group policy – Remote desktop services “termservice” is disabled intermittently on boot

I have a domain which has a virtual environment as well as several physical machines (mostly laptops). RDP is enabled via group policy. On the physical machines, never the virtuals oddly enough, I keep running into a problem where intermittently, the RDP service is disabled after a reboot.
enter image description here

I’ve ruled out a firewall issue. Those settings are pushed out with GPO as well. I also made a GPO to explicitly set the termservice to be “automatic” but that hasn’t solved the problem either. Someone suggested that policy might be trying to applied before the physical machines have established a network connection, so I made a GPO to delay that using these instructions

https://docs.microsoft.com/en-us/troubleshoot/windows-client/group-policy/fail-to-apply-group-policy-at-startup

This also did not fix the problem. All of the physical machines are Windows 10 Enterprise and fully patched. There’s one laptop I RDP to all the time, so I notice it the most there, but I’ve also noticed it on other physical machines. Sometimes I can reboot the laptop a dozen times, and RDP will work every time. Other times I can reboot over and over and RDP will fail.

When it fails, I enter-pssession to the laptop via powershell and I can see the termservice is stopped. If I physically go to the machine and look at the services, the startup type is set to disabled, but “Allow remote connections to this computer” is checked. I’ve checked the event viewer on the machine I see this the most on, and the only thing I can find is "'Failed CreateVirtualChannel call on this Connections Stack' in CUMRDPConnection::CreateVirtualChannel at 2622 err=(0x80070032)"

I’m at a complete loss as to why this is happening as this should be a simple and straight forward thing to achieve.

Any help would be greatly appreciated.

digital – My remote shutter release wont work on Nikon D5200

So I’ve had a remote shutter release for a while and only decided today to give it a try, I know to put the camera in manual and go into bulb which is fine when my camera is in single frame mode or whatever it goes into bulb fine but when I put my camera to quick-response remote and turn the dial to go to bulb, bulb isn’t an option and it just comes up as time?

So basically my camera does bulb until I put it into quick response remote mode and then it won’t say bulb it’ll say time and my remote shutter won’t work

Any advice? Settings maybe? I’ve looked up on Google and nothing seems to be coming up

Why doesn’t a simple Http request to display a remote web page violate the Same Origin Policy?

On a w3schools page, I found that HTTP requests work like this:

  • A client (a browser) sends an HTTP request to the web
  • A web server receives the request, and runs an application to process it
  • The server returns an HTTP response (output) to the browser
  • The client (the browser) receives the response.

On the same page I found that an XMLHttpRequest works like this:

  • A browser creates an XMLHttpRequest object and sends it to the server
  • The server processes the request, creates a response and sends data back to the browser
  • The browser processes the returned data using JavaScript and updates the page content.

The above two processes appear pretty much the same to me. However, the latter one violates the Same Origin Policy (SOP) if the server runs on a remote domain. This question on stackoverflow about the url in the open() method says that

As we can only send requests to our own web server, I assume that we don’t have to rewrite the website’s name in the URL.

Applying the same logic to the first case (Http requests) would mean that I couldn’t open a web page if it is not on my own computer. Luckily, this is not the case.

So, why doesn’t an Http request to display a remote web page violate the SOP? What is the key point/difference here?

I assume it’s about the fact that the second process (XMLHttpRequest) is initiated from a script, while the first one is triggered by the user. However, isn’t the Http request sent from a script when I click a hyperlink on a web page? And how can a web server distinguish between requests coming from a script and coming from a user?

bluetooth – Turn off headphone remote controls

I bought a pair of bluetooth wireless earphones. Everything works fine, except for one small detail: it seems that the touch controls are too sensitive.
Since I never use them and they just get in my way, is there any way to disable them?

Thanks in advance

linux – MSSQL, Ubuntu server – failure: remote connection from Win 7

Our analytical lab (chemistry) has an information management system (LIMS) that uses an MSSQL database. Technicians interact with the system through a Windows form application that is closed-source and permits only SQLOLEDB.1, MSOLEDBSQL, and SQLNCLI11.1 (Native Client 11) connections (choices are picked from a dropdown box at login). Our production server is MSSQL 2016 running on Windows Server 2012.

The lab has several analytical instruments that are constrained to Win 7 and Win XP for data acquisition. This is an immutable constraint.

On the production setup, all machines make a connection with legacy SQLOLEDB.1 but Win 10 Machines can alternatively connect with MSOLEDBSQL, and SQLNCLI11.1 as well. Win 7 and XP machines cannot.

I am prototyping an MSSQL Server 2019 upgrade on a Ubuntu server. As configured, no machines can connect to it using the legacy SQLOLEDB.1 connection. The LIMS application is able to connect to it from Win 10 using either MSOLEDBSQL or SQLNCLI11.1. The Win 7 and XP machines cannot connect with any of the protocols.

If this is to work, I have two choices:

  1. Somehow configure MSSQL on the Ubuntu server to accept SQLOLEDB.1 connections.
  2. Somehow configure XP and Win 7 machines to make MSOLEDBSQL or SQLNCLI11.1 connections.

I cannot figure out how to do either one. Please help.

remote desktop – Why does RealVNC Server Windows credential fail after domain join?

