RyanIrish
asked on
SBS2011 - Supporting Win10
Have another one for you gurus...
I'm needing to add Win10 support to SBS2011. I have a few online guides I'm trying to follow, but I'm a bit confused, as information on this site regarding the same topic is quite different.
Here is the guide I'm attempting to follow: http://www.thirdtier.net/2016/01/introducing-windows-10-into-your-sbs-2011-standard-network/
That's easy enough, but this has me confused:
As it stands now, I have the following under WMI filters:
Should I just edit one of the existing filters with the change above? Or is it better practice to create a separate filter for 10? If the latter is preferred, I would need to figure out how to create it correctly.
Searching this site, I found suggestions for creating a 'Central Store'...I have no idea what that is.
What should I do, continue following the guide, and figure out the WMI portion, or scrap that and chase down this Central Store?
I'm needing to add Win10 support to SBS2011. I have a few online guides I'm trying to follow, but I'm a bit confused, as information on this site regarding the same topic is quite different.
Here is the guide I'm attempting to follow: http://www.thirdtier.net/2016/01/introducing-windows-10-into-your-sbs-2011-standard-network/
Admin needs to add the following two lines to the XML file on the server located at –
C:\Program Files\Windows Small Business Server\Bin\WebApp\ClientDeployment\packageFiles\supportedOS.xml Find the file and open in notepad. Add the following two lines:
<OS id=”9″ Name=”Windows 10, AMD64″ Major=”10″ Minor=”0″ Build=”10240″ SPMajor=”” SPMinor=”” ExcludedSuite=”512″ RequiredSuite=”” RequiredProductType=”1″ Architecture=”9″/>
< OS id=”10″ Name=”Windows 10, x86″ Major=”10″ Minor=”0″ Build=”10240″ SPMajor=”” SPMinor=”” ExcludedSuite=”512″ RequiredSuite=”” RequiredProductType=”1″ Architecture=”0″/> That's easy enough, but this has me confused:
Adjust the group policy wmi filter to fix the issue where folder redirection does not work:
Instead of the WMI filter included in Essentials R2, please adjust it as follows:
Instead of select * from Win32_OperatingSystem where (Version >= “6.1%”) and ProductType= “1”
Change it to select * from Win32_OperatingSystem where Version like “10.%” or Version >=”6.1″ As it stands now, I have the following under WMI filters:
Should I just edit one of the existing filters with the change above? Or is it better practice to create a separate filter for 10? If the latter is preferred, I would need to figure out how to create it correctly.
Searching this site, I found suggestions for creating a 'Central Store'...I have no idea what that is.
What should I do, continue following the guide, and figure out the WMI portion, or scrap that and chase down this Central Store?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi, and thanks for the info. I was in the process of adding the new WMI filter when I saw the second response.
We only have the one DC, so maybe the store isn't a necessity? What would you recommend?
Also, when you say "find the GPO that I want to modify", I may need to create that as well...sorry, I'm a healthy combination of learned SBS paranoia and GPO ignorance here.
We only have the one DC, so maybe the store isn't a necessity? What would you recommend?
Also, when you say "find the GPO that I want to modify", I may need to create that as well...sorry, I'm a healthy combination of learned SBS paranoia and GPO ignorance here.
You are right, there is no point of configuring a Central Store if you just have one DC (Unless you want to make it now and if tomorrow you configure a second one it will automatically adopt the configuration without doing anything). But anyway, it is just beneficial with many DCs and if additionally, you are using administrative templates added manually to the system.
Ohs, about the policy... it depends. If the guide that you have talks about creating a new GPO, then the WMI filter is applied just to that new GPO that you create. If the guide refers of working with an existing GPO, then you make the change within the GPO drop down box and you put your new WMI filter.
If these changes are already applied and filtered, it means that you will have two options.
1. Modify the WMI filter directly (In this case, for having a backup, what you can do is to copy the content of the filter and save it somewhere else).
2. Identify policy by policy, the filter that they use. And then replace the WMI filter used at each policy with a new one that you create with the modified values.
