Forum

Posts by chadzero (chadzero)

chadzero
chadzero
Posts: 51

When there are multiple folders deep, with long hostnames I have to manually scroll to the right, and then back to the left when I minimise the expansion.
There is so much white space to the left.

Is it possible to auto scroll right/lift when scrolling down/up so that the hostnames show in the current tree?

I've already changed the text to the smallest (even though I prefer Standard size).
I don't want to keep making the tree panel even wider because I use the embedded window for my sessions.

4 mths Auto scroll left/right in tree view
chadzero
chadzero
Posts: 51

He is using the same version now, and still the same thing.
I found that if I make him an Administrator, he can see templates. But if he is a User, or Restricted User, he cannot see any templates.

I haven't changed permissions, so it seems this changed during the upgrade to 13?

2 yrs Templates missing
chadzero
chadzero
Posts: 51

I recently upgraded to 13.5.8.0, and other users remained on an older version.
It seems that after I did this upgrade, Templates are no longer available to other users, even after they upgrade to 13.5.8.0

I can see all templates. I used to see Shared/Local but now just see Database instead.
I am an administrator, whereas the other user having this problem is just a normal user

When I go into his templates to edit them, I see they belong to a folder he has created. I don't have this folder in my own list (different repository), so it's weird I can see his template properties. I don't think I used to see his templates.

Is there a permission setting somewhere to enable this, or is it a bug?

2 yrs Templates missing
chadzero
chadzero
Posts: 51

I also had this problem for awhile, only it took 15 seconds to do anything and everything.
You should see your CPU spike during these tasks.

Install the 13.0.14.0 beta version and uncheck the Allow Entry State locks option in the Administration - Data Source settings - General properties.


https://forum.devolutions.net/topic28756--rdm--significant-changes-.aspx#post113264

2 yrs RDM is very slow in updating hosts properties
chadzero
chadzero
Posts: 51

It seems that WMI doesn't work using NAT since DCOM responds with the real IP address which is then used for the WMI call.


wmic /NODE:"hostname.com.au" bios get serialnumber
Node - hostname.com.au
At line:1 char:1
+ wmic /NODE:"hostname.com.au" bios get serialnumber
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo: NotSpecified: (Node - hostname.com.au:String) [], RemoteException

At line:1 char:1
+ wmic /NODE:"hostname.com.au" bios get serialnumber
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo: NotSpecified: (smile [], RemoteException
ERROR: Description = The RPC server is unavailable.
At line:1 char:1
+ wmic /NODE:"hostname.com.au" bios get serialnumber
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo: NotSpecified: (smile [], RemoteException


I did try to workaround this by adding the machine to my hosts file (127.0.0.1 hostname.com.au)
However it now says access denied, although I know this account is correct and does have access because it works within the customer environment for that same server with the exact same command. I'm not sure why it gives the access denied error here though.


wmic /NODE:"hostname.com.au" /user:"domain\username" /password:"password" bios get serialnumber
Node - hostname.com.au
At line:1 char:1
+ wmic /NODE:"hostname.com.au" /user:"domain\username" / ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo: NotSpecified: (Node - hostname.com.au:String) [], RemoteException

At line:1 char:1
+ wmic /NODE:"hostname.com.au" /user:"domain\usernamel" / ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo: NotSpecified: (smile [], RemoteException
ERROR: Description = Access is denied.
At line:1 char:1
+ wmic /NODE:"hostname.com.au" /user:"domain\username" / ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo: NotSpecified: (smile [], RemoteException

3 yrs Remote tools on VPN sessions
chadzero
chadzero
Posts: 51

Wow! Don't I feel silly.
Cheers

3 yrs RDP Template - Credentials missing
chadzero
chadzero
Posts: 51

When I connect to a RDP session using VPN (SSH tunnel), I am unable to use any of the Remote Tools (Events, services, etc).
It shows a RPC error for these
I am also unable to Load from Inventory, which I assume is for the same reason?
The Profiler debug for that is:
Retrieving System Information with for hostname.domain.com.au with the user
BatchRemoteCommand (LOCAL): Mode=Local Username=
\\hostname.domain.com.au\root\CIMV2


