Create or Remove A Static Route in a Microsoft Windows OS

Route traffic via a specific NIC and IP in most Microsoft Windows operating systems.

Quick guide to create a static route in windows or remove a static route in a windows OS.

List static routes
Administrator command prompt
route print

Create a Static Route
Administrator command prompt
Add example :
route add -p mask if 2 metric 5

“if” is the network card number to route through.
metric is calculating the fastest, most reliable, and least expensive routes
-p Persistent
ipconfig /all (Shows the NIC for “if” number.)

Deleting a Static Route
Administrator command prompt
Delete example :
route delete

Remote Desktop Server – Customisation and Useful GPO settings

User cannot change an expired user account password in a remote desktop session that connects to a Windows Server 2008 R2-based RD Session Host server in a VDI environment

Hotfix Download Available

  1. 1. Open the following file: %systemDrive%/windows/web/rdweb/pages/web.config
  2. Set the following value to TRUE: <!– PasswordChangeEnabled: Provides password change page for users. Value must be “true” or “false” –> <add key=”PasswordChangeEnabled” value=”false” />



Disable IE security in a GPO using reg change



Set Trust sites



Setup SSO & disable remote app prompt



Deploying RD Session Host Servers or Farms


How to Remove the Access Messages and Enable the Single Sign On for RemoteApps



Deploy Certificates by Using Group Policy



Enable RDC Client Single Sign-On for Remote Desktop Services



How to resolve the issue: “A website wants to start a remote connection. The publisher of this remote connection cannot be identified.”



Do you trust the publisher of this RemoteApp Program? prompt even though the Publisher is trusted?



Create a Self-Signed Server Certificate in IIS 7



IT: How To Create a Self Signed Security (SSL) Certificate and Deploy it to Client Machines






Makecert.exe (Certificate Creation Tool)

Tested example (sets the start date to 30.6.15 and the end dates is 20yrs+ later.

makecert.exe -r -pe -n “” -eku -b 06/30/2015 -ss my -sr localmachine -sky exchange -sp “Microsoft RSA SChannel Cryptographic Provider” -sy 12 “E:\Media\Cert\”



About Digitally Signing RemoteApp Programs



Create RDS Farm – Check list



Install the RD Connection Broker Role Service



Add Each RD Session Host Server in the Farm to the Session Broker Computers Local Group



Configure an RD Session Host Server to Join a Farm in RD Connection Broker



Configure DNS for RD Connection Broker Load Balancing



Limit Profile Size


Note Files deleted from a network share do not go to the recycle bin. They are deleted permanently


Empty recycle bin at log off… GPO log off script –

User Configuration – POLICIES. WINDOWS SETTINGS – SCRIPTS – Logon/Logoff

Add Empty recycle bin batch



del /s /q .


Types of profiles



User Configuration – Administrative Templates – System – Logon/Logoff




      1. A Create one policy for admins with show all drives
      2. Create a second policy for all users with hide all drives and a deny apply policy for admins
      3. Third policy has all the terminal server config details



Temporary Profiles Loading

Enable replication failed : Hyper-V is not in a state to accept replication on the replica server

After replication was broken, Hyper-V failed  to setup Virtual Machine Replication

Error : Enable replication failed Hyper-V is not in a state to accept replication on the replica server

Enable replication failed Hyper-V is not in a state to acept replication on the replica server

Fix – Option

1) Delete the Virtual Machine from the replica server and setup replication from the primary


2) During the setup of replication, specify the export of the Virtual Machine to replicate on the replica server

Enable Virtual Machine replication in Hyper-V (Microsoft Server 2012)

Guide to Virtual Machine replication in Hyper-V (Microsoft Server 2012)

Open Hyper-V manager and select the virtual machine to replicate

enable vm replication 1

Select – Enable Replication

enable vm replication 2

Click Next to continue


enable vm replication 3

Select the replica server (Also running Hyper-V)

enable vm replication 4

Specify the connection type (Kerberos or Certificate)

enable vm replication 5

Select the VHDX file to replicate

enable vm replication 6

select replication options

enable vm replication 7

Send replication over the network or select replica export file

enable vm replication 8

Click Finish

enable vm replication 9

Virtual Machine replication will start
enable vm replication 10


Please note. This is a rough example and your should research your own methods and setup

How to remove a file lock manually in Microsoft Server 2008

How to remove a file lock manually in MS Server 2008

Open Administrative Tools -> Share and Storage Management.

