remote-desktop interview questions
Top remote-desktop frequently asked interview questions
How can you disable TeamViewer from using/reserving port 80? I am certain in the previous version <v4.1.6 there used to be a radio button option in "options" which disabled it from needing it, but now I cannot find it.
Is port 80 serisouly required by this remote desktop app? It is conflicting with IIS on our development server and becoming a real pain.
Thanks all.
Source: (StackOverflow)
How can I send ctrl+alt+del to a remote computer over Remote Desktop?
For example, if I wanted to change the local admin password on a remote PC using a Remote Desktop connection, it would be helpful to be able to send the ctrl+alt+del key sequence to the remote computer.
I would normally do this by pressing ctrl+alt+del and selecting the change password option. But I can't send ctrl+alt+del using Remote Desktop since this "special" key series is always handled by the local client.
Source: (StackOverflow)
I am setting up a Remote Desktop Services farm, and am having trouble configuring certificates for it to use. A demonstration of the problem I'm seeing can be found in Step #4.
At this point I am convinced that there are problems with the user interface, and am looking for ways around them. Is there any way to configure certificates in Remote Desktop Services so that the settings hold and are reflected in the GUI? If not, is there any way for me to verify that the settings are correct?
Step #1 - Create certificate to be used.
I've configured a certificate to use with RD Web Access. The certificate is stored with in the Certificates MMC on my RD Connection Broker, and I am configuring the farm from that computer.
I found by letting RD Web Access generate its own certificate that the following properties are required:
- Enhanced Key Usage
- Server Authentication
- Client Authentication
- This may not be required, but the self-signed certificate includes it.
- Key Usage
- Digital Signature
- Key Agreement
- Subject Alternative Name
Detour about self-signed certificate generation
As a quick detour, I was able to work around a problem with creating self-signed certificates using powershell. The documentation for the New-RDCertificate cmdlet gives the following example:
PS C:\> $password = ConvertTo-SecureString -string "password" -asplaintext -force
New-RDCertificate -Role RDWebAccess -DnsName "test-rdwa.contoso.com" -Password $password -ConnectionBroker rdcb.contoso.com -ExportPath "c:\test-rdwa.pfx"
Typing this into the shell will result in an error message claiming that a function, Get-Server
cannot be found. Prior to using New-RDCertificate
, you must import the RemoteDesktop Module with Import-Module RemoteDesktop
.
Step #2 - Observe out-of-box behavior
The first time you visit the Deployment Properties dialog box by navigating to Server Manager -> Remote Desktop Services -> Collections and selecting "Edit Deployment Properties" from the "TASKS" dropdown list in the "COLLECTIONS" grouping, you will see the following screen:
This window is misleading because the level
field is listed as "Not Configured". If I understand correctly all three of the role services are using a self-signed certificate. For the RD Web Access role this can be verified by visiting the website:
The certificate being used also appears in the Certificates MMC:
Step #3 - Assign new certificate
The Deployment Properties dialog box will allow me to select my existing certificate. The certificate must be placed within the local computers Certificates MMC in the "Personal" certificate store. The private key will need to be exportable, and you will need to provide the password. I temporarily exported my certificate to a file named temp.pfx
with a password, and then imported it into Remote Desktop Services from there.
Once this is done the GUI will indicate that it is ready to accept the new configuration.
Once I click the "Apply" button, the GUI indicates success.
This can be verified by visiting the RD Web Access web site a second time. There is no certificate error.
Step #4 - The GUI fails to maintain its state
If the GUI is closed and reopened, all of these settings appear to be lost.
Actually, the certificate I configured is still being used. I am able to continue accessing the RD Web Access site without any certificate errors.
Oddly, if I use the "Create new certificate..." button to generate a self-signed certificate this window will update to an "Untrusted" level. This setting will then be maintained through the opening and closing of the Deployment Properties dialog box.
Is there anything I can do to have my settings appear to stick? I feel like something is wrong when the GUI claims I haven't fully configured certificates.
Source: (StackOverflow)
How do you find out who is logged on to remote windows machines?
I'm using psloggedon at the moment, but it gives me only one computer at a time.
psloggeon \\172.21.0.5
Is there a better way how to scan a whole subnet ? Preferably some GUI application.
