Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Microsoft Server OS





The Microsoft Server topic includes all of the legacy versions of the operating system, including the Windows NT 3.1, NT 3.5, NT 4.0 and Windows 2000 and Windows Home Server versions.

Share tech news, updates, or what's on your mind.

Sign up to Post

On a Server 2016 base server do the Hyper-V guest integration tools still need to be installed on guest Server 2016 operating systems?
Upgrade your Question Security!
LVL 11
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

What is the proper process for creating Active Directory accounts that will only be used to run services such as Symantec Backup Exec without granting any additional or too many rights to these AD accounts (such as not allowing these AD accounts to logon locally or using Remote Desktop) within Server 2016?
There are certain user accounts within our Server 2016 Active Directory domain that we want to remain active but that we don't want these accounts to be able to be used to logon to computers.

Some of these accounts have to exist within Active Directory for the Office 365 email accounts to exist (since we are using Office 365 AD synchronization) and others are used simply for network services (so that we don't have to use the Administrator account).

How can we make it so that these AD accounts won't be able to be used to logon to our domain joined computers?

i downloaded microsoft sql server 2012 express executable with work tool version from

when i try to run by clicking on that getting error as attached

please advise
Hi Expert,

I’m needing  help with enabling and forwarding windows logs Inc particular RDP ACCESS logs to siem log collector.

Please advise how to set this up for windows server 2012 r1 (note it’s standalone server)


We have a bit of an odd issue.  We have a 2012 server that is in a sql cluster.  Most of the drives are functioning normally; however we have found there are four drives that the local permissions do not seem to be taking affect and cannot be accessed when locally in an admin’s session on the server itself.  
First some background, all of these drives are iSCSI connected back to a SAN, they are all in the SQL cluster and so far everything appears to be operating from a production standpoint.  SQL does not appear to have issues accessing the data contained in the drives, and the logs show no errors.    
Now the issue, it seems the four drives that have a share on them, when logged in as an admin account on the server, those drives are unable to be accessed locally within the admin’s session.  The share access works fine using the UNC path.  
For example, I login under admin1 through RDP, attempt to open up the X: drive, which is an iSCSI attached drive to the server, and I get an access denied error message.  However, if I use that same account to access the share (or even administrative $ share) I can get in fine.  Admin1 is a member of both the domain admins, and the local admins on the server.  If I look at the security properties of drive X: (after being prompted to grant it access), both domain admins and local admins have full control.  So it I should not get an access denied message.
I did find if I grant the user account explicit full control it resolves the issue,…
We've recently set a team up to use a LOB app on server 2012 RDS via remote app and it's working well for the most part but they find that when saving files, their 'recent places' isn't being updated, meaning that they have to navigate a fairly lengthy path each time they want to save.

I've tried logging on using the RDP client and saving a file from within that session creates the link correctly but using remote app with the same user account doesn't do it.

Obviously not an earth-shattering problem but as the team in question is our Payroll department, I like to keep them sweet!
I have a ConfigMgr 2012 R2 [5.00.8540.1611] environment. Clients are unable to install Applications from the Catalogue Web, by Software Center is working.

The application could not be installed. The most common reason is that software does not support the version of Windows currently installed on your computer. You can try starting the application installation from the Application Catalog again. If the problem continues, contact your network administrator

I've already tried:

- I reinstalled IIS;
- Reinstalled the two Roles of the Web Application Catalog and Service;
- Uninstall and Install the Client;
- Validation of the Application Catalog URL in the trust sites in IE;
- I tried to add the Application Catalog URL to the Intranet Zone
- Communication with the DB by the Collection Evaluator Viewer
- I checked the Silverlight records are Ok.
   (  https://social.technet.microsoft.com/Forums/en-US/3f515846-24c5-43ba-a18e-e79179f5c3d1/cannot-install-any-software-from-application-catalog-after-sp1-upgrade?forum = configmanagerapps )

Could anyone give me any hints as to what might be happening? Follow logs the client and server.
Hello, we have 4x 2008 R2 Terminal Servers, for legal reasons, we need to record select users full sessions on the servers. What is a good software tool you recommend?
My server load averages are going way high and too many processes are being consumed. Is it a DDoS attack or something wrong with the server?
Free Tool: Subnet Calculator
LVL 11
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Hello.  I have begun setting up StoreFront, version  Was going great and then all of a sudden the MMC for StoreFront started crashing with the following error (Below).  I have this occurring on a secondary server in which upon initial configuration they were syncing and was successful in the beginning.  Both servers are running Windows 2012 R2 Standard.

I've verified latest updates, tried a few tricks on the web related to browsers, nothing is working.  MMC is working correctly with other snap-ins, tried a few, just StoreFront that crashes.

