[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More







Small Business Server (SBS) is a line of server operating systems targeted at small businesses by bundling the operating system with a number of other Microsoft products that would normally need to be purchased or licensed separately. The most notable inclusions are Exchange, SQL Server, SharePoint and ISA/TMG (Microsoft's firewall and proxy server).

Share tech news, updates, or what's on your mind.

Sign up to Post

We have a SBS 2011 server using Exchange 2010.  We have several users that have their emails syncing on their iPhones.  I am having issues with one user getting their emails to work on their iPhone.  I have tried to configure this user on my iPhone with the same results.  We both are using iOS 11.4.1.  Everything is configured correctly and I get all check marks after manually configuring the mail server in Accounts & Passwords.  But when I go to the Apple mail app it comes up with the message "Cannot Get Mail  The connection to the server failed."  I'm thinking it is a problem with this particular user because everyone else that I have on iPhones is not having this issue.  Any ideas or suggestions would be greatly appreciated.
Rowby Goren Makes an Impact on Screen and Online
LVL 12
Rowby Goren Makes an Impact on Screen and Online

Learn about longtime user Rowby Goren and his great contributions to the site. We explore his method for posing questions that are likely to yield a solution, and take a look at how his career transformed from a Hollywood writer to a website entrepreneur.

I am trying build and publish a SPF record correctly.  We have Small Business Server 2011 which has Exchange 2010.  Our domain is hosted by a third party.  We have two domain names, one that points to another.  When creating the SPF,  I will be using the internal IP address  of our SBS that sends mail.  I was going to include the following TXT under my forward lookup zone: "v=spf1 mx a ip4: -all"  I understand that I also need to publish the SPF records with the DNS servers hosting our domain.  My question is,  do I provide my host domain provider the same TXT record I created for my mail server which has my internal IP?
Trying to figure specifically what's slowed down a laptop, but I guess it's a general question

windows 10 pro laptop, joined to a domain, but off the network for months now.

it's an i5 and 8GB ram, 320 GB 720RPM hard drive with about 100GB of data (so there's space on the hard drive).

I ran crystal disk info and it says the drive is physically OK.

Ran disk cleanup, removed old system files
Ran ccleaner for disk cleanup and registry clean up

But overall, the computer is sluggish  and will take upwards of 7 minutes to restart (keeps saying restarting'.  Although repeated restarts, the time does drop to 3 minutes or so.

It did have bitlocker turned on and it was running OK.  Then I wanted to put in an SSD and read you should turn off bitlocker.  started that and also ran the windows native disk cleanup... it was deleting files while also decrypting.  then it froze / I let it sit for hours.... black screen / woudln't wake up.

Turned off by pressing power button, then turned back on.  I think this is when it got sluggish.

I turned on bitlocker, it encrypted, then I turned off bitlocker / it decrypted...  still sluggish, especially at restart.

I cloned the drive to an SSD and it runs nice and fast.  So the software isn't corrupted - it cloned a fast experience.  

What about cloning back to the regular hard drive.  Might speed up the experience on the old drive?

I also ran wise registry cleanup.  the rotating hard drive was still slow opening apps,…
We have one SBS 2008 PDC and one Server 2012 R2 DC. Attempting to decommission the 2008 DC and found that event 13568 in FRS has been coming up every boot for the last few years but the SYSVOL and NETLOGON shares on the 2008 DC were still showing up despite event 13516 never being logged. The 2012 R2 DC apparently never shared the SYSVOL and NETLOGON shares when we promoted it.

Backed up the contents of the SYSVOL and NETLOGON folders.

Followed the steps in the 13568 log to perform the following:
 Setting the "Enable Journal Wrap Automatic Restore" registry parameter to 1 will cause the following recovery steps to be taken to automatically recover from this error state.
 [1] At the first poll, which will occur in 5 minutes, this computer will be deleted from the replica set. If you do not want to wait 5 minutes, then run "net stop ntfrs" followed by "net start ntfrs" to restart the File Replication Service.
 [2] At the poll following the deletion this computer will be re-added to the replica set. The re-addition will trigger a full tree sync for the replica set.
WARNING: During the recovery process data in the replica tree may be unavailable. You should reset the registry parameter described above to 0 to prevent automatic recovery from making the data unexpectedly unavailable if this error condition occurs again.
To change this registry parameter, run regedit.
Click on Start, Run and type regedit.
Click down …

We are running Small Business Server 2011 with Exchange 2010.  it has been patched and updated recently to the latest updates.

