Forum

Posts by operations@valid.nl (operations@valid.nl)

Hi Erica,
I have done some further investigation, but i can't find out whats happening.
Is it possible to arrange a support session to gain further insights in this issue?
thanks in advance.

5 mths DPS server not responding - Request aborted. Could not create secure SSL/TLS channel

Hi Erica,
Thanks for the reply. I have tested with the above settings, but to no avail. I also tested with RDM v2019.1.38.0. I keep getting the same error message.
However, i might have an idea why.
We have 2 DPS servers deployed in an Active/Active config, with a netscaler in front of it, for loadbalancing. RDM connects to an dns name, which resolves to a virtual ip address on the netscaler, which then forwards the request to one of the DPS servers. The loadbalancer also presents the certificate to the client, which is valid.
However, i see that the loadbalancer only can speak TLS v1. SSLv2/v3 and TLS v1.1 and 1.2 are disabled.
Can it be that RDM only can speak TLS v1.1 and above which is changed in the last couple of versions? TLS v1.0 is flagged as insecure.

5 mths DPS server not responding - Request aborted. Could not create secure SSL/TLS channel

Hi Erica,
Thanks for the quick reply. I have applied the fix mentioned in the link, and as far as i can see the Errors are gone.
I also took a look in the windows event viewer, but couldn't find any events related to the SSL/TLS error in RDM.
What i find curious is that with RDM client 2019.1.25.0 i can connect to both the test and production datasource without any error.
There must some difference between RDM2019.1.25.0 and 2019.1.35.0 in how certificates or encryption is being handled?


5 mths DPS server not responding - Request aborted. Could not create secure SSL/TLS channel

Hi Erica,
We use indeed a certificate, but it is still valid. The production environment uses the same certificate and there i don't get this message.
I also noticed some errors in the DPS log of the test datasource and when i log into the DPS webinterface.
I see several errors regarding Null values:
InvalidOperationException - Nullable object must have a value.
Maybe something did go wrong?
Kind regards,
Valid Operations

5 mths DPS server not responding - Request aborted. Could not create secure SSL/TLS channel

Dear Devolutions,


yesterday i have upgrade the test datasource to the latest DPS version and RDM version:
DPS 2019.1.17.0 and RDM 2019.1.35.0.
However, when i connect to the test datasource, i get the error message: DPS server not responding - Request aborted. Could not create secure SSL/TLS channel.
i didn't had this error with DPS 2019.1.9 and RDM 2019.1.25.0.
What has been changed in the meantime, and how can i solve this error? smile
Thanks in advance.


5 mths DPS server not responding - Request aborted. Could not create secure SSL/TLS channel

Dear Devolutions,


I've made some SSH tunnel connections, and configured some web and ssh session to go through the ssh tunnel.
However each time the SSH tunnel is being made, a wait dialog counts down from 5 to 0 seconds. See the attached printscreen.
Also when i start the SSH session, first the countdown starts during the creating of the ssh tunnel, and after that another countdown starts while opening the actual ssh session.
I'v looked everywere in the vpn session and the ssh session but cant find the setting to shorten the countdown to like 2 seconds.
where is that setting hidden? smile

9 mths RDM waiting dialogbox

Hi Erica,
Thanks for the reply. I have send the two reports and created a support ticket.
Kind Regards,
Valid Operations.

11 mths RDM freezes alot after update

Dear Devolutions,
A couple days ago, i upgraded the backend to DPS 6.1.3.0 and RDM client 14.1.3.0.
The upgrade itself went succesfull.
however, i have already 10 users (including me) who report that the new RDM client freezes a lot when opening and logging off RDP sessions.
RDM freezes then for like 10 seconds and the continues. Sometimes when you click with the mouse during a freeze, RDM goes to a not responding state.
Any idea what can cause this?
Kind regards,
Valid Operations

11 mths RDM freezes alot after update

Hi Mathieu,
Both the Intermediate and the root CA certificate are installed in the windows certificate store.
The root CA certificate is installed in the trusted root Certification Authorities computer store.
The Intermediate certificate is installed in the trusted intermediate certification authorities computer store.

11 mths The Certificate for [domain] couldn't be verified

Hi,
thanks for the quick reply.
I see the whole chain, and the certificate status for the whole chain is: This certificate is OK.

