Microsoft Azure is a cloud computing platform and infrastructure for building, deploying and managing applications and services through datacenters. It provides both platform-as-a-service (PaaS) and infrastructure-as-a-service (IaaS) services and supports many different programming languages, tools and frameworks, including both Microsoft-specific and third-party software and systems. Cloud Services is a PaaS environment and can be used to create scalable applications and services; there are specific software development kits (SDKs) provided by Microsoft for Python, Java, Node.js and .NET. Azure also has file and storage services, data management, analytics and DNS services.

Share tech news, updates, or what's on your mind.

Sign up to Post

I have a Windows Server 2016 XenApp server, and every so often, I get an a standard application crash popup saying "Host process for setting synchronization has stopped working".  In the event logs I get this...

Log Name:      Application
Source:        Application Error
Date:          23/03/2018 14:40:58
Event ID:      1000
Task Category: (100)
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      xenprawf03.domain.local
Faulting application name: SettingSyncHost.exe, version: 10.0.14393.1198, time stamp: 0x590280cf
Faulting module name: SettingsHandlers_nt.dll, version: 10.0.14393.2125, time stamp: 0x5a9907cb
Exception code: 0xc0000005
Fault offset: 0x0000000000010893
Faulting process id: 0x2b4c
Faulting application start time: 0x01d3c2b43eab8535
Faulting application path: C:\Windows\system32\SettingSyncHost.exe
Faulting module path: C:\Windows\System32\SettingsHandlers_nt.dll
Report Id: 4265a47f-2759-4546-a1b3-c60121cf85bc
Faulting package full name:
Faulting package-relative application ID:

I can't seem to pin point exactly what I'm doing to cause this - and it'll only happen once per session (presumably the process in question doesn't re-open after the first crash), and I can't tell whether it'll happen after a few minuets or after a couple of hours, so it's not really feasible to run ProcMon on it either.  Closing the popup doesn't seem to affect anything with how the session runs, though, but I'd still …
Free Tool: ZipGrep
LVL 12
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Good Morning Everyone!

I was just checking out the event logs of my domain joined clients and saw the following certificates in the local certificate store as shown below.  
It seems to be piling up rapidly everyday and think it would probably cause issues in the future.  

We do have Azure AD Connect (with Passthrough SSO) enabled and think it's related to that.  These computers are not joined to the Azure AD Domain (but are synced to Azure).  Anyone have any ideas and stop this from happening?  

We also have DirectAccess with certificate authentication (distributed by our CA) but don't think it's related to that.
Just installed Azure NPS extension on an RDS farm. I´ve followed this post:

Now I can’t start any published applications from mobile devices (ios/Android) running Microsoft Remote Desktop Client.
It prompts me with MFA and after a while a got an error saying that the server could not be found.

My users have met the connection authorization policy requirements according to the security logs in RD Gateway and NPS server.
I can see that the users are connected to the RD gateway for a couple of seconds, and then it disconnects.

Mobile devices was able to start published apps before I installed and configured Azure NPS extension.
It works as expected from windows clients.

We are setting up a Microsoft 365 Business system to our customer from scratch. We would love to force (via AD) the end user to change their password when they initially login to OWA. Azure Active Directory Premium P1 seems top be a great way to write back the new password to DC. After one month we plan to end the "Azure Active Directory Premium P1" order. Will there be any issues if we do so (terminate the order)? To me this seems a great way to work with passwords.
Upgrading Azure AD connect getting Error " Failed to Connect to Primary AD FS server"  Account I am using is an Enterprise Admin in the root domain and we are federated with Azure (o365).
Resolving "No x64-based UEFI boot loader was found".
I'm trying to get my (Gen 2)  guest servers up and running on Hyper-v with my revamped Server 2016 host that has all the latest hardware. (DDR4, Dual I5, megaraid).
I've used DISKPART, DEAMON TOOLS, WINISO and  ISODISK. I can make a UFIE USB drive that boots from the PM but not as an ISO.  Been trying t ISOs with not only the retail copy but many other downloaded versions of Server 2016 but they all return the same error- "No x64-based UEFI boot loader was found".
I've tried all the simple stuff. Secure Boot is turned off. Tried copying the ISO to Public folder. Made the ISO in every format (fat 32, NTFS)
 Nothing seems to work.
Hello Experts. In our env we have Exchange 2013 CU19 enterprise, with AD2012 R2. we are looking into migrating email to O365. we have multiple companies under us, all in one domain forest, with more then 30 accepted domains in on-prem exchange. We would like all mailflow to go through our on-prem environment. I'm looking through the connectors available in O365, and for inbound to O365 connector, i see the attached message. this seems to be only the case for emails coming inbound to o365 from our on-prem servers. It will be difficult for us to add all of our domains to O365 before we migrate any user since we have so many. our plan was to add domains one by one into O365 as we migrate that domains users aswell to O365.

