password changes are fast but other changes in group or user properties can take some time. This will help speed that up. 

Simple open a PowerShell command prompt on the Azure AD connect server as admin . Then run the following command as shown in the screen capture:

     Start-ADSyncSyncCycle -policyType Delta 

Be sure to include the Delta portion of the command . do not use initial. Using the initial option could potentially cause issues. 


This will sync all recent changes from yur local AD to Azure immediately.  if you're not having any local AD replication issues then you will nearly immediately see the updates in Azure. 

Speed up replication between local domain controllers 

To speed up replication between all domain controllers run the command at an elevated command prompt:   repadmin /syncall  /APeD


Please share this post or link to it.  




Monday, May 16, 2022

Show Windows user SID easy Command Line

 

 Display Windows Local user SID easy Command Line 


To get the user SID for an active directory domain account of the logged in user use the simple whoami command. 
The whoami command when run from a command prompt will display the currently logged in user.  This command though not well known is often used by technicians who are remote controlling a desktop proving remote support and are working out an issue related to user accounts a or a user profile issue. 
When working with profile issues, it's often necessary to know the SID of the user. The method that's simple and works to display the user SID is opening a command prompt and running the whoami command with a command line option /user as shown below: 

              c:\>whoami /user   

Displays the results as shown in the image below. 



          
               
To get the SID on a local user account on Windows desktop , not domain account, the following command will display that. 

             wmic useraccount where name='username' get sid


Use PowerShell to get SID of local user  (replace USERNAME with the actual username)
 Open a PowerShell window and prompt then run the following. 

              Get-LocalUser -Name $env:USERNAME | Select sid 

  

Get Domain User or Group Name from SID

The following PowerShell command will display the account of a domain group or domain user from the SID . It will also look in deleted AD objects as well. 

   $SID = "S-1-5-21-xxxxxxx-xxxxxxx-xxxxxx-xxxx"
   Get-ADObject  -includeDeletedObjects -Filter * -Properties * | where{$_.objectSid -eq $SID}
     


The output of this command returned nothing, that let's us know there is no AD account , user or group, with that SID. 






Here is one that was in Active Directory. Again , we use the same PowerShell command for users and Groups but the output results differs greatly as you can see.  This object was found in Active Directory. 

The command could also be run using a wildcard, an asterisk , in the SID  to return all the accounts that begin with the same characters. Like this. 

                                             $SID = "S-1-5-21-*"
 





  

Share/Save/Bookmark


Whether your team or you are onsite or accessing systems remotely to manage and maintain, you can enhance your efforts easily and affordably. Run PowerShell commands to fix user accounts or look-up SIDs in Active Directory plus much more. Get the positive reaction and response from clients that you deserve with Online Remote Support Software. Access Server and desktop computers on physical or virtual PCs remotely. With full web based Software for Online Desktop Support screen-sharing sessions and file transfer are easy for providing better remote support and customer care.   






Thursday, April 28, 2022

Adding TXT (TEXT) DNS Record Using Godaddy DNS Manager

 Adding TXT (TEXT) DNS record using Godaddy DNS manager 

Just about all cloud services and other services such as acquiring SSL certificates or domain verification for certificates requires proving you have control of the domain. For example, just obtaining Microsoft Exchange online access requires verifying the domain. Digicert is another that provides as one of the methods to prove domain ownership and control TXT DNS record verification option. This works great and only requires creating a harmless TXT record to verify. 

In this case, what needed to be done was to create a TXT record for domain validation by Digicert. It could have been any CA authority. 

Login to Godaddy

Go to domain / domain settings / management and click Add 

    


         
Then just either add @ for the domain by itself or add the host name also called the subdomain in DNS-land  
In this case it was a verification text for sslvpn . Also added into the value field the text code provided by the service provider like Microsoft Azure or in this this case Digicert for validation of the domain .  .. .and don't worry about making a mistake because nothing can break if you do it wrong the first time.   Update the TTL to 1 hour unless a different TTL was requested by the service provider for this record. I find 1 hour works well. 



 
Then click Save.
 
I've noticed these addition take only minutes top propagate. Unlike a few years back you could be waiting longer. That's it. You return to the providers page where they'll have a "check" button to see if the record exists. If it doesn't find it the first try , wait a few minutes and try again. 




