The following forum(s) have migrated to Microsoft Q&A (Preview): Azure Virtual Machines!
Visit Microsoft Q&A (Preview) to post new questions.

Learn More

 locked
Remote Connectivity removed - how do I access/reset RRS feed

  • Question

  • Hi,

    I'm new to VM and was trying to access my asp.net website I'd created on the VM from the internet without much success.  I decided to go through the security wizard in windows server 2008 r2 to see if that would fix up the problem, and I chose all the defaults. 

      However, I think it must have removed my remote connection access as I now cannot log in.  Is there a way I can gain remote access again, or at least rollback my previous access?  I don't want to delete the vm completely because it took me quite awhile to set up the website, install apps etc. and unfortunately I didn't save an image (only just realised that was an option...which I should've done)

    Thanks in advance

    Monday, July 16, 2012 8:59 PM

Answers

  • Hi Auskev,

    If you join another VM to that one (which means they are in the same cloud service and can talk to each other internally) you can use Psexec from the new VM to connect to the RDP-disabled VM in order to enable RDP.

    1. From a command prompt on the VM that you are able to access, run psexec
    against the internal IP (DIP) of the inaccessible VM:

    psexec \\10.x.x.x cmd

    Psexec uses TCP ports 135, 137, 445, which are open in the default Windows Firewall settings even when RDP is not.

    2. Verify RDP is enabled:

    wmic /namespace:\\root\CIMV2\TerminalServices PATH Win32_TerminalServiceSetting get  servername,allowtsconnections

    Sample output showing 1 for AllowTSConnections meaning RDP is enabled:

    C:\>wmic /namespace:\\root\CIMV2\TerminalServices PATH Win32_TerminalServiceSetting get servername,allowtsconnections
    AllowTSConnections ServerName
    1
    TEST1

    3. This will both enable RDP and set the firewall exception:

    wmic /namespace:\\root\CIMV2\TerminalServices PATH Win32_TerminalServiceSetting WHERE (__CLASS !="") CALL SetAllowTSConnections 1,1

    Sample output:

    C:\>wmic /namespace:\\root\CIMV2\TerminalServices PATH Win32_TerminalServiceSetting WHERE (__CLASS !="") CALL SetAllowTSConnections 1,1
    Executing
    (\\TEST1\root\CIMV2\TerminalServices:Win32_TerminalServiceSetting.ServerName="TEST1")->SetAllowTSConnections()
    Method
    execution successful.
    Out Parameters:
    instance of
    __PARAMETERS
    {
    ReturnValue = 0;
    };

    4. You can show the current windows firewall state:

    netsh advfirewall show currentprofile state

    5. To disable the windows firewall:

    netsh advfirewall set allprofiles state off

    To revert that you would just do:

    netsh advfirewall set allprofiles state on

    Sunday, July 22, 2012 5:26 AM
    Moderator

All replies

  • Hi auskev,

    There is a known issue with RDP and you may be running into it. Can you Restart the VM to see if the issue is resolved?

    Thanks,

    Hari.

    Tuesday, July 17, 2012 1:25 PM
    Moderator
  • Hi,

      I restarted the VM and unfortunately I cannot access the VM anymore (the standard unable to connect message appears).   Any other ideas?  I'm sure it's because I ran the Microsoft recommended configuration process, and that seems to switch off the 'enable remote connection' from the server.  Is there any way this can be accessed, or even the previous settings restored?

    Thanks,

    auskev

    Thursday, July 19, 2012 4:41 AM
  • Hi Auskev,

    If you join another VM to that one (which means they are in the same cloud service and can talk to each other internally) you can use Psexec from the new VM to connect to the RDP-disabled VM in order to enable RDP.

    1. From a command prompt on the VM that you are able to access, run psexec
    against the internal IP (DIP) of the inaccessible VM:

    psexec \\10.x.x.x cmd

    Psexec uses TCP ports 135, 137, 445, which are open in the default Windows Firewall settings even when RDP is not.

    2. Verify RDP is enabled:

    wmic /namespace:\\root\CIMV2\TerminalServices PATH Win32_TerminalServiceSetting get  servername,allowtsconnections

    Sample output showing 1 for AllowTSConnections meaning RDP is enabled:

    C:\>wmic /namespace:\\root\CIMV2\TerminalServices PATH Win32_TerminalServiceSetting get servername,allowtsconnections
    AllowTSConnections ServerName
    1
    TEST1

    3. This will both enable RDP and set the firewall exception:

    wmic /namespace:\\root\CIMV2\TerminalServices PATH Win32_TerminalServiceSetting WHERE (__CLASS !="") CALL SetAllowTSConnections 1,1

    Sample output:

    C:\>wmic /namespace:\\root\CIMV2\TerminalServices PATH Win32_TerminalServiceSetting WHERE (__CLASS !="") CALL SetAllowTSConnections 1,1
    Executing
    (\\TEST1\root\CIMV2\TerminalServices:Win32_TerminalServiceSetting.ServerName="TEST1")->SetAllowTSConnections()
    Method
    execution successful.
    Out Parameters:
    instance of
    __PARAMETERS
    {
    ReturnValue = 0;
    };

    4. You can show the current windows firewall state:

    netsh advfirewall show currentprofile state

    5. To disable the windows firewall:

    netsh advfirewall set allprofiles state off

    To revert that you would just do:

    netsh advfirewall set allprofiles state on

    Sunday, July 22, 2012 5:26 AM
    Moderator
  • You sir, are my hero. Thanks so much!
    Monday, September 30, 2013 11:13 AM