If I connect to a session that is direct rather than through VPN, all of this works without error. It captures the username in profiler which is different to above where it is blank.
Retrieving System Information with for 10.1.1.1 with the user chad.user
BatchRemoteCommand (LOCAL): Mode=Local Username=chad.user
\\10.1.1.1\root\CIMV2
\\10.1.1.1\root\CIMV2
Loading user info chad
user.UserSecurity.IsAdministrator: True


Is this because RDM initiates the remote tools using WMI on port 135 and can't push through my tunnel?

3 yrs Remote tools on VPN sessions
chadzero
chadzero
Posts: 51

See attached for comparison on my installations with the credentials droplist missing in 12.5.12.0

3 yrs RDP Template - Credentials missing
chadzero
chadzero
Posts: 51

When creating a RDP template in 12.5.12.0, the credentials listbox is not visible so I am unable to force inheritance or other types.
When connections are created, there is no option to manually change it.
This is available in 12.5.4.0

3 yrs RDP Template - Credentials missing
chadzero
chadzero
Posts: 51

After fiddling with this for a little bit more, I have realised I have overcomplicated everything.
I have managed to perform the AD sync using the tunnelled ldap connection and changing the connection hostname to fqdn. I have applied the RDP template which creates the VPN connection to force localhost and use the $HOST$ variable to connect using fqdn.


I didn't realise the fqdn would work once connected to the ssh tunnel for dns lookups. This is why I was initially lost.
All sorted now.

3 yrs Sync - with IP address
chadzero
chadzero
Posts: 51

I first have a putty connection to create the tunnel to the AD server (ie: 55555:10.1.1.1:389)
Then within the AD sync, I use 'localhost:55555' and add all of the ldap details.
It works to lookup and sync the servers within AD


However, without using any of the AD sync, the way I currently connect to each connection is I manually create the RDP session.
- The hostname (Computer) of the connection is 'localhost'
- The VPN settings in that session are to open SSH to the jump server using a dynamic port open a connection to the remote server (using $IP$ variable) since the IP of that server has manually been added to the Information properties.


I hope this helps explain?

3 yrs Sync - with IP address
chadzero
chadzero
Posts: 51

If not built in, will I need to use a script.
Something like this? https://forum.devolutions.net/topic26523-add-the-ip-address-to-all-entries.aspx
Although, will need help with how to import from a csv for that.
I have just now found that I can create a SSH tunnel to the customer AD LDAP, and then add the tunnelled connection to the AD sync and that works. So I just need to change the hostname to localhost, and get the $IP$ for the VPN connection to be successful

3 yrs Sync - with IP address
chadzero
chadzero
Posts: 51

Thanks David.
I was wondering if I was missing something that's all, since most of those fields are AD attributes as well.
Not a big deal either way.

3 yrs User Management information
chadzero
chadzero
Posts: 51

Hi guys,
I'm trying to improve our database by using the synchronisers since I have everything manually added in the past. Either AD or CSV look to be good.
However since this will be from an external domain, I guess it has to be CSV since I couldn't see a way to use AD with a VPN (SSH) tunnel?
While I was able to apply a RDP template to these sync'd connections; to be able to use the VPN connection I need the hostname to be 'localhost' rather than session/common/fqdn since they are all unknown without them being in local DNS or hosts file. I tried using 'localhost' in my template but it is ignored.
Also, because I use the VPN, it's configured with the $IP$ variable to connect to. Is it possible to populate that field within the connection properties from the synchronisers?
Maybe there are better ways, which I am open to as well.

