Windows Server 2008 Solutions

I am migrating a 2003 server to a 2008R2 server in preparation to migrate to a 2019 server. As part of the first phase, I have transferred all 5 FSMO roles to the new 2008R2 server, removed the global catalog from the 2003 server. I was ready to dcpromo down the 2003 server when I get the message that the 2008R2 cannot be contacted. I do not have the "This server is the last domain controller in the domain" checked. I am pulling hair as to what I have missed.

Running dcdiag yields this:

Domain Controller Diagnosis

Performing initial setup:
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\FS1
Starting test: Connectivity
......................... FS1 passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\FS1
Starting test: Replications
......................... FS1 passed test Replications
Starting test: NCSecDesc
......................... FS1 passed test NCSecDesc
Starting test: NetLogons
......................... FS1 passed test NetLogons
Starting test: Advertising
......................... FS1 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... FS1 passed test KnowsOfRoleHolders
Starting test: RidManager
......................... FS1 passed test RidManager
Starting test: MachineAccount
…

20 Comments

im running windows 2008 r2 and winsxs utilizing the whole diskspace, wen google and saw some option via using dism.exe - Dism.exe /online /Cleanup-Image /StartComponentCleanup

But i getting error - The startcomponentcleanup option is not recognized in this context.
How may i enable this option to shrink winsxs folder

7 Comments

VEEAM error -

Unable to release guest. Unfreeze error. (backup job failed. Cannot create a shadow copy of the volumes containing writers data. A VSS critical writer has failed. Writer name: NTDS (class id xxxxxxxxxxx) Writer state (VSS_WS_failed_at_post_snapshot. Error code (0X800423F4). Error: unfreeze error (backup job failed. Cannot create a shadow copy of the volumes containing written data. A VSS critical writer has failed. Written name (NTDS) VSS_WS_FAILED_AT_POST_SNAPSHOT_ERROR Code (0X800423F4)

Tried the following:

I rebooted the server.

Ran vssadmin list writers - VSS NTDS was stable and was not in an error state.

Ran job but it failed with the same error.

Ran vssadmin list writers - the VSS NTDS was in error.

Ran diskpart - automount - the aotomatic mounting of the drives is enabled.

Deleted .bak files in the registry in the following reg area: HKLM\Software\Microsoft\Windows NT\CurrentVersion\ProfileList

Rebooted the server.

Ran vssadmin list writers - NTDS VSS was stable and was not in an error state.

Re-ran job and it failed with the same error

Any assistance would be great.

3 Comments

DNS Setting in Windows TCP/ IP

on the Screenshot below , there is a configuration of network adapter for TCP/IP , and in the DNS part, we can see the primary DNS is pointing to the local server where DNS services are installed in the Alternate it is pointing to Google DNS.

Now, does that mean any name resolutions for local network will be resolved by the server , and if it is outside the network it will be resolved by Google DNS ?

If I remember, it used be that Alternate DNS will never be used unless if the primary DNS is down...and both IP address will point to DNS servers on the local Network not on the Internet.

Thank you

8 Comments

Scheduled to reboot a 2008 DC to clear a NTDS VSS error - Can I just restart the Active Directory Domain Services instead of rebooting?

There is another DC in the domain but this DC, the one with the NTDS error, has all the FSMO roles. What will be the effect on users when restarting this service?

4 Comments

I'm seeking step-by-step advice on migrating an on-prem Windows Server 2008 R2 server to a new on-prem server running Windows Server 2019 Essentials. The client has fewer than ten users, so Essentials seems the appropriate version for them. Their 2008 server is a Domain Controller. It's their only server.

I'm asking for the list of steps that move the old server files and configuration, including the Active Directory configuration, to the new serve. Thanks, Experts!

14 Comments

We are running MS Exchange 2010 in a DAG environment. We are running our Exchange environment with update rollup 13.
Exchange Update Rollup 29 for Exchange Server 2010 SP3 was accidentally downloaded and installed to one of the Exchange servers in the DAG. The problem caused by rollup 29 being installed is users that have their mailboxes that server are not able to access OWA.

When I try to uninstall Rollup 29, I get this Error message:
"Setup wizard for update rollup 13 for Exchange Server 2010 Service Pack 3 (kb2141339) ended prematurely."

I other words, when attempting to uninstalling Rollup 29 which I don't need, setup tries to uninstall rollup 13 which I do need.
Rollup-29.png
Rollup_29.png

9 Comments

Hi all -

I need to migrate a large file share from one hard drive on my file server to another newly installed hard drive on the same file server. My confusion and concern is 2-fold:

1. This share has a ton of sub/sub-sub, etc, folders in it. Some have no spaces in their names, but many DO have spaces in their names, so I'm struggling to figure out what the Robocopy syntax would be to migrate the whole share and account for this mix, without having to resort to doing each and every "main" subfolder in the root of the share one at a time.
2. I've seen suggestions that incorporate the /MIR switch and suggestions that just do a "/E /CopyAll" without MIR.

The share is E:\IT and is an actual share and I want to copy it to F:\IT2, which is also an actual share with the same perms as the original E:\IT share. Everything inside it is just a huge collection of non-shared, NTFS-secured folders, but with that usual mix of spaces and no-spaces in the names.

I have manually already created the new share, F:\IT2, shared it and set the share and NTFS perms to match E:\IT

Any guidance on what syntax I should use would be greatly appreciated.

4 Comments

LVL 1

Question by

Paul Walsh

2020-02-07Solved

LDAPS Adoption

Hi All,

We have two 2008 R2 servers with the default settings. I know 2008 is EOL we are updating them shortly..... Ahead of the LDAPS switch over in March I have enabled the deeper diagnostic logging on the event viewer to discover which devices are current ussing unsecured LDAP in our environment. Given the fact that we havent manually made the enforcement of LDAPS on the server yet, am I able to start chaging how these device communicate with AD. Can I configure them to use LDAPS and will the server accept this or reject it.

If it is possible I would like to get these devices using LDAPS before we apply the enforcement on the server.

Thanks for your help.
Paul

10 Comments

We are a Windows 2008 R2 / Windows 10 shop ( a handful of Windows 7 left) . We are looking to beef up security and implement Multi-factor authentication for logging into our local network. What are my options?

Cheers

5 Comments

Hi all,
We are planning to upgrade the domain and forest functional level to 2008 from 2003. Please let us know what is the best backup plan and any advise
all domain controller are server 2008 and exchange 2010.

3 Comments

Hi All,

Quick quesion about Windows Updates. I am checking to make sure I have a required update before making a few recommended changes (ldap hardening). I can see that update rollup required (4025341) is lsted in the update history. I can however find the corresponding number in the installed updates. (Server 2008 R2). Same for the last monthly update in Jan, i can see it listed in the update history, but not in the installed updates.

How can i tell for definite that I have the required update - or is update history enough to know that it is installed?

Cheers,
Paul

9 Comments

Active Directory as LDAP server

When adding Identity Source in Vmware Vcenter, there is an option : The Active Directory as an LDAP Server

Vmware website stated:

The Active Directory as an LDAP Server identity source is available for backward compatibility. Use the Active Directory (Integrated Windows Authentication) option for a setup that requires less input

I am not sure what they mean by backward compatibility.

Any clarification on that ?

Thank you

11 Comments

i need to apply RDS licenses create RDS cals for servers and workstations

can anyone share an article regarding RDS licenses, how it works and applies to servers and workstations

i need to know overview CALS or any other licenses we apply on servers and workstations

Do we need RD connector broker or session host server?

5 Comments

Hello,
I have set up DFSR between windows 2008 and windows 2019, the 2008 server is in production and the file share that I want to replicate is critical.

I have set up two test folders. If I put a file in the 2008 server folder it replicates fine.

If I delete the files on 2019 it deletes them in 2008. That's the problem, I can't take the chance that those files will be deleted, also I dont want to change the permissions on the folder level because I don't know how it will effect the produstion environment.

5 Comments

LVL 29

Question by

Fred Marshall

2020-01-31Solved

Deploying LAPS

Links and hints for deploying LAPS would be helpful.
Which procedure available on the web is the one you prefer?
Or, perhaps you just use Microsoft instructions as you set it up?

I found this:
https://blog.thesysadmins.co.uk/deploying-microsoft-laps-part-1.html ... and -part-2.html
Is it reasonable? There are clearly a number of things that are needed that could be intrusive.

Particular "hints and kinks" that you suggest?
Warnings?

10 Comments

Hi

We have at the moment Server 2008 R2 Standard and are going to replace it soon with Server 2019 Standard. We would like to introduce Two-Factor Authentication for our VPN connections. We would also like to introduce Two-Factor Authentication for our Office 365 subscriptions. We do not mind having two separate ones but would be nice to just have one solution for these two - could be texts or the app. I know Microsoft has free Authenticator app.

I assume that we will have to pay for the Two-Factor Authentication for our VPN connections so as long as it is within our budget it is okay. It would be perfect if we could introduce it now on Server 2008 R2 too.

What would you suggest? What are you using yourself?

12 Comments

We are pulling the plug on allowing our users to access our Citrix farm via Secure Gateway/Web interface. They will be forced through Netscaler/Storefront.

To ensure people switch, we'd like to have the initial page show a static page. I've been playing around with what to point to but not having much luck. We are going this route as we want to be able to switch back quickly in the event we have an issue with a Region around the world.

Secure Gateway/Web Interface sits on Windows 2008 R2 currently.

Thoughts?

10 Comments

I am having some issues applying a GPO to my workstations. I am currently in the process trying to setup a GPO to push a security group with 2 domain logins associated with that group to apply local administrator access to any machine on this current domain. Below is the link I am using.

https://richardstk.com/2013/11/26/adding-domain-users-to-the-local-administrators-group-using-group-policy/

I am attempting to use option 2 to ensure any local admins that are current on the workstation machine are not removed.

I created the policy and applied the policy to the workstations group in GPM and enforced the policy. (GPO Setup.jpg) Attached.

However after running a gpupdate /force I am experiencing the following error on the workstation.

C:\Users\testgpo>gpupdate /force
Updating policy...

Computer policy could not be updated successfully. The following errors were encountered:

The processing of Group Policy failed. Windows attempted to read the file \\ecva2.local\SysVol\ecva2.local\Policies\{56134950-09B3-4597-950F-26CF3ED660BA}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller).
c) …

29 Comments

LVL 1

Question by

leadtheway

2020-01-27Solved

Find source of file copy from

Have a 2008 R2 server that we are trying to move away from, however there seems to be some obscure process or script either coming from that server or some other server that is writing to a share on this server. Its same time every day. Can't find any task or script on that machine that is doing it so I'm wondering if this is coming from another server. Is there something that can tell me or something i can leave running and log it?

5 Comments

Hey Experts Exchanger,
we have Windows Server 2008 R2 which hangs in during boot. Looks like CLASSPNP.SYS causes this issue. Microsoft does not give any support with the Server anymore (we know) so we are looking for someone else to give us support in this case. Any Windows Server Specialists who can help?

Thanks in advynce,
Carsten

5 Comments

Hi,

I want to completely uninstall Exchange Server 2007. I have removed user mailboxes, removed public folder database, removed user mailbox database, removed storage group, deleted offline address book and removed exchange administrative group, but when I want to uninstall the server from I get this message:

Error:
Exchange server "SERVER NAME" was not found. Please make sure you have typed it correctly.

The server name is correct.

How can I then uninstall the server?

Thanks,
Ronnie

6 Comments

Hello,

i need a proper way to shutdown 2 sql cluster:

1-first cluster is sql2010 on windows 2008 R2 (2 node)

2-second one is SQL 2012 On windows 2012 R2 (2node)

we will move our datacenter so i need to stop properly the 2 cluster, after that i will stop server and move it to new location.

when i will start the server again, i need the cluster not start automaticly but manually to be sure all is ok.

thanks for help

3 Comments

Is it possible to do a social engine migration without cpanel or a myphpadmin?

This is the knowledge base article:

https://www.socialengine.com/support/article/5472314/se-php-moving-your-website-to-another-server

I'm moving from a windows 2008 machine to linux cento machine with no GUI installed (should I install this?) hosted on Azure

I migrated the database and set the configuration parameters in the database.php files but when I try to open the community site in the browser, I get the generic "something is wrong page" and in the error logs there is a bunch of .php errors

Not sure what to do, the KBA mentions to open up cpanel/phpadmin, I don't really have that on my centos environment, is there a way to work around this?

3 Comments

Environment:
Four-node Windows Server 2019 Hyper-V cluster, balancing 80 VMs. Cluster was created over 6 months ago, is stable, and migrates/balances VMs successfully.

Issue:
Three identical VMs running Windows Server 2008 R2 were changed to increase processors and memory from 8/16GB to 16/32GB on 9 January. It was discovered today that the guest OS only sees 8 processors instead of the configured 16. No other changes were made, and we have other similar VMs that run 16/32GB without issues.

Using PowerShell we're unable to find any differences in the VM configuration between VMs seeing all 16 processors vs. the three VMs that don't. Reducing/increasing processors and memory on the three VMs makes no difference. Allocated memory is recognized as set, but no more than 8 processors are recognized by the guest OS.

We've confirmed we can create a new VM and attache the existing virtual disk to side-step the issue, but this is cumbersome due to extensive network configurations that then need to be recreated from scratch.

Does anyone have any insights are what/where we might find the cause or resolution?

8 Comments

Windows Server 2008

Related Topics

Windows Server 2008

Related Topics