Send Alt-Control-Delete to a Windows server via Remote Desktop

When you log into a Windows server via the Remote Desktop Protocol (RDP) in some cases you need to send the Alt-Control-Delete ( in other notations Alt-Ctrl-Del, Control-Alt-Delete, Ctrl-Alt-Del ) key combination to the remote server.

From a Macintosh laptop

On a Macintosh laptop press the fn+control+option+delete keys to send Alt-Control-Delete to the server.

From a Windows workstation

If the Remote Desktop window is not in full-screen mode, Alt+Control+Delete will control your own Windows workstation.

On a Windows workstation press the Alt+Control+End keys to send Alt-Control-Delete to the remote server.

 

org.apache.jasper.JasperException: java.lang.IllegalStateException: No output folder

This error can happen on Linux and Windows, and the cause could be the same.

On Windows Server 2012R2 I opened a command prompt. To be able to delete a directory from the Tomcat webapps folder, I have issued the shutdown command.

When I started the server with the startup command, and navigated to my local website, my Java Spring MVC web application displayed the error message

org.apache.jasper.JasperException: java.lang.IllegalStateException: No output folder

The problem was, that the Tomcat service runs under root on Linux, and SYSTEM on Windows.

When you issue the startup command, Tomcat will run under the user account you logged in with.

Solution:

Stop and start the TomCat Linux or Windows service instead of issuing the shutdown and startup commands from the terminal or command prompt.

 

Git Bash and Command Prompt cannot see the VirtualBox shared folder on Windows 10 guest

When you start a Windows 10 guest machine in VirtualBox on your workstation, you can set up shared folders to seamlessly copy files between your workstation and the Windows 10 guest machine.

The shared folder appears in Windows Explorer as a mapped network location.

For more on this see Configure the Windows virtual machine in VirtualBox

On a Windows 7 guest machine the Git Bash, Command Prompt, and PowerShell windows all can see the mapped E: network drive, so you can change the working directory with

cd E:

and execute commands in the shared folders.

On a Windows 10 guest machine, only the PowerShell window can see the shared folder as a mapped network drive, E:


Command prompt will display the error message

The system cannot find the drive specified

When you try to start the Git Bash window with Git Bash Here, nothing happens.

If you start Git Bash from the menu and try to change the working directory to the E: drive, you get the error message

bash: cd: /e: No such file or directory


If you need to use the Command prompt, you can temporarily map the shared folder

  1. Open the Command Prompt on the Windows 10 guest machine
  2. Execute the command
net use x: \\vboxsvr\Users

Refresh the environment variables in the Windows Command Prompt and PowerShell window

When the Windows Command Prompt and PowerShell windows open, they read the environment variables from the registry. If another process changes the value of an environment variable or creates a new one, the already open windows don’t reflect those changes. To reload the environment variables into open Command Prompt and PowerShell windows execute

refreshenv

Install Git on Windows

If you use two-factor authentication see Create a Personal Access Token to use it as password in the command line tools at Switching to 2-factor authentication in GitHub

  1. Navigate to https://git-scm.com/download/win to download Git for Windows. The page automatically downloads the installer for the operating system you use.
  2. Install the application
  3. Accept the default values, including these:
    1. Make sure the Windows Explorer integration for Git Bash is checked.
    2. Enable the Git tools in the command prompt too
    3. HTTPS transport backend. For large corporations with internal root certificates and  Windows Active Directory, the second option may be a better choice,
    4. Line endings for Windows computers
    5. Terminal emulator
    6. Caching
    7. Finish the installation.

Configure Git for Windows

Enable Page Up and Page Down

  1. In Windows Explorer right click in the white area and select Git Bash Here,

  2. Stretch the Bash window to the full width of the page to have more room to work later,
  3. Right-click the Bash window and select Options…,
  4. On the Window tab,
    1. Click the Current size button to save the size,
    2. Select PgUp and PgDn scroll without modifier to be able to scroll quickly up and down in the window with the Page up and Page down buttons.

