Quickly Enable AutoFailback for Several Clustered Roles

Using PowerShell to enable AutoFailback on clustered roles (or VMs in this case) was a procedure I couldn’t find online recently, so I figured I’d fiddle with it until I got it working myself.

First define the names of the roles you want to adjust.  In my case, I wanted to configure this for all VMFleet VMs that I’d created for stress-testing, but I wanted to ensure they failed back if or when I rebooted a node, otherwise I’d have to initiate the moves manually should I want to run another post-tweak test.

For each cluster group in that list, set the autofailbacktype to 1

That’s it.  You can check that it worked by running:

or by opening the role properties in Failover Cluster Manager and looking at the Failover tab:


Disable NLA for RDP remotely

Useful when RDP won’t connect because NLA is an issue, or domain trust issues are present.  If the remote OS is still accessible via PowerShell and your current user is also an administrator on the remote OS, try:

Change the 0 to a 1 to re-enable.

Adding non-privileged users as Hyper-V Administrators

These three commands will allow you to grant Hyper-V VM management permissions to non-privileged or quasi-privileged users, i.e. users who won’t inherit these particular rights automatically.

This is useful for Hyper-V Server where you wont have a GUI to perform user/group changes, and if you can’t use Group Policy to achieve the same results. This will allow the specified users to connect from a remote Hyper-V Manager console. 

On the HV to be managed, run:

Scheduling a task from command line

Very useful one-liner.  Run from CMD, rather than PS:

Schedule once:

Schedule daily:


Enable/Disable Duo for console sessions

To change which logon connections are required to use Duo after installation, use the Registry Editor (regedit.exe) with administrator privileges to create or update the following registry value in


Registry Value
Set to 1 to protect RDP logons only or 0 to protect both RDP and local console logons.

When modifying the RdpOnly registry value on a Windows 2003 or XP system a reboot may be required to make the change effective.