Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Windows Server 2008





Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hello Experts, to satisfy the NIST 800-171 requirement for Dual Authentication for privileged accounts we have a way to do this, but we must disable Local Policy to prevent local logons.  The solution we're toying with now is using our KVM to connect remotely.  Only concern if for what ever reason the KVM fails & we have disabled local logons, how would we get past this?

We're running Server 2008 R2 environment.
Veeam Task Manager for Hyper-V
Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.


I have a Exchange 2010 running on a Win 2008 R2 server that I cannot login to.  I inherited this from the previous person in my role and want to migrate everything over, but cannot get onto the box to administer it.  Most things I can do remotely, but SSL certificates is the main issue I have, I cannot manage them or IIS remotely.

So back to the issue, the server boots and exchange everything works great.  As soon as I login (with a domain or local admin) the server crashes on the Welcome/login screen.

I've tried quite a few things and reviewed the event logs (includes nothing I believe to be related).  The only thing that seems to work is safe mode and I can't do much in there whilst it's in safe mode.

I'd settle for remote IIS management, but it seems you have to logon to enable that :(

If anyone has any idea's, I'd appreciate it.  

Thanks in advance.

I have a Remote Desktop Server running on 2008 R2. It had an issue last night and i had to reinstall the licenses and get the server back up and running.
Everything is sort of okay but in the Licensing Diagnostic screen  there is the error "The Remote Desktop Session Host Server Configuration tool is running with local account credentials.
I understand the way to resolve this is to "Provide Credential" using the prompt in the right hand column.
However, when i try this and enter the domain admin account user name and password it rejects the credentials. I have tries it all ways. username@domain, domain\username, user name. It just rejects them.
Windows Server 2008 R2 Standard and Windows Server 2008 R2 Enterprise Server.

Issue: Black screen with mouse control
Cause: Windows updates (rebooted server after updates and came back with the above issue)

What works ok: Able to ping both servers, Can access safe mode and tried all available options in safemode
What doesn't work: RDP and \\sharename\

what I have tried
**chkdsk /f  --- ok no errors
**sfc /scannow --- ok no errors
**dism.exe /image:C:\ /cleanup-image /revertpendingactions --- didn't run
**deleted the pending.xml after taking ownership of the file using the below method.

takeown /f C:\Windows\winsxs\pending.xml

cacls C:\Windows\winsxs\pending.xml /G Username:F

del C:\windows\winsxs\pending.xml

**tried the below as well and Only got as far as Directory Services option and halted at black screen with whit txt stating the OS system and never moved on.

Restart the server and press F8 key, select Directory Services restore mode.
 Log in with the local administrator username and password
 Type: cd \windows\system32
 Type: activate instance NTDS
 Type: files
 If you encounter an error stating that the Jet engine could not be initialized exit out of ntdsutil.
 Type: cd\
 Type: md backupad
 Type: cd \windows\ntds
 Type: copy ntds.dit c:\backupad
 Type: cd \windows\system32
 Type: esentutl /g c:\windows\ntds\ntds.dit
 This will perform an integrity check, (the results indicate that the jet database is …
Routine windows update, manually by the Windows update (not WSUS).  Power outage during the update process which caused sudden  shut-down of the server.  Subsequently the server boots to black screen with mouse pointer.  Server boots to safe mode and Windows PE.  Cant locate a system restore image.   Event viewer shows that 3 updates are pending installation / re-boot, these are:  KB4019990; KB4041681; KB4040685   sfc/ scannow also indicates that updates are pending installation.

Have attempted using DISM in both WinPE and Safe Mode,  have added registry keys to enable services in safe mode:  msiserver; TrustedInstaller;   appsvc.    No avail.

Have un-packed the .msu files for the above updates, and am attempting to use pkgmgr to install these from CMD prompt.  both /IP  and /UP.  No avail.

Have not modified windows\WinSXS\pending.xml or reboot.xml  But am aware of these files.

Have searched the web extensively - not making any progress!

How can I reduce the size of my sysmsi folder size on SBS 2008 R2?  I'm currently dealing with a back up problem, so I cant back it up.

