Managing multiple remote desktop connections

In my day-to-day work, I typically connect to over a dozen servers via Remote Desktop Protocol(RDP). While I don’t connect to every one on a daily basis, there are days that I connect to nearly a dozen, and there isn’t a day that goes by that I don’t connect to at least 2-3. Up until now, I’ve been using Windows 7 jump lists. This is OK, but I ran into a limitation, in that Win7 limits the ‘most recently used’ items– so all my servers don’t always show up.

Well, I recently found a solution. The “RDCMan”, or “Remote Desktop Connection Manager” tool, directly from Microsoft. This is a free tool that lets you manage multiple connections, configure groups, sub groups, etc. You can also define settings at the group or server level, which makes things very quick to setup(i.e. many of my servers use the same credentials, so I can set the credentials at the group level, instead of the server level).

The GUI is a little dated, but still fully functional. I can connect to the desktops within the RDCMan frame, or I can ‘undock’, and have the RDP connection free-floating– this is particularly good for a specific RDP connection that I leave open all day, and need quick and easy access to.

Here’s a screenshot, and an associated link to more information:

http://blogs.technet.com/b/exchange/archive/2010/06/11/3410093.aspx

Download link:

http://www.microsoft.com/en-us/download/details.aspx?id=21101

 

How to always run applications as administrator in Windows 8

I recently got a new laptop with Windows 8. I’ve been trying to not hate the removal of my start menu too much. One of the changes they also made, is that User-Account-Control can’t really be disabled without a registry change– and if you make that registry change, most of the Metro/Modern UI apps will no longer work! Having certain applications not run as administrator can really be a problem, however… Visual Studio needs admin access to create IIS web applications, for instance. Additionally, shelling out to cmd.exe for doing a multitude of different things will be very frustrating when you don’t have those admin privileges that are rightfully required to do administrative things…

Unfortunately, there’s no easy GUI way to tell Windows 8 to always launch applications as an administrator. You can right click on a shortcut and select ‘run as admin’ each time– or even define a shortcut and set ‘run as administrator’ on the compatibility tab– but this doesn’t work if you use start->run->’cmd.exe’, such as I do… It also doesn’t work if you’ve pinned solutions to your task bar, such as I do for Visual Studio.

Thankfully, after some searching, I found a solution. You can have any executable on your computer run as admin(assuming you have permission to do so), by adding entries to this registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\

Simply add a new string value, paste the full path to the executable(such as c:\windows\system32\cmd.exe), and then edit the value to say ‘RUNASADMIN’. Next time you start that executable– through a shortcut, by going to start->run, through entries pinned to your taskbar, or double-clicking on an associated file in explorer, Windows 8 will actually run it as an admin, as you require.

Windows 7 not saving RDP credentials when connecting to servers

In my line of work, I connect to many servers daily. I have these pinned to the Windows 7 taskbar, enabling me to easily connect to a server by simply right clicking on the taskbar icon and selecting the server. One thing that has annoyed me with Windows 7, is that when connecting to a server, I am always prompted for credentials– even if I’ve selected the option to save the credentials.

Well, I finally looked into it, and found a way to fix this. I’m sure Microsoft would claim there’s a “security” reason that it’s not enabled by default– but IMO, the checkbox to save credentials shouldn’t be there if it’s not configured to work…

To enable Windows 7 to save RDP credentials when connecting to Windows 2008 R2 servers, you must complete these steps on your client computer:

  1. Start->Run->gpedit.msc
  2. Navigate to Local Computer Policy -> Computer Configuration -> Administrative Templates -> System -> Credentials Delegation
  3. On the right, double click ‘Allow Delegating Default Credentials with NTLM-only Server Authentication’. Set the setting to ‘ Enabled’, click ‘Show’, and enter ‘*’ for the Value. Click ‘OK’ when done.
  4. Do the same with ‘Allow Delegating saved Credential with NTLM-only Server Authentication’

Now, the Remote Desktop client will remember your credentials– including ones you’ve previously saved. This may seem like a minor thing, but shaving seconds here and there will turn into hours saved later– plus any frustration/annoyance/distraction from fat-fingering passwords when connecting.

Resolving “Network path is not found” errors

Multiple customers of mine have had issues with the error message “Network path is not found”. Windows can throw this error message for a number of reasons.  This often becomes a problem when you’re trying to remotely monitor event logs, services, disk space, etc. using network monitoring software such as Overseer Network Monitor.

