This is a must have pdf reference file:
An amazing, free, current, searchable, compilation of hundreds Windows commands with explanations, syntax, and examples of their use. And, it’s free !
An amazing, free, current, searchable, compilation of hundreds Windows commands with explanations, syntax, and examples of their use. And, it’s free !
I was asked to look into a beeping in a server room which no one could find.
It was understandably difficult as there were three server racks with modems, routers, switches, servers, PCs, UPSs, CCTV, and audio equipment. To add to that they were single beeps, quite wide spread apart, and within a noisy, concrete room. I determine after a little while they were single beeps and exactly 15 minutes apart. Typically first suspicions are the UPS units, but 15 minutes is not typical of APC UPS devices. To make a long story short, it turns out in a far corner where 2 fiber internet connections entered there were small UPSs units supplied by the service provider. One of the UPS units showed a failed battery. Being behind the open steel door, no one had seen the light.
This seems like a trivial post and an obvious solution but I am posting as there are many forums on the Internet with people not being able to locate a device creating a beep every 15 minutes. This is common with FIOS, Verizon, and Bell equipment. One story goes as far as to explain a fellow turning everything off in the server room, one device at a time, every 15 minutes, till everything was shut down and unplugged, but could still hear the beeps.
For simplicity there are many reasons you may want a single URL or FQDN to access a resource internal or external to your corporate domain. If the internal and external domain names are the same it can sometimes cause DNS issues resolving the public domain name from the corporate network. I am often asked about this in reference to web sites; “why is our website accessible from anywhere but our buisiness network””?” For example you want to access www.net-works.ca from a network that uses the internal domain net-works.local. The internal DNS server manages DNS for net-works so it doesn’t pass on the request to the forwarder, but it also doesn’t have a DNS record for the www Host. The simple solution is to create an internal zone for the host name you are trying to access. SBS 2008/2011 did this automatically for “remote” so that the same URL could be used internally and externally. This technique can be used for access ing websites, dvr systems, or anything you like that uses a FQDN.
To do so open the DNS management console, expand the folders under your server name, right click on the “Forward Lookup Zones folder, and select New Zone. A wizard starts, click next and you can select the zone type. Accept the defaults, Primary Zone and next.
Select “To all DNS servers running on domain controllers in this domain”.
In this case I am going to set up a universal URL for access to a DVR system, so I will enter dvr.net-works.ca This could be www, remote, or what ever meets your needs. Keep in mind for external access you must set up the DVR, or matching, Host record with whichever service manages DNS for your public domain.
Again accept defaults, and click next, and finish.
Now right click on the new zone folder and choose “New Host (A or AAAA)” record. Finally, again accept defaults except insert the IP address. In this case it is an internal IP. There should be no need for a PTR record creation.
When complete it should look similar to this:
I am pleased to announce my Windows Phone 8 Blog app has been published. As of yet it is not compatible with Windows Phone 8.1 but should be by the time of “official” release. The app, which is free, can be downloaded from: http://www.windowsphone.com/en-us/store/app/lan-tech-blog/d0bd5f80-c223-48ae-a13e-a978913198b0
There are many web sites outlining how to reconfigure windows XP, Vista, and Windows 7 to allow multiple concurrent Remote Desktop Sessions, basically making a desktop PC a terminal server. On many occasions I have pointed out doing so is a licensing violation, however I confess I have never seen this specifically stated in any ELUA. I have been privy to discussions with Microsoft where this has been discussed, and Microsoft employees and support site personnel have often posted it is not permitted on various sites.
Having been asked to verify this I reviewed various EULAs (End User Licensing Agreements) and it seems Microsoft more often explains in detail what is allowed than what us not. Much like your insurance company doesn’t state in your home owners policy you are not permitted to have bonfires in your basement. Some ELUAs such the one for Windows 7 mentions; “The single primary user of the licensed computer may access a session from any other device using Remote Desktop”, but does not state you can have multiple sessions. It does however state you can have multiple users sharing a single session using NetMeeting or Remote Assistance, which means both users are sharing the same desktop and application, not separate sessions. The intent with this is to assist an end user.
The modification is promoted as a patch, but a patch would be provided by Microsoft. This ‘patch’ was created by someone named DeepXW who on their own web page refers to it as “Crack termsrv.dll, remove the Concurrent Remote Desktop sessions limit”.
Most of the reputable sites explaining the hack also include a disclaimer explaining it is a violation. I have posted some examples at the end of my ramblings . Sites such as Experts-Exchange have even banned posting the hack as they have confirmed it is a licensing violation.
