Microsoft Server OS

55K

Solutions

41K

Contributors

The Microsoft Server topic includes all of the legacy versions of the operating system, including the Windows NT 3.1, NT 3.5, NT 4.0 and Windows 2000 and Windows Home Server versions.

Share tech news, updates, or what's on your mind.

Sign up to Post

While transferring files to a different storage area, there were several files that would not transfer due to the number of characters used by the user when saving the name of the file.  These files cannot be opened or renamed or copied or moved.  What is the simplest method to be used to allow me to save and store these folders & files to a new location with a new name <255 characters?
0
Optimize your web performance
LVL 1
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

I've set 2 DCs (they belong to 2 different and "isolated" Domains) in the same identical way. Domain1 works as expected (it Syncs), Domain2 doesn't work as expected (it doesn't Sync). If I run "w32tm /query /configuration" the "Type" value of the working Domain1 is set to NTP, but is set to NT5DS on the non working Domain2. This must be the reason why Domain2 doesn't Sync.
Consider HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\Type is set to NTP on Domain2.
The commands I've run were:
  net stop w32time
  w32tm /config /syncfromflags:manual /manualpeerlist:ntp1.ien.it
  w32tm /config /reliable:yes
  net start w32time
0
Hi All,

we are doing a project in which we are upgrading all windows 2008 domain controllers to windows 2016 server (VMs)
The one which will be done first have NPS role, and is a certificate server as well (doesn't hold any FSMO roles)
any guidelines which can assist in the upgrades and demoting the old server?

Thanks.
0
Hi

On our server, we have a couple of folders shared on the network - one been called 'shared-files'. When accessed by Windows 10 workstations, we can access the folders as intended.

When accessed either via remote desktop, or when sat in front of the server and logged into its desktop - we lose a lot of permissions for the folders, when accessing the share from the local server.

What would cause a loss of permissions when physically sat at the server or when accessing via remote desktop for local access of that servers shared folders?

Jamie
0
how to deploy fireeye agent using gpo in win server 2012
0
Hi,
We have a client's SBS2011 that has had the contents of the SBS program folder deleted, therefore the Console does not run:

C:\Program Files\Windows Small Business Server\
C:\Program Files\Windows Small Business Server\bin\console.exe

Most articles relate to repairing the console from the Add/Remove appwiz.cpl applet:
https://technet.microsoft.com/en-us/library/gg680337(v=ws.11).aspx

This is innafective as the directory is empty, therefore no .msi unistall information to work from.

Can anyone suggest means of reinstalling the console component alone, while being sure the remaining server functionality such as AD, Exchange etc. is unaffected?

Many thanks in advance,
0
Dear Team, As my understanding, if we purchase the OLP Window Server 2016 Standard license, we will have right to downgrade to Window Server 2012R2 Standard, am I right? Will the license key for Window Server 2012R2 be included in Licensing control panel?

Many thanks in advance!
0
It frequently happens that when I try to use PAN Global Protect for work VPN that the authenticator token doesn't arrive until after the Global Protect connection attempt has given up/timed out. If I try to connect a second time then the token for the first attempt will often arrive during attempt #2, the second during attempt 3 and so on.

What is likely the problem? And is there anything I can do as an end user to fix this? Anything that IT could do to fix the delays of the token?
0
Hi All,

I get the following error when I check for updates:

There were some problems installing updates, but we'll try again later. If you keep seeing this and want to search the web or contact support for information: (0x80244022)

 
I then RDP to PRODWSUS01VM which is the windows update server set in my registry.

I ran the Update Services snapin and tried to connect to PRODWSUS01VM but I get the following error:

WSUS console
Can anyone here please assist me what stepsI need to do to ensure the WSUS is working again in my AD domain ?

Thanks,
0
I've got a client who uses Windows Server 2008 Standard and it appears that sqlservr.exe is taking up enormous amounts of RAM and file sizes.  5GB of RAM to run one instance.

How do I reduce this?  

They are 15 users, using the server for file storage and domain controller/AD only.  Used to run Exchange Server, SharePoint, etc. but now no Exchange, no SharePoint.  If I am running AD, DC, DNS, DHCP, do I have a need for SQL Server?

I need to trim this down, as the system is constantly reading/writing tons of data, and the only massive thing going on appears to be sqlservr.exe.
0
Enroll in August's Course of the Month
LVL 9
Enroll in August's Course of the Month

August's CompTIA IT Fundamentals course includes 19 hours of basic computer principle modules and prepares you for the certification exam. It's free for Premium Members, Team Accounts, and Qualified Experts!

We moved a website from a server 2008 to a server 2012 system with Windows Authorization turned On and Anonymous turned Off.  Now, we get a HTTP Error 401.2 error.  However, if I turn On Anonymous it works.  Is there a way to take a deeper dive into this type of error to see what permissions we are missing?  I have turned on tracing, but it doesn't produce any trace logs.  To make a short story longer, the Old web code is invoking the Neevia Document Converter product and using the WebKit to parse HTML.  I suspect it has little to do with the Neevia product and more to do with the permissions differences between 2008 and 2012 server.  The building IE parser doesn't work either (gets a timeout).


HT T P Error 401.2 - Unauthorized
You are not authorized to view this page due to invalid authentication headers.
Most likely causes:
No authentication protocol (including anonymous) is selected in IIS.
Only integrated authentication is enabled, and a client browser was used that does not support integrated authentication.
Integrated authentication is enabled and the request was sent through a proxy that changed the authentication headers before they reac
h the Web server.
The Web server is not configured for anonymous access and a required authorization header was not received.
The "configuration/system.webServer/authorization" configuration section may be explicitly denying the user access.
Things you can try:
Verify the authentication setting for the resource and then…
0
Hi we have a client with mixed OS versions.

DC = Server 2012 r2
App server = Server 2008 r2
RDS = Server 2012 r2

DC migrated from 2003 to 2012 r2

Guide followed : Link


I have tryed many solutions to the problem but nothing has solved the issue. Since we are getting Kerberos messages i tried the standard to synch time servers. But to no help. Only thing that fixes the problem temporarily is rebooting the server.

Some of the errors are :

The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.

Open in new window


Additional information : ID:4, SOURCE:Microsoft-Windows-Security-Kerberos
The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server dc$. The target name used was ldap/DC.XXX.local. This indicates that the target server failed to decrypt the ticket provided by the client. 
This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Ensure that the target SPN is only registered on the account used by the server. 
This error can also happen if the target service account password is different than what is configured on the Kerberos 

Open in new window

0
Hi,

I have inherited a Windows 2012 R2 Server running Hyper-V.  Currently, there is only one VM, for simplicity I'll call this VM1.  The former tech set up VM1 with AD and also has up to 10 users remotely log into that VM to work remotely using remote desktop services port forwarding 3389.  Besides the obvious security concerns of port 3389 open to the server--shouldn't separate VMs be set up?  Am I right that it's a security concern to have Remote Desktop Services and AD running on the same server or is that old school thinking?  I'm thinking that they should have a VM that does RDS and another VM that is their AD server.  They're running several SQL databases on this VM as well.  There's 40 GB RAM allocated for this VM.  Please let me know the security concerns and also performance concerns with this setup?  Thanks!
0
Hi,

My client has a SCOM 2012 R2 infrastructure and would like to monitor a service across multiple servers.  The service name is the same across them all.

I can only find a way to monitor the service as a group for critical but cannot find a way for warning.

So for instance if I have 5 servers with the same service I want a warning that the service on 2 of the servers are down and critical when the service on 3 of the servers are down.

Many thanks

Shane
0
In our Win 7 our ability to change the color theme is grayed out. I want to be able to allow certain users to change it. I created a GPO policy and am using GPO filtering but it is not working. I created the policy and gave read\apply permissions to certain users but the ability is still grayed out. What could I be doing wrong?

I have attached a couple screen shots. One of the policy and the second one of the screen where it is grayed out.
contrast.bmp
contrast1.bmp
0
People,

I need some help to query all domain controller for certain Security Event ID like: 4740, 4771 and 4776.
My goal is to know which location of the Locked AD account.

This is the script that I have and been working:
$LogonType = @{
	[uint32]2 = 'Interactive'
	[uint32]3 = 'Network'
	[uint32]4 = 'Batch'
	[uint32]5 = 'Service'
	[uint32]7 = 'Unlock'
	[uint32]8 = 'NetworkCleartext'
	[uint32]9 = 'NewCredentials'
	[uint32]10 = 'RemoteInteractive'
	[uint32]11 = 'CachedInteractive'
}
Get-ADComputer -LDAPFilter "(&(objectCategory=computer)(userAccountControl:1.2.840.113556.1.4.803:=8192))" | ForEach-Object {
    "Processing $($_.DNSHostName) ..." | Write-Host
	Get-WinEvent -ComputerName $_.Name -FilterHashTable @{LogName="Security"; ID=4624; Data="John.Wick"} -MaxEvents 200 | ForEach-Object {
		New-Object PSObject -Property ([ordered]@{
			MachineName = $_.MachineName
			TimeCreated = $_.TimeCreated
			User = $_.Properties[5].Value
			Domain = $_.Properties[6].Value
			LogonType = $_.Properties[8].Value
			LogonTypeString = $LogonType[$_.Properties[8].Value]
			SourceIP = $_.Properties[18].Value
			SourceName = (Resolve-DnsName -Name $_.Properties[18].Value -ErrorAction SilentlyContinue).NameHost
			Keywords = $_.KeywordsDisplayNames -join ";"
		})
	}
} | Export-Csv -Path C:\TEMP\John.csv -NoTypeInformation -UseCulture

Open in new window


and this is the second PowerShell script:

get-eventlog -logname "security" | where {($_.eventID -eq 4771) -or ($_.eventID -eq 4776) -or ($_.eventID -eq 4625) } | select timegenerated,message

Open in new window


Any help would be greatly appreciated.
0
We are trying to add an Entry Point for our Microsoft DirectAccess setup (currently in MultiSite) but we are getting stuck adding an additional entry point.  We tried to look in the event viewer without much success (or description of what this error is).  Any ideas or suggestions on where to look?

We are utilizing IP-HTTPS.

Thanks in advance.  

DirectAccess
0
Hi All,
We have SCCM 2012, Current Branch.
Been installed (by a consultant) about 6 weeks ago. We have ran into an issue with clients updating and not sure if they have ever updated since it's been installed
I think (I will double check) most of our clients are showing the following errors from the windowupdate.log

2017/08/03 22:09:18.4202729 312   3520  ProtocolTalker  SyncServerUpdatesInternal failed 0x8024401c
2017/08/03 22:09:18.4246690 312   3520  Agent           Failed to synchronize, error = 0x8024401C

I have attached logs from 3 Windows 10 machines. These include WU log and WUAHandler.log
Also attached are 2 SCCM Log files

What I have tried.
1. Can telnet onto port 8530 from any client machine
2. Checked event logs
3. Rebooted SCCM Server
4. Made the changes as per this article - all through I don't think it was relevant - https://blogs.msdn.microsoft.com/the_secure_infrastructure_guy/2015/09/02/windows-server-2012-r2-wsus-issue-clients-cause-the-wsus-app-pool-to-become-unresponsive-with-http-503/
5. Ran through this article - https://technet.microsoft.com/en-us/library/bb735874.aspx.
But still haven't been able to crack the issue.

Questions
1. Can you still use WU to check for updates that will just go to your SCCM Server and expect to find and install updates? Or do updates get installed differently using ADR's?
I was expecting to click "Check for Updates" and find available updates.

2. Under update history, would I still see updates …
0
I am installing a new domain controller with a company who setup SBS2008 then SBS2011 and used the .local as there internal domain. I want to make their new domain internal or ad.thecompany.com. Exchange has already been pushed out to 365 so there is no mail to migrate. Basically it is users, computers, printers and network shares. The company has about 40 computers so I guess my question is it worth it. The owner loves the idea but not sure about how long it would take.

Thanks
0
Get real performance insights from real users
LVL 1
Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Morning techs,

I work for a large Computer Aided Dispatch software support company.  We supply the HW and SW that runs in Police and Fire Departments all over the world.  

At my Tier, the Tier one we basically gather logs and screenshots from the dispatchers computers to escalate tickets to the Engineers.  There is an error report functionality but the DISPATCHER (whom you know is extremely busy) must MANUALLY run it themselves at time of event.  

Are there any *light* tools out there that can be installed onto the dispatchers computers that would log error reports automatically?

Computers are running Win 7 with just the dispatching SW

Thank you,
Mark88
0
Hey guys,

My C: drive is running low on space on my SBS 2011 server, i ran a scan, and i see in the WSUS folder, there is a SUSDB.mdf file of 20GB. How can i free up space in this folder properly?
0
Hi

I need to Renew server certiticates on Server 2008 R2 Foundation. I know that on SBS you do it very quickly and easily through SBS Console but it isn't there on Server 2008 R2 Foundation. The server is standard AD with DNS/DHCP/GPO etc. installation. Could you help me with that by providing either link to some sort of step by step guide/video or ust provding the steps here?

regards,
Tom
0
This is a windows domain with a new file server with MS Server 2012 r2 installed and fully patched. Xenon CPU, 16gb ram, mirrored 1tb hard drives. The workstations are all Windows 7 pro 64-bit. Roles are as follows: Active Directory Domain Services, File and Storage Services, DNS Server. Role Services are as follows: File Server Resource Manager, File Server, File and iSCSI Services, Storage Services.  The server has a static IP address, as do all of the network computers. This is the only server on the network. This is a Dell Server T130. The gateway is configured with the SonicWall Router address. The DNS is configured as the Server Static IP address on the server and on all workstations. The secondary DNS on the server is the 127 Loopback address as recommended by Microsoft. The secondary DNS for all workstations is Googles 8.8.8.8. Using the NSLookup command, all workstations and the server resolve both the full domain name and the server IP address. All systems can ping the server and vice-versa.  The SonicWall is configured to hand out addresses from .151 thru .250 . All static Ip addresses for the workstations are configured below the .150 threshold. Currently, the login time for domain workstations is 1.5 to 4 minutes. The same workstations logged in as a local machine is less than a minute.  I'm missing something here and I need some help.
1
Hello,

I have a work group server that utilizes server 2016 operating system.

We have two users the connect via remote desktop to accessing accounting software.

I have purchase the local users Cals and the two remote desktop user cals.

I installed and enable the remote desktop session host and licensing process and activated the user Cals.

After 8 months of good use without problems we now get a message.

Remote Desktop License Issue

There is a problem with your Remote Desktop license, and your session will be disconnected in 60 minutes, Contact your system administrator to to fix this problem.

After a user is connected for 60 minutes, then their remote desktop session is disconnected and they need to reconnect again.

What could be causing this problem, and what should i check to resolve the situation?
0
I will have to get a report to auditors to prove that all the desktop users within the Domain  are standard users and not local administrators  in that Windows 7 desktops/laptops.
0

Microsoft Server OS

55K

Solutions

41K

Contributors

The Microsoft Server topic includes all of the legacy versions of the operating system, including the Windows NT 3.1, NT 3.5, NT 4.0 and Windows 2000 and Windows Home Server versions.