Posted on

How to change the RDP port on a RDS server

There are many reasons you may wish to change the RDP port on a RDS or terminal services server.

Change RDP port number

My default action when setting up a new RDS server is now to ensure that it is not listening on the standard port (3389). This is for multiple reasons, mainly though to add a small extra layer of protection against automated RDP bruteforce attacks. Sure if an attacker wanted to they could run a port scan to find the new port, but really unless you are targeted, no-one is going to do this via bot/automation.

The easiest way to change the RDP port is via regedit:

Navigate to:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\

and change the value of the DWORD "PortNumber" select Decimal and change to whatever you wish the port to be.

You will then need to restart the server for this to take effect – simply restarting the gateway services does not seem to refresh the listening port.

Other option is to put this into a .reg file and simply click on it to merge the rdp port change into the registry. To do this, copy the below script into notepad and save it is a .reg file:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp]
"PortNumber"=dword:0000846c

This will change the port to 33899

Posted on

[SOLVED] Java update “Failed to download required installation files.”

There have been a few occasions recently where a Java update fails


Java Update failed to download the required files

Having looked about for a solution, there is two methods that i have found to quickly rectify the problem.

1) The cheats way.
Re-install java on top of itself.

NB, Java has many different versions depending on which OS and update version of the OS you are using, the quickest way to re-install with the latest version i have found is to use Ninite. This will find version and install it correctly for you.
https://ninite.com/java8/

2) Edit compatibility settings on the Java updater.

go to: %PROGRAMFILES%\Common Files\Java\Java Update

and find jucheck.exe (updater)

right click --> Properties --> Compatibility

select the tick box to run with a previous version of windows, anything before Vista seems to do the job. (XP, Win95 etc…) As this is just the updater and not java, it ensures you still get the correct version.

BONUS 3)
This seems to be an issue with privilege elevation in windows – if you have access to an admin account, then you can log into that then try updating 8/10 it works without the above.

Posted on

Manually Update GAL in O365 or Exchange16

There is the odd occasion that may require you to manually update GAL in exchange – whatever version or platform you may be using it on.

In Exchange 2016 this is very easy. Simply open Exchange powershell on the server and enter the below:

Update-GlobalAddressList -Identity "Default Global Address List"

For O365 – it’s a little bit more complicated, first we need to make sure that the Admin has the ‘Address List’ role.

You can either do this through the Exchange portal:

Update GAL in Office365

Or can do this Via powershell with the command below:

$dispName="ADMIN NAME"
$roleName="Address Lists"
$userObject=Get-MsolUser | Where DisplayName -eq $dispName
$userUPN=$userObject.UserPrincipalName
Add-MsolRoleMember -RoleMemberEmailAddress $userUPN -RoleName $roleName

Finally – once the permissions are set we can move and finally update Gal by

Set-AddressList -Identity "All Users"

Posted on

The Windows Death command – Kill a Windows PC

Sometimes in the IT world you just need to let off some steam – sometimes a pile of old PC’s through in the PC ‘Graveyard’ are a fun way to do so.


Kill a Widows PC

Often we will play with various ways to kill off old PC’s before they are then securely wiped and recycled, and this command we are about to go into is one of the basics.

del /S /F /Q /A:S C:\windows

Thats it.

Yes it really is that easy to kill a windows PC!

Lets go through it and some of the pitfalls you may find.

del – This is the windows command to delete an object, pretty self explanatory
/S – Deletes specified files from the current directory and all subdirectories. Displays the names of the files as they are being deleted.
/F – Forces deletion of read-only files.
/Q – Specifies quiet mode. You are not prompted for delete confirmation.
/A:S – Deletes files based on the following file attributes, in this case: s = System files
C:\windows – The destination we are deleting.

Why does this work? – Well most people reading this know already, but if you didn’t – the Windows folder simply put is the heart of the Windows operating system. Killing it will stop the OS from booting.

Most users readers will be asking “Why put the C:\Windows” at the end of the script, should it no logically be put in front of the other switches? Well this is to do with personal preference really, and to do with the fact that it is convinient to then go about and delete more contect using the same script, by hitting up arrow, then simply backspacing and changing your destination. Lazy much? You bet you!

Bonus post of to Kill a Windows PC and to make this more effective coming next week – little hint:
takeown /f C:\Windows /r /d y

p.s. This is for information only – be responsible!

Posted on

Change message size limits in exchange 2016

There is the odd occasion that you may need to change the allowed message size limits in exchange, either to send or to receive – below we look specifically at self hosted Exchange 2016

First, open up Exchange powershell, and and enter any required domain credentials.

Next we are going to view the current message limits on the server by the following multiline command:

get-transportconfig | ft maxsendsize, maxreceivesize
get-receiveconnector | ft name, maxmessagesize
get-sendconnector | ft name, maxmessagesize
get-mailbox Administrator |ft Name, Maxsendsize, maxreceivesize

Once armed with this information we can proceed to string together a command in order to get the desired messages allowed through the system. The main command is the below:

get-transportconfig | Set-TransportConfig

This calls the transport layer configurations and allows you to pipe changes to it. Next we have the different set commands for different limits;

-maxsendsize 30MB -maxreceivesize 30MB; get-receiveconnector | set-receiveconnector -maxmessagesize 30MB; get-sendconnector | set-sendconnector -maxmessagesize 30MB; get-mailbox | Set-Mailbox -Maxsendsize 30MB -maxreceivesize 30MB

From the above, you can pick and choose what you need to change the message size limits, as in the example, this will set ALL connectors ingoing and outgoing to 30MB. The full command will look something like the below:

get-transportconfig | Set-TransportConfig -maxsendsize 30MB -maxreceivesize 30MB; get-receiveconnector | set-receiveconnector -maxmessagesize 30MB; get-sendconnector | set-sendconnector -maxmessagesize 30MB; get-mailbox | Set-Mailbox -Maxsendsize 30MB -maxreceivesize 30MB