IT technical support has so many sides. There's issues such as renewing SSL certificates or validating domain.s There are cloud services that provide a vast number of services. Then there's the general but most important desktop support.  All these cloud services and validating of domain and acquiring SSL certificates wouldn't be needed if there are no users. Let's face-it, users of all these services are on desktops and laptop computers mostly. 
Although smartphone market is as huge with every person having at least one device, the desktop computer and laptop users are still the base of most things business. Online software for desktop support is still the number one requirement for business or independent  technical support specialist and providers. From the largest MSPs such as the one I am affiliated with to the smallest one man shop working from a basement of garage, online support is still the number one best investment. remote access and control of desktop through the web to provide remote control screen sharing support in one of the most required services for providing help and assistance to users internally or over the web. Without computers running, why else would be need so many cloud services. 






Sunday, February 15, 2015

CentOS / Red Hat Command To Find Dell Service Tag

CentOS / Red Hat / Windows Command To Find Dell Service Tag

The Dell service tag can be found and displayed using only a command line. The command line of a Linux system like Red Hat or Cent OS is a shell and without adding Dell, HP, or IBM tools to the server or desktop Linux system, the Dell service tag can be displayed. On "whitebox" systems or "generic" systems the serial number could be displayed. With Del land HP for example, displaying the service tag or the serial number allows easy look-ups and referencing of the system to location drivers, software, and warranty information. 

Using local Command to Display System Serial Numbers and Dell Service Tag


On a Windows based system, XP or higher, open a command window /command prompt window. The ability to display the service tag of a Dell computer desktop or server is built right into the operating system. Once you have opened a command window, issue the following command:  

C:\> wmic bios get serialnumber

The serial number of the system or the Dell service tag on the next line. The output of the command is simple too and the results are displayed on the next line in the command line window.  


Using just command line to get the serial number "white-box" computer 

"White-box" computer systems are still very popular and offer a good alternative to the more pricey OEM server and desktop systems. They are good for the very IT savvy and do it your-self people in the IT industry that know how to build and maintain these types of  systems. They offer a competitive advantage in pricing and at times quality to the well known brand of servers and desktops. 

These systems however might not return the desired or expected results. If the manufacture has not entered a unique serial numner of tag of their own into the BIOS field, the following will be displayed after issuing the command to display the serial number of the system,  "To Be Filled by O.E.M." .  


Retrieving Dell service Tags or Serial number on Linux based computer systems with only a command line

The service tag or serial number can be displayed on a Linux based system by using a simple command from a shell. Similar to Windows, the command can be native or may need a Linux component installed .Again, no tools from the manufacturer will be needed. I have tested this on Cent OS and Red Hat Linux. The command to get and display the Dell service tag or serial number of the system could and may work on other Linux distributions.

Command on Linux to get Dell Service Tag

      # dmidecode | grep -i serial      
or 
      # dmidecode -t 1

 DMIDECODE installation may be required first by executing the following: 
       
# yum -y install dmidecode

    
    
    
   

Wednesday, February 12, 2014

SQL 2008 Report Services Using Other Editions of SQL for Report Data Sources Not Supported



report-services-configuration-manager-the-using-other-editions-of-sql-for-report-data-sources-is-not-supported
report-services-configuration-manager-the-using-other-editions-of-sql-for-report-data-sources-is-not-supported

SQL 2008 Using Other Editions of SQL for Report Data Sources Not Supported

This error was caused when Report Services Configuration Manager was a different version than the SQL instance that hosted the application database. In this case the end-user was using microsoft SQL express for the applciation database and installed the Reporting service Manager from SQL standard. The Management Studio interface for SQL worked fine managing the SQL express database but the reporting services componenent did not.



report-services-configuration-manager-the-using-other-editions-of-sql-for-report-data-sources-is-not-supported





Monday, March 26, 2012

New Exchange Email Addresses Not Showing in Outlook Right Away



The new addresses automatically go into the global address book. Outlook however has it's own update schedule.
Often the following works to expedite the process.

Click Tools > then Send/Receive > then Download address book




Friday, November 26, 2010

Enable Windows Installer Logging (MSIEXEC.exe)

Enable logging of Microsoft Windows installer for diagnosing and troubleshotting. Enabling installation logging can be easility accomplished for a problem installation by using command line parameters. Strat the installation .msi file with command line parameters to log information that can be reviewed after the failed (or even successfull) product installation.

