Disconnect inactive RDP sessions

While I’m working in a project that needs to log in into a server I usually leave my user session opened (yes I know that it s not a good practice, but I always forget to log off).

So when an admin needs to connect to the server there are either no free sessions or probably the openend sessions are consuming resources that could be slowing down the server.

So as a power user, I discovered the following command to execute in PowerShell (remember to execute it as administrator) to try to list and free the unused sessions:

If you only want to see the sessions, you can execute only this:

query user | select -Skip 1 | ? {($_ -split “\s+”)[-4] -eq ‘Disc’}

To disconnect all these sessions at once, you can execute this command inside an elevated PowerShell window:

query user | select -Skip 1 | ? {($_ -split “\s+”)[-4] -eq ‘Disc’} | % {logoff ($_ -split “\s+”)[-5] /v}

And then all disconnected RDP sessions are forced logoff and the resources are free.

Till next time!

SharePoint 2016 Features Standard vs Enterprise Comparaison (filterable, colors)

Great post from Jeff about how to choose SharePoint 2016 license types based on the features of each license.

SharePoint Them All - Notes from Jeff ANGAMA

 

How to recommend a SharePoint license based on what the user want ?

This excel file could help to choose the license for SharePoint 2013 / 2016.

https://gallery.technet.microsoft.com/SharePoint-2016-Feature-ce033b50

Hope it helps,

View original post

How to connect to Windows Internal Database (WID) with SQL Server Management Studio

The Windows Internal Database (WID) is used by the following Windows server components:

  • Windows Server Update Services (WSUS)
  • Active Directory Federation Services (AD FS)
  • Active Directory Rights Management Services (AD RMS)
  • Windows System Resource Manager (WSRM)

For Windows Server 2008 R2 and Windows Server 2008, you can use the following named pipes (NP) string:

\\.\pipe\MSSQL$MICROSOFT##SSEE\sql\query

On Windows Server 2012, Windows Server 2012 R2 and Windows Server 2016 you must use a different np connection string:

\\.\pipe\MICROSOFT##WID\tsql\query

Planner, Project, task list… which tool should I use?

Most of my customers are confused with the introduction of Planner in Office 365 and its use to track activities or projects inside the company.

The main idea of this post is to resume which option is best to tackle activities in projects and tasks. So, what we have? What we should choose in each case?

  • Microsoft Project: it is used in Project management, a tool that allows to have in one site all the projects, and at the same time have a lot of tools to integrate the projects and manage them. The main drawback that it very hard to implement inside a company.
  • Microsoft Planner: it is used to manage little projects or to manage activities in workgroups. The great advantage of this tool is that requires a low effort to implement it.
  • SharePoint Task list: it’s a kind a task management, in this case allows to manage task individually.

So now, we’re going to take a deeper look to these options:

Product Advantages Drawbacks
Microsoft Project Detail of resources, calendars and assignations

Management of hours

Gantt diagram

Report diagram

Possibility to integrate with PowerBI

Integrate with SharePoint

Risk Management

Knowledge of management

High license cost

It is necessary to associate a mail to the sites

 

Microsoft Planner Very easy for the user

Centralize projects in one site

Graphics to report activities and state of the projects

Mailbox for each project

It is included in Office 365 license

Only is it possible to relate tasks by 3rd party solutions

Gantt diagram with 3rd party solutions

SharePoint Task List Possibility to create and assign task to users

Possibility to relate tasks

Send mails when activities are completed or assigned

See how tasks are delayed or personalized views by user

It is possible to synchronize it with Project

It is necessary to create a list for each Project

Does not exist a site where is it possible to see all the tasks lists

No possibility to see a graphic

That’s all, till next time!

Configuring Proxy PACs

Being immersed in Office 365 pilots and adoptions, a lot of questions are fired by the customers, some of them are related with networking requirements. Most of the times, I am able to give them some guidance on how to configure environments and give to them some best practices, but in occasions, happens that they had a lot of customizations in the proxy servers in order to control the server communications to the outside.

But I have found some posts in the technet blogs about how to automate the configuration of ProxyPac. With these scripts, we’re able to configure the proxies and configure the bypass list in the server as well as configure the outbound firewall rules to allow to access to the appropriate IPs and URLs.

I’m sure that with all this stuff, we will able to save enough time to be focused in other important things.

So, if you want to automate the configuration of ProxyPac’s and do you want to automate it, I strongly recommend visiting the follow links and extract the info from it:

https://blogs.technet.microsoft.com/undocumentedfeatures/2016/08/18/updates-to-office-365-proxy-pac-generator/

https://blogs.technet.microsoft.com/undocumentedfeatures/2015/11/16/office-365-pac-file/

https://blogs.technet.microsoft.com/undocumentedfeatures/2016/04/06/deploying-the-office-365-proxy-pac-to-manage-your-users/

https://gallery.technet.microsoft.com/office/Office-365-Proxy-Pac-60fb28f7

 

ADFS: Configure your password change

Users are always allowed or forced to change their passwords, and sometimes this actions increment the amount of work to IT. However, in ADFS 3.0 include a feature that enable a self-service portal password change available for your end-users.

So this post tries to follow the steps to configure it:

  • First, enable the Password Change Portal:Open your AD FS Management tool on the primary server, navigate to the EndPoints under Services\Endpoints. At the bottom you will see the /ADFS/portal/updatepassword/ endpoint, right click it and choose enable. Right click again and choose enable on proxy.
  • Test change password portal: browse to https://sts.domain.com/adfs/portal/updatepassword you will similar to the adfs login page where you can update your password
  • Enable password expiry notification: You can configure Active Directory Federation Services (AD FS) to send password expiry claims to the relying party trusts (applications) that are protected by ADFS. To do this it is necessary to configure a Claim Rule:

c1:[Type == “http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime”%5D => issue(store = “_PasswordExpiryStore”, types = (“http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime”, “http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays”, “http://schemas.microsoft.com/ws/2012/01/passwordchangeurl”), query = “{0};”, param = c1.Value);

  • Finally: you can tweak your ADFS login page to show a link to the change password portal

That’s all!

Ref: https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/configure-ad-fs-to-send-password-expiry-claims

https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/ad-fs-user-sign-in-customization