12 January 2009

Remote Desktop via TS Gateway

I have had an issue with the setup of the Remote Desktop Connection (RDC) via the Windows 2008 SBS Remote Web Workplace (RWW). One nice thing that the SBS installer does, it makes it easy for us, almost too easy, so we expect everything to work out of the box. When I tried to connect to a PC, I initially encountered this error:

"VBScript: Remote Desktop Disconnected
An internal error has occurred (error 50331688). For more information, please contact your network administrator or Microsoft Product Support."

RDC works via the Terminal Services Gateway, which is a new service in Windows 2008. There is a Technet article that details the ins and outs of it:


Having installed and battled certificate issues for the RWW before, I suspected that this would be another case of making sure the correct certificate was allocated to the connection:

Go to Server Manager and expand

Roles > Terminal Services > TS Gateway Manager > [Your Server] > Policies > Connection

Select "Configure Central TS CAP" and go to the SSL Certificate tab. There pick the option to "Select an existing certificate..." and browse the list of certificates to locate the certificate you purchased for the server.

Now that I added the right certificate, I can connect to the Server and the Client PCs remotly from the RWW. Nice!

Screenshot of TS Gateway Configuration

08 January 2009

Win 2008 SBS and Quickbooks

Some of my clients and our business use Quickbooks (QB). Here in Australia, we seem to be a version behind the US release, as the local franchise applies the relevant localisations. In May 2008 I contacted their help desk about support for x64 systems. They only just released support for Vista (32bit) and told me that there was absolutly no 64 bit support. I tried it, but ended up corrupting my company file, which caused me a lot of grief.

In August 2008 Quicken released Quickbooks QBi 2008/09. This version has got a server database engine, although it is not clear what it exactly does. I contacted the support desk again, and they indicated that they still don't support x64. Bad news as Windows 2008 SBS is only supported on the 64 bit platform. Quicken encouraged me to try the server component on x64, but of course, they would not be able to give us any support...

In the meantime I have installed Win2008 SBS on one client site with Quickbooks and I am about to install a second site. This is what I did to get it working:

I googled and found this article on Sue Bradley's blog (great site, btw; a must for SBS admins). The above quoted article refers to the US 2008 version, so I still had issues. I chatted with Imran from the local help desk, who dug up another article for me that clarifies what is required for the local 2008/09 version (which equates to the US 2007 version):

The following files must be granted access through the firewall on Port 10172 for both Incoming and Outgoing Traffic: FileManagement.exe, QBDFMonitorService.exe, QBDBMgr.exe, QBDBMgrN.exe, QBGDSPlugin.exe, QBW32.exeQBUpdate.exe

See Quickbooks KB Article 203312

Sue's article mentioned above makes reference to the DB service "qbdataserviceuser18" (US 2008), which in our AUS release is only "qbdataserviceuser17", so the relevant adjustments must be made.

For the firewall I simply added new rules in the Windows 2008 Advanced Firewall applet. I only created 2 port rules without specific rules for the various executables. If you are very security conscious you should probably do it tight. Time permitting I might create a script for the firewall rules to fix this. I then had to re-scan the DB folder for company files and all was working.

There was another little annoyance. When I wanted to use the Quickbooks DB manager, I clicked the bright red icon, that the QB install routine plastered on the desktop. Nothing happened. After some head scratching I found out that it can be deleted. The DB manager has a different icon, which can be found via the start > programs hierarchy.

Update - May 2009

Two client sides have been using QB Enterprise 2008/09 now for a few months and we have had no issues, so I assume the above patches and settings work long term!

07 January 2009

Let's Blog!

Am I an extrovert to start a blog? No I don't think so. I have been toying with the idea for some time. I want to share with you the frustrations and joys of working in the IT industry.

I am going to use this blog as a notice board to publish some of the successes I have while working on the coalface. Occasionally I will also rant about the problems I have found, and I will even throw in some other issues that I feel strongly about.

Credits go to Veronica, who says: "I'm Felix's Swinglish editor and partner in crime i.e. I turn his Swiss Australian english into something closer to the Aussie vernacular." Thanks!