Microsoft Server 2003

ASP.NET: Event Log in IIS6/Server 2003

Brad — Thu, 06 Mar 2008 11:44:24 GMT

If you want to write to the Server's Event log from ASP.NET you'll first need to tweak some security settings. The first change is easy, however the second took me a while to find.

Step One:

Grant "Full Control" to the "IIS_WPG" group to the following registry key:

HKLM\SYSTEM\CurrentControlSet\Services\EventLog

Step Two:

One of the security restrictions added to IIS 6 under Windows Server 2003 was much tighter ACLs (Access Control Lists) on the event logs. This restricts what accounts can read and write to the logs (application, system & security). To overcome this you'll need to add the following value. Incase you're worried what security hole I'm opening up for you there's a breakdown of what it means at the end of the post.

(A;;0x0002;;;AU)

Add the above value to the end of the existing "CustomSD" value found at following path (pick relevant one):

HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application

HKLM\SYSTEM\CurrentControlSet\Services\EventLog\System

HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Security

So mine went from:

O:BAG:SYD:(D;;0xf0007;;;AN)(D;;0xf0007;;;BG)(A;;0xf0007;;;SY)(A;;0x7;;;BA)(A;;0x7;;;SO)(A;;0x3;;;IU)(A;;0x3;;;SU)(A;;0x3;;;S-1-5-3)

to: (scroll to all the way to the right to see the change in bold):

O:BAG:SYD:(D;;0xf0007;;;AN)(D;;0xf0007;;;BG)(A;;0xf0007;;;SY)(A;;0x7;;;BA)(A;;0x7;;;SO)(A;;0x3;;;IU)(A;;0x3;;;SU)(A;;0x3;;;S-1-5-3)(A;;0x0002;;;AU)

The value being added is written in Security Descriptor Definition Language (SDDL) and is as follows:

A = Access allowed.
;; = token delimiter (don't know why there's two of them?)
0x0002 = Permission to write log files.
;;; = token delimiter (again - don't know why there's three of them?)
AU = Authenticated Users.

RDP: Keyboard Shortcuts

Brad — Sun, 02 Mar 2008 13:29:36 GMT

I recently stumbled across these Remote Desktop keyboard shortcuts so thought I'd share them...

RDP Session	Local Equivalent	Description
CTRL + ALT + END	CTRL + ALT + DEL	Windows Security Dialog
CTRL + ALT + BREAK	(none)	Toggle RDP from window to Full Screen
ALT + INSERT	CTRL + ALT + TAB	Cycle through running programs
ALT + HOME	WINDOWS	Open Start Menu
ALT + DELETE	ALT + SPACEBAR	Open Control Menu
CTRL + ALT + (num pad) MINUS	ALT + PRNT SCREEN	Places image of active window on Clipboard
CTRL + ALT + (num pad) PLUS	PRNT SCREEN	Places image of entire desktop on Clipboard

If anyone has any others let me know...

Add extra Remote Desktop (RDP) / Terminal Services port

Brad — Mon, 04 Feb 2008 09:40:03 GMT

If like me you've more than one computer at home and would like to be able to RDP to them directly then read on! If you follow the steps below you will be able to add extra "listening" ports to each of your computers so you can access them from anywhere... The reason you need to do this is to allow you to specify specific port forwarding rules in your firewall/router. The default RDP port is 3389 so I leave my main computer alone, but if i want to access my media centre I can get to it by adding :3390 to my hostname/ip. Any other computers you can just increase the port number.

Step one:

Run regedit from a command line on the computer

Step two:

Browse to the following key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Control\Terminal Server\WinStations\RDP-Tcp

Step three:

Export the key to your desktop - it will create a .reg file.

Step four:

Open the newly exported registry file in Notepad.

Step five:

The second line of the file should contain the path of the exported registry key - its important to change this, otherwise when you re-import it the existing RDP settings will be overriden. I prefer to create additional rules so you can always still access the computer normally inside your network. So the second line should end with:

WinStations\RDP-Tcp]

I suggest changing it to:

WinStations\RDP-Tcp-3390]

This will then create a brand new key when we re-import it later

Step six:

Still in notepad search for "PortNumber", it will look like this:

"PortNumber"=dword:00000d3d

You need to change its value - but its in hex so you'll need to use an online tool - or calculator in scientific mode. The following sets the port number to 3390:

"PortNumber"=dword:00000d3e

Step seven:

Save the file (make sure it's saving as a .reg)

Step eight:

Double click the saved file which will re-import it. (accept the confirmation messages)

Step nine:

Run regedit again and browse to your new key - just to check its there ok.

Step ten:

Re-boot the machine and try RDPing with :3390 on the end of its IP address.

Step eleven:

Repeat the above steps for each of your home computers (making sure to change the new port number each time!)