If you’re having this issue, try these things:

  • Make sure both Windows PCs(your computer and the remote computer) are running on the same network/LAN.
  • Disable the Windows firewall. If this works, you know it’s the firewall blocking traffic, and you can find what rule to add to the firewall to make things work.
  • Disable UAC!. Note that you may have to disable remote UAC in addition to the GUI disabling of user account control
  • Check the clocks on both computers. If the times are not within 15 minutes of each other, this problem may occur. Be sure to check the date and the time, as it’s easy to miss a different year when looking at just the time or day.
  • Check the status of these services and make sure they’re running on both ends:
    • Remote Registry Service
    • Server
    • Workstation
    • Computer Browser
    • Remote Procedure Call
    • TCP/IP NetBIOS Helper Service
  • Check your network card(s) properties, and check these options:
    • Client for Microsoft Networks
    • File and Printer Sharing for Microsoft Networks
    • Also make sure “Enable NetBIOS over TCP/IP” is enabled
    • Make sure “802.1x” authentication is disabled(potentially buried under ‘configure’ tab for network adapter
  • If using local accounts, be sure you’re referring to them as MACHINE\username, and **not** .\username. If you use .\username, you will get “network path was not found”, which is a very unhelpful in resolving this problem.

 

IPv6

I just read this on the wiki, when Googling for a general piece of information about IPv6:

“While IPv6 is supported on all major operating systems in use in commercial, business, and home consumer environments,[3] IPv6 does not implement interoperability features with IPv4, and creates essentially a parallel, independent network. Exchanging traffic between the two networks requires special translator gateways, but modern computer operating systems implement dual-protocol software for transparent access to both networks either natively or using ‘tunneling’ such as 6to4, 6in4 or Teredo. In December 2010, despite marking its 12th anniversary as a Standards Track protocol, IPv6 was only in its infancy in terms of general worldwide deployment. A 2008 study[4] by Google Inc. indicated that penetration was still less than one percent of Internet-enabled hosts in any country at that time.”

12 years, and <1% deployment! This is what happens when you don't have a good transition plan from one technology to the next-- no one adopts it... I personally think it's likely 12 years from now, IPv6 still won't be the 'standard' used for the Internet... Many IPv6 proponents claim IPv4 is "end of life", as the IANA just assigned the last big /8 net block-- claiming "all the address are used up!" What they fail to understand, is that addresses aren't consumed-- they can be re-used, and they're allocated by the IANA in huge blocks, and all those organizations that they allocate to, then sub-allocate to other organizations that allocate to end users.

Multiple monitor RDP connections

I typically work with 4 1080p LCD monitors on Ergotron arms. I have the same setup and layout at work as I do at home. When I remote in from home, I’ve found in Windows 7, I can check ‘use all my monitors’, and the remote desktop actually uses all the monitors, even in my non-square and non-linear layout(my monitors are roughly in a + shaped pattern).

The one negative of this, is that the speed wasn’t great. Flipping windows and such, there’d be a noticeable lag. It was usable, but not comfortable. I figured this was due to my 1Mbps upload speed at the office. I watched a bandwidth meter on the router, and I noticed it wasn’t maxing out the 1Mbps upload speed… I have noticed, however, that when I do a speed test, the upload always starts slow, and doesn’t reach full speed for a couple seconds… I was thinking, “maybe the RDP packets are always in the start of that incline and can never reach full speed”…

Well, recently I found that Time Warner Business Class in my city just added ‘Wide band’ service. I was able to upgrade for a reasonable price to 35/5 service– that’s 5Mbps upload speed! I can use the bandwidth for other purposes as well, but I was particularly excited about having a faster RDP experience when I do work from home, trying to be fully productive with all 4 screens…

Well, I just tried the connection, and the RDP experience is MUCH better! I don’t see a constant lag when working. I looked at the same router bandwidth meter, and it was often spiking to 2Mbps or so– definitely above the 1Mbps it wasn’t reaching before… So I think my hunch about the upload connection starting slow was definitely the issue… To prove how awesome the connection was, I played a video someone posted on facebook, and it was actually watchable over RDP! Sure, it maxed the 5Mbps bandwidth meter, but it was watchable! I did try to put it full screen to see how I could push it, and that didn’t fair so well… But I’m certainly not watching video through an RDP connection for any real purposes…

Windows 2008 R2 DNS issues

So, I’ve had issues with Facebook pictures for at least a few weeks now. About half of them would just come up with the “unable to load image” icon. I experienced this in IE, Firefox, and Chrome, so I knew it wasn’t a browser issue… I figured it was a Facebook server or code issue.

I spent some time today with Wireshark to figure out where it was failing. I found that my internal DNS server was failing. This server runs W2K8 R2, and is my domain controller for my small network here.  I checked the event logs, and found multiple event 5501’s– saying that it received a malformed packet from another DNS server… I did a little research on this, and stumbled upon this blog entry that details the problem:

http://weblogs.asp.net/owscott/archive/2009/09/15/windows-server-2008-r2-dns-issues.aspx

I disabled the EDNS probes as the article suggested, and my problems instantly went away.  Why MS shipped a default that doesn’t play nicely with standard DNS servers is beyond me… But I suppose it’s not a first… I’m just glad I’ve resolved my issue.