I accidentally turned off Remote Desktop access on a VM instance in Azure. Is there a way that I can turn RDP access back on through the portal, PowerShell, etc. ?
Before you start your VM on the portal, follow these steps
Select the VM, go to the dashboard
Click on the Endpoints tab and choose RDP from the list of endpoints provided
Once the RDP is selected, it gives you the default port number, use as is and save changes
http://azure.microsoft.com/en-us/documentation/articles/virtual-machines-set-up-endpoints/
Start your VM, then you can RDP your VM.
Enabling RDP using Powershell, check the below link
http://blogs.msdn.com/b/sriharsha/archive/2013/10/26/remote-powershell-in-azure-iaas-virtual-machines.aspx
http://azure.microsoft.com/en-us/documentation/articles/cloud-services-nodejs-enable-remote-desktop/
Hope this helps
Girish Prajwal
Related
The article https://learn.microsoft.com/en-us/windows/client-management/connect-to-remote-aadj-pc shows how to connect to an AAD joined PC from another AAD joined PC. I have followed these instructions.
The LENOVO Thinkcenter Edge machines are both brand new installs of Windows 10 updated to 10.0.19042.928 and registered to AAD with the same user. For testing, both PC are on the same network and have 10.6.2.xx IP's. Wireshark shows that the PC's can connect to each other. Remote Credential Guard has not been enabled. The standard "can't connect" error shows. Remote users now connected to Azure AD cannot work remotely. Can anyone advise?
sysdm.cpl
Remote Desktop
Enable Remote Desktop
Connecting
Failed
To make it working from any, even not AzureAD joint PC, just add
enablecredsspsupport:i:0
authentication level:i:2
at the end of RDP file. You may use any text editor to do it.
Credits to:
https://community.spiceworks.com/topic/2129388-remote-desktop-to-azuread-machine-not-working
To use remote desktop to an AzureAD connected PC, you need to change the Network Profile to Private for the network connection that you are using. This isn't documented and no error shows when you try to turn on Remote Desktop if Public is selected.
I was unable to get NLA working so followed this post to disable it..
Disable NLA
I run SQL Server 2014 locally. My old windows account has been corrupted. I created a new windows account, gave myself sysadmin permissions on SSMS and I can log onto the database fine. I also logged on Reporting Services Configuration Manager and changed the Service Account to the new user account. However I can not access localhost/reportserver on internet explorer. It's saying I don't have sufficient permissions.
Ah I just found the answer. It's a Trusted Site issue:
To Configure Local Report Server and Report Manager Administration
Complete the configuration steps in this section if you are browsing to a local report server and you see errors similar to the following:
User 'Domain[user name]' does not have required permissions. Verify that sufficient permissions have been granted and Windows User Account Control (UAC) restrictions have been addressed.
Trusted Site Settings in the Browser:
Open a browser window with Run as administrator permissions. From the Start menu, click All Programs, right-click Internet Explorer, and select Run as administrator.
Click Allow to continue.
In the URL address, enter the Report Manager URL. For instructions, see Report Manager (SSRS Native Mode) in SQL Server Books Online.
Click Tools.
Click Internet Options.
Click Security.
Click Trusted Sites.
Click Sites.
Add https://[your-server-name]
Clear the check box Require server certification (https:) for all sites in this zone if you are not using HTTPS for the default site.
Click Add.
Click OK.
https://learn.microsoft.com/en-us/sql/reporting-services/report-server/configure-a-native-mode-report-server-for-local-administration-ssrs?view=sql-server-2017
I want connect to a remote computer (windows server 2012 data center) using team-viewer but remote desktop connection should be opened and connected when I want use my team-viewer for connecting to server team-viewer. if not, team viewer in my computer returns this error:
After reconnecting to remote using windows remote desktop connection, I can see the screen again without this error. What should I do to connect team-viewer directly to server without active remote desktop connection?
You also could change some settings so that the user is allowed to stay actively logged in (as was the case in previous windows server versions).
The topic below describes a case where idle users were logged out, it was suggested to disable windows settings so that the user session would remain logged in.
https://superuser.com/questions/558920/disable-windows-server-2012-automatic-log-off
This happens because of the following reasons.
If you RDP (and then you minimize the RDP session, or let go of it)
Log out of the user that has the Teamviewer open
Let the PC idle out.
Solution to override this issue.
INSTALL TEAMVIEWER AS A SERVICE - Turn off your quick-run/quick-support of teamviewer and go to www.teamviewer.com and install the program to launch on boot (that will install it as a service), you will see the option for that during installation. Then that error will never turn up, even if your RDPs. If its already installed, here are the instructions on how to make it run as a service.
I had recently installed SQL server 2012 and I used mostly the default settings. Database works fine and I can happily connect using SSMS (SQL Server Management Studio) but when I connect to the Integration Services Server I get this message
Connecting to the Integration Services service on the computer
"localhost" failed with the following error: "Access is denied."