We had a user, AJ, that left the company 3 years ago.  His account was deleted a few months, maybe 6, after he left.  The mailbox was deleted and the AD User. when he returned we created the account as new and added a mailbox.   we are having some issues with people not being able to email him. we get hard bounces with what looks like and LDAP lookup string being the unknown address.

I have done some research and it points to the X500 address being wrong. everything I have used to find the proper legacy email DN has failed. i used a powershell command from the exchange management console, but that did not seem to work. all the examples I have read about don't quite line up with what I'm seeing. I was told to get the legacy info from ADSI, but I don't have the attribute tab.

Any suggestions that might help?

SBS 2011 : for the last 3 months it keeps on trying to run the Microsoft security updates and fails
Trying tonight to install just the 2008-09 security update manually, it foes through the process and upon reboot I get the message
"Failure configuring Windows Updates - Reverting changes - Do not turn off your computer"
This has been now going on for 90 minutes and still no end in sight.
Recover from the loss of an Exchange DB.

I have lost an Exchange 2010 Database, without going into it, I have no backup.

The question is how to recover from this situation.
About 20 users.  DB Size approx 200GB
All users of their email in OST files on there PC's.
Exchange is running in a Hyper-V Guest
Have access to the DB Files.

Believe that an underling disk error, on the host, corrupted the DB.
(as a side not - and not that it matters to getting this issue fix, believe the disk was the cause for the backup failures, hence no backup)

Thinking - Create a new DB on a different physical disk.
Move the users to the new DB - is this possible if the original DB cannot be mounted?

So apart from - is this a good way to go - the other questions are;
Do I need to do anything with outlook for the clients to connect to the new DB?
As their mailboxes would be empty in the new DB, will outlook sync the OST file contents back up to exchange?

If the OST wont sync, should I convert them to PST and then manually attach the PST to the Outlook Profile and them move the email into the empty DB.

I appreciate any any scenario I will loose single instance store and therefore the DB will end up larger than the original.

Has anyone used/got thoughts on - using 3rd party exchange DB recovery software?
if it can't recovery everything, then again will the OST sync up the missing emails or are they gone?

Any suggestions help would be appreciate.
Hi, have an SBS 2011 Server but can't seem to get the VPN Working. Have configured Routing and Remote Access, have enabled in the SBS Console and wizard ran fine. Have opened port on Firewall. When I telnet on the server or external to port 1723 get nothing.
Setting up our first 'real' client on office 365 (others have been SOHO accounts - either new domains / starting from scratch or existing IMAP accounts.  but never more than 2 - 3 mailboxes).

Here we have 12 users on an SBS 2011 standard domain with the exchange running on the SBS 2010

They would like a proposal for moving to office 365.

Would anyone care to share their thinking on the things involved and the time involved below? Or does Microsoft offer info on this?

I would envision figuring the time is  a bit of a formula?  

Some fixed hours for setting up the office 365 tenant, changing the MX, SPF records, disabling exchange on the sbs box, and ____?  This would be the base work you'd do for setting up a domain that has 1 user or 100 users.... call that AccountSetupHours

Then there's time per mailbox to setup that specific user account on office 365, touch each desktop and each user's phone to change where outlook is pointing to (is there an easier way than just hitting each desk and each phone?  I am using Synnex as CSP for office 365 and they say for that small a number of users, there's a migrationwiz product but doesn't make sense to use that product).   Call that time PerUserSetupHours.  Figure this does NOT include migration of old data)

And they most likely would want it, but to keep it separate, migrating their old data as a separate item -  setup and running migrationwhiz (i never used it before), What else would go under this?  But …
I have a SBS 2003 running Exchange (yes, i know it's well past its sell-by date) and I've just replaced my iPhone with a Samsung Android phone.
The email app on the iPhone connected and synced quite nicely but I'm having a problem with the Android. The pre-installed Outlook app doesn't connect because I think Exchange is too old. I've tried a few other email apps but not had any success connecting so far.