but it sounds as though, then any emails that are sent from other on-prem domains that are not added to O365, that mail will fail to be delivered to the O365 migrated user. is there any way of getting around this limitation. I guess one thing we can do is to point the mx record to O365 as well for the domains whose users will be in O365, and remove that domain from the accepted domain from on-prem exchange, create a connector in O365 to accept emails from the internet. but with this, will the Free/Busy still function and will we still have the unified GAL between on-prem exchange and O365 users? And will we still be able to manage the user exchange accounts from on-prem exchange server?

Please let me know. Thanks in advance
I'm working in pilot to have a hybrid environment for my on-premises Exchange and O365 (Azure).
The main point so far is about free/busy, From a on-premises mailbox, I can check perfectly all O365 calendars with no issues. BUT from a O365 mailbox I can see only some on-premises calendars. I don't have a clue yet, why only for some free/busy is working and for some others it simply doesn't work. I already double checked the correct reply address on O365's GAL, and they are all correct.
Hello experts,
We are in the process of creating a baseline policy for Windows Defender for our servers 2016 and windows 10 deployment and noticed there's a category missing "Root" that is missing under Administrative Templates -> Windows Components -> Windows Defender.

Can someone please help? Thanks so much!
I have several servers in my 2016 RDS collection.  What I'm trying to do is add the mmc snapin as a published app so my users can connect, load the mmc snapin and connect to the gateway servers to monitor connections.  So, my users login to RDWEB, click the mmc and then connect to the gateway servers to monitor connections.

the problem is I'm getting an error.  It tells me that Remote Desktop Gateway Manager cannot connect to the server.  Verify that the server is a Remote Desktop Gateway Server and that File and Printer Sharing and Windows Management Instrumentation are allowed to communicate through Windows Firewall and then try again.

The firewalls are off on all servers.  File and Printer sharing is turned on and WMI is running.  

So, I'm looking for why the mmc can't connect to the gateway servers?

Anyone seen this?


Train for your Pen Testing Engineer Certification
LVL 12
Train for your Pen Testing Engineer Certification

Enroll today in this bundle of courses to gain experience in the logistics of pen testing, Linux fundamentals, vulnerability assessments, detecting live systems, and more! This series, valued at $3,000, is free for Premium members, Team Accounts, and Qualified Experts.


from SQL configuration manager I accidentally click pause SQL server service, for one of the SQL 2016 AOG SQL nodes,  then AOG listener still connect to that node and therefore SQL server can't connect anymore.

AOG in this case, don't failover to other node, any reason for that?
I need some help setting up Azure RMS. AIP is activated in Azure. I've set up my labels. I've installed the AIP client and see the button in Outlook 2016.

When I click the button I get a message that pops up that says "Azure Information Protection cannot apply this label because the client isn't fully configured. Try closing and re-opening your Office application, and if prompted, sign in. If the problem persists, contact your help desk or administrator."

I've tried waiting a few hours for the labels to publish. Any ideas?

Error message
Windows Server 2016 Standard install questions.

I have a client that currently has an SBS 2011 Standard installation (10 users) that needs to be replaced.  Initially I was looking at a physical server (Dell T330 with Single CPU - 4 Cores, 32Gbs of RAM) with Windows Server 2016 Essentials.  A straight forward basic install.  O365 Exchange On-Line Plans I and II will take care of hosting their mailboxes.

