I turned off (set 0 value in "Enabled") AES 128\128 cipher, and SHA, SHA256, SHA384, MD5 hashes in windows server 2012 R2 registry (hosted on aws).
Then I used command "Restart-Computer" and cannot to login via RDP to my server. How can I restore RDP connection ? and connection at all ?
Thanks in advance.
There is the answer from aws support:
There are 3 methods using which you can revert the registry changes. Request you to follow the Methods in a sequential manner if the current Method fails.
Method 1 - Connecting to the registry of the problematic instance from another instance in the same VPC and revert the changes. (You can launch a test instance temporarily in the same VPC if you don't have any existing instance (s) in the same VPC.)
1. Open Registry Editor from the working instance which is in the same VPC as problematic instance.
2. Click on File->Connect Network Registry.
3. Enter the FQDN of the server and Click on Ok.
4. Enter the credentials and Click Ok.
5. Now Expand the Remote computer (Problematic instance) hive and revert the changes.
Method 2 - Access the problematic instance using TightVNC.
1. Ensure that the non-working instance has IAM role assigned to it with Policy named "AmazonEC2RoleforSSM" attached to the IAM role. To create and Attach an IAM role See Link https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html & https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#attach-iam-role
2. Now Install TightVNC on a working instance which is in the same VPC and subnet. Link to download TightVNC MSI: https://tightvnc.com/download.php 3. Right click on the MSI > Properties > Under the General Tab > Ensure the file has been Unblocked by Ticking the Unblocked check box.
4. Now copy the msi file on the problematic instance as well. Copy the MSI to C$ on the problematic instance (\\c$). For simplicity sake rename the MSI to TightVNC64.msi 5. Now go to https://console.aws.amazon.com/systems-manager
6. On a Left Pane, Under Actions, Click on Run Command.
7. Click on Run Command and Search for Command Document named "AWS-RunPowerShellScript".
8. Select AWS-RunPowerShellScript and under Command Parameters paste the below command:
Start-Process -FilePath "C:\TightVNC64.msi" -ArgumentList ("/q SET_PASSWORD=1 VALUE_OF_PASSWORD=YouSecurePasswordGoesHere SERVER_ADD_FIREWALL_EXCEPTION=1") -Wait -PassThru
9. Scroll down and Under Targets, Select the Problematic Instance.
10. On the bottom of the page Click Run.
11. Wait for command status to get successful.
12. Launch the TightVNC Viewer on your working instance and provide the IP/FQDN of the problematic instance followed by the credentials that you have provided under command in Step 8.
13. You will be connected to the Instance and can make changes in the registry.
Method 3 (Method will require Stop and Starting of the instance.)
1. For Detaching the Root Volume from the problematic instance and Attach it to the working instance request you to please watch video from 1:47 to 3:40 in following article:
https://aws.amazon.com/premiumsupport/knowledge-center/ec2rescue-windows-troubleshoot/
2. Open Disk Management Console (diskmgmt.msc) and Right Click on the Disk showing Offline status and Click Online.
3. Once the Disk is Online, Go to My computer and make a note of the Drive letter of the disk which you have attached.
4. Open Registry Editor and Select HKLM.
5. Click on File and Load Hive. Provide any name for eg. "Recovery".
6. Expand the "Recovery" key and revert the changes i.e. Enable the value for AES 128\128 cipher, and SHA, SHA256, SHA384, MD5 hashes.
7. Once all the changes are made, Select the "Recovery" Key and Click on File and Unload Hive.
8. Open the Disk Management console and take the disk offline.
9. Now for re-attaching the root volume to your problematic instance, request you to please watch video from 08:02 to 9:28 using the same link: https://aws.amazon.com/premiumsupport/knowledge-center/ec2rescue-windows-troubleshoot/
Additionally, first of all you should ensure that yuor IP-address in range of inbounds-rules of the failured instance.
in my case I, first of all tried to use amazon app "app2rescue" for diagnostic failured instance, bit it didn't show any helpful (did show only few possible issues with firewall, but it's not related to my issue).
Then I tried the first method - but I could not get access to remote registry (I assume that on the target machine was disabled "Remote registry" service).
And finally, I used the third method and it fixed my problem. During this operations I faced only one issue - before failure I was changing the currentControlSet, and when I attached volume to temp server, I was trying to find exactly it, but found out that currentControlSet is enabled only when this registry is used for current OS (when this registry works), so I found my problem-parameters (sha, md5 etc) in the controlSet001 instead of currentControlSet.
