RDP

Remote Desktop Protocol

Aim to only ever connect to a production server via RDP in an emergency. Starting an RDP session affects server performance. There are several ways to avoid the need to connect via RDP including PowerShell, Server Manager, Windows Admin Center, and RSAT. For SQL Server, see SSMS, Azure Data Studio and DAC.

RDP to your jump server, don't RDP to anything else.

Ctrl-Alt-Del

To send Ctrl-Alt-Del to an RDP session use...

Ctrl-Alt-End

Configuration

When you connect to a remote computer via Remote Desktop Connection you have the ability to "Show Options" at the bottom of the connection dialog. If you do this, you will see a dialog like the one shown on the right. If you "Save As..." then you can save your configuration to a .rdp file. If you then double-click on that file it will open a Remote Desktop session using your saved configuration. You can also create a shortcut using that file.






However, if you open that file with an editor you can directly tweak your configuration. See the example file below for more details...

screen mode id:i:1

use multimon:i:0

desktopwidth:i:1904

desktopheight:i:1042

session bpp:i:32

winposstr:s:0,1,-3840,-388,-1921,691

compression:i:1

keyboardhook:i:2

audiocapturemode:i:0

videoplaybackmode:i:1

connection type:i:7

networkautodetect:i:1

bandwidthautodetect:i:1

displayconnectionbar:i:1

enableworkspacereconnect:i:0

disable wallpaper:i:0

allow font smoothing:i:0

allow desktop composition:i:0

disable full window drag:i:1

disable menu anims:i:1

disable themes:i:0

disable cursor setting:i:0

bitmapcachepersistenable:i:1

full address:s:eugsl-w-p-tsm01

audiomode:i:0

redirectprinters:i:1

redirectcomports:i:0

redirectsmartcards:i:1

redirectclipboard:i:1

redirectposdevices:i:0

autoreconnection enabled:i:1

authentication level:i:2

prompt for credentials:i:0

negotiate security layer:i:1

remoteapplicationmode:i:0

alternate shell:s:

shell working directory:s:

gatewayhostname:s:

gatewayusagemethod:i:4

gatewaycredentialssource:i:4

gatewayprofileusagemethod:i:0

promptcredentialonce:i:0

gatewaybrokeringtype:i:0

use redirection server name:i:0

rdgiskdcproxy:i:0

kdcproxyname:s:

drivestoredirect:s:*

smart sizing:i:1

selectedmonitors:0,1,2

screen mode 



mstsc /l

SQL Server

"It is generally considered bad practice to make remote desktop connections to Windows machines running SQL Server. These connections open up security vulnerabilities and use system resources that would be better used by the SQL Server service." (1)

"Now that administrators are no longer logging into the SQL Server using a Remote Desktop Connection to perform common tasks like downloading patches or searching for solutions to issues, why should the SQL Server even have access to the internet? " (2)

SSMS / ADS

Azure Data Studio

To remove temptation to RDP onto a SQL Server and run SSMS locally... DO NOT install SSMS/ADS on database servers.

SQL Server Install

Use an INI file to perform an unattended install.

Enter-PSSession TargetServer

& I:\Setup.exe /SQLSVCPASSWORD="***" /AGTSVCPASSWORD="***" /ConfigurationFile=ConfigurationFile.INI

Exit

https://www.mssqltips.com/sqlservertip/7254/do-not-access-sql-server-remotely/

SQL Server Patching

dbatools

Update-DbaInstance

Update-DbaInstance -ComputerName MySQLServer -KB 5008996 -Restart -Path \\MyFileServer\SQLInstallers

https://www.mssqltips.com/sqlservertip/7254/do-not-access-sql-server-remotely/

Error Log

Access SQL Error Log via SSMS

For Windows Error Log you can "Connect to Another Computer" from Event Viewer.

https://www.mssqltips.com/sqlservertip/7254/do-not-access-sql-server-remotely/

Or, use something like...

Get-WinEvent -ComputerName localhost -FilterHashtable @{logname = 'System'; id = 1074} -MaxEvents 1 | format-list

Bibliography