Small Business Server (SBS) is a line of server operating systems targeted at small businesses by bundling the operating system with a number of other Microsoft products that would normally need to be purchased or licensed separately. The most notable inclusions are Exchange, SQL Server, SharePoint and ISA/TMG (Microsoft's firewall and proxy server).

Share tech news, updates, or what's on your mind.

Sign up to Post

I have an SBS 2011 which runs exchange/DNS/DHCP/VPN but I had to remove the DHCP from it and use the routers DHCP for reasons that I cannot explain. Everything works fine but I cannot find anything online that says that VPN will work with an external DHCP.

I've just had my first remote user complain that she cannot connect so I rerun the fix my network and setup the vpn again and she appears to be connected fine. Is there anything else I need to check/do on the server or the router to ensure proper operation of the VPN?
Starting with Angular 5
LVL 13
Starting with Angular 5

Learn the essential features and functions of the popular JavaScript framework for building mobile, desktop and web applications.

I have a sbs 2011 server.  I just added a 2016 server and moved all the AD rules .  Some one the group policy items that were part of the sbs have carried over. Such as wasus update , Remote Desktop on all computers . I want to get rid of the gpo’s that were set by default on sbs . Anyway to do that ?
Also, I ran dcprmo to get rid of ad on it and it tells me that it does not see any other Donain controller ( not the new one ) . It wants me to check the This is the last domain  controller option .
In clients network, users keep losing network connectivity.

On WIndows SBS 2011 server, client keeps seeing these messages in the event log.

Error MSExchangeFBPulish EvenID 8213
Warning ASP.NET .050727.0
Warning MSExchange ADAccess 2080
Warning MSExchange ADAccess 2106


Performing initial setup:
 Trying to find home server...
 Homeserver = SERVERNAME
 *Identified AD Forest.
 Done gathering initial info.

Doing initial required tests
Testing server: Default-First-Site-Name\SERVERNAME
Starting test: Connectivity
the host ._msdcs.domain.local could not be resolved to an IP address. Check the DNS server DHCP, server name etc.

What would be the logical steps to find / solve this issue?

Thx for your help
our company using SBS 2008 with exchange server. and today when I login as administrator and goto  exchange management console to change user's email forard, when I click ok, it pop up a error msg like this, and I try even forward or cancel other user email ,get the same msg.

and after I log off and log in as other my own user name, (also administrator group), then no this error msg. I have try  this hyperlink solution to check the box. but still no luck, any idea can help me ? thanks
On SBS 2011, I'm not able to connect to the DNS Server and getting the "Access was denied. Would you like to add it anyway?" message. I'm also seeing errors 4000 and (mostly) 4015 in the DNS event logs.

I've already tried running netdom pswreset, which executed successfully but have didn't solve the issue.

I've also tried seizing FSMO roles (which also completely successfully) but to no avail. It looks as though DNS and Active Directory have lost trust with one another, but I'm running out of troubleshooting ideas. Let me know if there's additional information that I can provide.
Hi Experts,

After my server crashed and I had to do a forced reboot I've lost all remote services for my SBS2011 server. All seems well internal of the LAN in terms of file share, exchange, databases access.
Externally however I have nothing, no access to OWA, RWW, RDGateway not working. OWA/RWW not working internally either.

internally I can browse to http://server and see the IIS7 splash screen.
Internally I cannot browse to, I receive.... Not Found, HTTP Error 404. The requested resource is not found.

In IIS, the Default Website shows a "?" logo.
If I check the bindings I receive error as follows.....
There was an error while performing this operation
Value cannot be null.
Parameter name: SOurce

If I go to advanced settings on Default Web Site i get the same
Value cannot be null.
Parameter name: SOurce

Advanced settings screen then sheen shows, but with blank values. I have tried manually entering these, but "bindings" and "name" are not editable, and therefore I cannot complete the process.

I have tried running the Fix my network wizard from the console, but it stops working. Please see log below. Looks like a problem with a certificate, but my knowledge is limited when it comes to the details behind the wizards.....

[18120] 190303.181023.8431: General: Initializing...C:\Program Files\Windows Small Business Server\Bin\FNCW.exe
[18120] 190303.181027.4335: WizardChainEngine 

Open in new window

WSUS server was setup on my Microsoft Small Business Server 2011 (serverA), the downloads are stored onto another Microsoft Server 2008 R2 (serverB)
this serverB is off-line now, corrupted O.S.
1. Where is the setting that tells serverA where to download the updates?
2. I would like to now download the updates locally on serverA (I add more space)

Most importantly: I want to know where I tell WSUS where to store the downloads, they used to go to a second server but that is not corrupted, so I want to know how to change where WSUS store the updates from serverB to serverA.
Hello All,

I have been having a problem getting WSUS installed on Server 2016.  It keeps telling that it fails because of a reboot that is neeed.  The reboot goes through, it looks like it is reconfiguring something then doe the same thing again and again.  This is a migration away from an SBS 2011 box and I really don't need WSUS since there are not that many users and I can have them download updates directly.  But I am not sure how to turn off the GPOs linked to updates.  Do I just change all of the settings to disable in the Updates Services Common Settings GPO or is there somewhere else I need to change some things.  The SBS box is going away.