From the Actions pane, click Manage Open Files.

All locked files and folders should be visible on this server.

To clear a lock, select the relevant file and click “Close Selected”.

Note only use this method if other option to close / unlock a file have been tried and a user definitely not using the the file, otherwise data loss may occur.

SQL Server 2005 database has grown too big and filled the hard disk

Microsoft SQL Server 2005 database has grown too big and filled the hard disk

How much available free disk space ?
How much available free database space ?
How to free up some disk space by shrinking the database?

A quick run through

My Computer shows
C:\ OS with free space
E:\ The DB drive FULL
L:\ The logs drive with free space

On E:\ identify which database has grown and filled the disk

Open MS SQL Management Studio
Login with domain account or a SQL database admin credentials – (SA will have these rights)

Right click the offending database

Select tasks -> shrink – > files

It will then show you how much is available to shrink

ie. E:\ Large DB is 39999.00MB
DB allocated space is 19999.00MB
Available space with in the DB is 20000.00MB (50%)


The DB will have stopped working as there was no space to extend the file on the main disk


In this example we can now click ok to shrink the Large DB, due to having 20,000MB free space with in the DB.
Note : If there was no free space, then you should consider looking at the application for purge options or adding additional storage

A database can shrink while running. The shrink will work in the background, IF there is space. However it might slow things down because its actually moving data off pages onto others and then deleting the empty pages when it moves the data it has to reset catalog so that the db knows where that data is in the indexes etc. (reset  means update)
This is just and example, in my own words and you should understand the tasks this article talks about and make your own decisions. The author holds NO responsibility for anything which is done based on the topic described above.

Sysprep Windows Server 2008

I wanted to sysprep an image of Windows Server 2008 after cloning a Windows Server 2008 VM in VMware Workstation.

Followed by a quick google to jog the memory, I found

Sysprep is installed by default on Windows Server 2008.

Default location : c:\Windows\System32\sysprep\sysprep.exe

Simply run sysprep.exe

The tool pops up.

Check the “Generalize” checkbox (regenerates system SID), change the Shutdown Options to “Shutdown” or “Restart”, and click OK.

The system will go through the sysprep process and shut itself down or restart.
I was only running sysprep after a clone. So restart was ok

Use shutdown if you wan to create cloned servers afterwards by simply by creating linked servers and booting the clone.

Note the SIDs weren’t being regenerated with out the “check” in the Generalize checkbox to make that happen.

Deploy Remote Desktop Server 2012 R2

Only a demo a view options of 2012 RDS

Remote Desktop Roles in server 2012 R2

  • Remote Desktop Session Host – Hosts session
  • Remote Desktop Connection Broker – Brokers the sessions
  • Remote Desktop Web access – Web access

Deployment Options

  • Quick Start – Stand alone server (deploys all roles to one server )
  • Standard install – Multiple servers (deploys roles over multiple servers)

Quick Start – Stand alone server

  • Installing session based desktop

Server 2012 forces you to create a farm with all three roles installed (session host, connection broker and web access).

  •  Installing Remote Desktop

Tip : Avoid adding the role using role services – support by Powershell only. Use the remote desktop services wizard for installation.

Use session-based desktop, or Virtual machine based desktop deployment (hyper-v and client).

Session based deployment

  • On the RDS server
  1. On the Dashboard – Add roles and features
  2. Next
  3. Select Remote desktop services installation (Don’t use role based)
  4. Click next
  5. Click quick start for stand alone (alternative select standard)
  6. Select session based deployment
  7. Select current server – You must be logged in as a domain administrator
  8. Select restart automatically
  9. Click deploy
  10. Login to finish the deployment ( if the deployment fails, redo the install process and the install will complete)
  11. On the Dashboard, scroll to the right.
  12. Select quick session collection (remote app programs will appear hear)

Standard install – Multiple servers deployed

  • Installing session based desktop

Standard will deploys roles over multiple servers

For this demo setup 3 RDS servers required

  1. RD Session Host
  2. RD Web Access
  3. RD Connection Broker

Note – Collections will need to be created manually and RemoteApps published manually

Installing Remote Desktop

Tip : Avoid adding the role using role services – supported by Powershell only.
Use the remote desktop services wizard for installation.