3 yrs Sync - with IP address
chadzero
chadzero
Posts: 51

Sql server

3 yrs User Management information
chadzero
chadzero
Posts: 51

When creating new user accounts (AD integrated), is it possible to retrieve the user information and auto populate the fields (Fullname, phone, dept, email, etc..) from AD?
I can't seem to find where this is controlled.

3 yrs User Management information
chadzero
chadzero
Posts: 51

Thanks. This has got it back to how it used to work for me with the All tab being default.
Could it be a feature request to change active session when selecting the connection in navigation window, even if it's on a different tab?

3 yrs Select open tab using connection list in navigation panel
chadzero
chadzero
Posts: 51

Hey guys,
After upgrading from 10.0.8.0 to 10.5.4.0 I am having this same issue as I logged above.
Something new since the upgrade is that when I open a new connection, it will auto show only that connections tab. I'm sure it used to default to the 'All' tab, while having the new tab unselected.
When I open multiple connections that are in different tabs, it doesn't change the active screen to the session I choose in the connections list in the left navigation window.
However, if I have multiple connections in the same tab, it does switch between the active sessions as expected.


I did try the previous workaround to "Hide when connection successful" however that didn't fix it this time.
I also checked File -> Options -> User Interface -> Tree View and check the option "Auto focus tab on item select." and that is already selected.
If I do use Tab Groups button, it works when I select the different machines in that window.

3 yrs Select open tab using connection list in navigation panel
chadzero
chadzero
Posts: 51

By default, the Attempt GSSAPI auth option is enabled.
In the image attached it is not enabled.

3 yrs SSH - GSSAPI settings
chadzero
chadzero
Posts: 51

It's been awhile since I have posted, things have been going good smile
A weird issue that has come out of nowhere though, and we had to resolve by disabling GSSAPI on the SSH server. However since there are many other servers that could potentially cause the same connection issue I'm wondering if there is a place to disable GSSAPI within RDM?
What seems to happen when connecting via SSH VPN it seems to halt with a GSSAPI message (I don't see this anymore since we disabled it on the server) and the auth takes so long the connection fails.
I can open putty separately and disable GSSAPI and it works immediately, however this doesn't seem to have any affect on RDM SSH VPN connections.

3 yrs SSH - GSSAPI settings
chadzero
chadzero
Posts: 51

I am now trying to setup a vSphere connection much the same as my RDP connections.
I use the VPN session details, and ideally want to use dynamic port but even with static port it's not working.
The default remote port is 3389 so even if I change this to 443, still no good.


The general settings also doesn't allow a port to be used for vSphere client.
If I use localhost:port it will also try to connect using my local PC name instead of the VPN remote IP


Also, vSphere client requires 3 ports to be opened for better functionality. 443, 902, 903
Am I missing something? Does anyone else tunnel vSphere client over SSH?

3 yrs vSphere through SSH/VPN tunnel
chadzero
chadzero
Posts: 51

David Grandolfo wrote:


Hi Chad,

About your question on the folder setting. If you configure your VPN setting as Warren done on the folder that contains your RDP session, the only thing you have to configure on your RDP session is to set your VPN as inherited.

Best Regards,

Thanks David. All good now.
In another thread it was explained how to use a custom variable for me to set the remote ip to get the VPN settings on folder inherited.

3 yrs Using PuTTY w/ Port Forwarding via a Bastion Host for Remote Desktop Manager
chadzero
chadzero
Posts: 51

Ah yes, I did notice the font was impossible to read when on a dark colour prior to my update to 12.0.8
I don't see any option for font colours. Maybe a feature request that you could have it so that the user can choose custom tab font colour as well?

3 yrs Active tab colour
chadzero
chadzero
Posts: 51

Jean-Fran├žois Dagenais wrote:

Hello,

I forgot to ask you if the Highlight active tab page option is enable in File -> Options -> User interface.

