#StackBounty: #windows-10 #security #remote-desktop #windows-server Use hardware key to secure RDP login

Bounty: 50

I would like to restrict access to our windows Servers using a hardware keys additionally to passwords.

Is it possibly to restrict connecting to (local) RDP to specific U2F Fido keys? And/or to restrict direct logon to servers so the user needs the U2F/Fido key, too?

Or are there other hardware like smart cards which could be used to restrict logon to computers?


Get this bounty!!!

#StackBounty: #windows-10 #winpe #ipmi #tcl Intel's IPMI tool fails in WinPE 10

Bounty: 100

The IPMI app I have, Intel’s IPMI, V2.0, Command Test Tool from https://www.intel.com/content/www/us/en/servers/ipmi/ipmi-technical-resources.html is rejected by WinPE 10 which states “This version is not compatible with the version you’re running.” How would I resolve that? I have to execute it from within WinPE 10.

Since scripted install of 64-bit OS is in use, Win10PE is presumed to be 64-bit. The app relies on Tcl/Tk scripts.

I am also open to alternative open source apps which will run in WinPE 10.


Get this bounty!!!

#StackBounty: #windows-10 #winpe #ipmi Intel's IPMI tool fails in WinPE 10

Bounty: 100

The IPMI app I have, Intel’s IPMI, V2.0, Command Test Tool from https://www.intel.com/content/www/us/en/servers/ipmi/ipmi-technical-resources.html is rejected by WinPE 10 which states “This version is not compatible with the version you’re running.” How would I resolve that? I have to execute it from within WinPE 10.

Since scripted install of 64-bit OS is in use, Win10PE is presumed to be 64-bit.

I am also open to alternative open source apps which will run in WinPE 10.


Get this bounty!!!

#StackBounty: #windows-10 #winpe #ipmi Intel's IPMI tool fails in WinPE 10

Bounty: 100

The IPMI app I have, Intel’s IPMI, V2.0, Command Test Tool from https://www.intel.com/content/www/us/en/servers/ipmi/ipmi-technical-resources.html is rejected by WinPE 10 which states “This version is not compatible with the version you’re running.” How would I resolve that? I have to execute it from within WinPE 10.

Since scripted install of 64-bit OS is in use, Win10PE is presumed to be 64-bit.

I am also open to alternative open source apps which will run in WinPE 10.


Get this bounty!!!

#StackBounty: #windows-10 #winpe #ipmi Intel's IPMI tool fails in WinPE 10

Bounty: 100

The IPMI app I have, Intel’s IPMI, V2.0, Command Test Tool from https://www.intel.com/content/www/us/en/servers/ipmi/ipmi-technical-resources.html is rejected by WinPE 10 which states “This version is not compatible with the version you’re running.” How would I resolve that? I have to execute it from within WinPE 10.

Don’t know if 32- or 64- bit but the code is there (op. cit.) for download for those who can tell the diff.

I am also open to alternative open source apps which will run in WinPE 10.


Get this bounty!!!

#StackBounty: #windows-10 #winpe #ipmi Intel's IPMI tool fails in WinPE 10

Bounty: 100

The IPMI app I have, Intel’s IPMI, V2.0, Command Test Tool from https://www.intel.com/content/www/us/en/servers/ipmi/ipmi-technical-resources.html is rejected by WinPE 10 which states “This version is not compatible with the version you’re running.” How would I resolve that? I have to execute it from within WinPE 10.

Don’t know if 32- or 64- bit but the code is there (op. cit.) for download for those who can tell the diff.

I am also open to alternative open source apps which will run in WinPE 10.


Get this bounty!!!

#StackBounty: #vpn #windows-10 #internal-dns #split-dns #split-tunnel Windows 10 Always On VPN, Split DNS, NRPT, and how to configure w…

Bounty: 500

Here’s the setup:

  • Windows 10 1803 clients
  • Server 2012R2 RRAS server
  • Always On VPN device tunnel setup per these instructions, with split tunneling.
  • Device VPN only has routes to 1 DC/DNS server, and our configuration manager server, so it can be managed and new users can authenticate when away from the office. When users need full access to the office network, there is a separate user VPN they can connect to. This works well, except for DNS.
  • AD domain name is example.local
  • Public domain name is example.com

The problem:

  • We use split DNS for our public domain name – so mail.example.com resolves to an internal IP address when using our internal DNS servers, and our public address from the outside world.
  • I need VPN clients to resolve it to the public address. The device VPN doesn’t let them talk to the internal address for mail.example.com, so they can’t get their email.
  • I’d also like (but not a must have) DNS resolution for local services at other locations to work properly – eg. when I’m in the offices of Other Corp, DNS for othercorp.local works even with the VPN connected.

What I want to happen:

  • Queries for example.local go over the VPN to our internal DNS servers
  • Everything else, including example.com, use the DNS servers provided by the LAN/Wifi connection the laptop is connected to.
  • The other user based VPN (which routes all traffic over the VPN) continues to use our internal DNS servers for everything.