However, this client now has a remote office with two or three users. They currently have one user that remotes into an existing computer to access applications (Needles database, Quickbooks, company files, local Exchange mailbox.

So, I was thinking of acquiring MS RDP CALS (5 licenses).  However, the server would be a Hyper-V server with two VMs (1 VM for AD, company file storage, and hosting the Needles and QB databases), and the second VM would serve as an RDP Server with (5) licenses.

I do like Windows Server 2016 Essentials mainly for the built-in Remote Anywhere Access and 25 free CALs, and would still like to install it as a VM.

1. So, I need to know can Windows Server 2016 Standard allow installing Windows Server 2016 Essentials as a VM with the Standard license, or will an additional Windows Server 2016 Essentials license need to be acquired.

I am thinking a Windows Server 2016 Standard license allows installing a downgraded VM as an Essentials server, but I am not entirely sure.

2. Since the server will be purchased with (1) Intel E-3-1240 v5 …
Hi experts.

I have a HPE C7000 Blade chassis with 4 BL460C Gen 8 blades in.  I have 2 HP VC FlexFabric 10Gb/24-port Modules in the Interconnect bays.  I have the Virtual connect configured like this:.

The blades are running Server 2016 Datacenter.  The VLANs 100 & 210 are both storage iSCSI connections.  VLAN30 is the host management lan.  The multiple networks include VLAN 10 for the VMs management, as well as VLANS for live migration and CSV.

On the host, we run a PS script:

New-NetLbfoTeam -Name Team01 -TeamMembers Flex1a,Flex2a -LoadBalancingAlgorithm HyperVPort -TeamingMode SwitchIndependent
New-VMSwitch -Name VMNET -NetAdapterName Team01 -AllowManagementOS $False -MinimumBandwidthMode Weight
Set-VMSwitch "VMNET" -DefaultFlowMinimumBandwidthWeight 50

Add-VMNetworkAdapter -ManagementOS -Name "LiveMigration" -SwitchName "VMNET"
Add-VMNetworkAdapter -ManagementOS -Name "CSV" -SwitchName "VMNET"

Set-VMNetworkAdapterVlan -ManagementOS -VMNetworkAdapterName "CSV" -Access -VlanId 154
Set-VMNetworkAdapterVlan -ManagementOS -VMNetworkAdapterName "LiveMigration" -Access -VlanId 153

Set-VMNetworkAdapter -ManagementOS -Name "LiveMigration" -MinimumBandwidthWeight 40
Set-VMNetworkAdapter -ManagementOS -Name "CSV" -MinimumBandwidthWeight 10

New-NetIPAddress -InterfaceAlias "vEthernet (LiveMigration)" -IPAddress *.*.*.* -PrefixLength "28"
New-NetIPAddress -InterfaceAlias "vEthernet (CSV)" -IPAddress *.*.*.* -PrefixLength "28"
Trying to create a couple of batch files to start / stop services on a remote server (still on internal network)

Dont want to use PowerShell... just create a normal batch file.

Server its running the batch file from is 2016, and the remote server is 2008r2

Tried to do

sc \\machine stop "service"

but get an error

[SC] ControlService FAILED 1062

The service has not been started.

what have i done wrong?
Is there any benefit to azure ad joining machines vs joining to my local domain? I am in a hybrid setup with365
Dear experts,
Need some assistance on the issue.
We have a gMSA (group managed service account) that is used to run a  SQL service on a Windows Server 2016 and for some reason,
-- it is not working when it is nested to a global group that is granted a 'logon as a service UR' right
-- service will not start after a system reboot if this gMSA is directly added to the 'logon as a service' UR right.