Source: (StackOverflow)
Windows Server 2003 allows 2 non-console and one console remote desktop connections. Is there a way to increase the number of non-console sessions allowed?
Source: (StackOverflow)
We have over 350 users complaining that their mouse cursor keeps jumping around when typing. It seems like it's happening when the protocol is starved for bandwith, but I'm not quite sure yet.
If it only was the cursor moving it would be fine - problem is that it also moves the focus so that they are suddenly writing text in a different place in the document without noticing too late (old people, they stare at their keyboards).
Most users have laptops, and I've also suspected the trackpad not sensing typing (and thus not deactivating one-touch click on the pad), but I got a report today that a desktop user experienced the same.
What could cause this? Is there any way to tune RDP so that it won't happen? I'm lost..
EDIT:
Some more background info on how we have RDP set up:
- RDP encryption level is set down to "Client Compatible" via GPO in order to support older CE thin clients
- RDP compression is set to "Balances memory and network bandwidth". Same reason as above, to support older RDP clients
- All RDP shortcuts for the users are configured to only use visual styles + persistent bitmap caching. We have tested without visual styles, the mouse still jumps around
- All RDS servers are limited to 16bpp colors, desktop composition and backgrounds are not allowed
- Our MPLS provider has QoS rules in place to keep RDP above Best-Effort (see EDIT2)
EDIT2:
I've inspected the MPLS providers QoS setup, and something feels wrong here (pastebin).. internal RFC1918 traffic is being prioritized in the class below RDP, but with the same drop probability. I'm thinking that this should be in a class further down the list, with a higher drop probability.
I've talked to several employees today, and it seems like this problem is reproduceable if they fire up a ton of domain-joined computers at once (group policies, WSUS updates and so on).
MPLS provider has been approached, and I'm waiting for a free technician to change the QoS settings to see if this helps. I'm going to dump all traffic but RDP on a single site into Best-Effort and see if it helps.
UPDATE 19.07.2013
Still not solved. Discovered that nearly every laptop is missing the touchpad driver, so the touchpad is not being deactivated while the user types. Baaaad.
In addition it also happens with desktop PCs, and on any kind of PC with a bandwidth constrained pipe. I've asked a new question on Network Engineering: http://networkengineering.stackexchange.com/questions/2427/qos-woes-managed-ip-vpn
Source: (StackOverflow)
i'm using Remote Desktop on Windows 7 RC1, connecting to a Windows 2008 server.
Everytime i start a connection, i get the following popup window :-
The certificate problem makes sense -> it was created from my own server, which is not an offical certificate authority. Sure. So I need to tell my machine that any certificate that comes from my server, can u please accept.
So i View the certificate and install it. I let it determine the best place to install it.
eg
Unfortunately, every time i connect, i still get that popup question.
So i tried to manually tell where to install it. I said to install it at
eg.
but still i get the warning question.
So .. does anyone have any suggestions?
Source: (StackOverflow)
This is my first time setting up or even using active directory.
I set it up, and added the computers(Actually VMs in Hyper V) to the active directory, and if if I use hyper-V to connect to the VMs, I am able to use users from the active directory domain to login to the VMs.
However, if I try to login via remote desktop, I get this error:
The connection was denied because the user account is not authorized for remote login.
I have tried:
- From within active directory, i have added the group that my user is in to Remote Desktop users.
- On the VM itself, adding the active directory group(that contains the user I am trying to login with) to Allow log on through Remote Desktop Services in Local Security Policy.
I still have the same authorization denied error.
How do I properly setup a group in active directory to be able to login with remote desktop on all of my Virtual Machines?
Thanks!
Source: (StackOverflow)
I’m connecting over the web to a remote Windows Server 2012 R2 via Remote Desktop Connection for administration needs. It is a single web and database server without an AD etc.
I’m not talking about Remote Desktop Services / Terminal Server, just the simple Remote Desktop feature activated through Control Panel > System > Remote Settings.
The server will automatically create a self-signed certificate to encrypt the connection and the Remote Desktop Connection client will show a certificate error due to the untrusted CA.
I have a CA signed certificate issued to the FQDN of this server and valid for server authentication (I’m using it for MSSQL Server remote access).