I need a script for AD (2008) - where it will spit out the AD username for only ACTIVE users. can someone provide?
I support a number of Windows Server 2008 R2 installations for very small businesses.  I'm looking for a good, affordable intrusion detection and prevention software to install on servers.  Most typical case of security concerns I see in the event logs is event ID 4625 - failed logins - spaced just a few minutes apart.  They are trying a brute force dictionary attack of usernames thousands of times a day,  Microsoft, in their infinite wisdom, does nothing to lock out repeat offenders based on IP address.  Their best solution is to temporarily lock out user accounts if successive login attempts for the same username occur.  Duh - wouldn't it make sense to lock all activity from that IP address?  Also, why don't all these 4625 failed login events have a source IP address in the event log?  Seems like a critical piece of info is missing!  Is their somewhere else to look?

I did see a recommendation for an Intrusion Detection software from CyberArms.net which I downloaded yesterday, only to learn they have stopped selling and supporting the product due to lack of sales.  Company is in Germany and said not enough people were interested in their product at $150!  Sounds very affordable to me...

So, can anybody recommend a good ID software that would allow me to configure a permanent "hard lock" of the IP address described in my 4625 scenario above?

Exchange 2010 store.exe and MSExchangePowerShellAppPool consuming large amounts of RAM
Windows Server 2008R2, After the upgrade the exchange to latest SP3 with latest roll update. Still Exchange 2010 store.exe and MSExchangePowerShellAppPool consuming large amounts of RAM. Please give me the best solution for this issue. It will be most helpfull for me

Karunakar rao
LVL 27

Expert Comment

Please post a question you will get better response.
LVL 38

Expert Comment

Exchange mailbox server eats 95% memory of total memory and release it to other apps as and when required

U need to ensure that you have assigned physical memory to exchange as per designed capacity

Look below post
Installed a Canon Image Runner C7565 on a 2008 Server and shared the printer. Each user has the printer but, they can not save 1 sided printing as the default. It always goes back to 2 sided printing.  The internal printer settings are single sided but the users must always select single sided from the printer properties of the application.
Tech or Treat! - Giveaway
LVL 10
Tech or Treat! - Giveaway

Submit an article about your scariest tech experience—and the solution—and you’ll be automatically entered to win one of 4 fantastic tech gadgets.

Is there any way to find out which folders a user has permissions to?  He is running Windows 7 Pro.
I have been given the task to help manage a schools network. A backup domain controller on same hyperv host had not synced for approx. 2 years. Forced removal of this, as no chance to re-sync and since it is the same hardware offers little redundancy. I have followed the documented process to force removal and tidy-up metadata and pretty sure there are no lingering references to the old DC. However, I find that connections to any of the DFS namespaces fails with message "not accessible. You may not have permission to use this network resource". This is the same for existing or any test namespaces I create. The error is displayed when logged in as Administrator on the DC (as well as clients).

Some tests:

- I can use windows explorer to browse the root of all shares via the DFS domain \\<domain name>

- If I double click on any of the shares I get the message "\\<domain name>\<share> is not accessible

- If I issue a "net use <letter>: \\<domain>\<share>", this works fine.

- All use of \\<server>\<share> works fine.

- If I right click on the namespace server for a particular share on DFS Management and select "Open in explorer" again this works fine.

Any ideas on what might be the issue would be much appreciated!
What happens to subfolders and files in the DFSRPRIVATE folder that DFS creates when replicating?  We are using DFS  to replicate files from one server to another, total of about 500 GB.  A few days ago DFS just stopped working. I saw that the dfsrprivate folder was huge, about 60-70 GB, and most if not all of that was in the staging folder.  The total size never dropped, so i assumed it stopped replicating, ran the analytic report but it didn't show any problems.  WhenDFS functions normally, it seems like the dfsrprivate folder is empty or close to empty. so why would it not empty now? What happens to all the files in dfrsprivate when it works normally?
I have a NAS share as dfs target. There are 16k folder target  I want to move 8k folders to another  share. how can I do this in much efficient way. How can I manage dfs mapping after move folders.
My company has a server which I remote into. Basically I type mstsc and then enter the IP and proceed to log into the server.
So how do I find the name of that server I am logging into based upon the IP ?
I'm unable to log into Symantec Endpoint Protection and unable to repair the installation because it can't stop the Symantec Embedded Database service that is stuck.

"Help me experts exchange, you're my only hope." :-D
                                                                       - Princess Dougj182
We have a series of servers at a clients site that runs Exchange, dedicated Terminal server (2008 R2), Webserver and Application server.

Their UCC certificate thats used for Exchange, autodiscover, and terminal service connection has lapsed and I am in the process of updating it across the board.

I've already generated, and completed the CSR request from Godaddy, imported into Exchange (confirmed its working on new cert), exported that from IIS uploaded to the Terminal server and imported into Personal store.