I migrated from a 2008R2 DC to a 2016 DC.  All FSMO roles moved successfully.  All queries return the correct values.  When demoting the 2008R2 DC it fails at "Active Directory Domain Services could not transfer the remaining data in the directory partition DC=ForestDNSZone...... to the new 2016 DC.  If I run a cmd for dsquery fsmoroleowner, it shows an old servername that was in place long before I acquired this client, possible failed migration.  I have scoured the DNS and ADSEDIT and found noting referencing this old DC name.   I am unable to find the old DC how should I proceed?  Manual removal of the current 2008R2?  How should I proceed?
Windows Server 2016 RDS environment with two Gateways.

The Remote Desktop Gateway service terminates from time to time. All users on the specific Gateway are disconnected as a result.
06.03.2018 - One time
07.03.2018 - One time
08.03.2018 - Three times
14.03.2018 - Two Times

Log Name: System
Event ID: 7031
The Remote Desktop Gateway service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.

Log Name: Microsoft-Windows-TerminalServices-Gateway/Admin
Event ID: 700
The following exception code "3221225477" occured in the RD Gateway server. The RD Gateway will be restarted. No user action is required.

Log Name: Application
Event ID: 1000
Faulting application name: svchost.exe_TSGateway, version: 10.0.14393.0, time stamp: 0x57899b1c
Faulting module name: aaedge.dll, version: 10.0.14393.1532, time stamp: 0x5965ac53
Exception code: 0xc0000005
Fault offset: 0x000000000006e960
Faulting process id: 0x30cc
Faulting application start time: 0x01d3bba22ce0512a
Faulting application path: C:\Windows\system32\svchost.exe
Faulting module path: c:\windows\system32\aaedge.dll
Report Id: 9d62d65b-8584-42ff-bdb5-adca0fe9768b
Faulting package full name:
Faulting package-relative application ID:

Any idea how to fix this?
The 14th Annual Expert Award Winners
The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!


My GPOs are not working the way they're supposed to. I'm trying to map drives via GPO and I've done a combination of targeting a specific OU and Item-level Targeting (one, the other, both, none) to only apply to either a specific Security Group or OU. I've linked it to the OU, used Security Filtering, none working. The only thing that seems to work is if I place the GPO at the parent level right under the domain and set filtering to Authenticated Users. No OU has inheritance blocked. No GP or GPO is set to Enforced. I'm lost here.

I have a mixed environment with two 2008 servers and two 2016 servers. Forest and Domain functional level is 2008 R2.

I've never had GPO issues like this in other environments before, so I'm inclined to think it's either something incredibly simple I'm looking over or something is broken.
Hi, I am having problems remoting in to a machine I have failed over into azure using site recovery services.

The machine boots, I have given it a remote IP. But it wont RDP.

I have booted another machine up in the same subnet and using command prompt I create a new PS-Session then imported it. Ran all the powershell commands I could think of and they all completed without issue. However I still cant RDP in.

I can browse to it using \\ipaddress\c$ and see all the files etc.

Having some real issues trying to get into this and its pretty time sensitive.

Any help is really appreciated.
When I try and use the workstation connect (\\http://server/connect) it displays the attached....... it happens on all workstations
Is azure premium licensing required for password write back to on premise? There are some conflicting articles so hopefully someone can tell me who has experience of implementing password write back, thanks
Can anyone tell me the difference between password sync vs azure pass through authentication in the context of office 365 user experience. I can google! But it’s to specifically know what the difference is for users thanks
Ok, I have a bunch of HP Elite x2 tablets with fingerprint readers.  Once I join them to the domain the fingerprinter reader "windows hello" goes gray and they can't use them.  I can't find a GPO on my 2016 server to enable biometrics to allow these to work.  Anyone run into this and find a solution??  HP was of no help.


Microsoft Azure is a cloud computing platform and infrastructure for building, deploying and managing applications and services through datacenters. It provides both platform-as-a-service (PaaS) and infrastructure-as-a-service (IaaS) services and supports many different programming languages, tools and frameworks, including both Microsoft-specific and third-party software and systems. Cloud Services is a PaaS environment and can be used to create scalable applications and services; there are specific software development kits (SDKs) provided by Microsoft for Python, Java, Node.js and .NET. Azure also has file and storage services, data management, analytics and DNS services.