Does anyone know of an Android email app that will connect to my Exchange server?
Bootstrap 4: Exploring New Features
LVL 12
Bootstrap 4: Exploring New Features

Learn how to use and navigate the new features included in Bootstrap 4, the most popular HTML, CSS, and JavaScript framework for developing responsive, mobile-first websites.

Hello all,

This is gonna be a long one but i'll try to keep it short enough :)

Our client was using and old SBS 2011 and a SERVER 2012 Standard that is running a custom application.
The application is using SQL express 2012 but its an old application that has no support on it.
(both virtual servers are running on ESXI 6.0.0, 2494585)

So we migrated the SBS 2011 to a SERVER 2016 Standard but since the migration our client is getting network errors in
the application that was running on the existing Server 2012.  They are getting errors like "Cannot find part of path X:\Data\Locks" and "an unknow network error has occured".
Sometimes the error will only show after 4hours, then after 8hours, then after 2minutes of 15minutes, without any pattern or anything I can test on.
No error logs are being made by the application or the server. And we have no support anymore from the creator of the application.

As far as I can see the network share is always available. Altho I got a few reports from the client that the X:\ share had a red cross on it,
but only for a second then it was available again. I however never see this during my tests.

Are there any know situations that cause network errors after a migration to a new DC ?
I'm not getting any DNS or DHCP errors.

To be sure, here is some more info:

We migrated the Exchange 2010 to Office 365, moved all the roles, data, dns, dhcp to the new server but we did not touch
the server 2012 that was running …
I have a netbook (remember those!?).  It's a Toshiba with an Atom N280 processor, 2GB ram and a 160GB platter hard drive (Im only using 35GB of it).  It's running win 7 STARTER

IT 'works' but whatever you need to do on it just takes soooo long.

That's the max amount of ram it can take.  Any way to tell what replacing the drive with an SSD would do?  And maybe use some of the drive as RAM / swap file, etc?  Would that make a difference?  Or the boat anchor processor will kill it anyway?

damn, makes my skin crawl looking at what I am playing with


hundreds?!  When 'normal' chips are thousands!?
A client got a win 10 home PC after I told him I could get a PC for him and if he wanted to get it, be sure it comes with Win 10 Pro and to send me pics when at the store (they have sbs server).

So it's an HP small desktop with i5 processor,  12GB RAM, 1TB hard drive.  He.... wants to 'upgrade' to win 10 Pro, which really means wipe the drive and install pro from scratch, right?

Do you see any issues with getting it up and running on Pro? Not sure the exact model, but if it's running from the factory on Win 10 Home, then it'll run Win 10 Pro just as well?

and yeah, that's the process - wipe and install?

gotta buy:


no upgrade path.  anything else out there for less than the $200 is scam / VL / something not legit?

How much time would you say that will take? To get it to a win 10 machine ready to get on the SBS network?  1 hour? 2?
Haven’t had to deal with this in a while but have a client we handle LAN tasks for. Their current web/ imap / pop mail host lowered mailbox limits to unusable numbers.

They don’t want to go to o365.

I’ve used hostgator reseller account for years but in thinking of moving them there I remember how we have wanted to get away from hostgator for so long. Their service / support works just enough to keep my inertia on moving at bay.

I know HG (and many other hosts) are part of a much larger holding company.

Is there any good hosting company you’d recommend? Or warn about?
Very rusty with this. Working on an SBS 2010 standard.  Mail is not going out.  It's the weekend.  I see 58 emails in the send connector queue.

The connector was set up years ago to use a web / email hosting company as smarthost.   it's talking about authentication errors.  If the hosting company stopped that account  set up in the send connector, what other options do we have?

What companies are out there to let us use as a smart host? Why do we need a smart host? Why not be able to just push the emails out onto the web?  And how would we set that uo?


talks of choosing use dns and MX to route mail.  Can we just use that? What's the pros / cons of doing that?  And /or how do you set up a 2nd smart host entry - if it can't send mail with first, smarthost, failover to 2nd?
I need a Step by Step Guide to migrating Exchange 2010 from Windows SBS 2011 to new hardware running Windows Server 2016 (DC).  I am not terribly familiar with the Exchange Powershell system so need to know how to do this via the Management Console if possible.  The existing Windows SBS 2011 server (DC) will remain in service but only for a short time as hardware is well past its sell buy date.  Many thanks
Sorry, this is such a NOOB question, but I'm asking it : (

Setting up a new user in SBS 2011 Standard.  Exchange is running on the server.