11 mths The Certificate for [domain] couldn't be verified

Hi Jeff,
yes that's the topic i was referring to. Any idea why RDM comes up with the popup while the certificate is (still) valid?

11 mths The Certificate for [domain] couldn't be verified

Dear Devolutions,
Since the upgrade to RDM 14.1.1.0 i get the prompt that the certificate for [domain] couldn't be verified.
I read about it in the help section. there they describe the following:
Verify that the Certification Authority is properly installed in the certificate store.
I checked the Certificate path, and the certificate store on my computer.
The root ca is in my trusted root certifcation authorities store.
So the whole certificate chain is trusted.
Why do i still get this prompt?
And if all of our users (150) upgrade RDM, they all will get this prompt, which they don't expect.
how can i fix this that the certificate verification is succesfull?
Thanks in advance.


Valid Operations

11 mths The Certificate for [domain] couldn't be verified

I found it. In DVLS 5.0.2.0 you can find it by logging in as an admin in the webinterface.
Thanks a lot!

2 yrs audit logging

Dear Devolutions,
Tomorrow we have an external auditing.
I know that you can view who has accessed the sessions via right click on the session -> view->logs
But how can i view who has authenticated agains the DVLS server when they log into the data source?
We use DVLS 5.0.2.0.
Edit - I found in DVLS console the button logs, but when i do a refresh, some logs appear, but not who and when has authenticated.
Thanks in advance.
Valid Operations

2 yrs audit logging

Hi Jeff,
No problem. Everybody needs vacation smile I'll check in next week to see whats possible.

2 yrs SSH tunneling - How to configure?

Hi Jeff,
Thanks for the answers. I will look into this.


Any idea on the remaining issues i described:
1. SOCKS proxy with Mozilla Firefox embedded browser. It cant load the page. Looks like the traffic is not going through.
2. RDP with SSH tunneling. When i configure RDP and a local tunnel like described in this article: https://help.remotedesktopmanager.com/howto-setupsshtunnel.htm i get an error message that no console session could be made because a console session is already active. But the checkbox open as console session is unthicked in the RDP session. When configuring a dynamic tunnel, the RDP session can't reach the destination.
Furthermore i tested with addons to use with ssh tunneling. For example SQL management studio. i didn't get it working.
How should i configure the tunnel, and should i use SQL management studio in conjunction with non default ports?
or are addons not supose to work with ssh tunneling?

2 yrs SSH tunneling - How to configure?

Hi David,
Thanks for the clarification on the subject. I have tested a bit and got it working with a dynamic tunnel and SOCKS5 proxy. However the following things i can't get working:
1. SOCKS proxy with Mozilla Firefox embedded browser. It cant load the page. Looks like the traffic is not going through.
2. RDP with SSH tunneling. When i configure RDP and a local tunnel like described in this article: https://help.remotedesktopmanager.com/howto-setupsshtunnel.htm i get an error message that no console session could be made because a console session is already active. But the checkbox open as console session is unthicked in the RDP session. When configuring a dynamic tunnel, the RDP session can't reach the destination.
Also i have the following questions:
1. Why does the embedded internet explorer browser in RDP not support proxies? or in particular a SOCKS5 proxy?
2. Is it possible to authenticate the ssh tunnel with you logged in domain user account? That way our 50 users don't use the one and same user account to connect to the ssh tunnel.
Thanks in advance.
Valid Operations.

2 yrs SSH tunneling - How to configure?

Hi David,
That is indeed the case. Out of the box, Windows Server 2016 v1703 with OpenSSH server only has ED25519 key with SHA256 available.
In the mean time i've found an article which describes how to install other key exchange algorithms which is supplied as beta by github.
I've installed those keys, and now RDM can connect to the tunnel.

2 yrs ED25519 unsupported

I also get some near identical error message, when connecting from RDM to a OpenSSH server (on windows server 2016 v1703)
An unknown SSH error was encountered.
Couldn't agree a key exchange algorithm (available: curve25519-sha256, curve25519-sha@libssh.org)
Is this error message relatable to the above subject?

2 yrs ED25519 unsupported

Dear Devolutions,
We have 2 datasources. One production and one test datasource.
Now do i have to copy all content from the production datasource into the test datasource. This can be done with export/import.
However i have to preserve all security groups and roles.
What powershell commands are available to copy alle roles and security groups to another datasource?
Thanks in advance.

