There are tons of remote support tools for AD environments, but most of them are commercial, and some of them are user initiated (like Lync 2010+ desktop sharing feature), today we will implement an agentless (sort of), free and pretty effective solution, the end result is a box that you enter the destined Username in (the person you’re trying to help), et voila, you have control over his screen ! (gentlemen, after his permission, of course)
Chapter I :
The base application that we will use is “Windows Remote Assistance” which ships for free with most Windows 7 flavors, the rest is scripting gimmicks.
Out of the box, Windows remote assistance will work if the requester sent an invitation file to the helper, but in our case, we want to initiate the process by offering our help before we even hear the nagging.
To do so, we need to create and link a GPO to our computers OU that enables just that :
Computer Configuration > Policies > Administrative Templates > System > Remote Assistance
Enable the “Offer Remote Assistance” option and select who can offer remote support, typically you will add your Help Desk group
After you gpupdate the end-user’s machine, try it:
Open “Windows Remote Assistance” from your helper workstation, then click on Continue reading
In some cases you may feel an urge to experience a lucid nightmare intentionally: to Generate a Blue Screen of Death !
Why ? You may have some sort of cluster configuration or some kind of HA solution that you want to dirty-test
This can be done using several ways, one including editing the registry and using the NumLock key, but the one we’ll check today is much simpler
First you need to have PowerShell installed (you can produce the same outcome by using any tool that can interface with WMI, PowerShell is the easiest)
Then open a elevated PowerShell console and type :
Get-Process | Stop-Process
A nice BSOD will appear
If you want to produce a BSOD on a remote machine, you need to have PowerShell remoting enabled and some firewall exceptions added to the target. To do so, open an elevated command prompt console (on the remote machine) and run:
Then from your machine, issue the following:
That’s my time for today, see you in a few days (or weeks…or months)
Wireless access in the enterprise can be a huge PITA ! Because you have to find the correct balance between usability and security, you don’t want everyone contacting the help desk asking on how to connect, and based on your hardware, it can be tricky.
In my case, we are using Trapeze wireless controllers (Trapeze recently acquired by Juniper), it has all the functions we need to create a robust wireless access scheme.
I decided to go with 3 SSID’s: Continue reading