Best regards,

This option wasn't enabled, although even after enabling it and restarting it doesn't make any difference to anything as far as I can tell.
In the image, while the border seems to extend for the active it's not easy to tell. It used to have the active tab a bolder colour so that it was obvious. The middle tab used to be a different blue than those last 2 tabs if it was active.

3 yrs Active tab colour
chadzero
chadzero
Posts: 51

I did not know this but it works perfectly!
Thank you so much.

3 yrs VPN settings - folder level
chadzero
chadzero
Posts: 51

Hi guys,
I'm now running 12.0.8.0 and the active tab colour is no different to when it's inactive.
This must've happened since my last update (I think from 12.0.3). I can no longer tell which tab is actually active visually.

3 yrs Active tab colour
chadzero
chadzero
Posts: 51

After reading a post in the Help section regarding VPN settings on a folder level, it got me thinking how this could help creating/modifying all of my sessions.
Currently I have to modify each individual session, and first create the VPN session type in the general tab, then I have to add the SSH server settings in the Settings/General tab, and then I also have to add the Remote server settings in the same tab.
Unfortunately this can't be done on a folder level because Remote server is needed and that is different for every session.


Is it possible to set the VPN session type, and SSH server settings on a folder level but then only add the Remote server settings to each individual session?
This will save 100's of duplicated settings and save so much time configuring them all. (many are still using putty port forwarding that I am changing to VPN).

3 yrs VPN settings - folder level
chadzero
chadzero
Posts: 51

David Grandolfo wrote:

When I look at your situation and your configuration, it looks to be the best one for what wants to do. But just to be sure to understand, do you have any problem with that configuration presently or you would like to optimize it ?

No issue, and it works fine for me. It's just in an earlier post within this thread it was mentioned to set VPN settings on a folder, which would be great, but I don't see how that works for the remote host.
It would be good if I could set VPN settings on a folder level, but then somehow only add the remote host IP to each session properties instead of duplicating the VPN settings for every session.


As for Warren's post. I don't understand why use VPN settings when using Port Forwarding tunnel?
With the port forwarding setup, wouldn't it just be easiest to create the RDP session connecting to localhost:port?
That's how I use mine where port forwarding rather than VPN is in use. Although admittedly for some systems I do try VPN first but when that isn't available I fallback to the port forwarding, but it's the same concept.
My images = a,b are my real settings, but c is what I am referring to without VPN, but using forwarding.

3 yrs Using PuTTY w/ Port Forwarding via a Bastion Host for Remote Desktop Manager
chadzero
chadzero
Posts: 51

Maurice Cote wrote:

Hello,

Most people that have a bastion server reach multiple hosts behind it, in those cases one would set these hosts in a folder, set the vpn on the folder, then set all sessions within it to use inherited vpn settings.

Do you have more of a one-to-one environment, meaning one bastion server for each remote hosts?

Apologies for hijacking this thread, but how does this work on a folder level when the remote host is different for each endpoint?


As for the OP, the way I work with this type of setup for multiple hosts is to add the bastion within the VPN settings of each RDP connection.
a. RDP connection to localhost
b. Set VPN to use SSH
c. Modify VPN settings - Host = bastion IP / Local Address = 127.0.0.1 / Remote Host = IP of destination / dynamic port
d. I select the option to hide VPN once connected to limit the no. of tabs displayed
e. The SSH tunnel connects, disappears and then RDP connection opens. Once RDP is disconnected, so is the SSH tunnel for that RDP session only.


I also do use the Port Forwarding session type for some, but it doesn't allow for dynamic ports as far as I'm aware, so it may cause conflict where you don't keep track of ports if you have 8 bastions where this may occur for different customers.

3 yrs Using PuTTY w/ Port Forwarding via a Bastion Host for Remote Desktop Manager
chadzero
chadzero
Posts: 51

I don't recall seeing this in 12.0.2.0 so I think this may have only started in 12.0.3.0, but may be wrong.
The tab categories are showing duplicates of each category.

3 yrs Duplicate tab categories