We also need to consider if this hack were legal, you would also require buying RDP/RDS CALs (Client Access Licenses), and if Office were installed you would only be legit if you purchased volume licensing with one license for each user. The latter two are requirements on any multi-session Microsoft O/S. The Office 2013 ELUA does clearly state that you cannot have multiple sessions: “Remote access. The user that primarily uses the licensed computer is the “primary user.” The primary user may access and use the software installed on the licensed device remotely from any other device, as long as the software installed on the licensed device is not being used non-remotely by another user simultaneously.” This same issue applies to third party software which in many cases has the same limitations.
Granted the hack does work, with some occasional Winsock issues, and though the chances of being caught are minimal, if discovered in a Microsoft audit, which does happen, the penalties are stiff. I strongly encourage folk to approach this in a more secure, manageable, and legitimate way by using a Microsoft Remote Desktop Services Server (formerly called Terminal server).
Sample comments from various sites outlining the hack:
However, be warned. Before you begin, I need to warn you that patching the file and allowing more than one concurrent Remote Desktop session will violate a few lines in the Windows XP EULA. Proceed with caution and at your own risk. I shall not be liable for any damage caused to you, your computer, your data or your dog/cat because of this. From <http://www.petri.co.il/multiple-remote-desktop-sessions-on-windows-xp-sp3.htm>
Desktop, which basically only allows the single primary user of the licensed computer to access a session of the computer. And that essentially tells us that the trick we revealed to enable multiple concurrent user in remote desktop in Windows 7 isn’t a legally licensed, despite that it’s really a good useful hack. From <http://www.nextofwindows.com/how-many-concurrent-connections-allowed-to-access-a-windows-7-computer/
I think you find it is a license violation, as win 7 is single user at time OS.
As with all version of windows you need a license for all current users.
If you “hack it” you have violated the TOS and have voided the windows license. From <http://social.technet.microsoft.com/Forums/windows/en-US/41e9e500-714a-443b-bff2-55f0d500d3d1/concurrent-sessions-remote-desktop-in-windows-7>
A quick note: enabling multiple concurrent RDP users may be against the Windows 7 End User Licensing Agreement (EULA). Please be sure to check the EULA beforehand and know that we do not recommend making these changes in cases where they may violate the EULA. From <http://www.optimusbi.com/2012/12/05/enable-concurrent-rdp-connections-windows/>
Regardless of what solution you come up with, concurrent desktop access (if you are not sharing a single session) is in violation of the desktop Windows EULA. From <http://arstechnica.com/civis/viewtopic.php?f=15&t=1190558
In the past I wrote a couple of articles explaining how to connect to a business network using a Windows VPN prior to logon, so that domain authentication takes place and group policies and logon scripts are applied. See: Win 7 and earlier and Win 8
As pointed out in the articles, this only works for domain joined computers. It has been brought to my attention that some folks would like to automate the VPN connection process on non domain joined machines. .
Basically you need a one line batch file and add it to the startup folder, but in detail:
rem Batch file to establish a VPN connection
rasdial acme username password
XP: Documents and Settings\All Users\Start Menu\ Programs\Startup
Win7: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
On occasion there may be a need to be notified if a remote server is off-line due to an Internet outage, router issue, power outage, or server down. There are many excellent services that will monitor and alert you, but most are intended for multi-site and/or multi-server configurations and require a monthly fee. You might just want to monitor a single site and be notified if it fails.
I had this situation and therefore decided to write a simple script to accomplish the task. I am not a programmer so I am sure this could be improved upon, but it works. Feel free to add suggestions or alternatives in the comments section, I am sure we would all be interested.
Basically there is a batch file that makes use of a free little utility called http-ping by www.CoreTechnologies.com which runs every ‘X’ minutes using a scheduled task and verifies if the site is accessible. If not, a simple VBS script sends an e-mail alert.
Http-ping does need to be able to access an http or https server, which could be a web server, Exchange (OWA), a router management page, or one of many other possibilities.