2 yrs copy roles/security groups to other datasource

hello,
See the attached screenshots below:
In the SSH tunnel session you have to specify a remote IPaddress. I assume that's the ipaddress of the remote host were you want to connect to.

image


An RDP session is configured with the ipaddress of the remote host:
image
Or with a websession:
image


How can i dynamically get the ipaddresses configured in the RDP/WEB/SSH sessions be configured as remote host in the SSH tunnel? By variable, like $HOST$?

2 yrs SSH tunneling - How to configure?

Hi Jeff,
Thanks for the quick reply. I read the article, and it's pretty straightforward.
the article describes how to create a tunnel and configure 1 RDP session to go through the tunnel.
However, we have like 1000 RDP connections, and 50 web sessions and a dozen of ssh sessions.
Do we have to configure a SSH tunnel session for each of the sessions we have?
Or can we reuse the tunnel? How would we configure the tunnel with the remote Ipadres (see number 5 in the picture). Is there a variable we can use in the remote IP setting of the tunnel to reflect the ipaddress of the RDP session?
How would we use the parameter in conjunction with websessions, because websessions have no IP like RDP, but have an URL with an IP address in it.

2 yrs SSH tunneling - How to configure?

Dear Devolutions,

We are in the process of testing with SSH tunneling as a better solution for a Jumphost.
Since we are not familiar with this technology, i have some questions:


1. Do you have a step by step manuel how to configure a ssh server?
2. How would one configure the SSH tunneling session in RDM?
3. What RDM variable can be used to give the correct destination IPadres to the SSH tunnel?
For example, in a SSH tunnel you have to configure a destination IP. Logically this would the IP address of the server you want to RDP to.
Or you have a web session in RDM. How would one configure the SSH tunnel session and the Web session in order to setup the tunnel and connect to the webpage via the ipadres?
Thanks in advance.

2 yrs SSH tunneling - How to configure?

Hi Maurice,


Thanks for the clear information about this.
I don't know if it has anything to do with it, but when we patch the windows servers in the DVLS deployment, and one of the DVLS server reboots, RDM also gives the message DVLS server not responding, or some sort of message although the other DVLS server is still online, and the netscalers will redirect the connection to the online server. You have to restart the RDM client to build a new connection to the active DVLS server.
I don't know exactly which protocol the connection uses between RDM and DVLS. Is it HTTP(S)? Or has the RDM client a direct connection with the SQL server behind the DVLS server?

2 yrs RDM crashes with SQL failover partner

oh, and for your information, the deployment is loadbalanced by two netscalers which distribute the http(s), and rdp connections.

2 yrs RDM crashes with SQL failover partner

Dear Devolutions,


Today i configured our DVLS (4.1) with a SQL failover partner.
Configuration is tested. When the primary sql server is offline the connection fails over to the other sql server.
However, when i'm logged in in RDM, and the primary SQL server goes offline, RDM throws an unexpected exception cause it looses connection.
When i restart RDM, i can succesvol login cause the connection is redirected to the other sql server via DVLS.
I wonder, is the RDM crash by design, or should the sql connection automatically resumed by the DVLS/RDM?
For your information, the whole RDM/DVLS deployment is redundant now. two DVLS servers in active active mode. Two RD gateways in Active active mode, and now two SQL servers with mirroring, and in RDM configured as failover partner. Basically, one datacenter could completely go offline.
The question is, is RDM/DVLS designed to automatically failover, redirect connections without failures in the client of having to restart RDM?

2 yrs RDM crashes with SQL failover partner

OMG, that was so simple i overlooked it.
Thanks a lot for the hint!

2 yrs using windows shortkeys within RDP session.

Dear Devolutions,


A lot of colleague's as well as me using Windows shortkeys frequently. Shortkeys like windows flag+ E for file explorer, or windows flag + R for run.
Is it possible to use these windows shortkeys withing an RDP session in RDM?
Thanks in advance.

2 yrs using windows shortkeys within RDP session.

Thank you for the clarificationsmile i will wait till 13.0.14.0 will come out of beta.

2 yrs ****** RDM 13 SIGNIFICANT CHANGES ******

Do i have to disable Allow entry states under Administration-Data source settings?
Or can i disabled that setting under options? We have disabled Data Source access by GPO to prevent people from editing data source settings.

2 yrs ****** RDM 13 SIGNIFICANT CHANGES ******