What I’ve tried:

  • Setting Name Resolution Policy Table rules for example.local pointing at our internal DNS servers. This does seem to work, queries for example.local go over the VPN…but so does everything else.
  • Setting NRPT rules for example.com, with blank DnsServers field, which should make sure they are excluded. Seems to have no effect.
  • Setting NRPT rules for example.com, with public resolvers for the DnsServer. This does work, but breaks at remote locations that block anything but their own dns resolvers (which many of the sites my users travel to do), and doesn’t solve the local services problem.
  • Setting “Use the following DNS server addresses” on the VPN connection in network connections, and leaving it blank. No effect, the VPN connection still gets set to use our internal servers.
  • Setting “Use the following DNS server addresses”, and putting in a public DNS server like 8.8.8.8. When connected, I end up with 3 DNS servers on that interface, with our internal ones at the top and 8.8.8.8 at the bottom of the list.

I suspect that if I could get the VPN to not list any DNS servers at all, the NRPT rules would kick in just for example.local, and everything would work properly. But I can’t find a way to make it not use the ones provided by the RRAS server.


Get this bounty!!!

#StackBounty: #windows-10 #windows-media-player #codec #h.265 Windows 10 getting HEVC H.265 Codec to use Hardware Acceleration

Bounty: 50

Playing HEVC H.265 videos using Windows Media Player and GoPro Quik then the 4k 60 fps video appears all stuttering and becomes a slideshow. The CPU usage is going through the roof and it’s not using Hardware Acceleration. I have installed the “HEVC Video Extensions” from Microsoft Store. When I use the app “Movies & TV” for playing the video file then it uses around 1% CPU and Hardware Acceleration seems to be enabled.

How can I get Windows Media Player and GoPro Quik to use Hardware Acceleration?

“HEVC Video Extensions from Device Manufacturer” (Free version that works with licence software like GoPro Quik): https://www.microsoft.com/en-us/store/p/hevc-video-extension/9n4wgh0z6vhq

I have tried following:

  1. Uninstall all codecs, also the “HEVC Video Extensions” from Store: Windows Media Player plays only the sound, screen is black. Unable to open video in GoPro Quik
  2. Installed K-Lite Codec Pack (w/HEVC codec): Windows Media Player plays the video with both video and audio smoothly. The playback is hardware accelerated as it only used 1% CPU. Unable to open video in GoPro Quik
  3. Install “HEVC Video Extensions” from store (Regardless if K-Lite is installed or not): Windows Media Player plays video with both video and audio but it’s stuttering. Playback is not hardware accelerated and it uses near 100% CPU. GoPro Quik is now able to open and edit the video but it’s stuttering, using 100% CPU on playback and hard to edit the movie

System specifications:

  • Windows 10 Pro N, Version 1803, OS Build 17134.165
  • Intel i7-8700K @ 3.7Ghz (8th gen, coffee lake, newer then Kaby Lake)
  • 16 GB Ram
  • Nvidia GeForce 1070 GTX (Driver version 398.82 which is the newest)

One solution would be using software like Handbrake to convert the video file from H.265 to H.264, but I consider that a “hack” as this really should work with my system spec.


Get this bounty!!!

#StackBounty: #windows-10 #multiple-monitors #touchscreen Windows Multiple Touch Screens – Touch on Wrong Monitor

Bounty: 100

I’ve got a PC with 7 touch screens connected to it. I use the ‘Setup’ in ‘Tablet PC Settings’ to link touch to the screens.

What we have found is that after a number of reboots, we will begin to see touch appearing on the wrong monitor and it requires to be set up again.

We’re in an environment where this needs to work across multiple reboots with remote support so it’s not ideal that someone would need to touch the screens to re-associate them again. I checked the registry page for Digimon and it does not change if the touch is working correctly or incorrectly.

One thing we have found is that the touch screen monitors we have DO NOT have a serial number – so the EDID they present to Windows is identical. We have tried this test with 7 off-the-shelf Dell monitors and it works flawlessly.

Without putting some EDID emulators in line, does anyone have any other ideas on how to fix this?

Thanks!


Get this bounty!!!

#StackBounty: #windows-10 #windows-media-player #codec #h.265 Windows 10 getting HEVC H.265 Codec to use Hardware Accelration

Bounty: 50

Playing HEVC H.265 videos using Windows Media Player then the 4k 60 fps video appears all stuttering and becomes a slideshow. The CPU usage is going through the roof and it’s not using Hardware Acceleration. I have installed the “HEVC Video Extensions” from Microsoft Store. When I use the app “Movies & TV” for playing the video file then it uses around 1% CPU and Hardware Accelration seems to be enabled.

How can I get Windows Media Player to use Hardware Acceleration?

Windows 10 Pro N, Version 1803, OS Build 17134.165
Intel i7-8700K @ 3.7Ghz (8th gen, coffee lake, newer then Kaby Lake)
16 GB Ram
Nvidia GeForce 1070 GTX (Driver version 398.82 which is the newest)

The HEVC Codec from Microsoft Store: https://www.microsoft.com/en-bz/p/hevc-video-extensions/9nmzlz57r3t7

Backstory:
I use GoPro Quik for editing my 4k 60fps recordings. It is all stuttering as Windows Media Player. I suspect it’s related, and solving Media Player stuttering will also solve the stuttering and issues in GoPro Quik. GoPro support and forums has offered any solutions for this issue.

I don’t want to use conversion tools like handbrake to convert them to H.264


Get this bounty!!!