Windows Server 2008





Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.

Share tech news, updates, or what's on your mind.

Sign up to Post

Powershell one-liner or script that can find the latest changed file recursively in a folder, per folder 1 deep.  
That might not make sense, I have shared folder "Shared", in that folder are 200 more folders, many of which may not have been used for a very long time. I'd like a list of the latest changed file (anywhere in that folder, or its own subfolders) in each of the 200 folders with the date. I hope that makes sense.
10 Tips to Protect Your Business from Ransomware
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

Hi guys

How do you give someone the private key for the SSL certificate but un-encrypted? I don't get what they are saying.

I've got a Windows 2008 R2 web server that I created the CSR onto. Then I got the certificate from the provider and have applied the certificate to this to complete the request.

My colleague needs the private key. I exported it as a .PFX file, but when you do that, it is password protected. He needs it un-encrypted.

Do you use the MMC console to do this and then export it as a .CER file? Will that be correct?

Very rusty with this. Working on an SBS 2010 standard.  Mail is not going out.  It's the weekend.  I see 58 emails in the send connector queue.

The connector was set up years ago to use a web / email hosting company as smarthost.   it's talking about authentication errors.  If the hosting company stopped that account  set up in the send connector, what other options do we have?

What companies are out there to let us use as a smart host? Why do we need a smart host? Why not be able to just push the emails out onto the web?  And how would we set that uo?

talks of choosing use dns and MX to route mail.  Can we just use that? What's the pros / cons of doing that?  And /or how do you set up a 2nd smart host entry - if it can't send mail with first, smarthost, failover to 2nd?
I just configured tls1.2  on windows server 2008

User tls 1.0 and 1.1 also

How can I disable tls1.0

On tests it shows it is using tls 1.0
Hi guys

I'm trying to lock down our VPN tunnels and firewall rules between sites. The one thing I am seeing in some places are that there are 'any' ports set up which is not explicit.

So one place that always creates problems is the Active Directory systems. We have PC's in remote locations that talk to remote AD servers.

In order for the systems to not get affected, I need to be absolute in every single port I set up as I will be killing the 'any' port.

This MS article covers ports domains and trusts:

But then for RPC, it has ports 1024-65535/TCP!!

Do you have a setup on your firewalls in the same way as MS has described? And what about the RPC port? Not over-exposed?!
I am managing two separate locations, both have a single 2008 R2 DNS/DHCP server and they both hold the FSMO roles. I want to create a secondary DNS/DHCP server at each location for redundancy. Here is where my problem lies, I have 2 servers running server 2012 R2 to use as the secondary. I have had no issues setting up redundant DNS with the 2008 and 2012 boxes. I've hit a roadblock with DHCP and i'm not liking what Google has to say.

Ideally i'd like to run a DHCP hot standby with the 2012 box. Load balance is an option as well if needed. One site would have no issues running a split scope as i only have ~60 devices. The other location has almost 200 devices, a split scope would be difficult to pull off.

I cannot upgrade the 2008 r2 boxes but i can downgrade the 2012 r2 boxes to 2008 r2.

Any thoughts or ideas would be appreciated.


My primary AD server (and DNS) is a physical machine (Server 2008R2), while my secondary AD server (and secondary DNS) is a hyper-v virtual machine.
My primary server I back up each day, but the secondary vm is backed up as a hyper-v image from 3 months ago.
I lost the virtual secondary server (theft of the host server), and would like to restore (import) the old hyper-v image on the new host server.

If I import the old hyper-v image of the secondary server onto the new host hyper-v server, will it run okay? Or will the new host hardware be a problem for the virtual AD server? I have already imported another non Active Directory vm image to the new host hardware, so I know the hardware is compatible, just I am unsure about AD.
Also, I assume the secondary server, once connected will automatically synchronise with the primary server?
Unable to play videos in RDP session.

I administer a site that uses multiple RDS servers. The servers run as VMS under HyperV or Xen.  They all run Server 2008R2. Clients are mostly Wyse C10LE's with a few PCs.

The problem I have is that video content does not show in Internet Explorer11. If I got to Youtube and try to play a video, I just get "An error occurred, please try again later". Chrome works fine.

I have tried:
1. Using a Win10 PC instead of a Wyse client, no difference.
2. Toggled "Use software rendering instead of GPU rendering" under advanced IE options, (and rebooted), no difference.
3. Added YouTube to the trusted sites list, no difference.
4. Logging on with an admin account, no difference.