Problem signature:
  Problem Event Name:      CLR20r3
  Problem Signature 01:      mmc.exe
  Problem Signature 02:      6.3.9600.17415
  Problem Signature 03:      54504e26
  Problem Signature 04:      Citrix.DeliveryServices.Admin.Stores.ScopeNode
  Problem Signature 05:
  Problem Signature 06:      59ef5eea
  Problem Signature 07:      1065
  Problem Signature 08:      0
  Problem Signature 09:      System.NullReferenceException
  OS Version:      6.3.9600.
  Locale ID:      1033
  Additional Information 1:      e271
  Additional Information 2:      e2713cef603c8be1a2410b7b0dab42a3
  Additional Information 3:      e2e5
  Additional Information 4:      e2e5c4c363d75ca41c7864b613904740

Read our privacy statement online:

If the online privacy statement is not available, please read our privacy statement offline:

Any Help is appreciated.
I have SharePoint 2013 running on Server 2012 R2 Standard.
We have a fairly basic site that consists almost exclusively of document repositories.
I've been trying to configure the Search Service Application to crawl the site for search indexing.
Initially, I followed recommendations found online to create a Default Content Access Account for the Search Service, and gave it permissions to both the SQL databases, as well as full read permissions to the Web Application for the site.

After adding the site as a Content Source, I started a crawl and received the following error:
Access is denied. Verify that either the Default Content Access Account has access to this repository, or add a crawl rule to crawl this repository. If the repository being crawled is a SharePoint repository, verify that the account you are using has "Full Read" permissions on the SharePoint Web Application being crawled.

To try and narrow down the permissions issue, I switched the Search Service to use an account with full administrative permissions to the Web Application, and received the same error.

So far, I've tried using an account that has explicit Full Control permissions both on the Web Application and the Site Permissions. As well as Full Control permissions on the Search Service Application itself, same error.
I've tried using the Farm account as well, same error.

I've tried creating a new Application Pool for the Search Service.
I've tried creating a new Search Service …
existing logging framework uses Distributed logging using MSMQ & log4net - we have log4net providers in .net core. But what will be best alternative to MSMQ in core. NService Bus? or does anyone know better migration of MSMQ related features in core

I have a webservice that I,m trying to apply a custome security, when I try to call the service it display the following error:


At least one security token in the message could not be validated.

To add the security I modify the service config file:

[b][b]<services> <service name = "WcfService1.Service1"> <endpoint address="" binding="customBinding" bindingConfiguration="customBindingOasis" contract="WcfService1.IService1"> <headers> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <wsse:UsernameToken> <wsse:Username>USERNAME</wsse:Username> <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">PASSWORD</wsse:Password> </wsse:UsernameToken> </wsse:Security> </headers> </endpoint> </service> </services> <bindings> <customBinding> <binding name ="customBindingOasis"> <security authenticationMode="UserNameOverTransport" includeTimestamp="false" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"> <secureConversationBootstrap /> </security> <textMessageEncoding maxReadPoolSize="64" maxWritePoolSize="16" messageVersion="Soap12" writeEncoding="utf-8"> <readerQuotas maxDepth="32"

what are differences between index rebuild vs index reorg while getting statistics

when to use which one. Advantages, disadvantages of each

please advise.
Our SBS 2011 Server at the moment seems to be using up disk space quite quickly. I have deleted as many logs as I can
think of which normally get it back to around the 10GB mark but later the same day it can be back around 4GB or
sometimes 2 or 3. I now really need a permanent solution to this as i cannot keep continually monitoring it.

I have run TreeSize (See attached)

Thanks in advance
Hi all,
I know that this problem has been reported many times, but I can't find a fix for mine.

The back story is, we've recently took on a companies IT support and when doing some checks, we could see that some things were not correct with the setup. As the amount of downtime was to be minimal, we decided to do a domain rename and fix the problems.

Having carried out the domain rename, we ran DCDIAG and BPA scans on DNS and AD which have come up with no errors that we think will cause the issue.

The issue we have is in trying to add any users to shared folders or make changes where AD is involved, When we try to add a user to a shared folder and you type in their name, it does not find any users, clicking on advanced shows an error that the server is not operational. This is all being carried out via RDP session to the server.

I have tried various fixes that I have found on the web, but am at a loss as I can't actually diagnose where the issue is. At the moment, everyone seems to be ok, although in some cases, adding the shared drive to users pc's has to be done with a admin account. What I also don't know is if the issue was already there or not as this is something that we didn't check.

The setup is a single Windows Server 2012R2 running AD, DNS, FSMO roles etc.

Any suggestions or help would be gratefully received and appreciated.

