From 13d42ae288d5c81a1dc9b00baaee20da906e1755 Mon Sep 17 00:00:00 2001 From: Faryan Rezagholi Date: Wed, 1 May 2019 01:16:39 +0200 Subject: [PATCH] moved and revised documentation --- .../Documentation/howtos/jumpservers.rst | 5 +- mRemoteV1/Documentation/howtos/vmrdp.rst | 64 +++++++++++++++++++ mRemoteV1/Documentation/index.rst | 1 + mRemoteV1/Resources/Help/vmrdp.rst | 36 ----------- mRemoteV1/mRemoteV1.csproj | 3 +- 5 files changed, 69 insertions(+), 40 deletions(-) create mode 100644 mRemoteV1/Documentation/howtos/vmrdp.rst delete mode 100644 mRemoteV1/Resources/Help/vmrdp.rst diff --git a/mRemoteV1/Documentation/howtos/jumpservers.rst b/mRemoteV1/Documentation/howtos/jumpservers.rst index 920feafe..48e4e4df 100644 --- a/mRemoteV1/Documentation/howtos/jumpservers.rst +++ b/mRemoteV1/Documentation/howtos/jumpservers.rst @@ -19,9 +19,8 @@ more information regarding the function of bastion host and jump server then see References ========== -`Wikipedia Bastion host `_ - -`Wikipedia Jump server `_ +- `Wikipedia Bastion host `_ +- `Wikipedia Jump server `_ Linux Server to target host =========================== diff --git a/mRemoteV1/Documentation/howtos/vmrdp.rst b/mRemoteV1/Documentation/howtos/vmrdp.rst new file mode 100644 index 00000000..9f365349 --- /dev/null +++ b/mRemoteV1/Documentation/howtos/vmrdp.rst @@ -0,0 +1,64 @@ +************************************* +Connect to virtual machine on Hyper-V +************************************* + +Introduction +============ +When set up properly, you can use mRemoteNG to connect to virtual machines running on Hyper-V. +This how to provides you with all the information you need to get things running. + +To be able to connect to the virtual machine we need its' id. +You can find it by executing the following powershell command on the Hyper-V server: + +.. code-block:: powershell + + Get-VM | select Name, ID + +Create a new connection, set the protocol to RDP and set the "Use VM ID" property to true. +Enter the id in the new property field that just appeared in the connection section and set the port to 2179. + +Enter the id of the virtual machine you found out earlier and you are able to connect to the virtual machine. + +Prerequisites +============= +For the scenario above to work there is some configuration that may be necessary for you to set up, depending on your environment. + +You must be a member of the *Administrators* **and** *Hyper-V Administrators* groups on the Hyper-V Server to be able to remotely connect to any virtual machine running on the host via VMRDP. +If this is not the case your user has to be granted access to remotely access the machine. +The following Powershell command achieves this: + +.. code-block:: powershell + + Grant-VMConnectAccess -VMName -UserName \\ + +Port 2179 must be open on Hyper-V server and on the machine you are connecting from. Use the following command to open the ports on the firewall if needed: + +.. code-block:: powershell + + netsh advfirewall firewall add rule name="VMRDP" dir=in action=allow protocol=TCP localport=2179 (incoming) + netsh advfirewall firewall add rule name="VMRDP" dir=out action=allow protocol=TCP localport=2179 (outgoing) + +In case you are facing "Unknown disconnection reason 3848" error when connecting, you need to configure a number of registry settings on your client and the Hyper-V Server to make the connection work. +Tis problem occurs because of the CredSSP (Credential Security Service Provider) policy on the client and/or Hyper-V Server not allowing to authentication of remote users by default. + +.. note:: + + See Microsoft support file `954357 `_ for more information on this topic. + +.. note:: + + For more information on RDP error codes see `this Microsoft article `_. + +Start the PowerShell console with administrative privileges and run the following commands: + +.. code-block:: powershell + + New-ItemProperty -Path HKLM\:\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowDefaultCredentialsDomain -Name Hyper-V -PropertyType String -Value "*" -Force + New-ItemProperty -Path HKLM\:\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowSavedCredentialsDomain -Name Hyper-V -PropertyType String -Value "*" -Force + New-ItemProperty -Path HKLM\:\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowDefaultCredentials -Name Hyper-V -PropertyType String -Value "*" -Force + New-ItemProperty -Path HKLM\:\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentialsDomain -Name Hyper-V -PropertyType String -Value "*" -Force + New-ItemProperty -Path