Related
I have installed CouchDB on my Windows machine but while starting the CouchDB service, I am getting a message like:
Windows could not start the Apache CouchDB service on Local Computer. The service did not return an error. This could be an internal Windows error or an internal service error. If the problem persists, please contact your system administrator.
As the service is not running, I am unable to access Fauxton too.
I am using Windows 7. CouchDB is 2.0.0. Port 5984 is not in use.
I don't think your question is a duplicate of https://stackoverflow.com/a/44107335/219187 because you are on Windows 7, and the problem described there is for Windows 10 with the creators update.
But maybe the solution fixes your problem as well? Here is the procedure:
Download the prelease build 2.2.4-101 from https://nssm.cc/download
Stop the CouchDB service through the Windows Services dialog (paused is not enough)
Overwrite nssm.exe in <CouchDbInstallDir>\bin with the one from the downloaded ZIP file (make sure you pick the right version 32 bit / 64 bit)
Start the CouchDB service
Issue it's happening since the last updates released by Microsoft. I'm not completely aware of what's causing it, but I think it's something related to CouchDB service not been able to start using Local Administrator rights.
However I've managed to start the service manually, by doing so:
Open Command Prompt - in the Search from the Start Menu or Task Bar type "cmd"
Run it as an Administrator - right click on the Command Prompt application and choose "Run as administrator" option /this is really IMPORTANT as it will allow the service to have administrator access/
Navigate to the folder where CouchDB is install - default path is "D:/CouchDB", but could be anywhere else; you have to find it
Go to the "bin" folder in there
Type "couchdb" as a command to start the service
You will see a message showing after this - "kernel-poll not supported; "K" parameter ignored"
If it adds some error messages after it or closes the whole terminal, you're making some things bad from this guide, so follow it strictly.
You can now open up the Fauxton application in the browser like normal from here - http://localhost:5984/_utils/
Keep in mind that you have to leave the cmd opened in order the service to be working as expected. As far as I saw no information was lost, so it's all good.
This is a temporary solution though, as we are waiting a relase from either Microsoft or Apache to solve the issue, or at least give us more explanation about it.
i just met the same problem.
the cause is space, you have to install CouchDB in a path without any space, even Program Files folder, because there is a space between Program and Files...
I'm using GitKraken 1.8.0 on windows 10 machine to connect TFS 2015 and when I try to do (Push, Pull, Fetch) I always get toast message error says
Unrecognized allowed types:8
however, I can do these operations successfully using the CLI or Source Tree.
What is the cause of this issue!? and how to overcome that!?
First disconnected and reconnected your TFS account and try again. Also try to clear TFS cache.
Try to directly use Visual Studio with GIT when connecting TFS2015. If this also can work and since you can do the operations successfully using the CLI or Source Tree ,then the issue should related to GitKraken.
To use Gitkraken connect other remote Git repo such as the one hosted on GitHub. If you still got the same error. You may need to give a try with reinstall GitKraken.
It turned out that TFS on a different domain and connecting my computer to this domain solved the problem and everything is working fine now.
The error message doesn't say much but I guess that Unrecognized allowed types:8 error message is some sort of authentication error using the username in [domain\username] format isn't working in this case
Generate GitKraken key, the step is Preference -> Authentication, choose General tab, and press Generate new Private/Public key "Generate" button.
Copy your gitkraken_rsa.pub key by press copy icon button. (SSH Public key item)
Paste your key into TFS server.
Copy your project SSH path from TFS to your Gitkraken Remote push/pull path and be careful there is no unnecessary ".git" word behind your path, if there is, delete it.
Try to Git Fetch/Pull/Push by GitKraken!
I know this is very old thread, but in case any of the mentioned solutions doesn't work for future readers, especially if you are NOT using any kind of integrations inside GitKraken, go to Credential Manager (Windows users) and under "Windows Credentials" -> "Generic Credentials" try to find your "git:" that is causing this issue and update the password to correct one for your git credentials.
I have a web server running on a virtual machine and I need some actions (e.g. "service apache2 reload") to be performed there automatically after I'll deploy my code from Idea
Automatically -- no way AFAIK.
https://youtrack.jetbrains.com/issue/WI-3344 -- watch this ticket (star/vote/comment) to get notified on any progress.