I’m deploying computers with VNC server installed. Prior to domain joining, I am able to VNC into the PCs using a local admin account. After domain joining the PCs, I am no longer able to VNC into the PC using that same admin account. Note that I haven’t enabled single-sign on in VNC server, but have Windows authentication still selected.

However, I’m still able to log into Windows using that local admin account if I physically login via keyboard/display. This indicates that the local admin account is still active on the PC. Furthermore, I’ve confirmed that the account is still an admin account, and I’ve even added it specifically to VNC server allowed users under the “Permissions and Security” tab.

Any ideas as to why VNC server can’t authenticate using the Windows password after a domain join?

kernel – Running Mathematica on a Remote Machine (using frontend and ssh)

I’ve been trying to run my Mathematica code on a remote machine. I’m using Windows and the remote machine is a Linux machine. I write a notebook on my local machine, convert it to a .m file, and use WinSCP to put it onto the remote machine.

I attempted to connect to the remote machine through the front end (https://reference.wolfram.com/language/howto/ConnectToARemoteKernel.html) but got the error:
The kernel failed to connect to the front end. (Error = MLECONNECT). You should try running the kernel connection outside the front end.

So I then decided to ssh onto the remote machine and run code through the command line. However, none of my .m files would run. There’d be no error, but there’d be no output either.
I decided to try the following answer, where I create a shell script:
Remote Kernel – Error = MLECONNECT

But it fails with Exit Code 65280, alongside the following error: Bad port ‘w’

I’m really quite lost as to what the issue is. I’ve turned off my firewall to no avail. And if I write a Mathematica script on the machine and run it, it works. I attempted to establish a VPN connection with the remote machine but then got the error: The remote connection was not made because the attempted VPN tunnels failed. Are there basic checks that I should be doing?

I’d be hugely grateful for any help.

Remote trigger shutter on two smartphones at once

I have a working stereo rig that uses two smartphones (Google Pixel 3A). I need to be able to take long exposures, so I need to remove the risk of shake from manual contact with the phone, so the final hurdle I need to overcome is triggering both cameras at the exact same time remotely.

There are various remotes (like this one, but they all appear to have the limitation that they can only connect to a single phone at one time (this is a Bluetooth limitation I believe). My current solution is to buy two and attach them to each other, but this isn’t ideal.

Does anyone know of a way to trigger two smartphone cameras at the same time remotely.

Spotify desktop app (Windows 10) somehow sending web traffic through remote desktop connection. Why and how is this happening?

I am a software developer and frequently connect to various remote desktops via Microsoft Remote Desktop for work purposes.

Spotify desktop application for Windows 10 is installed and running on my local PC, and seems to mysteriously cause Spotify related outbound web traffic to emanate onto the web, originating from the remote desktop.

I’m curious how this is even technically possible, and concerned about privacy as well as incurring unwarranted data usage on the remote PCs I connect to via remote desktop.

Is this really happening, can anyone confirm having the same issue, am I somehow not interpreting this situation correctly?

Steps to reproduce:

  1. Install and run the Spotify desktop app for Windows 10 on local PC
  2. Connect to a remote Windows machine via remote desktop
  3. Install and run a web traffic monitoring tool (e.g. Fiddler) on the remote PC
  4. Monitor web traffic on the remote PC and observe Spotify traffic flowing

Screen grab from Fiddler

screen grab of Spotify traffic from Fiddler on remote desktop PC

Data from Fiddler capture:

Outgoing GET HTTP request

GET https://spclient.wg.spotify.com/v1/live-tile-xml?region=US&language=en-US HTTP/1.1
Connection: Keep-Alive
User-Agent: Microsoft-WNS/10.0
Host: spclient.wg.spotify.com

Incoming HTTP response

HTTP/1.1 200 OK
content-type: text/xml; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
Content-Length: 1160
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 09 Oct 2020 10:10:18 GMT
server: envoy
Via: HTTP/2 edgeproxy, 1.1 google
Alt-Svc: clear

<?xml version="1.0" encoding="utf-8"?>
<tile>
    <visual>
        <binding template="TileMedium" branding="nameAndLogo" hint-textStacking="center">
            <text hint-style="caption" hint-wrap="true">Play music you love. No credit cards.</text>
            <image src="https://live-tile-images.scdn.co/tile-medium-burst.png" placement="background"
                   hint-overlay="0"/>
        </binding>
        <binding template="TileWide" branding="nameAndLogo" hint-textStacking="center">
            <text hint-style="body" hint-wrap="true">Play music you love. No credit cards.</text>
            <image src="https://live-tile-images.scdn.co/tile-wide-burst.png" placement="background"
                   hint-overlay="0"/>
        </binding>
        <binding template="TileLarge" branding="nameAndLogo" hint-textStacking="top">
            <text hint-style="title" hint-wrap="true"></text>
            <text hint-style="title" hint-wrap="true">Play music you love. No credit cards.</text>
            <image src="https://live-tile-images.scdn.co/tile-large-burst.png" placement="background" hint-overlay="0"/>
        </binding>
    </visual>
</tile>

As a next step I intend using SysInternals tools on the remote machine to understand which process is running this traffic.