Use Session-based desktop 

  • RDS server (Connection Broker)
  1. On the Dashboard – Select all servers
  2. Right click all servers and select add servers (add the other two servers)
  3. Note : All servers required will now be visible
  4. On the Dashboard – Add roles and features
  5. Next
  6. Select Remote desktop services installation (Don’t use role based)
  7. Click Standard
  8. Select session based deployment
  9. Select current server – Logged on as administrator of the domain
  10. Select from the list which server will be the session broker ( it is possible to add the web access to this server if required)
  11. Next
  12. Select from the list which server will be the web access server
  13. Next
  14. Select from the list which server will be the session host server
  15. Select restart automatically and click deploy
  16. Login to finish the deployment ( if the deployment fails, redo the install process and the install will complete)
  17. close


Install complete, Create a Collection

  1. On the Dashboard, Remote desktop services, scroll to the right.
    1. Note : Roles will now be spread across the three servers.
  1. Scroll right select Tasks,
  2. Create session collection
  3. Specify a name
  4. Select session host
  5. Specify ‘domain users;
  6. Option for user profile disk, tick
  7. Set limit of 1GB on user profile settings
  8. Select a share path for available
  9. Create (Note : RDS GPOs are need to be removed)
  10. Close




Publish Apps

  1. Session Broker Dash board
  2. Select collection
  3. Tasks
  4. Publish remote app
  5. Select app from available list
  6. Click publish 

RD Licensing

  • Install Licensing server on the Session broker
  • Each server has two CALS for administrators
  • License is required with in 120days
  • Activate server
  • Purchase CALs to match licensing mode
  • Per device CAL or User CAL.
  • For this demo install require “Per User CALL”– Note this accepts any connections without limits


  1. On the dash board
  2. Select Overview
  3. RD Licensing
  4. Select session broker
  5. Click Add
  6. Close

Licensing Activation


  1. Select tools
  2. Terminal Services
  3. Remote Desktop licensing manager
  4. Activate server
  5. Install licenses


Session Collection Properties

User Groups, Session Settings, Tasks edit properties

  • Sessions

When sessions are connected.

  1. Disconnect – set to end disconnected session after 8hrs
  2. Connection time limit – Never
  3. Idle session set to 2hrs


  • RDP Encryption
  • SSL (TLS1.0) – requires certificates
  • Negotiate – Select this option (The most secure layer that is supported by the client will be used)

Session Level of encryption options

    • Low 56-bit encryption client to server, server to client is not
  • Client compatible – Default level. Encrypts traffic to the maximum strength support by the client. Client and server is encrypted
  • High, 128-bit encryption. Client need to support this level of encryption or they will not connect.


  • FIPS Compatible – FIPS encryption
  1. Select session collection properties
  2. Select Security tab
  3. Security Layer Set negotiate
  4. Set High session level
  5. Untick allow connections only from computers with network level authentication (as we still have XP clients)


  • Load Balancing
  1. Require more than remote desktop session host.
  2. Edit the properties of the collection
  3. Add the additional Session host to the collection


  • Client Setting
  1. Configure client Settings
  2. Specify redirection
  3. Untick Audio, smart cards, allow client printer redirection
  4. Tick clipboard
  • User Profiles Disk
  • Enable User Profile disk.
  • Each user will get a dedicated single virtual disk. (.vhdx created when a user logs)
  • .vhdx file is mounted underneath c:\Profile Disk\ GUID is the name of the users file name
  • .vhdx can mounted manually


  • Profile Disk Share
  1. Create a share location for profile disk
  2. Share name “Profile Disks”
  3. Right click , properties, select advanced sharing
  4. Set share permissions to All to Full
  5. NTFS permissions User, set to modify 
  6. See Share details under prerequisites
  • User Profile Disk
  1. Collection properties
  2. Select user profile disk
  3. Tick enable user profile disk
  4. Set location to the share name
    1. Set size limits
    2. Store only the following in the profile
    3. (other options available to set) 
  • Client RDS access

Client RDP

  1. Save RDP (Save a RDP client on all clients to point to the connection broker)
  2. Edit the current RDP collection by opening with Notepad
  3. Edit :    Use redirection server name:1:0
  4. Change to :      Use redirection server name:1:1
  5. Add lines at the bottom      :  (this is to use the session broker as a load balancer)
    1. loadbalanceinfo:s:tsv://MS Terminal Services Plugin.1.collection name

Login in to a Windows 7 client with the RDS icon configured 

  • Web Access

RDP Settings – default settings

Login in to a Windows 7 client with the RDS icon configured