When the user goes to OWA, there's no contacts listed.   Shoulnd't that be populated with the GAL (the iist of users on the domain).

Someone new starts at the company and doesn't know how people's email addresses.

And is there a way to hide some people from the published GAL list?
This is likely networking 101, but.... I'm stuck.

SBS 2011 server at location A ( subnet)
Location B is connected to location A with VPN, subnet  The router at location B currently gives out public DNS IP addresses

What's the right way to set things up for domain added laptops running win 10 pro at location B to be able to access shares on the server like \\serer\files?  The server is the domain controller.  There's only that 1 server.

Use a Hosts file?  It has that now with entries:

server.domainname.local (is this needed?)

When they click on a mapped drive, a windows security box pops up asking for credentials, and even though we check 'remember my credentials', it asks again after a reboot.  This window ALSO says 'the system cannot contact a doimain controller to service the authentication request.  Please try again later.

You click OK after adding credentials, get to the files and all is fine.  till a reboot.

What do I need to do so it can get to the domain controller across the VPN?

Why doesn't it save the credentials after a reboot?

Why does it even ask for the credentials - the user and password entered when logging in are the credentials.

Can someone tell me what I'm doing wrong?

SBS 2011 standard running exchange - 10 users have been set up for years - laptops at home, on the LAN and at a remote location connected by VPN
Their website is at a web hosting company.

Added a win 10 PC with Office 2016 at the remote location.

when opening outlook for that user's account, he'd get prompted for his password, and warnings about the certificate is  doesn't have the correct name, etc.

Running the microsoft remote connectivity analyzer for autodiscover it says:  Connectivity Test Successful with Warnings

under that it says: The Microsoft Connectivity Analyzer is attempting to test Autodiscover for markg@domain.com.
       Autodiscover was tested successfully.

Looking at things, it keeps trying to get to https://domain.com which resolves to the web server, not SBS box.  Can I just drop the autodiscover.xml from the SBS box onto the web server in a new autodiscover directory that doesn't currently exist?

Where should autodiscover.xml be located?  on the SBS box? on the web page?

There doesn't seem to be an autodiscover entry in the DNS zone.

I added an A record and pointed it to the sbs server.

pinging autodiscover.domain.com resolves to the SBS box.

But the Microsoft analyzer seems to have the web server IP cached?

This has been working for existing users.  Does Office 2016 and Exchange 2010 on SBS 2011 not play nice?
OWASP: Threats Fundamentals
LVL 12
OWASP: Threats Fundamentals

Learn the top ten threats that are present in modern web-application development and how to protect your business from them.

I guess I really don't know what I am doing.

Working on an SBS 2011 Standard machine on subnet

There's a vpn to a remote location

A new laptop at the remote site with windows 10 / office 2016 keeps getting an error about the autodiscover.domain.com certificate.  It says the name on the security cert is invalid or does not batch the name of the site.

Clicking on view cert, it says it's issued to: domain.com   issued by let's encrypt authority x3 with valid date of 8/14/18 to 11/12/18

WE DO have a certifficate for the domain issued by comodo.  From a browser, if you type remote.domain.com/owa, you get to the owa page and it says it's secured with the comodo cert.

anyone know where the lets encrypt certificate is coming from?

Other laptops at that remote location are working fine for email.
Posted a previous question about removing the password from a PDF that I DO have the password for.  Just to simplify opening it going forward (accountant emailed tax returns with our SSN on them).  Different ways to do that, but printing to a new PDF is 1 way and seems to be (for me) the cheapest / simplest way.

Touches on another issue that I've wondered about for a long time.

Printing  a PDF (or even a web page or text doc, etc) to PDF using different apps can yield wildly different size documents.

Any (free preferred) app that you like for printing to PDF ... and makes small resulting files?

I know with this password protected file (monochrome text), the original was 90KB and any app I tried using to make a PDF resulted in files that  was hundred Kilobytes / megabytes.

And even PDF Forge - for a password protected PDF, it won't even print to PDF (at least when viewing it from Adobe Reader.