To enable MSI installation logging use the following example:
installfile.msi /L*V c:\install.log

Replace the installfile.msi with the name of your installation file.

Thursday, December 31, 2009

Supporting Technology with Technology.: Enable 24 bit color in RDP for XP or 2003 Server




Supporting Technology with Technology.: Enable 24 bit color in RDP for XP or 2003 Server

Connect with true color 24 bit rdp.

A pre-defined default limit on XP or windows 2003 server limits the color depth of RDP connections to 16 bit maximum. How to configure the "server side" of remote desktop to accept connections at 24-bit true color. Vista, windows 7 and server 2008 already allow higher that 24 bit color by default.




Thursday, December 24, 2009

Enable 24 bit color in RDP for XP or 2003 Server

Enable 24 bit color in RDP for XP or 2003 Server

The default color resolution for RDP sessions is limited to 16 bits. This color depth is set on the remote computer and not on the connecting computer. There is an easy fix for this that will enable 24 bit true color for RDP connections. Connect to the remote computer then:
  • Go to Start -> Run.
  • Type in gpedit.msc and click on OK to run the program.
  • In the window that opens’ left panel, go to Computer Configuration -> Administrative Templates -> Windows Components -> Terminal Services.
  • On the right-hand panel, find the setting that says Limit maximum color depth and double-click it.
  • In the dialog box that pops up, select Enabled from the radio buttons as shown in the image.
  • In the combo box, select “24 bit” or “Client compatable“.
  • Click OK.
After you have completed these steps reconnect to the remote computer. These steps work on both XP and Windwos 2003 server. Windows 2003 server can also include Microsoft Terminal Server.

Microsoft Terminal Server

(Windows RDS - Remote Desktop Service on Windows 2008 R2)


On Windows server, RDP or RDS (Remote Desktop Services), also permits remote access connectivity by clinets running any version of the remote desktop connection client. The remote desktop connection client used to be called terminal services client and remote desktop protocol client. Older RDP client used to have a color limitation but the newer later RDC client (remote desktop connection) does not have that limitation but the color depth can be adjusted to the user's preference.



Tuesday, November 24, 2009

Run dsa.msc in 2008 windows server


A simple but effective command used by hundreds of thousands domain administrators and other tech support and server management personal was to run the command dsa.msc from the command line or from the start run menu. This tool was taken out of the default installation for windows 20087 server. This is an interesting change and one that must have a logical cause behind it. The first of which is security.

That topic is not in the scope of this post. What is in the scope is how to get it back . To get the dsa.msc command back into member 2008 server is quite easy. The image in this post shows the options that should be selected to re-enable dsa.msc to run from a member server. The installation takes only minutes and doesn't require a reboot of the server.

Monday, March 02, 2009

How Some Companies Do Support.: VMWare - Virtualization Support

How Some Companies Do Support.: VMWare - Virtualization Support

The few instances where I needed to contact VMWare support for assistance on a project, they did a decent job. Although they, and all other vendors, tout having the best support and are committed to making their users happy, it always depends and varies depending on who you get when you call in and what is the current support queue length they are working off of.

A tired and understaffed support group no matter whose it is will always be less effective than a support department that is fresh and not over-worked (over baked), ready to break down or are disgruntled about their work conditions.

Then, there is the other factor of who you get. Although I'm not apposed to getting a new support person when I call in to a company for support, I do mind if they are not into the technology or interested in solving the issue at hand. I like and don;t mind if put on hold so they can consult with another person except times where time is more critical for the project and that added wait time can come back to hurt the project goals.

On the other side of the spectrum is the support staff members who have been at the company many years or doing the same job or technology for a long time and not only know a great deal but are grumpy about it. The experienced grumpy that thinks you should have already known much of the information they are providing and also they dispense a subtle talk down. This is the worst. Worse that the new support agent or support engineer. Although they know a lot of the product and technology, the more sadists ones will use that as a torture device. Not providing all the information, especially and particularly in the form of gotchas in design or implementation.

Remote Support

A simple process that could take an experienced person several minutes to maybe ten can turn into an hour with a person on the remote side that has no idea of how to perform the functions that you are requesting or have never even seen a command line or rarely use the right-click feature of their mouse.