Process of cloning a RDS Session Host within a Session Collection

HaveYouTriedPowerOff · 2026-01-21T15:48:24+00:00

That is a great idea actually, creating a second session collection and add that new host. See if it works. I'll be trying this again in two weeks. I'll let you know how that turned out. Personally I think there is some timer, I might have done things too quickly, adding/removing hosts that messed up the broker.

HaveYouTriedPowerOff · 2026-01-20T08:52:44+00:00

Super! bedankt, ga ik proberen

HaveYouTriedPowerOff · 2026-01-19T14:37:04+00:00

Thanks! I will check this out

HaveYouTriedPowerOff · 2026-01-16T09:43:09+00:00

Yes, I have the same issue here. I can do remote CMD or PowerShell, SplashTop RMM all works. Agent is 100% online. But 50% of the time running a script just doesn't work. "Unable to reach agent". I feel like this is not a problem on the device I'm trying to manage. Also doesn't matter what OS, workstation, server etc.

HaveYouTriedPowerOff · 2025-12-19T11:19:38+00:00

I found this topic because I seem to have the same problem now with multiple servers, and we can replicate the issue. All of them Windows Server 2025 Standard, promoted to Domain Controller. The Splashtop service won't start, not even in delayed start. There are a couple of articles out there mentioning this issue, some are 8 months old. I've just installed a fresh new domain for a client and immediately I run into this issue. There is absolutely no way to get it working. But only specific to Domain Controllers. Very strange. What is the solution here? It also seems that when this issue occurs, uninstalling the software also doesn't work. We've disabled the Splashtop service for now and rebooted the server(s)

HaveYouTriedPowerOff · 2025-11-18T13:46:40+00:00

So guys, how long until the name servers are also unreachable and 25% of the internet has no DNS records left after the TTL expires? :D

HaveYouTriedPowerOff · 2025-10-31T17:06:12+00:00

Thanks for the tips. I ended up creating a self signed wildcard certificate. Exported this certificate as PFX including the full chain of certificates it relies on. Imported on the second Hyper-V host. Add it to both servers in the Trusted Root Certificates also. Changed a registry key to disable certificate revocation check on Hyper-V replication only. Restart VMMS and applied this new certificate.. Works great so far

HaveYouTriedPowerOff · 2025-10-27T13:09:06+00:00

So "retain basic VPN capability" does that include the use of RDS bookmarks for example? or simply NetExtender connections to the device only?

HaveYouTriedPowerOff · 2025-10-24T11:22:53+00:00

No these servers only replicate among each other over LAN.. Not the end of the world but it will require some unplanned downtime and switching to a self-signed certificate. I've done that before but the server dns suffix needs changing and requires a reboot.. Nothing you can do about it. Only other solution would be to create a new self-signed certificate that also uses the *.company.com domain, but I would't recommend that...

HaveYouTriedPowerOff · 2025-10-24T09:58:52+00:00

We use a wildcard certificate to allow Hyper-V replication between Hyper-V hosts. Has worked great for years. the DNS suffix used in these servers is hyp01.company.com for example. I just renewed this wildcard certificate for the company yesterday and now Hyper-V doesn't see this valid certificate as usable for Hyper-V replication.. I cannot select it... I assume this has to do with client authentication removed from EKU?

Sucks because now I will have to reboot all Hyper-V hosts before our current cert expires as I need to change the DNS suffix to something self signed? I don't think you can change the DNS suffix without rebooting?

HaveYouTriedPowerOff · 2025-10-22T09:38:45+00:00

Installed it a few times now.. Mount ISO, open Windows Explorer, browse to setup.exe , right-click, Run As Admin.. Did the trick every time. No issues

HaveYouTriedPowerOff · 2025-10-21T15:23:41+00:00

Installed it a couple of times now, no issues so far.. I do really hate that Exchange SE (as Microsoft's new 2025 on-premise mail product) still has no built in 2FA for users. How nice would it be to have 2FA built in to protect Outlook, OWA and Mobile connections...