I have already tried running RSOP to see what GPO is controlling the login as service - it was the default domain controllers policy.  So I went into that GPO and added NT SERVICES\ALL SERVICES to it.  i had just migrated another SBS 2011 to Server 2016 and had not problems installing WSUS.  Not sure why this box is giving me problems since I am logged in as an admin.

So, how can either point directly to MS for updates and forget about WSUS or get it installed?


SBS 2011  ---  AD (--> DNS / Exchange) ...

Kinda looks like a bad/corrupted password to access the AD??

Microsoft Baseline Analyser results are a mess!  (see attached xml)

Full story:

About a month ago rekeyed the public cert (was only using 1 domain of SAN upgraded to accommodate AcitiveSync - new mobile worker coming onboard).
Cert didn't import properly - had to manually bind to IMAP (used by an internal Mac user).  Probably irrelevant.

Ran Windows BPA at that time and fixed a few things up, applied updates etc - **looked generally ok** - a few warnings AD/DNS/Exchange all working well.  Few issues I could live with were left unattended (Sharepoint, Windows SBS Manager & SQL - none of which are used) .

Purchased and installed a new Pulbic Certificate (old one was running out).

Server failed to import a new public certificate (godaddy - may have done something wrong in the import process?  I didn't import the intermediate certificate first - would that be an issue?)   Wasn't stressed by this (have seen this before), so...

I did a couple of updates (normal security rollups etc, since uninstalled to no effect) and rebooted the machine.  

*****Problems were after reboot.

Noticed Exchange issues first (EMC wouldn't open).  MS Exchange Address Book and Information Store stuck in 'Starting' state.    IMAP4, EdgeSync, Forms-Based Authentication not started.

Lots of Exchange Events - seem to stem from not being able to talk to AD.

** DNS …
I had this question after viewing.

I did everything in the theard and still get the same message, in the server log also.  Windows Server 2016 Essentials.  Access anywhere checks out fine in configuration.

I can confirm that I've have checked the network policy to ensure that it supports MS-CHAPv2 authentication.
Fundamentals of JavaScript
LVL 13
Fundamentals of JavaScript

Learn the fundamentals of the popular programming language JavaScript so that you can explore the realm of web development.

Hello All,

Just migrated from SBS 2011 to Server 2016 on a new server.  The new server is now the DC and I want to make sure that it is getting its updates since none came through this past patch Tuesday.  The SBS Server was using WSUS and I assume that there was a GP that was created with it for updates since it sent them to all machines including the SBS Server.  Now that I am on Server 2016 do I have to turn something off to allow all machines to get updates directly from MS?  I did notice that this past patch Tuesday did not show any Server 2016 updates which is very odd since I have never seen a month go by without security updates for servers.  Any suggestions?

On a Small Business Server 2011 when users browse to OWA the first page opens properly but if they open a message or a new message in a new window it gives this error:

Server Error in '/owa' Application.
MapiExceptionSessionLimit: Unable to open message store. (hr=0x80040112, ec=1246)
Diagnostic context:

I would appreciate any advice on how to proceed.


I have a Strange issue with a Small Business Server 2011 Premium.

Users are complaining of very low performance when they try to search on network And open pdf files.

When examining server I find everything to be fine. No heavy CPU load approx 5% and 18 of 32 gigs of ram available. No heavy hd load.
The server is running virtual in hyper V with 32 gigs ram and 8 cores.

Any ideas?
Alright im in a dumb situation. One of my customers has had  their main software provider install a new fiber connection at their office and this company has installed their own router on site. we have removed our sonicwall firewall and pointed our PDC to this as the new gateway as well as all the static machines. this software company which is now their new ISP also firewalls and filters traffic on their end in the cloud.

we have changed the DNS forwarders to point to the new ISP DNS servers, which interestingly, i cant point to any others like google or cloudflare as they dont resolve. im sure thats because of the way they are locked down by the ISP.

Essentially, we point to them for dns now and theres no weird entries in dns for them. im under almost no control of the rest. my customer is now experiencing slow resolution on at least one website which happens to be their own site unfortunately. the new ISP is pointing fingers at me now as the problem. where else can i look to make sure that dns is working as efficiently as it can on my end???

now that we have changed so much on the network, do i need to like delete the roothints and let it rebuild or anything like that to flush dns. since we changed paths to everything on the internet as far as its path through the internet, it seems like we need to flush something.

Server 2011 SBS
Workstations are all windows 7 Pro

Any help is greatly appreciated!
2012 essentials server been running for years and started getting message it was not completly set up.  Users can login but server extremely slow and no users exist in users and computers console.

Need help!
Netdiag attached
A HP ProLiant DL380 G7 with Windows Small Business Server 2011 (equal to Windows Server 2008 R2) is stuck on a black screen after the "starting windows splash screen". I'm able to ping the server, able to do some remote management (services, event viewer, ...), can access file shares. But due to some services not starting, other (dependent) services also doesn't start.

So for example, I can't take over the server by RDP, the DHCP service is not running. All services trying to start through remote management give the error "error 1068: the dependency service or group failed to start".

