Im a newb to AWS, so please go easy on me. We currently just spun up a custom Windows 10 instance in AWS. I was able to login via RDP successfully, but I'd like to create a new user within the instance so they can login with a different user account using RDP. Any thoughts would be much appreciated.
Okay, After your response to my first, I think I see what you are asking. Plase watch this video:
https://www.youtube.com/watch?v=rgk2w3dQGSo
Download the RDP. Save it. You can then Edit the .rdp and enter the user name and password you created in Windows.
You can create users in the User Management Console in Windows. Ensure they have the rights needed (Remote Desktop User, Administrator, etc).
Enjoy!
Once an Amazon EC2 Windows instance has been launched, it is just a normal Windows computer.
Therefore, you should use use the standard Admin tools to create the user on the Windows computer, with their own username and password.
It is also recommended that you change the random Administrator password after initial login, or (even better) connect the instance to Active Directory or whatever standard authentication system your company uses.
Technoob here. I just figured out why all of you are having trouble. You need to go to the security group the machine is a part of and open port 3389 to your public IP address (ipchicken.com works). Enjoy
If you are trying to connect from another computer then you have to change the inbound rules.
Go to the security groups of your instance. Go to the inbound rules. Add ipv4 and ipv6 as a new rule and apply it. Download the RDP File and try to connect again. It worked for me.
Related
I am using Windows 2012 R2 VM machine in Azure. I have read multiple article to setup Filezilla server in this environment. However, I am not successful. Any one faced this issue? Any solution will be greatly appreciated.
Just remember to add Filezilla to Windows Firewall :-)
I'm dealing with the same thing right now. locally the FTP serv works great. remote I cannot establish a passive connection. Based on my research this is because Azure is not set up for Passive-FTP. I am uncertain if we can get FileZilla to operate in a active-FTP mode. Will post back if I ever get to the bottom of it. Mine currently connects and authenticates but 'cannot retrieve directory listing' when it tries to kick over to passive (transfer) mode.
In addition to checking the Virtual Machine endpoints are open, be sure to also add the appropriate Windows Firewall rules if you have Windows Firewall enabled on your Windows VM.
Yes, We can connect to Azure server via FileZilla Client.
Steps:
Login to Azure portal: https://portal.azure.com
Click on App Services.
Select the Site and then click on Get publish profile.
Save the file and open it in notepad.exe.
The file contains 2 <publishProfile> sections. One is for Web Deploy and another for FTP.
Under the <publishProfile> section for FTP make a note of the following values:
publishUrl (hostname only)
userName --------------------------> This is the information you are looking for
userPWD
Add the PublishUrl to Hostname, Username and password in their respective fields.
Connected.
The link will give the detailed description of the steps flow with images.
Here is the link.
Thanks
I have problem with creating service that has access to files on network disk.
Service must have admin rights and it will be run by users that don't have admin privileges.
I send path as UNC
and file is seen by service but it return ACCES_DENIED errors when try to open or do anything on Network drive.
When I run my service as server , everything works fine.
I try to find answer but everywhere I can found only partial answers that do not help me at all.
========
I read that standard service logged as SYSTEM can't have access to network.
So i tried to log id as
NetworkService, LocalService
It didn't work. After run it as one of those user my service can't save files on c:
Some kind of admin account.But I didn't manage to success on that.
Actually logged user.
I don't know how to get password for current user.
Still this will not work for user without admin rights.
========
Please tell me what can I do?
There are plenty of Services that use somehow network resources. How do they do that?
You need to configure your service to run as a user which has sufficient rights. In this case you are looking for rights to network shares. Typically that's going to need a domain user with appropriate rights. Normally you'd ask your network manager to create a dedicated user account for the purpose.
You appear to be labouring under some false information as to how services work. You talk about running the service under the account of the logged on user. Remember that services run when there are no users logged on. And remember that there may be multiple logged users at any point in time.
For me, the port was getting blocked through firewall, I had to add a inbound rule and specify the port which i was using in my application. This way firewall did not blocked my port for outgoing connections.
References:
https://www.firehousesoftware.com/webhelp/FH/Content/FHEnterprise/FHEnterpriseInstallationGuide/24_StaticPort.htm
Merry Christmas everyone !
I've installed Team Foundation Server 2010 with advanced configuration but I left the settings as default (like Service Account: NT AUTHORITY\LOCAL SERVICE and others)...