HKLM\:\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentials -Name Hyper-V -PropertyType String -Value "*" -Force + New-ItemProperty -Path HKLM\:\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentialsWhenNTLMOnly -Name Hyper-V -PropertyType String -Value "*" -Force + New-ItemProperty -Path HKLM\:\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentialsWhenNTLMOnlyDomain -Name Hyper-V -PropertyType String -Value "*" -Force + New-ItemProperty -Path HKLM\:\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowSavedCredentials -Name Hyper-V -PropertyType String -Value "*" -Force + New-ItemProperty -Path HKLM\:\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowSavedCredentialsWhenNTLMOnly -Name Hyper-V -PropertyType String -Value "*" -Force diff --git a/mRemoteV1/Documentation/index.rst b/mRemoteV1/Documentation/index.rst index ee1bc978..114d8539 100644 --- a/mRemoteV1/Documentation/index.rst +++ b/mRemoteV1/Documentation/index.rst @@ -34,6 +34,7 @@ Welcome to mRemoteNG's documentation! howtos/jumpservers.rst howtos/external_tools.rst howtos/bulk_connections.rst + howtos/vmrdp.rst .. toctree:: :maxdepth: 2 diff --git a/mRemoteV1/Resources/Help/vmrdp.rst b/mRemoteV1/Resources/Help/vmrdp.rst deleted file mode 100644 index e441dcc5..00000000 --- a/mRemoteV1/Resources/Help/vmrdp.rst +++ /dev/null @@ -1,36 +0,0 @@ -Find out the VM ID by running the following command on the Hyper-V server: - - Get-VM | select Name, ID - -You must be a member of the *Administrators* and *Hyper-V Administrators* groups on the Hyper-V Server to be able to remotely connect to any virtual machine running on the host via VMRDP. -If this is not the case your user has to be granted access to remotely access the machine. The following Powershell command achieves this: - - Grant-VMConnectAccess -VMName -UserName \ - -Port 2179 must be open on Hyper-V server and on the machine you are connecting from. Use the following command to open the ports on the firewall if needed: - - netsh advfirewall firewall add rule name="VMRDP" dir=in action=allow protocol=TCP localport=2179 (incoming) - netsh advfirewall firewall add rule name="VMRDP" dir=out action=allow protocol=TCP localport=2179 (outgoing) - -In case you are facing with "Unknown disconnection reason 3848" error when connecting, you need to configure a number of registry settings on your client and the Hyper-V Server to make the connection work. -Tis problem occurs because of the CredSSP (Credential Security Service Provider) policy on the client and/or Hyper-V Server not allowing to authentication of remote users by default. - - .. info:: - - See Microsoft support file [954357](https://support.microsoft.com/en-us/help/954357/when-i-use-the-virtual-machine-connection-tool-to-connect-to-a-virtual) for more information on this topic. - - .. info:: - - For more information on RDP error codes see [this Microsoft article](https://social.technet.microsoft.com/wiki/contents/articles/37870.rds-remote-desktop-client-disconnect-codes-and-reasons.aspx). - -Start the PowerShell console with administrative privileges and run the following commands: - - New-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowDefaultCredentialsDomain -Name Hyper-V -PropertyType String -Value "*" -Force - New-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowSavedCredentialsDomain -Name Hyper-V -PropertyType String -Value "*" -Force - New-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowDefaultCredentials -Name Hyper-V -PropertyType String -Value "*" -Force - New-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentialsDomain -Name Hyper-V -PropertyType String -Value "*" -Force - New-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentials -Name Hyper-V -PropertyType String -Value "*" -Force - New-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentialsWhenNTLMOnly -Name Hyper-V -PropertyType String -Value "*" -Force - New-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentialsWhenNTLMOnlyDomain -Name Hyper-V -PropertyType String -Value "*" -Force - New-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowSavedCredentials -Name Hyper-V -PropertyType String -Value "*" -Force - New-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowSavedCredentialsWhenNTLMOnly -Name Hyper-V -PropertyType String -Value "*" -Force \ No newline at end of file diff --git a/mRemoteV1/mRemoteV1.csproj b/mRemoteV1/mRemoteV1.csproj index e3a2e86b..cc25c429 100644 --- a/mRemoteV1/mRemoteV1.csproj +++ b/mRemoteV1/mRemoteV1.csproj @@ -115,6 +115,7 @@ + @@ -1136,7 +1137,7 @@ - +