Ohs, about the policy... it depends. If the guide that you have talks about creating a new GPO, then the WMI filter is applied just to that new GPO that you create. If the guide refers of working with an existing GPO, then you make the change within the GPO drop down box and you put your new WMI filter.
If these changes are already applied and filtered, it means that you will have two options.
1. Modify the WMI filter directly (In this case, for having a backup, what you can do is to copy the content of the filter and save it somewhere else).
2. Identify policy by policy, the filter that they use. And then replace the WMI filter used at each policy with a new one that you create with the modified values.
ASKER
Alright...looks like I have some heavy reading ahead of me. Thank you for all of the help so far, much appreciated.
I followed the guide you mentioned in your original post...it *think* it's working, but I have one machine that apparently doesn't think so. I modified by Windows 7 WMI filter which was already applied. I do have a central store but since I have only one DC, it' doesn't matter much.
ASKER
Thanks, jrockman. I too followed the guide, but was diverted to another project before being able to add a Win10 machine to the domain and see the results of my efforts. I'll follow up here with any successes of issues.
ASKER
I've added the Win10 machine to the domain, and it does show up on the list of computers available for remote access, but after entering my credentials, this error pops.
I've tried to go through the tutorial again and find any glaring mistakes I may have made, but these inexperienced eyes aren't seeing it.
I'm not really sure what to do now, outside of removing the WMI filter and GPO and starting over, but I'm going to assume the same end result should I do so.
Any ideas?
Edit: I do have the Win10 client's firewall set to accept RDP, both TCP and UDP-in:
I've tried to go through the tutorial again and find any glaring mistakes I may have made, but these inexperienced eyes aren't seeing it.
I'm not really sure what to do now, outside of removing the WMI filter and GPO and starting over, but I'm going to assume the same end result should I do so.
Any ideas?
Edit: I do have the Win10 client's firewall set to accept RDP, both TCP and UDP-in:
ASKER
Geez...I'm an idiot. I had to enable RDP on the Win10 client, but for some reason assumed that group policy would have done that for me as it does on every other domain connected machine.
ASKER
New day, new problems...
For anyone still watching this thread, I'm unable to apply any GPO settings to the newly added Win10 client. When I attempt to gpupdate /force on the Win10 client, it fails with the message "The processing of Group Policy failed. Windows attempted to retrieve new Group Policy settings for this computer. Look in the details tab for error code and description." The details in event viewer provide ErrorCode 58 and describe as "The specified server cannot perform the requested operation."
I've also been unable to give a user local admin on this machine through the SBS console, but I'm assuming the two are related to the same problem.
I can reach the DC successfully, the DNS records are accurate, outside of that I don't know what to check.
For anyone still watching this thread, I'm unable to apply any GPO settings to the newly added Win10 client. When I attempt to gpupdate /force on the Win10 client, it fails with the message "The processing of Group Policy failed. Windows attempted to retrieve new Group Policy settings for this computer. Look in the details tab for error code and description." The details in event viewer provide ErrorCode 58 and describe as "The specified server cannot perform the requested operation."
I've also been unable to give a user local admin on this machine through the SBS console, but I'm assuming the two are related to the same problem.
I can reach the DC successfully, the DNS records are accurate, outside of that I don't know what to check.
ASKER
Issue not resolved.
Policy Definitions are saved by default on C:\Windows\PolicyDefinitio
The idea with Central Store, is that you copy all your policy templates files in such a location where it could be shared and accessed for all your DCs, so... nothing better than the c:\Sysvol folder that is shared between all your servers.
Process to create a Central Store:
1. Copy the folder C:\Windows\PolicyDefinitio
2. Paste the folder on C:\Windows\SYSVOL\domain\P
Process to test that you are using a Central Store:
1. Open the Group Policy Management console.
2. Go to Forest | Domains | your domain | Group Policy Objects | Default Domain Controller Policy.
3. Go to the Settings tab, and look at the Administrative Templates section. It should confirm that the policy definitions (the ADMX files) have been retrieved from the central store.