All good until when I typed http://localhost:8080/tfs and there it asks me to provide username and password.
What is the default username and password ? I didn't provide any username and/or password during configuration.
I typed as my Windows account name but it doesn't work.
Help me please...
Thank you
EDIT: Please watch my short video capture: http://youtu.be/i8C5mp7fUsA
TFS uses Window's accounts for its permissions. If you're logging in on a workstation setup, rather than one linked to AD then remember you need to specify your machine name as part of the username, for example MACHINE\michaels.
In order to setup new projects you will need to first start off using an administrator account - if your normal username isn't a Windows administrator, then login using your admin username and password (you can then grant permissions to your normal account. You can also use the Windows security groups on the machine to add yourself - there will be a local group called "Team Foundation Administrators". MSDN has a list of the Windows groups you can configure.
it is the windows login , password and u can set it in the administration panel also .
UPDATE - mine was ashutosh-pc\ashutosh and my windows password
You have set your service account to LOCAL SERVICE. Please change this to NETWORK SERVICE. The login box you are getting is not to login TFS, but to get access to your machine resources. The LOCAL SERVICE account does not have enough permissions to operate TFS.
If you don't have NETWORK SERVICE, then use a regular windows account.
See for more information the TFS 2010 Install Guide.
Yeah definitely it works using your windows account, but in my case I have my hotmail email account linked to my windows.. so, I just used my email address and the password for this, I am sharing an screenshot, this is the firs default page after logged in.
How can I configure Visual Studio remote debugging when:
My developer machine is a member of an AD domain, and my username is "DevelopersName".
The "remote" machine is on the same Ethernet segment, but is not part of the domain.
The "remote" machine must run software under "RemoteUserName".
Most documentation I can find suggests that you need have both machines in the same domain and with identical usernames. That's not possible here.
I could possibly add my username to "remote", but the software still needs to run under "RemoteUserName.
If it helps, I could add 2nd network card to my developer machine and directly connect the "remote" machine.
Using VS2008, but will be moving soon to VS2010.
Thank you.
Sorry, but I've just spent the last 10 hours trying to debug your exact problem. My findings are not good.
You need to get your accounts synced, especially if you are using your remote app to connect to other systems in your SOA environment, ie: Sharepoint, AD.
You can to some extent get remote debugging to work, if you create an account on your local machine with the same name as that of your remote machine (lets do it like this rather rather than working with the domain account).
You then need to make sure the remote service is running under this account, and its a member of the administrators group. And by this I mean hold down control, and right click run as - with the remote debugger, and select the user (not required if remote server is logged in as the required user).
Run the wizard it will open the required ports, use Authentication, because non authentication won't debug managed code. Breakpoints are never met, and there is nothing you can do about this.
On your local dev machine, log off your domain account, and log onto the local account with matching name as the account on server thats running the remote service.
Now you stand a change of remote debugging. If you can't do any of the above, sorry there is no workaround, its entirely dependent on the user account and having the right permissions.
If you don't want to create a local account, try starting our debugger via command prompt using the following command:
runas /user:[user#machinename] /netonly [debugger.exe]
E.g.:
runas /user:john#mypc123 /netonly devenv.exe
I assume it's managed debugging you're talking about (for native debugging there's a remote debugging solution with no authentication). In this case, I would suggest that you use a local user to launch the debugger on your machine. If this local user's name and password match "RemoteUserName"'s name and password, it should work.
(Note that this does not preclude you from using the AD account to log in to your workstation, you just need to set up another account and use runas to launch Visual Studio.)
I am currently trying to access a network share from my machine programaticaly using vc++ 6.0. I am using WNetAddConnection2 to connect to a share using my credentials.
I am facing the following problem:
Consider the case when there are 2 users trying to access the same remote share from same machine one after the other. Now once a user logins, the other user is not able to login into the share using his credentials until the 1st user logouts.
Also if the 1st user logs onto the remote-machine's root share, then the other user is not able to access anyother share on that machine.
Please let me know if there is any workaround for the same.
Thanks in advance
The answer depends on if the 1st user still needs access. If they don't, then call WNetCancelConnection2(). If they do, Keith Brown in his "Programming Windows Security" book has a trick of calling LogonUser() to establish a new logon session, which creates a new SMB "port" to avoid the conflict. After impersonation, your thread will be able to connect using different credentials.