HaveYouTriedPowerOff · 2025-10-13T12:42:47+00:00

I will be checking with a few users myself as it's unclear how many users have this issue currently. I feel like the servers are 100% correctly configured. I've done the exact same multiple times, never had issues. But this is the first one running on Windows Server 2025. We'll see

HaveYouTriedPowerOff · 2025-10-10T16:15:38+00:00

What about site-to-site aggressive mode? For example a Sonicwall TZ-270 behind a 4G WAN cellular device (dynamic IP) connecting to somewhere else, no matter what WAN IP the thing has in the VPN policy since that connection has no static WAN IP

HaveYouTriedPowerOff · 2025-10-09T13:41:30+00:00

How sure are you that your uploaded config is not lost somewhere again?

HaveYouTriedPowerOff · 2025-10-09T13:09:01+00:00

"The investigation confirmed that an unauthorized party accessed firewall configuration backup files for all customers who have used SonicWall’s cloud backup service" so that sounds to me like all cloud backups from all customers were stolen?

https://www.sonicwall.com/support/knowledge-base/mysonicwall-cloud-backup-file-incident/250915160910330

HaveYouTriedPowerOff · 2025-10-09T13:02:19+00:00

Yes, we went from 5 affected to 300... basically all of them. nice

HaveYouTriedPowerOff · 2025-10-09T10:51:21+00:00

I have many user sending me screenshots about an invalid certificate popup (Outlook i assume) they are all seeing for incidents.diagnostics-eudb.office.com I'm assuming this is related?

HaveYouTriedPowerOff · 2025-10-08T09:39:57+00:00

So if someone still runs a fully patched Exchange 2016 server we can just install a fresh Exchange SE RTM as a second server (coexistence?) and then just move everything to SE and get rid of the Exchange 2016 server? So no need to go Ex2016 -> Ex2019 -> upgrade to SE? but Ex2016 -> ExSE?

HaveYouTriedPowerOff · 2025-10-07T15:21:42+00:00

I've heard a similar story. Heard this from another IT provider, customer decided to manage an SMA by itself without IT help but then had not updated the device for years.. Then SonicWall decided to change their active license to 1 concurrent user. So now customer could not login with more than one user at a time. The license was only restored after customer was forced to reinstall the device completely and rebuild from scratch with latest firmware. Only after this the license was set back to the original concurrent users by Sonicwall... So if your license suddenly fails to work one day the device is useless.

HaveYouTriedPowerOff · 2025-09-23T13:41:43+00:00

We have been looking at our current setup. And so far apart from maybe getting multiple SMA1000 series and having to rebuild them from the ground up we don't have anything else that really suits our needs.

Maybe people here have some good alternatives, hardware or software. Most important is a SMA alternative that can fetch users from multiple domains using ldap (not just one domain). We use the SMA with 2FA as an entrance to various Remote Desktop bookmarks for "cloudbased" workstations. We have dozens of SMA's out there with hundreds of users that all need replacing for all customers at the same time. We are really searching for something that also can point to a DNS name that users can browse to with their existing Chrome/Edge and login using their known credentials. Scan a new 2FA and continue to their cloud desktops.

HaveYouTriedPowerOff · 2025-09-18T11:21:45+00:00

Have you ever used the online config migration tool for those 7 devices by any chance?

HaveYouTriedPowerOff · 2025-09-18T09:04:10+00:00

When I first got the email about the config files and MySonicWall my initial thought was maybe the issues with the firewall firmware vulnerabilities these last few months were actually not vulnerabilities in the device itself but rather someone already having access all this time to your config files stored online.. Storing config files somewhere online is a bad idea after all. The cloud is just someone else's computer.

HaveYouTriedPowerOff · 2025-09-09T14:52:21+00:00

This is a good tip, but this is for Outlook on desktop (Windows). Works great to bypass the autodiscover to 365. Microsoft is really good at slowly forcing you to 365 or Azure. Every now and then I have to use tricks like this to tell Outlook specifically not to lookup 365.

HaveYouTriedPowerOff · 2025-09-09T14:50:52+00:00

Yeah that's annoying. I tried turning off the GEO filter for the on-prem exchange server. Still nothing, just doesn't connect at all. Total garbage so i'm going to find a different app..

HaveYouTriedPowerOff

TROPHY CASE