Monday, March 18, 2013

Configure F5 virtual server for use with Remote Desktop Gateway


A few key notes on this (not a complete guide)

Virtual Server Type: "Performance (Layer 4)"
Protocol Profile (Client): "FastL4"
  • This will benefit session responsiveness and eliminate key stroke lag

Persistence Profile: None (Do not use any client persistence)
  • This will load balance all new connections
  • This will assure that multiple users from one site are load balanced across all RD Gateway servers
  • TCP sessions are stateful, so this will not cause individual session packets to be load balanced (common misconception); only the initial TCP session set up is load-balanced
  • Use RD Session Broker and the Session Broker Routing Token to maintain TS session persistence

Configure Idle timeout
  • On the FastL4 protocol profile, configure an idle timeout of 14400 seconds (or configure to match the idle session timeout on the Terminal Server)
  • This prevents the accidental or premature reset of TCP sessions, which would interrupt the TS session and require the client to reconnect

Hide network icon and tree in Windows Explorer

To hide the Network icon and tree in Windows Explorer
Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder]
"Attributes"=dword:b0940064



To show the Network icon and tree in Windows Explorer
Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder]
"Attributes"=dword:b0040064



Applies to
Windows 7
Windows Server 2008 R2

Thursday, March 14, 2013

Disable Resultant Set of Policy logging to improve logon performance

Resultant Set of Policy logging writes information to the WMI database for each user who logs on interactively. This causes the WMI database to grow, and can cause WMI database corruption.

Windows 2003
Computer Configuration > Administrative Templates > System > Group Policy
Turn off Resultant Set of Policy logging

Windows 2008
Computer Configuration > Policies > Administrative Templates > System > Group Policy
Turn off Resultant Set of Policy logging

Additional Reading
http://support.microsoft.com/kb/2020286

Friday, March 8, 2013

Determine number of unique interactive logons and export a list of unique user IDs

Background
Use to determine interactive logon information for any Windows computer (I use on servers running Remote Desktop Services / Terminal Services)

Prep
  • Download EventCombMT.EXE, part of the Account Lockout Tools
  • Create the PostEventCombMt.CMD script below

Perform the export
1. Run EventCombMt.EXE against the target servers. Filter for the following:
  • Windows 2003: Event ID 528
  • Windows 2008: Event ID 4648
  • Security log
  • Success audit


2. Drop the PostEventCombMt.CMD script in the folder with the .LOG files and run PostEventCombMt.CMD

3. Import / open the output file in Excel. Specify a semicolon delimited file.

4. Copy the Domain\Username column and paste into a new worksheet

 
5. Use Advanced filter to filter the list in place showing only unique records. This will hide rows with duplicate user names


6. Re-select the Domain\Username field, copy, then paste into a new worksheet. This should paste only unique user names

 
7. Result:
- List of unique logon IDs / user names
- CTRL+End takes you to the bottom of the list. The row number is the number of unique logons
- If you sort the original worksheet by date, you have an approximate timeframe


PostEventCombMt.CMD Script

@echo off
 

:Start

   CLS
   Echo.
   Echo Script will reformat EventCombMT output to a semicolon-delimited
   Echo format importable to Excel
   Echo.
   Echo Date field is imported to true Excel date field
   Echo Time field is imported to true Excel time field
   Echo Description field is preserved / unmodified
   Echo.
   Echo Run in directory where *_LOG.TXT files exist
   Echo.
   Echo.
   Echo.
   Pause

   for /f "tokens=1-8 delims=:/. " %%a in ('echo %date% %time%') do set LogFile=%%d-%%b-%%c_%%e-%%f-%%g.log

   Echo Server Name;Event ID;Event Type;Event Source;Date;Time;User;Description>"%LogFile%"
   for /f "tokens=1* delims=-" %%x in ('dir /b *_log.txt') do @echo %%x & for /f "tokens=1-10* delims=," %%m in (%%x-%%y) do for /f "tokens=1-7 delims=: " %%a in ("%%p") do @echo %%x;%%m;%%n;%%o;%%b %%c, %%g;%%d:%%e:%%f;%%q;%%r>>"%LogFile%"

:End
   Echo %Date% %Time%
   Echo Script ran to completion
   Pause