I am running an EC2 instance on AWS running RockyOS. The system boots with gnome running, but I can not access the gnome session, so I can not run the settings apps to enable the remote desktop sharing.
Is there anyway to configure the remote screen sharing password and enable the remote desktop sharing service via the command line?
I know I can install xvnc, but I would rather just be able to access the main gnome session.
I found this gist that enables VNC + RDP. I personally had trouble with writing password in secret-tool due locked gnome-keyring but it's still good inspiration:
https://gist.github.com/greyltc/7085bff8f2e728b60077b81329019828
Related
I'm using WSL in an exclusively windows environment because of a number of tools that are only really available for Linux. I often connect to DBs programmatically and would like to be able to do that without specifying my login information. For example in Python through Windows I could do this:
import pymssql
con = pymssql.connect(server, port)
And that connection would go through without my having to specify any credentials because my AD account has access to the server, and pymssql will use windows auth when no credentials are specified.
In python running on WSL however that doesn't work, and so to make the same connection I would have to additionally pass the user and password parameters.
Is there any way to make WSL inherit windows authentication when running Linux processes?
I got you Fam!
Here is the solution : http://michaeljw.com/blog/post/keyring-r-python-windows/
Here is the Sauce:
Use the Windows Credential Manager to store the creds you want to use
https://support.microsoft.com/en-us/windows/accessing-credential-manager-1b5c916a-6a16-889f-8581-fc16e8165ac0
Here is the command for accessing the credential manager in Python:
keyring.get_password(u"[Domain or URI]", u"[username]")
As long as the user is in the cred manager, you should be able to use that command to variablize creds. You will probably have to play with it a bit to get it right, but it will work. Be sure to read the linked articles.
Enjoy
We have a remote support tool that allows us to connect to machines behind a NAT firewall. Once connected, we can choose to either connect to the console session or to any active RDP session from a list. We cannot connect to inactive/disconencted RDP sessions, and the tool has no way to create new loopback/redirected RDP sessions. What we would like to do is find a way to spawn these RDP sessions via a script or a small application so that the support tool can detect them and allow us to connect. The motivation to get this working is to be able to have multiple techs access the same server simultaneously (up to one active console session and two active RDP sessions, all at the same time, for a total of three techs).
If we log on to the console session of the target servers and then RDP to the loopback, we see the new RDP session in our support tool, which we can then select and connect to. The problem is that this RDP session creation depends on the console session. It also gives the console session access to the RDP session, and if the RDP window is minimized then the output/input for that session in our support tool is frozen. I was able to use the PS script Connect-Mstsc (mostly just a wrapper for mstsc.exe but with support for adding creds) to create RDP sessions from another random server on the remote internal network to the target server we want to create a new RDP session on. This works well from an automation standpoint but we have the same limitation described above - it only works if run interactively. If you run this from a SYSTEM shell remotely, the RDP session never appears in our support tool.
The remote support tool in question is ScreenConnect and our servers are all Windows, mostly 2012 R2, all AD environments. I think the core challenges to this solution are getting the RDP sessions created and active in a non-interactive fashion, and then preventing RDP from freezing the session input/output.
We have a software that needs to get password to be initialized. Software is running on a build server (Windows 10) and used as part of the build process. Password resets after reboot or after RDP session. Therefore RDP access to the server is disabled and it's running VNC.
However, still we have a problem that once in a while server reboots and in this case someone needs to login to the server over VNC and to initialize the software by typing password in.
Is there any way that this process may be automated? Some QA tools that may be utilized for this puprpose?
If auto logon is set (find the instruction on SuperUser site), startup script can run on this server without alive VNC connection (in Windows Task Scheduler by logon trigger). As an GUI automation library you can use pywinauto (need any Python on the server + pip install pywinauto). If you keep the server always logged in, maybe another trigger would be useful (from Jenkins slave if it's connected to Jenkins). But it must run not as a service (services can't access GUI).
I'm using Windows Server 2008 R2 which runs a VB6.0 application that uses a smartcard locally.
I then connect to this machine remotely using Remote Desktop Connection (6.3). However now the application shows the following error (SmartCard):
0x8010001d The Smart card resource manager is not running.
Research so far:
I don't want to use redirection as the card is on the remote machine already.
