Blog Archive

Sunday, July 08, 2012

Thanks TechNet

Thanks for having no GUI documentation about this flaw with RDWeb not using the webapp gateway!

http://technet.microsoft.com/en-us/library/cc731465.aspx

Configure Remote Desktop Web Connection Behavior

2 out of 3 rated this helpful Rate this topic
Applies To: Windows Server 2008 R2
Remote Desktop Web Connection enables a user to connect to the desktop of a remote computer from the RD Web Access Web site. To connect to a remote computer, the following conditions must be true:
  • The remote computer must be configured to accept Remote Desktop connections.
  • The user must be a member of the Remote Desktop Users group on the remote computer.
A user can access Remote Desktop Web Connection by clicking the Remote Desktop tab on the RD Web Access page. As an administrator, you can configure whether the Remote Desktop tab is available to users. Additionally, you can configure settings such as the RD Gateway server to use, and the default device and resource redirection options.
Membership in the local Administrators group, or equivalent, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships athttp://go.microsoft.com/fwlink/?LinkId=83477.
To configure Remote Desktop Web Connection behavior
  1. On the RD Web Access server, start Internet Information Services (IIS) Manager. To do this, click Start, point to Administrative Tools, and then click Internet Information Services (IIS) Manager.
  2. In the left pane, expand the server name, expand Sites, expand Default Web Site, expand RDWeb, and then click Pages.
  3. In the middle pane, under ASP.NET, double-click Application Settings.
  4. To change Remote Desktop Web Connection settings, modify the values in the Application Settings pane.
    • To configure a default RD Gateway server, double-click DefaultTSGateway, enter the fully qualified domain name (FQDN) of the server in the Value box (for example, server1.contoso.com), and then click OK.
    • To specify the RD Gateway authentication method, double-click GatewayCredentialsSource, type the number that corresponds to the desired authentication method in the Value box, and then clickOK. The possible values include:

      0 = Ask for password (NTLM)

      1 = Smart card

      4 = Allow user to select later
    • To configure whether the Remote Desktop tab appears on the RD Web Access Web page, double-click ShowDesktops. In the Value box, type true to show the Remote Desktop tab, or type false to hide the Remote Desktop tab. When you are finished, click OK.
    • To configure default device and resource redirection settings, double-click the setting that you want to modify (xClipboardxDriveRedirectionxPnPRedirectionxPortRedirection, orxPrinterRedirection). In the Value box, type true to enable the redirection setting by default, or typefalse to disable the redirection setting by default, and then click OK.
  5. When you are finished, close IIS Manager.
    Your changes should take effect immediately on the RD Web Access Web site. If the Web page is open, refresh the page to view the changes.
noteNote
You can also configure these settings by modifying the %windir%\Web\RDWeb\Pages\Web.config file directly by using a text editor such as Notepad.
Posted by at No comments:

Wednesday, June 27, 2012

Thank you TechNet! Deleting the Failed Requests

Thank you TechNet!
http://blogs.technet.com/b/askds/archive/2010/08/31/the-case-of-the-enormous-ca-database.aspx

Deleting the Failed Requests

The next step in this process is to actually delete the rows using our trusty command line utility certutil.exe. The -deleterow verb, introduced in Windows Server 2003, can be used to delete rows from the CA database. You just provide it with the type of records you want deleted and a past date (if you use a date equal to the current date or later, the command will fail). Certutil.exe will then delete the rows of that type where the date the request was submitted to the CA (or the date of expiration, for issued certificates) is earlier than the date you provide. The supported types of records are:
Name
Description
Type of date
Request
Failed and pending requests
Submission date
Cert
Expired and revoked certificates
Expiration date
Ext
Extension table
N/A
Attrib
Attribute table
N/A
CRL
CRL table
Expiration date




For example, if you want to delete all failed and pending requests submitted by January 22, 2001, the command is:
C:\>Certutil -deleterow 1/22/2001 Request
The only problem with this approach is that certutil.exe will only delete about 2,000 - 3,000 records at a time before failing due to exhaustion of the version store. Luckily, we can wrap this command in a simple batch file that runs the command over and over until all the designated records have been removed.
@echo off
:Top
Certutil -deleterow 8/31/2010 Request
If %ERRORLEVEL% EQU -939523027 goto Top
Posted by at No comments:

Friday, June 22, 2012

EXTRA... EXTRA... READ ALL ABOUT IT


FROM: http://social.technet.microsoft.com/Forums/en-US/winserverfiles/thread/47582917-9086-46a3-8fd1-5440e0a9c10f  
Cody Lewis
0 Points
 Proposed Answer
Sign In to Vote
0
Sign In to Vote
After many hours of reading logs and testing I have discovered the solution!

When the DFSR service is launched, it will detect the registry “HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CurrentVersion\ASR\RestoreSession\RestoredVolumes”, if this entry exists, DFSR knows a restore was once performed on the volume where the DFSR content resides, so DFSR will do an initial sync to confirm the local database is in a consistent state.

Problem is, this key is not getting removed, so when DFSR is disabled for backup, then enabled again, it believes it has just been recovered from backup and should sync again.

Remove the “RestoreSession” subkey under “HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CurrentVersion\ASR”.

Problem solved!

I hope this helps,
Cody
  • Proposed
I have been experiencing a recurring error with DFS-R not syncing properly. After checking the logs, I discovered that DFS stops working every time Windows Server Backup begins to run. After changing my backups to every four hours only, replication began - in earnest! I triggered a replication storm! I also discovered this registry setting, and I hope that the solution is accurate. I hope to see some changes in my event viewer!
Posted by at No comments:

Monday, June 13, 2011

Posted by Picasa
Posted by at No comments:

Wednesday, June 08, 2011



Posted by at No comments:
Posted by Picasa
Posted by at No comments:

Friday, May 13, 2011

Nerd humor is great... now don't sue me xkcd


http://xkcd.com/892/

http://xkcd.com/894/

http://xkcd.com/896/

 

http://xkcd.com/891/

Posted by at No comments:
Subscribe to: Comments (Atom)