Remote Desktop Services: Balancing Sessions Hosts and Connection Brokers
KB ID 0001424 Problem I got an email from a colleague who was setting up an RDS farm, (2012 R2). He was having some problems and asked me; “If the Connection Broker brokers the connections to the Session Hosts, how do I RDP to the Session Broker?” This threw me completely, I usually jump on the console in VMware or use a third party remote management tool, I don’t tend to to RDP onto servers. I had fallen into the...
Cisco WLC: EAP-TLS Secured Wireless with Certificate Services
KB ID 0001420 Problem Ah certificates! If I had a pound for every time I’ve heard “I don’t like certificates”, I could retire! The following run through is broken down into the following parts; Setup the Cisco WLC (WLAN) Setup NAP (RADIUS). Setup Certificate Auto Enrolment. Setup Group Policy to Deliver the Wireless Settings. Note: If you are scared of certificates, sometimes it’s easier to setup password...
PowerShell: Cannot Be Loaded Because Running Scripts is Disabled
KB ID 0001417 Problem If you’ve arrived here, you are trying to run a script, and you cant; PS C:\Users\{User-name}> .\{script-name}.ps1 .\{script-name} : File C:\Users\{User-name}\{script-name} cannot be loaded because running scripts is disabled on this system. For more information, see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170. At line:1 char:1 + .\{script-name} + ~~~~~~~~~~~~~~~~~~ +...
FreeRDP Error: 0x2000D
KB ID 0001416 Problem The day after I had deployed some RDP Web access servers, I got the call that all the Linux (Intel NUC Thin clients), could not connect to the RDP farm, all the windows machines were fine? Error [08:19:16:178] [21254:21255] [ERROR][com.freerdp.core.transport] – BIO_read returned a system error 14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error [08:19:16:178] [21254:21255]...
Remote Desktop Services: Can’t Remove Dead Server
KB ID 0001415 Problem I was doing some RDS work for a client today, and it would seem that at some time in the past their RDS Licensing server had died, it had been replaced, and everything was working OK. But when I was adding roles to the new servers, this kept popping up; The following server in this deployment are not part of the server pool 1. Server-Name The servers must be added to the server pool. I could have ignored the...
Exchange Setup Error: Cannot Update Schema
KB ID 0001409 Problem I had a nightmare with this, (this morning). Client had an Exchange 2007 Server in a sub domain, and I am migrating them to Exchange 2016 (via Exchange 2013). While attempting to deploy the Exchange 2013 Server, the ‘Readiness Checks’ failed; Error: The Active Directory Schema isn’t up-to-date, and this user account isn’t a member of the ‘Schema Admins’ and/or ‘Enterprise...
Migrating RD Web and RD Gateway Roles
KB ID 0001406 Problem I’ve got a job coming up to deploy some Duo two factor authentication into a clients RDS farm. To make things a bit easier for them I needed to migrate their RD Connection Broker. They had their Connection Broker, Gateway, and Web roles on one server, (which is not unusual, or incorrect). It turned out, that moving the Connection Broker, was going to be a major task, and it would be a lot easier to move the...
PowerShell – Getting Server IP Address Information
KB ID 0001404 Problem I’ve been rebuilding some Hyper-V hosts over the last few weeks, and one thing I learned rebuilding VMware ESX hosts is, ‘make sure you know what all the network cards are doing before you flatten it!’ The same is true of storage as well but here I’m just concentrating on networking. List Network Cards and MAC Addresses If you have these documented you can rename the network card correctly...
Windows ‘Always On’ VPN Part 2 (NPS, RAS, and Clients)
KB ID 0001403 Problem Back in Part One, we setup the AD (Groups,) and the Certificate services that will knit everything together. Now we need to configure an NPS server that acts as a RADIUS server for our remote clients, And a RAS Server that our remote clients will connect to. Step1: Network Setup Microsoft have an alarming habit of telling you to connect DMZ assets to the LAN. In their defence I’ve seen some documentation...
Remotely Log Users Off From CLI / PowerShell
KB ID 0001401 Problem I’ve not had to do this since the days we got “The terminal server has exceeded the maximum number of allowed connections” errors. Now thankfully Windows Server tells us who is logged on so we can ‘ask politely’ before we boot them off! Today though, my user session got all messed up, and I needed to kick ‘myself’ off remotely, (and have a fresh session.) Solution From a...