You may also watch related tickets:
https://youtrack.jetbrains.com/issue/WI-23938
https://youtrack.jetbrains.com/issue/WI-3239
The only manual solutions I may suggest right now are:
either keep SSH console opened (IDE has it built-in) and execute such command manually once deployed
or create "Remote SSH External Tools" entry that will do such job (connect and issue specified command) manually after deployment (once created you can assign custom shortcut to it so it can be run more easier).
In both cases -- check this manual.
I am trying to ignore the certificate warning on remote desktop connection - the one in the image:
So far I have found that when I check the "don't ask again" checkbox it is generating registry key over here:
HKCU:\Software\Microsoft\Terminal Server Client\Servers
A new record is generated with the name of the server and key name CertHash that contains a value that is specific for a machine. The key is the same for a machine - if I delete it and check the checkbox the same value is again generated. There is a new value in case I recreate the virtual machine so I think it is something machine specific.
Can someone tell me how is this hash generated so I can populate the key from command line? Adding certificate is not an option and the machines will be frequently regenerated so I need an option to ignore this automatically as I need to connect a user to the machine and run some programs in it.
I know this is an old question. But this may help someone who is looking for the same solution.
Method 1
You may over ride the certificate check for ALL RDP connections (use it at your own risk)
Just add a new registry key as below.
reg add "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client" /v "AuthenticationLevelOverride" /t "REG_DWORD" /d 0 /f
Method 2
Considering if you have admin rights on the remote machine, you could actually get the crethash value from the remote machine using the below wmic command. So you could make a small batch file to get this value before you launch the mstsc and add this value in registry. I haven't included the complete batch file but thats the idea.
wmic /node:Testserver /namespace:\\root\CIMV2\TerminalServices PATH Win32_TSGeneralSetting get SSLCertificateSHA1Hash
See this link.
Run Microsoft Management Console (mmc) and add the Certificates snap-in if you don't already have it for the computer you would like to connect to. In the Certificates, find the Remote Desktop folder, and open the certificate in that folder. On the Details tab, scroll down to find the Thumbprint value - this is the value you should copy to the registry.
I'm writing a script that periodically checks that certain services are running on remote workstations. I'm having a devil of a time getting an "SC \workst1 query" command working from one test machine to another. Both machines are running XP pro SP3. Neither is part of a domain. Both are in the same workgroup, and the administrator accounts have the same passwords.
I keep getting the "[SC] OpenSCManager FAILED 5: Access is denied" message, from either workstation to the other. I have tried using elevated privileges on both. Windows firewall software is turned off. There are no messages are showing up in the Event security logs. When (as administrator) I try going to "Computer Management" -> "connect to another computer" and access the remote services I get "Error 5 Access is denied".
I can set up a filesystem share between the two machines successfully, and "net use \workst1\IPC$ /user:Administrator" completes successfully, but the SC query still fails. I'm using IP addresses and not hostnames in these commands, but that doesn't help. I don't know what else to try. Thanks for the help.
Try to run the commans as a Administrator
start-> (type cmd in search box), right click on cmd, Run as a administrator -> execute your command
You must have administrative rights on the remote machine.
Moreover you must access the drive before calling "sc".
This can be achieved in command line using
net use \\remotemachine\admin$ <password> /user:<username>
admin$ is a hidden shared drive accessible to administrators that "sc" uses to control services.
I was having the same issue today trying to check if a service is enabled remotely.
I could solve the issue modifying the User Account Control for remote restrictions in windows:
To disable UAC remote restrictions, follow these steps:
Click Start, click Run, type regedit, and then press ENTER.
Locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
If the LocalAccountTokenFilterPolicy registry entry does not exist,
follow these steps:
On the Edit menu, point to New, and then click DWORD Value. Type LocalAccountTokenFilterPolicy, and then press ENTER.
Right-click LocalAccountTokenFilterPolicy, and then click Modify. In the Value data box, type 1, and then click OK.
Exit Registry Editor.
More information about this solution in this site.
Your user should be remote, from Manage and Local users and groups
The UAC issue is obvious you have to pull down the lever for UAC setting
Also while installing the services you can use the following command
SC create SERVICENAME DisplayName= "DISPLAYNAME" binPath= "PATH OF EXE" start= disabled type= share