Lee COok
Is B2C completely separated from B2B? Let’s say we have a B2C user; and suddenly he becomes part of the organization, is there a way to sync?

I couldn't find a way to do it.
A customer wants to have users register, manage profile, reset password and this is possible using B2C.

What I'd like to know is, whether it is possible to integrate all this functionality in an existing web application and perform REST APIs to Azure B2C?
Hire Technology Freelancers with Gigs
LVL 11
Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

I use Trend Micro officescan ver 11 . I set up a scheduled job for log maintenance which deletes an old firewall record. The job is finished. the log size remains unchanged. I don't ideal how to check this job status.
Hello all,

I have a problem with my Radius authentication setup.
My client is cisco switch Catalyst 2960-24TT-L, server is Microsoft NPS.

I configured the switch as per below:

aaa new-model
aaa group server radius Q8ADS1
 server auth-port 1812 acct-port 1813
aaa authentication fail-message ^C
*** Authentication failed ***
aaa authentication login default group Q8ADS1 local
aaa authorization exec default group radius local if-authenticated
aaa authorization commands 15 default local if-authenticated
radius-server dead-criteria time 10 tries 3
radius-server host auth-port 1812 acct-port 1813 key xxxxx

The RADIUS NPS server is configured with Radius client switch  and Netowrk Policy:

Grant Access, Condition: NAS IPv4 Address of the switch, Authentication: Unencrypted (PAP, SPAP)  and
RADIUS attributes: Standard: Service-type - Administrative
                                  Vendor Specific: shell:privl-lvl=15      

The thing is, that when i'm trying to login and authenticate to the switch, I still get the output below:

*Mar  1 01:15:43.873: AAA/BIND(00000018): Bind i/f
*Mar  1 01:15:46.491: AAA/AUTHEN/LOGIN (00000018): Pick method list 'default'
*Mar  1 01:15:46.491: RADIUS/ENCODE(00000018): ask "Password: "
*Mar  1 01:15:46.491: RADIUS/ENCODE(00000018): send packet; GET_PASSWORD
*Mar  1 01:15:59.132: RADIUS/ENCODE(00000018):Orig. component type = Exec
*Mar  1 01:15:59.132: RADIUS: …
I am attempting to enable the File Name in Event 307 of the Operations Log under PrintService Events.  I have enabled the item in GPO (I did not expect this to work since it did not work in 8.1 or Server 2012).  There is a hotfix (2919355) that enables this in 8.1 and 2012 R2 but it does not apply for either Windows 10 or Server 2016.  I have searched Technet, here, and Google to no avail.  I need to enable this for DLP and would appreciate any assistance.
I'm trying to run x11vnc with the --passwdfile option. This option sends a challenge string to the VNC client. The client opens a dialog on the user's screen asking for a password. The client then sends the response string back to the VNC server. The VNC server calls the program referenced by the --passwdfile parameter with this string in the following format:

A two-byte length (in this case 16), followed by the challenge string (16 bytes), followed by the response string (16 bytes). What I get back, in hex is:
 0: 0A 6E 65 78 74 0A 31 36 0A 23 36 F4 E1 03 EE 30    .next.16.#6....0
10: 16 85 FC E9 4C F1 F5 16 5C 2C D5 5C 93 C2 21 29    ....L...\,.\..!)
20: 3A DF C2 A2 7C E9 1F 1A D7                         :...|....

Open in new window

The <newline>next<newline> can be ignored as this is debug stuff from my script. The strings are:
23 36 F4 E1 03 EE 30 16 85 FC E9 4C F1 F5 16 5C

2C D5 5C 93 C2 21 29 3A DF C2 A2 7C E9 1F 1A D7

Open in new window

The manpage defines the response string as, "client's response (i.e. the challenge string encrypted via DES with the user password in the standard situation)." I have no further information or documentation. I assume one must use the challenge string to decode the response string and get the user-entered password, but I've no idea how to do that.
I would like to give one user on a 2012 R2 DC access to cancel print jobs and access to task manager. I've added them to the Print Operators group and logged them off and back on however their access is denied when trying to cancel print jobs and are unable to change printer settings. Also access to task manager. Thanks
Dear Experts, we have 3 different domains and each of them has its own AD server and domain users. However the users have not joined domains. The request is building 1 ShareFile Server for all 3 domains.

With only 1 domain, it is easy when we just need to join the ShareFile to domain and grant the permissions based on domain users, groups but we do not know how to do it with 3 domains. Do you have any idea? Please help!

In other words, can we authenticate an user from a domain to a different AD server in different domain?

Microsoft Server OS





The Microsoft Server topic includes all of the legacy versions of the operating system, including the Windows NT 3.1, NT 3.5, NT 4.0 and Windows 2000 and Windows Home Server versions.