How to Reboot to the Correct OS in a Dual Boot System Using Command Line

If you’re like me then you have a good reason to have both a lab and a personal machine. I have a server in my home that is both a Windows Server 2016 and Windows 10 Pro. Both operating systems are accessible through dual boot. My default is the Windows Server 2016.

 

What if I’m using my Windows 10 Pro OS remotely, and the server reboots? This can happen because of a power failure or one of Microsoft’s super annoying forced upgrades. Well, because of the default, the server will boot back to Windows Server 2016, not Windows 10 Pro.

 

There is a way to use command line to reboot the machine back into the OS of your choosing. I found a really great article here on howtogeek. They suggest creating a shortcut but I’ve always felt more comfortable just running the command line, or just creating a batch file.

 

  1. Run bcdedit
    • C:\Windows\System32\bcdedit
  2. Get the ID of the OS that you want to reboot into
  3. Change the boot sequence of your machine
    • C:\Windows\System32\bcdedit /bootsequence <IDGOESHERE> /addfirst
  4. Reboot your machine

 

I did see some weird things happen like my remote machine not booting up within a reasonable amount of time, but a force reboot always was able to bring up the correct OS.

Setting up RDP Two-Factor Authentication with Duo

 

Let’s say you want to protect your server’s RDP sessions from attacks. What are the most basic steps? Disable the Administrator account, change the RDP port, enable NLA, and use a complex password. Of course. But those are all old strategies. What’s the best way nowadays to protect your authentication? Two-factor! I decided to give Duo a try.

 

Duo is one of the leading security companies in regards to RDP Two-Factor right now. One thing that I loved about them almost immediately is that all their documentation is publicly available, and easy to follow. I literally got my two-factor set up in about 15 minutes or less:

  1. Sign up for a Duo account.
  2. Log in to the Duo Admin Panel and navigate to Applications.
  3. Click Protect an Application and locate Microsoft RDP in the applications list. Click Protect this Application to get your integration key, secret key, and API hostname.
  4. Download the Duo Authentication for Windows Logon Installer Package.
  5. Install the Duo Authentication application on your server using your integration key, secret key, and API hostname.
  6. Create a Duo Account user on the website to allow for authentication.

 

Their web application is kind of cluttered, and I don’t like that I have to use a separate Duo iOS app instead of Google Authenticator, but the two-factor works great. When I try to RDP into my server, I am prompted to tap “accept” in my Duo iOS app, and then I’m in!