Any ideas?
I have 2 windows 2008r2 servers on a windows 2012r2 domain. For an application to run on ServerA a path must be mapped to ServerB such as \\ServerB\Folder\Folder2
The App stopped working today and I can no longer map the path even manually by using UNC path. I tried to manually map a drive letter just as a test but I cannot map anything from ServerA to ServerB. They can PING each other. ServerA can map to any other server in our network. ServerB can map to ServerA. I tried mapping from ServerA to ServerB by IP address but the connection still gets rejected. If I do a NET USE on ServerA I do not see a connection. I have tried rebooting ServerA several times without success. I cannot reboot ServerB at this time. I am running out of ideas. I tried a NETSTAT on ServerB and do not see any incoming connection from ServerA. i am running out of ideas....oh yes I did a FlushDNS on both....any other suggestions? This has worked for years and it only seems to be from ServerA to ServerB....I talked to our network team and no ports were blocked or firewall changes today
IE releases a cumulative patch every month so seeing that we are missing a cumulative IE patch from 2015

how do we start a standard baseline.

we have altiris , so if we never check for updates on windows server , will it contact altiris

so which comes first WSUS or altris?
Rowby Goren Makes an Impact on Screen and Online
LVL 12
Rowby Goren Makes an Impact on Screen and Online

Learn about longtime user Rowby Goren and his great contributions to the site. We explore his method for posing questions that are likely to yield a solution, and take a look at how his career transformed from a Hollywood writer to a website entrepreneur.

Sorry, this is such a NOOB question, but I'm asking it : (

Setting up a new user in SBS 2011 Standard.  Exchange is running on the server.

When the user goes to OWA, there's no contacts listed.   Shoulnd't that be populated with the GAL (the iist of users on the domain).

Someone new starts at the company and doesn't know how people's email addresses.

And is there a way to hide some people from the published GAL list?
I have windows server 2008 r2 and active directory infrastructure managing hundreds of users.
I would like to restrict some users to logon to a specific group of computers. For example, in site A containing 10 users and 10 computers, i would like to restrict a specific user to be able to login to only those 10 computers in all the infrastructure.
How can i achieve this please?
Thank you.
This is likely networking 101, but.... I'm stuck.

SBS 2011 server at location A ( subnet)
Location B is connected to location A with VPN, subnet  The router at location B currently gives out public DNS IP addresses

What's the right way to set things up for domain added laptops running win 10 pro at location B to be able to access shares on the server like \\serer\files?  The server is the domain controller.  There's only that 1 server.

Use a Hosts file?  It has that now with entries:

server.domainname.local (is this needed?)

When they click on a mapped drive, a windows security box pops up asking for credentials, and even though we check 'remember my credentials', it asks again after a reboot.  This window ALSO says 'the system cannot contact a doimain controller to service the authentication request.  Please try again later.

You click OK after adding credentials, get to the files and all is fine.  till a reboot.

What do I need to do so it can get to the domain controller across the VPN?

Why doesn't it save the credentials after a reboot?

Why does it even ask for the credentials - the user and password entered when logging in are the credentials.

Need an automated way to create Azure Dynamic Security Groups using PowerShell. These groups needs to be created based on an AD attribute i.e employee number. Any thoughts?
Hi guys

I've just had to use the Active Directory Certificate Services to create a self-signed web certificate for our firewall. Our servers are Windows 2008 R2.

I've installed the certificate with a 2048 encryption, but now Google Chrome is having a hissy fit because it says that it is a SHA-1 and that it is untrusted.

Does the Windows 2008 R2 support SHA-2 at all? Or is this one of those doom day things that I can't do anything about unless i upgrade to Windows 2012R2?

Thanks for helping
Locate a host in Parent/Child Domain

We have Active Directory Parent and Child domains.

I would like to know if there is any way to tell if a computer is part of the parent domain or child domain ?
I am not sure if using Nslookup will give you the right domain a host belongs to.

Thank you
We're replacing a Windows 2008 domain controller, and we're confused about the existing domain name and logins.

All existing machines are members of the domain ABCCOMPANY.COM, but when users login to the domain, they use this domain name in their credentials:  DEF\username

In Active Directory Domains and Trusts, we see one domain:  ABCCOMPANY.COM.  The Properties of that show a Domain Name of (pre-Windows 2000) of DEF .

In Active Directory Users and Computers/Domain Controllers, we see two devices:  Server1 and Server2.  Server1 is nowhere to be found; that is, it has been turned off and relegated to a closet somewhere.  It is still designated as a DC, Domain Controller.  Server2 is still quite active and is designated as the GC, Global Catalog.  We intend to de-commission Server2.