I’d like to use that one for RDP connections too. All tutorials (like this question) I’ve found so far describe the process for the Remote Desktop Services or Terminal Service. I have found this question stating a wmic
command to set a certificate, but I don't want to try setting some values when I don't know what exactly I'm doing.
What I have done is adding it to the Remote Desktop Certificates of Local Computer where the auto generated self-signed is located too.
Is that possible? If yes, what do I have to do?
Thanks!
Source: (StackOverflow)
I am looking at needing to expose my Remote Desktop Server (Terminal Services) to be accessed from outside our network. Right now, it can only be accessed from inside our network.
I know it's easy enough to open up the firewall and forward the port.
However, how do I secure the machine itself and what are the best practices around this? My concern is hackers being able to work at breaking into it.
Any best practice guidelines/recommendations would be much appreciated.
Edit:
Question about a product I found:
Filter Incoming RDP Connections by IP, MAC Address, Computer Name and More
Can anyone comment on the security of this? Looks like I could also use it to limit access by machine name/mac? Anyone else used it?
Source: (StackOverflow)
I need to login to a remote into either a Win7 or Vista computer but when I connect I get a Logon Message "Another user is currently logged on..." but it does not specify who.
I have a domain username with admin privileges on the computer, how can I see who is logged in?
Source: (StackOverflow)
I'm connecting from a windows vista desktop to a server running windows server 2003. I'm using Remote Desktop and I'm running some very long running processes on the remote server. My problem is that Remote Desktop logs out my session and terminates any running processes after some amount of time without input from myself. This means I need to sit at my pc wiggling the mouse every now and then rather than head out and enjoy the glorious sunshine for a few hours.
Does anyone know how I disable this behavior? I assume it is configurable somewhere.
Source: (StackOverflow)
Since upgrading a machine from Windows 8.1 Professional to Windows 10 Professional (workgroup, no domain membership), I've been experiencing a rather strange issue that I can't figure out. The initial remote desktop connection is very slow to connect (on the order of two minutes). However, after the initial connection is made, I can close the connection and reconnect almost immediately. Also, after the initial connection is made, I can close the connection and reconnect using another machine entirely without experiencing the long delay. I've tested the remote desktop clients on Windows 7, 8.1, and 10, and all experience the same slow initial connection to the Windows 10 machine, so I believe the problem lies on the server side.
Things I've tried so far:
- Turning off "Automatic Root Certificates Update" via local computer policy:
(Computer Configuration -> Administrative Templates -> System -> Internet Communication Settings -> Turn Off Automatic Root Certificates Update)
.
Suggestion from technet, by user "dsoic" midway down the page. It was also suggested to disable CredSSP, but I don't think disabling Network Level Authentication is a good choice.
- Forcing TCP as the only RDP transport protocol
(Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Connections -> Select RDP transport protocols)
,
suggested by user "Jayson Allen" on spiceworks. I also checked the FIPS setting, but on Windows 10 it appears to be disabled by default.
Neither has improved the situation. Does anyone have any advice on how to proceed?
EDIT: The Threshold 2 update has corrected this issue on my system.
Source: (StackOverflow)
I work from home, but I'm also in the office quite often. My work and home machines are both Windows 7 Ultimate.
When I'm in the office I like my computer to go to screen saver fairly quickly and then lock ("On resume, display logon screen").
But when I'm home, I often do something on my home computer for a good length of time, and I don't want the remote session to lock and require a password when I switch back over to it.
I'm looking for a (Group Policy?) setting that can turn off the screen saver only for remote sessions. Is this possible?
Source: (StackOverflow)
Are there (preferably free) alternatives to VNC on Linux?
Is there different remote desktop technologies for Linux or is it all based around VNC?
EDIT:
Thanks symcbean for your comment, good point. I find the network performance of RDP much faster than VNC. I am currently using tightVNC, but I do not want to compromise the quality for speed. Using RDP I find that it is just like being infront of the computer. I'm using VNC over an internet connection to a virtual dedicated server, on a broadband connection (admittedly not the fasted broadband in the world - but fast enough) - so in theory there isn't really any serious bottle necks.
-thanks
Alex.
Source: (StackOverflow)