To configure simply create a folder such as C:\SiteMonitor and place in it; the batch and VBS script below, and http-ping . You will have to download http-ping from http://www.coretechnologies.com/products/http-ping/
@echo off :: Enter the directory location (e.g. C:\SiteMonitor\) Set Directory=C:\SiteMonitor :: Enter the address of the site to ping (e.e. 22.214.171.124/Exchange:443 or server.domain.com/Exchange:443) :: (The first example should be used if you need to know if the public IP has changed) Set Site=126.96.36.199/Exchange:443 :: If Exist %Directory%\PingResult.txt Del %Directory%\PingResult.txt %Directory%\http-ping.exe %Site% >> %Directory%\PingResult.txt findstr /M "Reply" %Directory%\PingResult.txt If %errorlevel%==1 GoTo EMAIL GoTo END :EMAIL cscript %Directory%\SendAlert.vbs :END
' VBS script to send an alert via e-mail Dim SMTPserver, Sender, Recipient, Subject ' Set client specific variables SMTPserver = "smtp.ISPname.abc" Sender = "alert@SomeDomain.abc" Recipient = "me@MyDomain.abc" Subject = "Alert off-line" Message = "An automated script has determined the server at is currently off-line." ' Send E-mail set objMessage = CreateObject("CDO.Message") objMessage.Subject = Subject objMessage.Sender = Sender objMessage.To = Recipient objMessage.TextBody = Message objMessage.Configuration.Fields("http://schemas.microsoft.com/cdo/configuration/smtpserver") = SMTPserver objMessage.Configuration.Fields("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2 objMessage.Configuration.Fields.Update objMessage.Send set objMessage = Nothing
When complete save the batch file as something similar to SiteMonitor.bat. In the batch file you need to set two variables; the “Directory” where you saved the files, and the “Site” htpp-ping is to test. The site can be a FQDN or an IP, and needs to point to a server or router. In some cases you need to add the port number. Some examples include:
remote.domain.abc/OWA (Exchange port 80)
In my case the site I wanted to monitor had a dynamic IP. I needed to be alerted if the public IP changed due to a service used by the site that would not work with a DDNS service. Therefore I used the last example above.
The VBS script needs to be saved as SendAlert.vbs or change the name used within the batch file to match. In the VBS script you need to set the following 5 variables as per the examples in the script; SMTPserver, Sender, Recipient, Subject, Message.
Finally, you need to schedule a task to run the batch file every half hour (or your time frame). The following is an example as to how to do so with Vista/Server 2008 and newer. Similar can be done under Control Panel, Scheduled Task in XP/Server 2003 and earlier.
Open the Task scheduler under Control Panel / Administrative tools, click on Task Schedule Library, and on the right select Create a Basic Task. Assign the task a name and you can enter a description if you like. Make sure you also select “Run whether the user is logged on or not”.
Configure the “Trigger” options as per the following image:
In the “Actions” pane choose to start a program, and point to your batch file:
You can then complete the wizard accepting defaults. Your monitoring service should now be complete. If you want to test, change the “Site” variable in the batch file to a non existent IP or FQDN, and you should get an alert the next time it runs. Note if troubleshooting the results of the last http-ping are recorder in the directory you created as a text file named PingResult.txt
I recently needed to virtualize an SBS 2003, that is to say convert it from a physical machine to a virtual machine on a Hyper-V host. I have done SBS conversions to VMware hosts in the past with with little or no problem, but converting to Hyper-V, my preference , was a little more involved. I first Googled the task and found many suggestions which based on the various articles and instinct, using Microsoft’s disk2vhd was the simplest solution. I was wrong. The first run on a test machine using a single disk worked well but did require several ‘tweaks’, and then when I added the data drives, which may have been unrelated, I ran into many problems, especially when I tried installing the Integration Services components. Though disk2vhd has worked well for me with other operating systems in the past, for some reason the HAL in this case caused problems.
I am not suggesting the following is the best method, or even a good method, but perhaps it will be of some help to those attempting the same task. I have posted the steps that worked flawlessly for me on a test server, trail run, and final move. All of the following was done remotely.
Note: The process will require re-activation of the SBS license. If SBS is an OEM version; it is a licensing violation to install on different hardware or virtualize, the activation will probably fail, and if it does Microsoft will not assist.
Next, open the settings console for the newly created VM. It will have added a network adapter, remove it and add a legacy network adapter but again if the existing SBS is still powered up on the same network segment choose “not connected”, if you have multiple physical or virtual processors (cores) adjust the number of processors, if you have multiple disks add the others, and review the remaining settings.
With the addition of Group Policy Preferences, released with Server 2008 and newer, it is possible to easily and automatically deploy a Windows VPN client to domain joined computers. You might want to do so for a specific group of computers such as mobile users with notebooks.
There is one other parameter you may wish to configure. When you manually create a VPN connection it automatically enables the “Use Remote Default Gateway” option. This is a security feature that blocks local network access while connected to the corporate network by VPN. For more information about the default gateway option please see Access local and VPN network Simultaneously . You cannot configure this within the policy we created above but you can using a different GP Preference and an .ini file. Peter Frederiksen has explained this nicely in the following TechNet forum: http://social.technet.microsoft.com/Forums/en-US/winserverGP/thread/f228d2ae-232d-4572-8eee-60252f6d03a3/
There are other ways to automatically create a VPN client: