Small Business Server (SBS) is a line of server operating systems targeted at small businesses by bundling the operating system with a number of other Microsoft products that would normally need to be purchased or licensed separately. The most notable inclusions are Exchange, SQL Server, SharePoint and ISA/TMG (Microsoft's firewall and proxy server).

Share tech news, updates, or what's on your mind.

Sign up to Post

I have to give a talk to older people about security online.  Would anyone have slides they have or would use?

I envision talking about how to try to tell if emails are legit, ignore calls from microsoft and others, dangers of opening attachments, ignore emails / calls from the IRS, etc.  Ie basics, not all that complex.

Any recommendations?
Keep up with what's happening at Experts Exchange!
LVL 12
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

When I knew very little about visio, in making network docs, I would jam way too much on 1 drawing, thinking I had to make an entire different file with a 2nd page.  DUH!

So I know a little more and love the seperate pages and being able to have a common background on all of them, etc.

Now, is there a way to make a table of contents page? A first page that lists the name of each page in the file?  Maybe updates automatically?  When you add another page / rearrange the order of pages, this page auto updates?
Sync center is not working on new Windows 10 computer
We have a SBS 2011, all users data sync their files to the server
When I replace a PC and add the domain user to the new computer, the sync automatically gives them their files by sync

I just swapped PCs for a user and it's not working. This is a Windows 10 Prof. PC if I look in control Panel Sync Center I do not see a partnership
The only thing diff. I did this time was install McAfee Security-As-a-Service before joining the domain. I did look in the McAfee console an I do not see any blocking of sync center. Everything else seems to be working fine except sync of files
Hello, I have a problem with a Windows SBS 2011.
I have always used this server to deploy Windows updates to a network of about 20 clients.

Now Windows Update Services have just stopped working, I get an 80072EE2 error on any machine I try to update (the server or the clients).

It looks like the Services have totally gone bonkers. If I try to open the relative mmc from Server Manager, mmc crashes. So I can't even collect info from the console.

The Windows Update engine version should be 3.0 SP2.

Do you have any suggestions on how to tackle this? Never happened before. Thanks.
Windows Server 2016 Standard install questions.

I have a client that currently has an SBS 2011 Standard installation (10 users) that needs to be replaced.  Initially I was looking at a physical server (Dell T330 with Single CPU - 4 Cores, 32Gbs of RAM) with Windows Server 2016 Essentials.  A straight forward basic install.  O365 Exchange On-Line Plans I and II will take care of hosting their mailboxes.

However, this client now has a remote office with two or three users. They currently have one user that remotes into an existing computer to access applications (Needles database, Quickbooks, company files, local Exchange mailbox.

So, I was thinking of acquiring MS RDP CALS (5 licenses).  However, the server would be a Hyper-V server with two VMs (1 VM for AD, company file storage, and hosting the Needles and QB databases), and the second VM would serve as an RDP Server with (5) licenses.

I do like Windows Server 2016 Essentials mainly for the built-in Remote Anywhere Access and 25 free CALs, and would still like to install it as a VM.

1. So, I need to know can Windows Server 2016 Standard allow installing Windows Server 2016 Essentials as a VM with the Standard license, or will an additional Windows Server 2016 Essentials license need to be acquired.

I am thinking a Windows Server 2016 Standard license allows installing a downgraded VM as an Essentials server, but I am not entirely sure.

2. Since the server will be purchased with (1) Intel E-3-1240 v5 …
We look after a number of clients with Exchange 2010 (Predominately SBS2011)

We are IT proficient and know our way round IT - however
One particular client (Using Exchange 2010 SP3 Rollup 20) is having an issue where some emails being sent-in are bouncing.
We have identified that emails sent through Symantec’s are the ones failing.

The bounce message is as follows:

Reason: 550-Please turn on SMTP Authentication in your mail client. []:45986 is not permitted to relay through this server without authentication.

As we are fairly clued up on IT as a matter of course we have checked the following:
IP and Domain are not blacklisted – At all.
There is a valid Reverse DNS / PTR Record in place
There is a valid SPF record in place

As we or our customer are not users of Messagelabs we are reliant upon one of the senders helping us out and they have advised of the following:

This is the reply from the IT department of one of the businesses that cannot send successfully:

As discussed, the bounce backs are caused by the recipient’s server requesting SMTP authentication, however Symantec email filtering does not use SMTP relay server to send emails and is not able to provide SMTP Authentication

To allow the emails to send the email server that the email address uses will need to make changes to stop it requesting SMTP authentication. Once this has been removed the emails should
User has a dell inspiron 1534.  it's about 1/2 year old. running win 10 home.

Said that yesterday he saw a message about applying updates, then after some time, it reboots and gates a 'no bootable media' found message.

With shadowprotect, I can see the C drive, along wiht 4 other partitions on the laptop.  C drive structure looks as expected, except that there's a windows.old folder that has user folder in it and that one has the username / their files.  the c:\users folder only has public and default folders.

I booted up from win 10 media, and triied the different rollback, troubleshoot, etc options and all faill  / say they are unable to fix things.

when doing the system restore and other choices, it shows 3 OS - rollback, win 10 and win 10. I try the restore and others for each OS, with no results.

a) is this (win 10 updates corrupting the computer) all that common?  Seems like there's loads of posts about this
b) anything I can do with this short of doing a clean install of win 10?
c) any way to avoid this situation again?
d) wiht the 4 other partitions, 1 seems to be the dell image as shipped.  But can't tell how to get to that.  I try f12 and that doesn't have factory restore in the list.
e) what do you think of reinstall windows, then just drop the shadow protect image of the C drive onto that clean install except for some key files for booting up?  (which files, I don't know).  That would save having to reinstall apps, etc. but with that windows …
We have a SBS 2011 machine that backs up to an external USB Hard drive.  This USB Hard Drive has a virtual drive letter K and in the backups folder are 4 vhd files.

I have taken the USB Hard Drive to a desktop and within Disk Management attached each of the 4 VHD files in read only mode which created separate Disk numbers.

However, I can't do anything with these disks in order to view the contents.  I can't attach a drive letter and I can't explore the contents so i'm at a loss of what to do if our SBS 2011 crashes and I don't want to reinstall SBS on a new machine.

Should I not check the read only box?

How can I access the contents of the VHD files so we can recover data in the event of a crash?

thank you...
I currently have an SBS2008 server environment where we are actually using the exchange server public folders. This database is about 30 GB in size already.
- We are going to be upgrading our server hardware and moving to either server 2012 R2 or server 2016 operating system
- we are also moving from exchange server to office 365 per exchange email will

My question is: by going to office 365 four exchange email, what is the best way to maintain and support Exchange public folders
I can't add a new drive to Symantec System Recovery 2013 at all, it keeps on giving me this error when I try to add it to a job:
F:\ is a read-only location and is not a valid destination.

I formatted the drive to NTFS, changed the drive letter, nothing helps.

It worked for a while as an exFAT drive but then whined about sector blocks not being complete or something...

I know it's a horrible piece of software but it's what the customer uses.

It's got all updates installed.

Drives that had been added a longer time ago are fine.

Also, how does one delete older backup destinations, it just doesn't let me do that.

A horrible piece of software indeed...

(the OS is SBS 2011)

(tried re-creating the job, doesn't work, restarted services, doesn't work)
Train for your Pen Testing Engineer Certification
LVL 12
Train for your Pen Testing Engineer Certification

Enroll today in this bundle of courses to gain experience in the logistics of pen testing, Linux fundamentals, vulnerability assessments, detecting live systems, and more! This series, valued at $3,000, is free for Premium members, Team Accounts, and Qualified Experts.

Exchange 2007 on SBS not sending email to either internal or external recipients, however inbound mail functions.
It's a virtual machine on ESXi 6, (I just did a V2V migration from one esxi host to the other using VMware COnverter); this is the new VM I am operating on.

I ensured that the NIC is on the right IP address and is online, the Virtual NIC on the hypervisor doesn't have any custom configuration.

As per event and error logs:

Microsoft Exchange could not find a certificate that contains the domain name <hostname> in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Smarthost with a FQDN parameter of <hostname>. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.
I did see the certificate it asks for in the Personal certificate store however running the command ends up with it failing:
[PS] C:\Windows\system32>Enable-ExchangeCertificate -Services SMTP

cmdlet Enable-ExchangeCertificate at command pipeline position 1
Supply values for the following parameters:
Thumbprint: <thumbprint>
The certificate with thumbprint <thumbprint> was not
We are currently in the process of migrating away from SBS2011. The last two pieces of the migration are migrating Exchange and finding a replacement for RWW is all that's left. The exchange migration we have under control. The RWW issue not so much.

Currently we are an office of about 65 users. Most users rely on RWW a lot.  Our users like the simplicity of RWW and the fact that it supports dual monitors remotely. I like the fact there is no licensing or software they need to install or configure on home computers.

We run a Watchguard Firebox and have an ipsec vpn configured. Myself and the other members of the IT team are the only ones that use it beside one or two people with Mac's at home.

Does Server 2016 Essentials Experience offer the same functionality of RWW?
My user "Pia"  has made a meeting invitation

Some of the persons who are invited has responded to this invitation.

Now "Pia" goes to her calendar - > Meeting - > Tracking

Now please look at the attached picture.

We have seen this issue periodic for some months now.

My user "Pia" has  created a meeting to the persons showend on the picture.

If you look on the picture i have highligted with diffrent colors (Just to show that they are listed 2 times on her list)

Have any of you seen this problem ?

If you look on the 3 persons on the buttom they are listed with "Valgfri deltager" - This is = "Optionel attendee."

"Pia" has not marked anybody as "Optionel attendee"

Some thoughts :

The user who has been invited to this meeting could have been accepting the appointment from their phone - I have tested and can not verify this.

Thank you in advise
We have a SBS 2008 server going EOL.  At this point it is mostly a glorified file server.

I am considering doing away with AD/SBS/Domain - and just using a 3rd party product for endpoint management and automation.

MY QUESTION: I know if my SBS server is down for a while, people can still login to their PC's (as their domain users)... My question is - if I just get rid of the SBS server permanently - is there a point at which their user profile on their PC (which is technically a "domain" user profile) break/stop working?   Or should they be able to continue to login to it just fine for months/years until they are up for a PC refresh and then I would give them a PC with a local user account?  

A few big questions for me
A. does the PC need to "check in" with the domain at some frequency for anything?
B. What about passwords?  Would they still be able to change their passwords with the SBS offline?  

Basically, I am trying to figure if I can get rid of the SBS without having to manually convert 20 or so user profiles to local user profiles instead of domain user profiles.

Building a Windows File Server

My CEO wants to build a file server, currently we have a 3TB with RAID 5 on a old dell server win 2008, we really want a faster server with larger space etc.

any recommendations
Windows 10 Professonal. SBS 2008 Network.

I've been having difficulty viewing other network computers. Some show up, others do not. All have network discovery turned on.  Any ideas?
My Ricoh Scanner seems to be trying to send SMB scans over the wrong port.

We use SBS 2011 and want to have our new Ricoh printer/scanners to scan to shares on the server.
Our server has SMB and it receives scans to shares on the server through port 445.
However, the new scanners only have the old NetBIos port 138 and 139 ports.
I don't know how to make the scanners connect properly to the server, nor how to make the server accept the ports that the scanner uses.
I have the sense that even if were to add the scanners ports 138 &139 to the SMB protocol on the server, that it would still not work because the new Ricoh scanners are trying to use an outmoded NetBT protocol.

Does anyone know how to make this work?
Hi All

I have recently had to re-IP a SBS and place it onto another subnet.  This task went fine and we were back up and running via the Connect to internet Wizard within about 10 minutes.

The problem I have now, is that we had a RODC running in another branch which is in a "stuck" mode whereby its DNS zone has not updated with the new settings of the zone, probably because its still looking to the old IP address for the SOA of the zone. (THE SBS in another branch which is working fine)  

This means at the moment I'm not getting any AD or DNS replication (its an AD integrated zone).

I was thinking of uninstalling DNS from the RODC, and reinstalling, thereby refreshing the information, but having read some articles it looks like its not as straighht forward as that.

My DCDIAG tests show failures of replication, again due to it not thinking it can see the PDC is the other site

At the moment my clients in that branch have just been given DNS settings to look at the PDC via the site to site VPN connection, so they're working fine.  

Im actually thinking of completely removing the RODC role completely and potentially reinstalling.

Any thoughts or advice or experience of this happening to anyone out there?

How do SQL clients find a connection point, assuming thats the term.

I have a client who has a very old application that is installed on an old SBS 2008 server.  The server and old domain were retired and a new SBS 2011 domain + server weres etup and all the workstations were migrated to the new domain.  The client portion of a Legal Practice Management solution is still installed on the PC's.