Set up Git Bash to always run as Administrator

Certain commands need elevated rights to run, so we will set up the Bash window to run as administrator.

  1. Click the Windows Start button and type bash
  2. Right-click the found link and select Open file location

  3. Right-click the menu shortcut and select Properties
  4. On the Compatibility tab select Run this program as administrator

Using the Bash window

  • When you will start the Git Bash window you will always get the confirmation popup.

You can start the Git Bash window from the Windows Explorer

  1. Right-click a white area in Windows Explorer and select Git Bash Here. This does not work in the shared folders of Windows 10 virtual machines.

Configure the Git command line tool

To configure Git see Git configuration.

Install Chocolatey

The Chocolatey home page is at https://chocolatey.org/

Install Chocolatey

Navigate to the Chocolatey website at https://chocolatey.org/ and follow the latest instructions. At the time of writing the instructions were

Using the Command prompt

  1. Open a command prompt as Administrator,
  2. Install Chocolatey with the command
    @"%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -InputFormat None -ExecutionPolicy Bypass -Command "iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))" && SET "PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin"

Using PowerShell

  1. Open a PowerShell window as Administrator,
  2. Check the execution policy for your computer
    Get-ExecutionPolicy
    1. If the command returns Restricted, enable PowerScript execution with
      Set-ExecutionPolicy Bypass -Scope Process
    2. Answer Y to the question,
  3. Install Chocolatey with
    Set-ExecutionPolicy Bypass -Scope Process -Force; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))

Apply the Chocolatey license

  1. If the C:\ProgramData\chocolatey\license directory does not exist, create it,
  2. To place the Chocolatey license file, chocolatey.license.xml into C:\ProgramData\chocolatey\license folder follow the recommendations at …refers to a location that is unavailable
  3. Install the Chocolatey extensions
    choco upgrade chocolatey.extension -y

Ignore the error:

Error when attempting to load chocolatey licensed assembly. Ensure
that chocolatey.licensed.dll exists at
‘C:\ProgramData\chocolatey\extensions\chocolatey\chocolatey.licensed.dll’.
Install with `choco install chocolatey.extension`.
The error message itself may be helpful as well:
The system cannot find the file specified. (Exception from HRESULT: 0x80070002)

Determine the Windows PowerShell version

To reliably display the version of the Windows PowerShell engine

  1. Open a PowerShell command window,
  2. Execute the command,
    $PSVersionTable.PSVersion

    PS C:\WINDOWS\system32> $PSVersionTable.PSVersion

    Major Minor Build   Revision
    —–   —–   ——-  ——-
    5       1        16299  64

  3. If no value is displayed, the version is 1.0, as it does not have the referenced variable.

Enable PowerShell execution in Windows

The default settings of Windows disable the PowerShell script execution. This protects your computer in case a malicious PowerShell script would try to make changes on your machine. The same settings prevent you from executing your own automation scripts too.

To enable PowerShell script execution

in Windows 10

  1. Click the Windows button and type powershell into the text box,
  2. Right-click the Windows PowerShell item and select Run as administrator,
  3. In the User Account Control window click the Yes button,
  4. In the PowerShell window execute
    Set-ExecutionPolicy unrestricted

     

  5. Press Y and the Enter key to enable the PowerShell script execution.

in Windows 7

  1. Click the Windows button and type powershell into the text box,
  2. Right-click the Windows PowerShell item and select Run as administrator,
  3. In the User Account Control window click the Yes button,
  4. In the PowerShell window execute
    Set-ExecutionPolicy unrestricted

The security database on the server does not have a computer account for this workstation trust relationship

Time to time Windows servers may lose the trust of the domain. When you try to log in with your domain credentials you get the dreaded message:

The security database on the server does not have a computer account for this workstation trust relationship

This can have many causes, and the most effective way to fix this is to detach and re-attach the server to the domain.

For security reasons the best if there are no local admin accounts on the Windows server, only domain accounts added to the Administrators group. If there is no local admin account on the server, how can we access it with the non-working domain accounts? When a Windows computer loses the trust of the domain there is no way to log into it with a domain account when the computer is connected to the network and has access to the domain controllers.

