Jorge's Quest For Knowledge!

All You Need To Know About Identity And Security On-Premises And In The Cloud. It's Just Like An Addiction, The More You Have, The More You Want To Have!

(2010-10-09) Server Core Behind Firewall With Very Limited Access

Posted by Jorge on 2010-10-09


Now imagine the following scenario. You have a Server Core machine (W2K8 or W2K8R2) behind a firewall (e.g. in DMZ) and from the internal network you have very limited access to it. Only port 3389 (RDP) has been opened from a steppingstone (management server) on the internal network to the Server Core machine. From the Server Core machine to the DCs the necessary ports were opened. To manage the Server Core machine locally as easy as possible I have installed Server Core Configurator. As you may know by now, when you log on to Server Core you only get a command prompt as you can see below.

image

Now imagine you have closed that command prompt window. There a different ways to reopen the command prompt window, depending on how you are logged on to the Server Core machine.

[1] If you are logged on interactively to Server Core, you can just press CTRL+ALT+DEL and then click "Start Task Manager". In Task Manager you click on the pull down menu "File" and then select "New". Then enter the path of the command you would like to execute or just enter the executable if its path is included in the PATH variable.

[2] If you are logged on through Terminal Services (a.k.a. Remote Desktop Services) to Server Core from your workstation, you cannot press CTRL+ALT+DEL because that will target your workstation and not the RDP session against the Server Core machine. In this case you need to use CTRL+ALT+END and then click "Start Task Manager". In Task Manager you click on the pull down menu "File" and then select "New". Then enter the path of the command you would like to execute or just enter the executable if its path is included in the PATH variable.

[3] Looking at the scenario I explained earlier, you log on through RDP against the steppingstone. From that steppingstone you then log onto the Server Core machine through RDP. In this case you cannot press CTRL+ALT+DEL because that will target your workstation and not the RDP session against the Server Core machine (or the steppingstone). You also cannot press CTRL+ALT+END because that will target the RDP session against the steppingstone and not the Server Core machine. The only option left to be able to open the Task Manager on the Server Core machine for which you are using two RDP sessions, is to press CTRL+SHIFT+ESC. This will open the Task Manager right away. In Task Manager you click on the pull down menu "File" and then select "New". Then enter the path of the command you would like to execute or just enter the executable if its path is included in the PATH variable.

image

By the way, this of course also works on Full Server. It is just more interesting for Server Core as you have nothing else available.

Because the RDP session is still available, by simply reconnecting, the command prompt window will not reopen as you connect to the same session as you left it. There are other ways of achieving this such as killing the RDP session remotely through the Terminal Services Manager (a.k.a. Remote Desktop Services Manager). By logging on again, the command prompt is opened again. The last option is not possible because the firewall only has port 3389 (RDP) open and nothing else!

Cheers,
Jorge
———————————————————————————————
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
* DISCLAIMER:
https://jorgequestforknowledge.wordpress.com/disclaimer/
———————————————————————————————
############### Jorge’s Quest For Knowledge #############
#########
http://JorgeQuestForKnowledge.wordpress.com/ ########
———————————————————————————————

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: