Windows Server 2008 Solutions

Hi Team,

I'm working on a project that involves utilizing VEEAM Agent to create bare metal backups and migrate them over to a new cloud data center. Everything so far has gone exceptional but as expected I've ran into an issue trying to migrate my secondary DC. After a few DNS issues we decided it was best to brig the old local DC VM back online. Things started working again but now the DCs are in a slightly different state.

I originally noticed a warning on my primary DC - "this server is the owner of FSMO but does not consider it valid". Also numerous errors on the primary about kerberos syncing to the secondary and that the secondary was not available / not the right name; etc. All of these issues, after Googling, pointed toward numerous different causes, so as dubious as I was I just decided to reboot both server; primary first, then secondary.

The strange part is now, replication works, I don't have any errors, and best practice analyzer isn't coughing anything up - but the secondary DC allows me to edit and modify DNS and ADUC records whereas before they were locked down, perhaps due to the replication rules. The records could only be edited from the primary DC.

I'm afraid this odd behavior is the result of a larger issues that I I'm unable to pin down. Should I be concerned? Everything seems to be working; new records replicate in both directions and SOA is incremented correctly.

Any advice or things to look for is appreciated. Also tips on migrating …

5 Comments

Problems using Powershell and Active Directory?

LVL 8

Managing Active Directory does not always have to be complicated. If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

I have several directory structures and I want users to be able to edit files in those directory structures but I do not want them adding files or changing the directory structure. Can this be done with NTFS Permissions?

5 Comments

My application sends out text messages to employees selected to work overtime. This is coming out of my PowerBuilder application (running on Windows Server 2008 R2) using a 3rd party company to provide the SMS capability. I'm currently using a company called Clickatell and I'm not happy with their either their web portal and reporting capabilities or their support, which is all on-line, no ability to call anyone directly. Does anyone know any other companies that provide a similar service with phone support?

5 Comments

Thanks in advance to all experts for your time and insights.
Issue: We had two 2008R2 Domain Controllers (AD FFL/DFL is 2008R2) that both acted as GC, DNS... I replaced one of them (DC2 - secondary DNS) with a new 2016 DC (using same name and IP, but DNS was cleaned properly and demotion of old one and promotion of new one worked flawlessly). All DNS records replicated between the remaining DC1 2008R2 and the new DC2 2016 and I do not see any replication or DNS issues in the Event logs. I now started the process of testing to replace the last 2008R2 DC (DC1) and part of the test was to turn off the existing 2008R2 DC1 and run the entire domain off the new 2016 DC2 which has all the FSMO roles on it. Everything seemed to work fine, but we experienced issues with Outlook seeing the Exchange servers as well as several application servers having issues with client application software (on W7 workstations) connecting to them. Pinging servers by name and IP worked fine, but nslookup kept insisting that it queries the DC1 which was off. So I removed the DC1 from the static network card DNS settings on the Exchange servers and Outlook managed to connect right away. I changed the priority of the DNS servers on the DNS list network card) on the application servers and as soon as I did that everything worked. I realize this was a DNS issue and know that it might take 15 min + before the workstations try for the secondary DNS server, but I am also wondering how to overcome the problem …

9 Comments

Hi,

I recently added space to a VM disk in vSphere and went into Windows Disk Management to extend it. To my surprise, the Extend Volume option is greyed out. Never seen this before.

Any suggestions?

Windows Server 2008 R2 environment.

Thanks!

--Ben

Windows Server 2008

11 Comments

Question by

Randall Nielsen

2018-11-05Solved

2016 RDS Gateway Server

Can I run a Windows 2008R2 Host Terminal Server from inside a 2016 Gateway Server?

5 Comments

Question by

DT1640759

2018-11-04Solved

Windows Server 2008 DC Fsmo problem

Hi,

I copied a Windows Server 2008 domain controller (Hyper-V VM) from company to my home for testing. I impoted the VM and seized all FSMO roles to this dc. DNS server and all AD tools cannot locate the AD information after I restart the dc everytime. Please refer to the following screenshot.

After I used the tool NTDSUTIL and submited roles -> connections, All DNS and AD services decame normally.

I want to know that why happpen this issue and how to fix it.

Note this domain contain 6 DCs, however, I only copied one dc to my home network and I will delete the other five dc later.

Thomas

6 Comments

Question by

RubinPostaer

2018-11-02SolvedPrivate

DHCP Migration from 2008 -> 2012R2

Migrating the DHCP role from 2008 -> 2012R2 using the basic: netsh dhcp server import / export commands. The new server shows green over IPV4 and all the scope info moved over, and is authorized. I stopped the DHCP service on the source server as well but can't get the new server to issue addresses. Everything I've read makes it seem pretty seamless, so I'm not sure what step I'm missing

3 Comments

I have been trying via powershell to get a list of all users in AD but cant seem to get one to show all the information we are looking for..
We need to find information like active accounts, disabled accounts, password last change, passwords expire or don't expire..
Please let me know which commands I should be using?
Thanks

6 Comments

LVL 2

Question by

Technical Information

2018-11-02Solved

DFS Replication

Hi

If I move a share to a different disk and reconfigure DFS replication to point to the new share. will it start working again? or do I need to resync all 3tb?

3 Comments

The 7 Worst Nightmares of a Sysadmin

LVL 1

Fear not! To defend your business’ IT systems we’re going to shine a light on the seven most sinister terrors that haunt sysadmins. That way you can be sure there’s nothing in your stack waiting to go bump in the night.

I have a restore of a production server, lets call it ProdAppServer01. The customer wants to have it renamed to another name lets call it DevAppServer01, but remain in it's current state and be joined to the domain for application upgrade testing.
This is a Windows 2008 R2 server.
From everything I have read I am not able to run NEWSID on this server.
From everything I have read, I do not want to run Sysprep.

The customer needs it to be identical to the production server for the purpose of testing the installed software upgrade with the vendor.

If I power on this machine off the network, put it in a workgroup, and rename the server, can I then put this server on the network and domain with its new name and not knock the production server off of the domain?

I tried something similar before. But I put it on the network and changed the name and it stole the OU object for the original server and renamed it causing a production outage. I cannot have this happen again. I also do not have a development network to test this on.

4 Comments

LVL 1

Question by

Yashy

2018-11-01Solved

There was a problem opening your mailbox (after SSL cert has been installed).

Hi guys

I've just recently installed a new SSL certificate for our Exchange 2010 server. People can access the site. However, nobody is able to open attachments. When they try, they are getting what I have attached. Have a look and see. All of the browsers that are trying to open are using IE8 (sadly) as they are our stores and are locked down, but they were able to do all of this before.

Is this DNS related? Is it SSL related?

Thank you for helping
Yash
Picture.jpg

11 Comments

On an sbs 2011 standard server I take care of break fix (rather than proactively)., we recently set up reflexion in front of the server for mail spooling and spam filtering. I am not a fan of Reflexion / they seem to block too much legit mail (certainly not a huge amount...1 - 2 a week, but that's still more than I think they should... and mail I would say is clearly spam gets through).

Anyway, a user said they use myemma?? as a database mailer. They've sent tests to themselves previously and will get them. This time, they didn't.

I looked at reflexion's log and it said it was sent on successfully to the server, but failed with this message:

failed after I sent the message. STARTTLS proto=TLSv1; cipher=AES128-SHA. Remote host said: 550 5.7.1 Message rejected as spam by Content Filtering.

The exchange box has content filtering? I never managed it.

1) What's the best way to turn it off? I went into EMC, organization-> hub transport, anti-spam tab and disabled content filtering. IS that good?
2) Is there a way to run a report of the mail that was stopped by this filter? I'd be curious how routine this was happening.
3) Any thoughts on why it 'worked last time' and not this tme? The actual content of the email? Does content filtering get updates on its own?

Thank you!

3 Comments

I am attempting to integrate password processing into my proprietary application in order to provide more control over the process, as well as attempting to avoid the necessity of reliance on a 3rd party system to have to perform this functionality. I'm basically utilizing the "net user <login> <password>" command line in order to reset passwords within my Active Directory. This would work great if my client users had administrative rights within my application, but since they do NOT, I've been working on a way to "elevate" the effective rights at the time I invoke the "net user" command. I've attempted to incorporate the SysInternals "psexec.exe" program to run the command as an administrative user, but I've had mixed results. This appears to work for certain client accounts, but not others!? Again, my goal is to incorporate the AD password process within an existing application that, for security purposes, can not allow the client users to run the application with administrative rights. This is a Remote Desktop implementation, running RemoteApps which are accessible to my client users. I'm running under Windows Server 2008 R2 using the "built-in" RDS functionality. Can anyone provide any guidance or suggest something I haven't thought of?

13 Comments

We currently have our print server running on server 2008 32Bit and we need to migrate it.
So can we migrate from 2008 32 bit the print server data to 2016 and if so, is there a good document showing the steps needed?

10 Comments

Question by

Davisro

2018-10-29Solved

Enterprise NAS Performance vs Windows Server

Our network share is on an enterprise class NAS farm with flash and lots of physical drives. We can copy files to and from the network quickly, our performance with large Excel files and large Access databases is abysmal.

After raising the issue with IT, they gave us a test environment on a Windows Server share and it a bunch faster than the NAS drives, but IT considers this "just a test" and "temporary". The project manager in IT that is helping us doesn't seem to know why the Windows server share is so much faster, but I'd like to know why so I can advocate to make our network folders permanently reside on a Windows Server instead of a NAS.

Does anyone know why Windows Server is so much better? From testing I'd say that performing operations like indexing fields on 1mil record tables and such is about 8 times faster and does not suffer from the bottlenecks and freezes on Windows Server that we see on the NAS drive

9 Comments

Question by

YaYangTeah

2018-10-28Solved

offsite backup for this terminal server

We have one terminal server running on window server 2008 R2 in our office,we are planning to setup offsite backup for this terminal server .In normal circumstance ,this offsite backup TS server is power off and just power on during the disaster . Below is the question i have:

1.Do i need purchase additional window server 2008 R2 license ?
2.Do i need purchase additional RDS license ?

6 Comments

I want to add a security group and grant write permissions to the same folder in different user folders ex;

group name = copier

server.yo.local\users\janedoe\scans
server.yo.local\users\johndoe\scans
server.yo.local\users\Freddoe\scans

Is there an easy way to enum a list of folders and then add the group with appropriate permissions to the scans folder.

4 Comments

Question by

Bob Weilmuenster

2018-10-25Solved

server sbs standard 2008

dell poweredge t310 windows 2008 server standard/premium with service pack 2
install fails due to missing drivers. need to get drivers and how to install drivers.
dell site has drivers and try to install need help. 64bit o/s win2008 sbs standard
Thanks Bob

5 Comments

Simplify Active Directory Administration

LVL 8

Administration of Active Directory does not have to be hard. Too often what should be a simple task is made more difficult than it needs to be.The solution? Hyena from SystemTools Software. With ease-of-use as well as powerful importing and bulk updating capabilities.

We have an SBS 2011 Standard domain. There's a Canon IR-5353 printer on the network.

Would anyone have any recommendations on ways to print to it from ios and android phones?

Both when the phone is on the company wifi and on the LAN and also when out of the office on another wifi or cellular data?

6 Comments

LVL 1

Question by

vmich

2018-10-25Solved

Cant see rdp connection to 2008 r2 server. screen is black

Issue with 2008 R2 server in which we cannot RDP to the server. When we try, we get a black screen.
The server is running just fine and it is a VMware vm but cannot get to it via rdp pr the vsphere console.
We have tried to reboot the server but no difference.

2 Comments

Question by

jskfan

2018-10-25Solved

is Domain Users Group important.

is Domain Users Group important.

I would like to know if it is important to add a user account to domain users group. If I do not add the user account to Domain Users group, will that prevent user account from logging to the Domain ?

Thank you

3 Comments

Question regarding adding a DNS zone and manually entering a PTR record for a key File Server.

I just joined our 2 offices (PA Office where I work & NY Office) via a VPN tunnel using our SonicWalls. Both locations have completely separate networks, but we can now see each other servers by IP only. Were are running Windows 2008 R2 Domain Controllers and File Servers.

I would like PA's staff to be able to "see" NY's File Server by host name versus IP, so I would like to add a PTR record for this server. However, PA & NY's domain is different, so I'm thinking I can add a DNS zone in PA (non Active Directory integrated I would assume) for the NY domain for the purpose of adding a PTR record like:
NY-FS1.NY-domain.com = 192.168.50.200

Later, I am planning on setting up a trust between the domains, but I am not ready to do this yet. So I was looking to solve this problem as soon as possible. However I'm nervous about the implications of adding a DNS zone without knowing the implications.

Thank you

5 Comments

How do I make sure our SBS 2011 standard server is up to date? Running windows update from the control panel isn't enough, right?

How do I know what version of exchange is on there besides 2010 and how do I update it? Are there other parts we need to patch / update? We just use this server for exchange and file shares.

We don't use WSUS (at least not intentionally - if it runs by default then I guess we've been using it <g>

THANKS

3 Comments

On an SBS 2011 standard server, I was having problems getting a new user working on ios (but outlook 2016 worked fine and other existing users set up fine on the phone)..

I started playing with the microsoft connectivity tester and it was failing with certificate errors.

Troubleshooting some error numbers, I see pages talking about checking the certificates.

Looking in the certificate snap in, there's this user and this machine choices. looking in there, there's LOADS of certs. some expired. some YEARS away from expiration (affirm Trust Premium ECC with exp 12/31/2040 is the farthest out in trusted root certs), there's trusted root cert authories, third party trusted root certs. 'all' we use the server for is exchange and file server. Yeah, I use server/remote and server/owa... the users don't.

Can I blindly delete the expired certs (some I think are self signed) we do have a comodo cert that expires in 1 1/2 years. There were godaddy certs - I think we had that before the comodo. and other certs from companies I don't know about. They come with the server? (again it's SBS 2011).

And there's untrusted certs like diginotar Root CA G2 expiring in 2029).

Is there a list of what I can / should delete or keep? Just to reduce clutter? I just know about the comodo cert we bought. these others? No clue.

THere's a */EFGO.GOV.TR cert expiring in 2021. We are a US based company / don't do anything with other countries... ok, I see something about google …

4 Comments

Windows Server 2008

Related Topics

Windows Server 2008

Related Topics