T O P

Improving xrdp Performance on Centos

I had some poor performance with XRDP, so I found this nugget of info that helped things a little:

Backup xrdp.ini (XRDP config)

sudo cp /etc/xrdp/xrdp.ini /etc/xrdp/xrdp.back

Open the XRDP config with nano:

sudo nano /etc/xrdp/xrdp.ini

Under [Globals] change max_bpp to 128 and add this line below:

use_compression=yes

Restart XRDP services:

systemctl restart xrdp.service

Enabling XRDP on Centos 7

I’ve been playing with Centos recently and have been working on integrated it with a Windows Domain / VM I have setup. To ease accessing it, I found that it is possible setup XRDP (an open-source version of RDP) so that you can access Centos from a Windows system using regular RDP.

Assuming you already have your desktop environment setup, open up terminal and run the following as root:

yum -y install xrdp tigervnc-server

Then, start the service:

systemctl start xrdp.service

To see if it is running, type:

netstat -antup | grep xrdp

 

I had to run these commands to get it to work:

chcon -t bin_t /usr/sbin/xrdp

chcon -t bin_t /usr/sbin/xrdp-sesman

 

Followed by restarting the service:

systemctl restart xrdp.service

Then all you have to do is enable the service:

systemctl enable xrdp.service

And put in a firewall exclusion and reload the firewall:

firewall-cmd --permanent --zone=public --add-port=3389/tcp
firewall-cmd --reload

That’s it!

 

For more info, this TechNet article was super helpful. 

Allow External Senders to Send to an Office 365 Distribution List

Simple one here – a VIP relies on a Gmail account when the company is on Office365. To allow the VIP to send to a distribution list, I had to do the following:

1) Open Exchange Admin Center
2) Click on Recipients and then Groups
3) Select the distribution group
4) Click the edit button edit icon

distribution-groups-list

5) Click Delivery Management and select “Senders inside and outside of my organization

delivery-management

6) Then just click Save! save button

You can also use this area to block or allow certain senders to distribution lists by adding emails to the box below.

 

ERROR: The Windows Filtering Platform has blocked a packet

One of my servers has been getting numerous events logged saying “The Windows Filtering Platform has blocked a packet” with internal IP addresses usually listed.

 

I found that running these two commands quieted the logging:

auditpol /set /subcategory:”Filtering Platform Packet Drop” /success:disable /failure:disable

auditpol /set /subcategory:”Filtering Platform Connection” /success:disable /failure:disable

If you need any other commands, you can check out the full Microsoft article here: https://msdn.microsoft.com/en-us/library/windows/desktop/bb736284(v=vs.85).aspx

Error Backing Up 0x807800C5

After a round of Windows Updates, I encountered the same error on two different servers at different clients. Both used BackupAssist that relied on Windows Server Backup. They both backed up to NAS’s but one NAS was connected as an iSCSI device and the other was mapped as a network share. The versions of BackupAssist were different, as well. One server was bare-metal, one was an ESXI VM. One was 2012 R1, one was 2012R2.

Among the things I tried were:

  • Changing the time of the backup
  • Resetting shadow copies
  • Changing maximum size for shadow copies
  • Changing the VSS mode
  • Checking the status of VSS writers
  • Restarting the servers
  • Restarting backup devices

Eventually I found the backup code, 0x807800C5, on both servers. Googling yielded nothing but a number of other people with the same error running everything from Windows 7 to Windows 2012. After a lot of troubleshooting, I ended up renaming the backup destination that Windows Server Backup used, which gave the backup a clean slate of sorts. Both backups have succeeded since then.

 

The full error I received was:

(There was a failure in preparing the backup image of one of the volumes in the backup set.). Please review the event details for a solution, and then rerun the backup operation once the issue is resolved.