However when I go to Remote Session Host configuration under General > Certificate > Select...
It only shows me the previous certificate, does not give me any other option aside from the old certificate I'm replacing.

Where might I find the option for replacing the RDP-TCP certificate for 2008 R2 Terminal server?

Furthermore the server does not have Connection Broker Tools or Remote Desktop Gateway Tool features installed at this moment. I've looked online found a couple promising guides however they either don't pertain to my scenario or they are for a different version of Server than I have.
Getting a huge number of this error.

Log Name:      System
Source:        Schannel
Date:          10/17/2017 5:47:18 AM
Event ID:      36888
Task Category: None
Level:         Error
User:          SYSTEM
Computer:      DC.server.local
The following fatal alert was generated: 10. The internal error state is 1203.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <Provider Name="Schannel" Guid="{1F678132-5938-4686-9FDC-C8FF68F15C85}" />
    <TimeCreated SystemTime="2017-10-17T09:47:18.432206200Z" />
    <Correlation />
    <Execution ProcessID="512" ThreadID="4052" />
    <Security UserID="S-1-5-18" />
    <Data Name="AlertDesc">10</Data>
    <Data Name="ErrorState">1203</Data>

We are in process of company acquisition and need to set up a forest trust - we are waiting for VPN tunnel to be created first

In terms of DNS we are currently using our ISP as forwarders (with root hints check box checked)

My question is do I still need to add conditional forwarders to the remote company in our DNS setup, or is this something we need to request from our ISP? (Our ISP manages the DNS for the remote company we are acquiring also)

Many thanks

Independent Software Vendors: We Want Your Opinion
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


I have 3 VLANs and one DHCP scope on Windows server. I need to make it work together.

Layer 3 Switch config:
int vlan xxx
ip address
ip helper-address
no ip proxy-arp

Any help appreciated.
I am a scripting newby, but have a script that works for updating AD users based on a .csv file.  The working script is based on whether or not there is a street address for a users office location.  Here is the example of the working script for that portion and it will dump a success or error file in the C:\Temp directory:

Import-module ActiveDirectory


$userList = Import-Csv 'ADUpdate.csv'

  foreach ($user in $userList)
      $ErrorActionPreference = "Stop"
      $myu=Get-ADUser -Filter "mail -eq '$($user.mail)'" -SearchBase "DC=NCU,DC=local" -server $ADServer
        if ($user.streetaddress -eq "") {
         $myu | Set-ADUser -office $user.physicalDeliveryOfficeName -department $user.Department -title $user.title -description $user.title -company $user.company -state $user.st3 -manager $user.manageralias -server $ADServer
            Else {
         $myu | Set-ADUser -office $user.physicalDeliveryOfficeName -department $user.Department -title $user.title -description $user.title -company $user.company -streetAddress $user.streetAddress -state $user.st3 -postalCode $user.postalCode -manager $user.manageralias -server $ADServer
      $user  | export-csv -path "C:\Temp\ADUpdater-Success.txt" -delimiter "`t" -append
      $msg =$msg + " : " +  $_.Exception.Message
      $msg =$msg + " : " +  $_.Exception.InnerException
        $msg = $msg + "`r`n`r`n"
Hello Folks,

Does anybody have a procedure on how to join Centos PCs to a Windows Domain?

I'm running Windows server 2008
PCs running Centos 6.9

Thanks for looking
Hi All -

I have a 2008R2 Domain controller. It has a Hyper V Server Installed as well as Remote Desktop Services. Can I upgrade this to Windows Server 2012R2 keeping everything intact?
What would the steps be?

Brian MacFee
Hello, so I have this customer who would like to have his Windows server shared folders totally invisible to non-domain users.

The users don't have access, but he actually wants them to NOT see the folders, either.

So I was wondering, is this even possible? I never tried this, I was never asked to try this and I wasn't able to find any solid reference during an admittedly hurried search on Google.

Can someone help me? The server is a Windows SBS 2011 Standard.

So I have a Dell server which was recently shipped from CA and was working by the way.   Powered up and I'm receiving a BSOD on NTFS.SYS with a stop error of 50.   Reseated the Perc 6i controller, memory and cables.  Diagnostics passes on all components.   Same problem trying to boot off a Server 2K8 USB.  Was able to boot from the USB device only when the RAID 5 disks were disconnected from the controller.
Ran a consistency check on the RAID array.

Do you think I have a faulty disk drive or a corrupted array configuration?

Windows Server 2008





Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.