From PDF Forge forum:

it isn't really up to us, this is a Ghostscript "feature". Ghostscript is what PDFCreator uses internally to convert the Postscript print data to PDF and other formats.
The idea behind it (I guess) is that you can't use Ghostscript to strip protection from PDF files. Even though the settings allow print, printing it to a virtual PDF printer will basically remove the user password for you, so it is really something different than printing it to a piece of paper. On the other hand, if you have the password and you can view/copy all content …
I am struggling to get RDS functioning on a SBS 2011 network with attached Windows 2016 sever.  Here's what happened.  Joined the W2016 server to the SBS domain, and installed 50 RDS license on the W2016 server and the RDS Licensing role, on recommendation that the primary DC should not also be the RDS Licensing server.  Things appeared to work for a while (possibly becuase within the 180day RDS licence grace period).   Then as a separtae issue, multiple overnight (8hr) power outgaes caused AD corruption and the need to make a fresh install of SBS2011 server, join the W2016 server to the "new" SBS domain.  

1) Now the RDS licenses are shown as present, but not active, it seems that I need to revoke them, tell Microsoft why, and then re-install them?
2) The overall objective is to have our remote office users access line of business applications that are installed on the W2016 sever via RDS.  I don't understand which roles should be with the SBS2011 DC and which roles with the W2016 server:   RD Gateway, RD Web Access, RD Session Host, RD Connection Broker.

I attach some screen shots of what we have.   Guidance would be appreciated!

GrahamScreenshot of W2016 ServerRDS Licensing PageRDS Diagnostics
Exchange 2010 on an SBS 2011 server, starting a few days ago, the transport DB mail.que is growing to ~5GB at which time the Exchange transport moves the  Queue folder contents to  a subfolder Queue.old and proceeds again with rapid expansion of the mail.que file, along with ~1,000 .log files.  The Transport service will steadily increase in CPU and Memory usage.  Once the mail.que file hits ~ 5GB the second time, the service stops.   The service does however change status in services.msc, to blank.   I disable the service and reboot the server, rename the Queue folder, restart the transport service and the cycle starts over.  The entire cycle of events takes 1 - 2 hours to complete.

During the time that the Transport services is running, mail moves in and out, running a Get-Queue at various times during the 1-2 hours shows mail moving through without issue the queue is empty most of the time once it processes through the stacked up messages from being down.

Following are the items attempted/addressed so far, in chronological order:

Verified no AV is loaded or scanning now.
Verified Drive space is no issue
Mail.que stops growing when transport service is stopped.
Edited the Edgetransport.config to move the QueueDatabasePath and QueueDatabaseLoggingPath to another partition.
Downloaded and Scanned the system with Malwarebytes, no issues found, uninstalled.

I am familiar in Exchange Admin but not an expert by any means.


Exchange server migration

We have an office with SBS 2011 server running Exchange server 2010 and another Windows Server 2012 R2 which is also a DC, obviously the SBS holding all the FSMO roles. the 2012 R2 is a dedicated application server.

My question is around the exchange server.

The mailbox database size is around 500 Gb with around 100 mailboxes of various sizes. as you can imagine the boss does't want to delete anything so he has like 60GB mailbox and the other staff is forced to delete emails to keep mailbox size down to 5GB and so on.

They have agreed to buy a new server but not replace the current server completely. The new server will be only for exchang server which will be exchange 2016 and the SBS 2011 will continue acting as file server.

So I want to know

1. Will these three servers co-exist perfectly fine with each other? Any configuration I need to change in terms of domain level or forest levels or Group Policies?

2. Is the process as simple as I understand? install new Windows server 2016, install exchange 2016 on it and then "move mailbox" command to move mailboxes to new server, uninstall exchange server from SBS 2011?

3. What hardware should I get? We only buy HP servers but what CPU, how much RAM and how much storage do I get? I know I should get SAS 10kRPM HDDs as they are the fast drives. There is also some kind of calculation we need to in terms of how many clients and email traffic etc but I have no clue about that.
I have a windows  2012 R2 Hyper V host with  an SBS 2011 VM - The host his stand alone and I want to join it to the domain > what would be the consequences on the SBS 2011 VM Active directory and my network  access after I reboot it into the domain ?






Small Business Server (SBS) is a line of server operating systems targeted at small businesses by bundling the operating system with a number of other Microsoft products that would normally need to be purchased or licensed separately. The most notable inclusions are Exchange, SQL Server, SharePoint and ISA/TMG (Microsoft's firewall and proxy server).