Someone any idea where to start solving this problem?
We have a client with a SBS2011 (the DC) box and a 2012 terminal Server (just a member).  we are decommissioning the SBS2011 box but keeping the terminal server for the time being.  is it possible for us to remove the TS from the domain, add it to a workgroup and use local user accounts for people to login with?  the Remote licensing is installed on the terminal server itself.  the logins are just managed via the SBS box.
I need some assistance removing Exchange 2010 after a Remote Move / Hybrid Migration from SBS2011 before decommissioning the server and just leaving O365 in the cloud.   I might be overthinking the situation.

Original Setup - SBS2011 / Exchange2010
New Setup - Server 2016 Standard / Office365 Business - 80 mailboxes

AD Sync is currently setup on the Server 2016 box and working just fine.   All I want to be able to do is Sync AD Users and Passwords between the 2016 Server and O365 Business.  I no longer need Hybrid Exchange setup.  User gets setup in Local AD, creates the object in AzureAD - I assign the O365 license, setup the email address and go.  Future password changes stay synced between the Mailbox and local AD.

This is the first time I'm doing a Hybrid migration - I'm used to just doing a cutover style migration - once everyone is good in O365 I follow this guide to uninstall exchange - it's worked time and time again. -

He does have another article with what appears to be my situation   but it sounds like some supported frameworks might have changed since.   Currently the SBS2011 box I have doesn't serve any function currently.

Is it safe to just uninstall exchange 2010 like I normally do following the cutover migration?
how can i setup a guest wifi using a
draytek 2760 non wireless router and a draytek AP 810
DHCP is coming from the sbs server
How do i configure the network settings on the router and server
I have set the AP to AP mode and on the same ip range as the network
how do i setup the router etc
Angular Fundamentals
LVL 13
Angular Fundamentals

Learn the fundamentals of Angular 2, a JavaScript framework for developing dynamic single page applications.

For the past few weeks, my SBS2011 is syncing very slowly with iphones and I run the Fix my network to check for any errors and the below comes up for exchange. Also when I try to add a new user, I get an error when creating the email address which I believe is also connected to the above.
Client is running SBS 2011 (Exchange 2010)

This problem came about after the client did not want to be on Office 365. We moved them back to there old SBS server.
Setting up outlook profiles produced a prompt - "Information you exchange with this site cannot be viewed or changed by others. However there is a problem with the site's security certificate." You could click yes to continue and the profile would be created and everything seemed to work well.

Yesterday, someone was going on vacation and wanted to set and Automatic Reply. They received an error that stated, "Your automatic reply settings cannot be displayed because the server is currently unavailable." After some research I found a lot of people suggesting this was an SSL certificate issue. Since the clients certificate was about to expire in a few months I purchased a new one. I created a new CSR and installed the new certificate using the SBS Control Panel. All seemed to go well. Rebooted the server and the users computer but still no luck in setting an Automatic Reply.

The certificate I created is for
On there external DNS I have created A records for and that point to the there public IP address. There is also an SRV entry for to

If I open a browser both internal and external and go to I get an error code 600 which I understand to be good. If I do…
Hello All,

I have a new Server 2016 system that is a DC and will be taking over for an old SBS 2011 server once I have finished the migration.  For some reason I can't login as the Administrator account.  I can RDP into a server as the administrator but can't login locally.  I get the error "The sign in method you're trying to use isn't allowed.  I have checked gpedt and logon locally is set to allow all members of the administrator group and there are no deny logon users set.  So I don't know why I can't login as the Administrator.  I can login as other users that I have set up as administrators just no the Administrator account.  Am I missing something?


Hello All,

I have a new Server 2016 system that I have setup up a DC.  This will be a new server taking over for an old SBS 2011 system being decommissioned.  I am logged in as a domain admin but can't get Remote Access for VPN to install.  It keeps saying that the server needs to be restarted to finish the install but it won't finish.  It does the same thing each time I try to install the role.  I can install the snap-in and turn on RRAS and I can set up the VPN that way but  I don't know if it really is setting everything up correctly.  I can't test yet since the SBS Server is till the VPN host and I want to make sure this is set up before I turn that one off.   I have done this on other Server 2016 systems with no problem so I don't know what is missing here.


I am looking at migrating a very small network (6 users) from SBS 2011 to Exchange 2016 or 2019
Do I really want to go through the whole "migration" or can I simply export all mailboxes to .PST files and then import them into the new version of Exchange ?
We have a client who use exchange 2010 on an SBS2011 box.  they cant receive any external emails, internally its fine, and they can send externally.  they use Trend Worry Free Business for spam filtering which sits on the SBS server.  i have disabled Trend this and still the same result.  when i perform a message trace, it shows no external emails even hitting the server.

i have attached a bounce back for you to see.

any help will be appreciated.






Small Business Server (SBS) is a line of server operating systems targeted at small businesses by bundling the operating system with a number of other Microsoft products that would normally need to be purchased or licensed separately. The most notable inclusions are Exchange, SQL Server, SharePoint and ISA/TMG (Microsoft's firewall and proxy server).