If the server is in your data center it is enough to unplug the network cables, the server cannot connect to the domain controller, and you can log in with the last cached password you used for the Administrator domain account.

How can we unplug the network cables from a cloud computer?

The Amazon Web Services (AWS)  Security Groups and Azure Network Security Groups (NSG) act as firewalls. Those control the inbound and outbound traffic rules.

To be able to access your Windows server, but prevent it to contact the domain controller, create a security group that contains all necessary inbound rules to access your Windows server with the remote desktop connection, but do not enable any outbound connections.

Open port 3389 for inbound traffic, but do not allow any outbound traffic.

  1. Change the security groups of the server

    1. Unselect the existing security groups to remove all other security groups from the server,
    2. Select the newly created recovery security group
  2. Use Remote Desktop to log into the server with your domain credentials you used the last time you logged into the server (it can be an earlier domain password). If you use stored credentials in your remote desktop client, enter your password again on the Windows login screen.
  3. Create a local administrator account, because once you remove the server from the domain, you will not be able to log into it with your domain account,
  4. To make sure the local administrator account credentials are correct, remote into the server with the local account,
  5. Change the security group back to the original one that enables outbound access to the domain controller,
  6. Remove the server from the domain by attaching it to a workgroup,
    1. Right-click This PC and select Properties
    2. On the Control Panel Home window select Advanced system settings
    3. On the Computer Name tab of the System Properties window click the Change… button
    4. In the Computer Name/Domain Changes window select the Workgroup radio button and enter WORKGROUP for the name of the workgroup
    5. Make sure you do these steps with the local admin account and click OK.
    6. Enter the credentials of a domain account that has enough rights to remove servers from the domain,
    7. Your server is out of the domain,
    8. Make sure again, you have a local admin account on the server and click OK,
    9. Click the Close button to continue,
    10. Make sure you have a local admin account with a known password, all your files are saved, and click the Restart Now button to restart the computer.

Remove the server from the domain controller database

To successfully add the server to the domain again, you need to remove the current entry of the server from the domain.

  1. Log into the domain controller,
  2. Open the ActiveRoles Console,
  3. Expand the Active Directory item, right-click the domain name, and select Find,
  4. in the Find drop-down select Computers, enter the name of the computer into the Name field and click the Find Now button,
  5. Right-click the name of the found computer and select Delete.

 

Add the server to the domain

  1. Using the local admin account log into the server,
  2. Follow the steps above to open the Computer Name/Domain Changes window,
  3. Select the Domain radio button, enter the name of the domain, and click OK,
  4. Enter the credentials of a domain account that has enough rights to add servers to the domain. Don’t forget to add the name of the domain in front of your username with a backslash.
  5. The server has been successfully added to the domain,
  6. Click OK to continue,
  7. Click the Close button to restart the computer.
  8. Click the Restart Now button to restart the computer.

Restore Windows Server 2012 R2 from backup

Windows Server contains the Windows Backup functionality. It can create full backups of your server that contain all volumes. With the bare metal recovery, you are able to fully restore the server even if the hard disks fail, after a virus attack, or security breach. Depending on the size of the server drives and the backup media, set up frequent backup times, so when you need to restore the server, less data has to be entered again.

To restore a Windows Server from a backup image

  1. Insert the Windows Server 2012 R2 installation DVD into the DVD drive of the server
  2. Boot the server from the DVD
  3. Connect the drive, that contains the backup images, to the server
  4. On the first screen select the language and keyboard options
  5. On the next screen, select Repair  your computer
  6. Select the Troubleshoot icon
  7. Click the System Image Recovery
  8. Select your operating system as the target operating system
  9. Select the backup image to restore; latest or from a previous date
  10. If you selected Select a system image option
    1. In the table select the backup device
    2. Select the time of the backup
    3. If you want to clear the drives of the server select the Format and repartition disks option