Setting up a few Remote Desktop Session hosts on Server 2016.  Are there any GPOs that I can use to stop users from saving files to the desktop and seeing the C drive if the server?

Everyone already has a shared drive where everything should be stored and I don't want to do redirected folders if I can avoid it.  Also, can this be done where it only affects users in RDS and not their work station?

Hello,

I have a few users with VNC on their desktop.  It creates a shortcut down by the clock (which I always drag down in their profile so it is easy to find).    They have to right click and connect to listening vnc viewer and then type in my address.   Is there a way to create a shortcut on the desktop that does that directly.   Many of my users seem to have difficulty finding the clock down in the bottom right corner of their screen or identifying the small vnc icon or right clicking or typing in the address after I give them the address about 10 times in a row they'll ask where the icon is again.    Everyone is running windows 8.1 or 10.   Most of us are running 6.1 or newer.  I found some commands for vnc4 and 5 that seem like you put in -connect IPAddress after the server executable but it can't connect to IPs when I run it even though if you right click and connect it works.
ftp://ftp.wima.ac.id/realvnc.com/VNC_User_Guide.pdf

See page 188

A most recent PCI scan of our ASA firewall has revealed multiple deficiencies. We use the firewall for remote access VPN connections using Anyconnect, with a minimum TLS level of 1.1.


The issues follow - I would like to know the most efficient way of addressing, using ASDM if possible;

- Weak Encryption Ciphers identified on VPN Device (Weak encryption ciphers, such as DES or 3DES, were identified as supported on this VPN device)
- Block cipher algorithms with block size of 64 bits (like DES and 3DES)
- Weak Diffie-Hellman groups identified on VPN Device (Use Diffie-Hellman Key Exchange Group 5 or higher where possible, or the highest available to the VPN endpoints)

It should be expected that all of our VPN endpoints are fairly current.

Would changing the DH group (from Group 2) to Group 5 and setting the TLS1.1 SSL cipher to MEDIUM (removes DES) accomplish this at little risk to VPN clients?

Current VPN connections (ASDM monitoring) indicate the use of AES256 but if you can suggest a command to provide better insight that would be appreciated.

Thanks in advance!

I recently decided to start fresh with my Remote Desktop Services setup since the old one is running Windows Server 2008. I purchased Server 2016, and recently installed it. Not an upgrade, just a fresh install.

I connected it to my domain, but it is JUST a member server, not a DC. So Microsoft's warnings about domain controllers do not apply to me.

It is currently not in any OU's that I created.

But still, the Remote Desktop Management (RDMS) service won't start. I cannot configure licensing because it needs a deployment, but I cannot make a deployment because the RDMS service won't start. I cannot do anything really, because the RDS panel in Server Manager won't load, neither will most PowerShell commands for RDS.

In the Services panel, it just states that it starts and stops. It is running on Network Service, and if I change it to ANYTHING else, it gives the error about the account being different from the account specified for other services running in the same process.

I have searched up the error and found very little.

The new setup is has not been deployed or publicized yet, but I would like to have it ready as soon as possible, as this business was not in my agenda.

Change in behaviour of remote desktop login (RDP) with Google Chrome.
In the last couple of weeks my remote login from home computer to work has changed with Google Chrome browser (but not Firefox or Microsoft Edge).
The new behaviour is:  instead of opening a separate RDP application it opens a remote session in a Chrome browser window itself   .
This is annoying as multiple steps are then needed to get the browser to show the remote desktop in full screen mode.
I'm running Win 10 Pro 64 bit and Google Chrome Version  68.0.3440.106 (Official Build) (64-bit)
I have included images of the RDP session starting and logging in. Previously with Google Chrome (and still with Firefox and Microsoft Edge) a separate RDP task icon appears on the task bar with full-screen capability.
Chrome-session_2.jpg
Starting-in-chrome-window_2.jpg

Got a PowerShell idea. I'd like to create a gui that will launch either msra.exe or mstc.exe depending on my entry. What I envision is this:

1. I have a field where I type a username
2. Based on that username (I'm guessing it checks with Active Directory) the primary workstation of that user is determined and displayed (maybe last 5 logons makes a user a primary user)
3. There are 2 buttons; "Assist" and "RDC"

Anyone have any leads or willing to produce such a PS script?

From one day to another after a systeem reboot this server is not accepting RDP connections. The following have been done to try to troubleshoot this issue.
Each time an attempt is made it gives error, please see attachment.
Checked in  Control Panel/System and Security/System/Remote Desktop/Allow rem....computer checked on.
Tried to RDP connecting using hostname and IP, no results.
Checked internal firewalls and nothing is blocking RDP connections.
Installed all Windows updates, no results.
Uninstalled Windows updates to the date the issue started, no results.
Server has been rebooted several times, before, during and after updates, no results.

I have a couple of server that I ran through the deployment wizard and things are mostly working. I still need to configure sso, ssl, permissions etc. When a different admin logs onto the same server, Server Manager does not show a deployment available. Does each admin need to create a deployment? Something doesn't seem right about that.

Hello all,

I am looking for a free remote desktop solution for Ubuntu.

My company recently switched from Windows to Ubuntu for desktop computers, but our developers need to remotely connect (with access to the Ubuntu GUI) from their Macbooks.

For a few weeks, we have been experimenting with NoMachine; a wonderful, versatile, and secure application which I fully endorse. Unfortunately, their per-year licensing fees might be cost prohibitive (BTW, it is free for non-commercial use). As part of my due-diligence, I must find a free alternative (like we had when our desktops were on Windows 10).

Our criteria:
- Must be free to use without restrictions (or a significantly lower cost than NoMachine's $44 per user per year)
- Must pass our internal security testing. For one, it can't rely on external servers like Teamviewer.
- Must allow remote access to the Ubuntu desktop GUI from MacOS.
- Must be relatively easy to script and preset by admins for distribution in a standard Ubuntu image.

I've looked at a few options, such as:

• - xrdp (potential problem: I can't find a recent binary and it seems like a dead project)
• - VNC (potential problems: there are so many variations. Finding an acceptably secure one is still in the works. Might not allow for a remote session that locks/blanks Ubuntu's (host) physical monitor(s). Might not support dual monitors from host. One example that I'm investigating is x11vnc with RealVNC viewer on the Mac side.

…

Amber light is flashing on my Dell 1800 Power Edge server. Can I turn the power off and restart it without causing any problems. My server was working properly until I had to reboot it because my remote access was denied? Also, no windows appears on monitor.