I have disabled the remote desktop firewall rule in a Windows Azure virtual machine.As you would expect, I can no longer remote desktop in to the server.
Does anyone know if it is possible to re-enable the Remote Desktop Windows firewall rule?
What I have tried
As a long shot, I have downloaded the Windows Azure CLI but can't see anything in there that would do it but have not found anything.
I have also tried to execute the following command against the MSSQL server:
EXEC xp_cmdshell 'netsh advfirewall firewall set rule group="remote desktop" new enable=Yes';
GO
I am getting the following message from the query:
The requested operation requires elevation (Run as administrator).
Please tell me I don't have to re-create the site (which is backed up).
If you're using a VM inside a resource group with the new azure portal, you can do this:
Click reset password
Change mode to "Reset configuration only"
Click update and wipe your sweat off :)
It turns out that all I needed to do was to PowerShell into the Azure VM.
Steps:
Make sure PowerShell is enabled in the Endpoints section of the Azure portal.
Get the server's certificate (PowerShell needs this for remote commands). You can get the server certificate by going to your domains' URL: https://yourdomaing.cloudapp.net:12345 (where :12345 is the port that PowerShell uses).
Export the SSL certificate of the site as a .CER file and install it on your local machine.
Save it to the "Trusted Root Certification Authorities" store on your machine.
Open PowerShell with administrative privileges on your local machine and type:
Enter-PSSession -ComputerName yourdomain.cloudapp.net -Port 5986 -Credential YourUserName -UseSSL
A login popup will appear, enter your VM's login credentials here.
You will now be able to execute commands against the Azure VM. In my case, I ran netsh advfirewall firewall set rule group="remote desktop" new enable=Yes and exited the PowerShell session and was able to remotely connect to my machine.
Related
I created a new Virtual Machine in Azure. (Windows Server 2016 Datacenter Server Core)
The VM creation process allowed me to enable SSH access (and I did):
Image of VM Creation Wizard
However I find myself unable to establish a SSH connection to the Windows Server.
I learned that in situations like this, it is sometimes necessary to reset the "configuration password":
"Reset Password" for VM
This action allowed me to successfully use the "troubleshoot the connection" tool (built into Azure) to "stage" a SSH connection (from my IP to the Azure VM). However I still find myself unable to establish a SSH connection. (The connection continues to "time out".)
Image of Inbound Network Rules
Image of Azure "Connection troubleshooter"
Any ideas?
I had to follow these instructions to manually install the sshd service:
https://365adviser.com/powershell/install-use-openssh-windows-powershell-core-remoting-via-ssh/
It's worth noting that Step #2 refers to a depreciated GitHub project. As such I needed to tweak the URI. I also needed to append the the -UseBasicParsing option. Here is the final result:
Invoke-WebRequest -Uri http://mengelsen.000webhostapp.com/shared-items/OpenSSH-Win64.zip -UseBasicParsing -OutFile openssh.zip
Couldn't connect to a remote machine because of my password?
My problem here :
I can connect remotely with the normal method like "mstsc", so my user and password are working fine.
I do not understand why the password didn't work on powershell.
Could you help me for that please?
WinRM is enable on the remote machine.
Add your full command to the post for review.
You should run your powershell session as an account that has proper access to the server.
enter-pssession -computername "your PC Name" is the command.
Powershell version will matter here to the device you are trying to connect to needs to be on powershell 3.0
I tried to reset administrator password from following steps is below but unable to change administrator password.
Set the server computer to boot from USB Bootable drive, and boot the server from Windows server bootable image.
2.When install options appear, I select repair windows by command.
3.When command prompt appears, I type in command prompt "net user administrator password123" to reset the new password to the administrator user.
4.And reboot the computer after reboot I tried to login with new password but unable to login.
So please help me.
You can use offline nt password and registry editor. Here http://pogostick.net/~pnh/ntpasswd/ is the original source.
I'm trying to successfully run a batch file located on a server pc (Windows Server 2008 R2) from my Windows 7 client PC. But its not working and the command prompt shows the following error information message.
When I run
psexec \\199.219.21.141 -u admin /c "C:\Compile.bat"
I'm prompted for password, and when I enter the password and press I get
Make sure that the default admin$ share is enabled on 199.219.21.141
(which is my machine ipaddress)
The user admin is part of the Local administrators on the server machine
Things I tried,
Turning off the UAC Turning OFF the Windows Firewall
Setting the LocalAccountTokenFilterPolicy DWORD to 1 in, HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
Caching the user credentials using
cmdkey.exe /add:MACHINE_NAME_HERE /user:199.219.21.141\admin /pass:PASSWORD_HERE
psexec.exe \199.219.21.141 -i notepad
cmdkey.exe /delete:199.219.21.141
After trying to connect for some time, it again displays
Make sure that the default admin$ share is enabled on 199.219.21.141
Any ideas what am I doing wrong?
I have a build server that is not part of a Windows domain trying to connect to a VisualSVN server running HTTPS via apache with domain login via Active Directory. When I try to connect to the server using specifying a domain username I observe a client hang:
svn ls --username=domainuser https://subversion.mydomain/svn/repo1/
The logs on the server show Windows authentication failures using the login-name for the build-machine, and the build-machine's hostname in the Domain name field. The username provided on the command-line is completely ignored.
SVN Client: TortoiseSVN commandline tools: svn, version 1.8.1 (r1503906)
On a separate machine (on the domain) - I found that the --username would not be ignored if I used the cygwin svn instead.
The solution I found was to disable the http-auth-type 'negotiate'. This prevents Windows credentials being automatically shared.
I verified this using a command-line override, it asked for password for the user on the command-line:
svn ls --username=domainuser --config-option servers:global:http-auth-types=basic;digest https://subversion.mydomain/svn/repo1/
Authentication realm: <https://subversion.mydomain/svn/repo1/> VisualSVN Server
Password for 'domainuser':
(Note for Cygwin users: If you use SVN under Windows via Cygwin then you will need to add quotes to your command like this: $ svn ls --username=domainuser --config-option "servers:global:http-auth-types=basic;digest" https://subversion.mydomain/svn/repo1/ -- Otherwise the semicolon will be treated as a command delimiter.)
To configure this more permanently you can make a servers config file entry for all matching servers. For Win7 that's C:\Users\<User>\AppData\Roaming\Subversion\servers.
[groups]
mydomain = *.mydomain
[mydomain]
http-auth-types=basic;digest
Instead of disabling negotiate in client's config, I'd suggest using Windows Credential Manager to store the other account's credentials for Single Sign-On.
The following instruction shows how to put other domain credentials to access VisualSVN Server into Windows Credential Manager:
Start | Control Panel | Credential Manager,
Click 'Add a Windows Credential',
As 'Internet or network address' enter the FQDN of VisualSVN
Server's machine,
As 'Username' enter the <DOMAIN>\<username> of user account that
exists in domain and has access rights to VisualSVN Server,
Complete the password field and click OK,
Verify that you can authenticate to VisualSVN Server under the selected user account after completing the above steps.