Using RDP the way I am trying to use it for is wrong and tightVNC is more appropriate (This does fix the issue)
Unsure - SCardEstablishContext API is returning that error because it gets an Access Denied error when trying to open an event called "Global\Microsoft Smart Card Resource Manager Started" with OpenEvent API. The default security for that event on Vista and Windows 7 specifies that only SYSTEM, LOCAL SERVICE and INTERACTIVE users have access to it. NETWORK SERVICE or non-interactive users won’t be able to access the event.
Why is the SmartCard not being recognised?
Any Information would be appreciated.
NOTE: The smartcard works fine when the application is on Windows Server 2008 R2 - however only fails when connecting remotely.
It is not possible, you can't use the locally plugged smartcard of the server you RDP into, as your session is redirected to the client then only the clients smartcard is accessible in the rdp session.
Microsoft made it like this for security reasons.
But there is a turn around, like sharing the device (smartcard reader, Usb token, Usb devices ) using software or hardware :
softawre examples (i only found paid solutions), see link
or hardware using a Device server but it doesn't work through WAN only LAN.
Use VNC instead of RDP
TLDR: Use VNC as a Windows Service
If you insist on using RPD, then you'll have to patch your RDP DLLs. If you don't want to do this, then instead use ANY OTHER PROTOCOL other than RDP. If it's a vmware VM, then just use the vcenter console. If it's an Azure VM where you don't GET a console, then just install VNC-server-softer on the server that has the Smart Cards and then access from somewhere else via VNC-client. "TightVNC" (https://community.chocolatey.org/packages/tightvnc) worked nicely for me.
There are two ways to run TightVNC server:
TightVNC Server (Service Mode) -- Connecting with VNC-client will take you to the Windows logon screen.
TightVNC Server (Application Mode)
You will need to run TightVNC as a Windows Service. Then you will start a NEW session. Otherwise you'll just be on top of the existing RDP session and still not see remote Smart Cards.
Long Version
If you RDP into a remote server, then that remote server's Smart Cards will be hidden. That behavior is baked into RDP and it is BY DESIGN.
You can optionally take your LOCAL Smart Cards along into the RDP session. (Via mstsc.exe's "Local Resources" tab and then checking "Smart cards".) But these are the Smart Cards connected LOCALLY to your laptop. And NOT the Smart Cards connected to the remote server.
So if you use RDP, then you have option to either see no Smart Cards at all (neither local, nor remote) or just see your LOCAL Smart Cards. To see the REMOTE Smart Cards is NOT possible via RDP.
This is by design inside RDP. And if you want to change it, then you have to manually patch some .DLL files. And somebody has actually done this. See this question here:
How to Access Remote USB Smartcard during RDP
Before you create your Remote Desktop session, click on "Show options". Under the "Local Resources" tab there is a "Local devices and resources" panel. Click the "More" button.
Click on "Smart Cards". No complete the remote desktop session.
I have RDP access to the windows server. I used to do manually check the disk space and RAM usage on all my windows server. I can't install or enable any service on the remote servers. Is there any way, to automate the task to check the disk space and RAM/CPU usage on remote windows server with RDP access only.
No, not with RDP - as its name entails, the Remote Desktop Protocol is an interactive system for users to access their desktop - hardly an automation system.
But you don't need to install anything, Windows comes with full remote management possibilities out of the box. For example, Inside a PowerShell session (on your PC) just use:
Get-WmiObject -class Win32_LogicalDisk -ComputerName SERVER1,SERVER2,SERVER3 | select DeviceID,VolumeName,Size,FreeSpace
You can add as many servers as you want to the list. If your local login account does not have permissions to access the remote servers, simply add the -Credential DOMAIN\LOGIN parameter to the command above.
Finally, if you encounter a login error even with an account that is an administrator of the remote servers, you must check that firewall rules do not prevent remote administration from working on the server side. You may want to use (inside an RDP session) the PowerShell command Enable-PSRemoting.
There is many ways to check servers. But I recommanded to install tools (open source) like nagios or zabbix.
Nagios is a good open source for monitoring with web access and email alerting. You need to install NSclient on the windows server which allows nagios the access to resources.
About the email alerting, you need to install an smtp server, that will send mail each time there's a critical situation. (postfix or sendmail)
this is a tutorial link to install nagios:
http://itgration.blogspot.com/2014/09/installation-nagios-306.html