By default, only administrators have access to the Integration
Services service. On Windows Vista and later, the process must be
running with administrative privileges in order to connect to the
Integration Services service. See the help topic for information on
how to configure access to the service.
here is the screenshot
I am not sure why but I am the domain admin and have full rights over the server. Also why when I connect from my Desktop it can successfully connect, only if I connect from the server itself which gives me this issues. How do I fix this so that I can make SSMS on the server connect to its Integration Services instance.
As I understand it, User Access Control, or UAC, can basically intercept requests for your group membership so in this case, it appears it was preventing your membership getting passed to SQL Server.
Others have noted in their comments that you may still need to right click and run SSMS as an Administrator.
As noted by an astute observer "This is a quick-fix, not a real solution. People shouldn't just be running stuff as administrator. These security walls are in place for a reason" And I agree. UAC is designed to get Windows users into a Principle of least privilege mindset - only escalate to a powerful account when required. The issue is that SSMS is known to not "play well" with UAC. As I see it, this leaves you with three options
You can turn off UAC and get your work done
Leave UAC on and tell your boss you are unable to work
Write your own query tool that is not affected by UAC
Go to all programs Click on Microsoft SQL Server 2012 folder Right click on SQL Server Management Studio Click on Run as Administrator
This should take care of problem for now. (With this you need to always repeat the same process). To avoid this every time and for a more persistent solution you need to get permission(s). Please do the following process and you should be good.
In previous versions of SQL Server, by default when you installed SQL Server all users in the Users group had access to the Integration Services service. When you install the current release of SQL Server, users do not have access to the Integration Services service. The service is secure by default. After SQL Server is installed, the administrator must grant access to the service.
To grant access to the Integration Services service
Run Dcomcnfg.exe. Dcomcnfg.exe provides a user interface for modifying certain settings in the registry.
In the Component Services dialog, expand the Component Services > Computers > My Computer > DCOM Config node.
Right-click Microsoft SQL Server Integration Services 11.0, and then click Properties.
On the Security tab, click Edit in the Launch and Activation Permissions area.
Add users and assign appropriate permissions, and then click Ok.
Repeat steps 4 - 5 for Access Permissions.
Restart SQL Server Management Studio.
Restart the Integration Services Service.
(Source MSDN)
I hope this will help
Right Click on the Sql Server Management Studio and select Run as Administrator and try to connect
if it is installed on the local instance
You should check to see what user the SSIS Service is running under. Go to Start > Run > Type "services.msc" and scroll down to the SQL Server Integration Services 11.0 entry. Right click and check the properties to find out what user it's running under. The second tab should be the LogOn tab. Since you're just running on a local instance, you can set your user as the LogOn User account and SSIS will have the same permissions that you do.
Lost a day of work on that problem. My package has a .NET script task to copy file from a shared network folder to a local folder and I was stuck with the "access denied" exception every time I tried to execute the package from the server (Through SQL Studio). The package works fine when running locally.
Tried many things picked up here and there and at the end of the day what worked is to create a Job (owner is sa) which execute the package as SSISExecutor.
I have to mention that the file on the network has read access for everyone, and that I still don't understand what was wrong.
I'm trying to configure Team Foundation Reporting but without any success.
The App Tier and the Data Tier are in separate servers.
I guess it's not a port/firewall problem, because I opened port 135, and I can see the established connection by using TCPView (from Sysinternals) whenever I click "Populate URLs" in the Reports tab in TFS Administration Console. I can also telnet servername 135 without any problems.
I also checked if WMI service is started in the Data-Tier. And for SQL Server Reporting Services. Also checked for RPC and RPC Locator in both servers. They're all started and automatic.
I also set tfs app user as admin in sql reporting services. Added all kinds of permissions to the tfs user in the Data-Tier server.
I set all user permissions in dcomcnfg.
Allowed all WMI namespaces permissions to the user. (Computer Management -> WMI Control)
Deactivated Windows Firewall in both servers temporarily.
No luck.
However, in the app-tier, when I click Computer Management -> Connect to another computer, and type the data-tier IP, i can't connect. I get the message "Computer xxx cannot be managed. The network path was not found". How is that ? Tried IP, name, and FQDN. I also tried browsing and selecting the computer. Nothing changed.
I'm lost, what could possibly be happening ?
Thanks in Advance!
i'm betting that you're having the double-hop issue. try having your system admin set an spn for the website on the sql server.
you also need the AD permission 'trust for delegation' on the AD Service Account, right?
do that and SetSpn with the service account, that should help I think that the SPN option was spot on
See this answer:
IIS to SQL Server kerberos auth issues
which links to an old but user-friendly troubleshooting web app called DelegConfig. It can try to run the SetSpn commands for you, at least giving you an idea of what they need to be.
I ran into SPN issues when using an externally-accessible URL (+SSL) everywhere.