Posts

Showing posts from February, 2019

Changing your Windows Password in Nested RDP Sessions

Due to some strict security requirements, I often find myself working inside of an RDP session that's nested inside of another RDP session (that is occasionally nested inside of a Virtual Desktop).  Generally speaking, this works really well... except for when I need to change my password.  When you're buried that deeply in nested RDP sessions, neither ctrl-alt-del nor ctrl-alt-end are going to do the trick for you.  Fortunately, Serge Pavlov, deep in the comments of a technet article, had the solution!  I'm mostly writing about it here to make it easier for me to find it again when I need to go through this process 30 days from now ;)

In a PowerShell window, run this command: (New-Object -COM Shell.Application).WindowsSecurity()
That'll open the Windows Security Center (the same thing that pops up when you hit ctrl-alt-del normally).  From there, you can just click "change password" and be on your merry way!  I like this because, since it's initiated fro…

PowerNSX and Security Group Membership Exclusions

Hey everyone - I've been helping a customer implement their NSX Distributed Firewall recently.  I'm not a big fan of the GUI, but I can do just about everything that I need to do through PowerNSX, which I've found much faster and easier to manage... until I started working with Security Group membership exclusions.

NSX follows a fairly sophisticated process for determining what objects are members of a given Security Group.  First, it checks the rules in that Security Group's Dynamic Membership section and adds all of the specified objects to the list (this can be a computationally expensive process, so you probably don't want to use a lot of dynamic membership rules).  Next, it checks the list in that Security Group's Static Include section and adds all of the specified objects to the list (this is a cheaper operation and should be the go-to group membership method).  Finally, it checks the list in the Exclude section and removes those objects from the list.  …