They need to access the old application (has a SQL Server 2005 DB)

The shortcut for client application has a command switch after the exe path that I assume is calling the connection in the SQL Server 2005 instance
e.g. C:\Program Files\LegalApps\LegalAppClient.exe MXDB.

I dont know how to check that the MXDB is being "advertised" as being available.  Does the client machine broadcast to the LAN "i am looking for who has SQL DB by the name of MXDB?" and the relevant SQL server instance responds.  The only thing I do know is that the client uses "named pipes"

How can I check the MXDB is visible to the LAN?
Port 1433 is open bidirectionally on the Workstation and the server
The App doesnt use windows Authentication, it uses its own user dadatabse in the DB
How do I make sure the client machine can see the db?
Free Tool: SSL Checker
LVL 12
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

I have a question about sbs 2003. How long are email items stored in the Exchange Server. Are they removed when the clients archive the items on their workstations?
I have a SBS 2008 system that I am planning to replace very soon.  We had hired someone to create a secondary domain controller (RODC) on a WS2012 R2 server a couple of years ago which I thought was operational but I don't think it was completely successful.  I attempted to create a third domain controller recently on a WS2016 server and it also doesn't seem to function properly.  When I run DCDIAG on the primary (SBS 2008) system it runs successfuly except for  some syslog errors.  On the WS2012 RODC DCDIAG fails the Advertising, FrsEvent and KCCEvent.  The latest one I created fails Advertising but passes the rest with some warnings.  But in both cases SYSVOL is not replicating.  I would like a fully operational secondary DC that can take over as a primary DC when I transition the SBS 2008 system to WS2016.

I have searched around and it would seem that I should be able to create a secondary DC from  the SBS 2008 system.  Just not sure why my attempts are failing.
Hello - I am in the middle of preparing to migrate an SBS 2011 server to a new 2016 server. Going through the DFSR migration, I was able to run dfsrmig /setglobalstate 1 and dfsrmig /setglobalstate 2 successfully. Then I ran dfsrmig /getmigrationstate. I get this result:

The following Domain Controllers are not in sync with Global state <'Redirected'>:
Domain Controller <Local Migration State> - DC Type
<servername> <'Start'> - Primary DC
Migration has not yet reached a consistent state on all Domain Controllers
State information might be stale due to AD latency.

 I only have the one SBS2011 server now. Please help. Thanks!

I have a new client that has an SBS 2011VM and I added a 2016 server and made it an additional DC.

The SBS 2011 DC was not replicating the SYSVOL to the new DC

I found a Journal Wrap error on the 2011 and performed the non-authoritative restore to fix the issue.

after that I get a windows error 1355 and cannot open the AD users and computers.

What am I missing?

I appreciate any help.
I have a customer running windows SBS 2011 standard with a primary domain  and a primary authoritative email domain. They are changing the name of the business so I have added an additional authoritative email domain on the SBS server.
 If someone sends an email to an employee under the Aldo mean they receive that email and it appears to be automatically forwarded to the new authoritative domain.  They can then reply  to the email and it will send using the new authoritative domain that I set up, and it appears the original sender received the reply.  However when I send an email to the new authoritative mean it is not received by the recipient.
 This is a firm that has to be up and running before midnight tonight so it is worth every single penny I can award for resolution immediately.
AD Certificate service will not start on an SBS server. Errors include "Keyset does not exist 0x80090016" and AD Certificate services terminated with service specific error 2146893802. Using certutil I can see that two keys exist - one that expired in 2016 fails the encryption test. The other, recently created passes signature test. When running the CA MMC I get no results because the service is not running. Keys can be seen in IE certificate properties. I am unable to delete the expired key command failed 0x800706ba the RPC server is unavailable. Security on C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys is correct. Tried esentutl. Shows clean shutdown. Tried bot a recovery and a repair but neither has helped. I don't seem to be having any certificate problems but I do want to migrate away from SBS to standalone Exchange and S2016 and I expect this certificate issue will cause problems. Don't have any suitable backups of the certificates.






Small Business Server (SBS) is a line of server operating systems targeted at small businesses by bundling the operating system with a number of other Microsoft products that would normally need to be purchased or licensed separately. The most notable inclusions are Exchange, SQL Server, SharePoint and ISA/TMG (Microsoft's firewall and proxy server).