Our questions are these, but additional specific info is welcome.

1.  Why is the DEF part of the login credentials so prevalent?  Is it simply because of the pre-Windows 2000 name?

2.  When should we use DEF moving forward?

3.  We believe that the original local domain should not have a .com extension.  In moving to a new domain controller and demoting the old one, should we re-name it?  (And of course we can educate ourselves via Google, but what steps are taken to rename it?)

Thank you... as is often the case when one is confused, we're not 100% sure what to ask, so please feel free to enlighten us in this area.

I am trying to deploy a .msp file. I need to do this as we have migrated from on-Prem Exchange to O365 and we had used MS Office customisation tool in order to configure settings including automatically creating an outlook profile that points to the on-Prem exchange server. Now that we have migrated, it is causing issues with the outlook profile re-configuring.

Office is built into our MDT Image, so removing it from the office installation would be a giant PITA.

I have created a new OCT MSP file and when installing it manually it re-configures office and all works great. My problem is now deploying this file to all workstations. I have created a batch file with the below command.

msiexec.exe /p "\\sbpsfile01\School\School\Apps\Deploy\OfficeCustom\OfficeConfigRemove.MSP" REINSTALL=ALL REINSTALLMODE=omus /qn

I have also tried using DFS path.

The policy is applied under computer configuration and the computers are in the OU that the policy is in.

Any help would be much appreciated.

hello experts
it has been perplex me for a long time, our company wireless network is using domain computer object authentication to connect, it is pushed by GPO.
sometimes a computer can't connect company wireless because authentication failed, tried reset computer account in ADUC but it doesn't help, i have to quit computer from domain then rejoin to fix it, so i think the computer subject must have something changed on client side or AD side which doesn't match anymore, but except wireless connection issue this computer works well under AD environment.
so you could you help investigate what is the culprit for my case?

thank you
Newly released Acronis True Image 2019
Newly released Acronis True Image 2019

In announcing the release of the 15th Anniversary Edition of Acronis True Image 2019, the company revealed that its artificial intelligence-based anti-ransomware technology – stopped more than 200,000 ransomware attacks on 150,000 customers last year.

Hello Everyone,

Need to dig up an old issue briefly. The last time I tried to migrate a DHCP scope to an existing DHCP server (authorized and servicing scopes, but not in the same range as the ones being migrated over) I got an error “Error while importing option 6. This option conflicts with the existing option". Apparently this is the case because the already existing server added the entries for 006 DNS Server and 015 DNS Domain Name when it was installed/authorized. At the time the best recommendation I could find was to delete those two entries from the DHCP server options and then run the import (obviously DHCP scope would be exported from the source server) again. The last time I got around it because I had a server we could move the DHCP to that never had DHCP before and thus no previous entries existed. This time I have to move it to an existing DHCP server. However, I would like to understand what is the risk of deleting those two entries and has anyone ever done that step?

The other option would be to export only the v4 aspect of the scope since (as far as I understand it) the option for exporting specific scopes is split into v4 and v6 subcommands. So running something like this: netsh dhcp server v4 export c:\dhcp "" might work because including the v4 portion of the command allows for the export of a single scope.  This also gets around the "class conflicts with an existing class" error message that is returned when you try to import an entire …
We have a deployment containing a number of computers that are used by shift workers, and so have chosen to use Microsoft device CALs rather than user CALs.  However, rather than just counting the number of users, we now need to count devices and it's unclear which devices require device CALs.  It's obvious that the computers do, but what about:

  • Printers (including multi-function models)
  • Switches (including smart switches)
  • Routers (that may authenticate VPN users against the Active Directory)
  • Wireless access points (that authenticate users against the AD)

How can we determine whether CALs are required for these devices?
I have a Warehouse Management Systems running on window server 2008. It seem slow accessing the WMS at times and I don’t see any issue with the network.

I run Wireshark on the network and see everything is working just fine and run continuous ping using ping plotter show latency within 4ms Avg.

Asking if anyone has any idea on how isolate if the issue is with the WMS application, window server itself or some services on the server that causes the issue.

The window server is hosted on VMWare with 8vcpu and 8gb ram
Hi guys

I'm trying to roll out an RDP shortcut via GPO to ALL users machines under a particular OU. I need the IP address of the server that they will be connecting to, to be set before hand so that they can just double click on the icon and be prompted by their username/password.

The server they are connecting to is Windows 2012 R2, but the actual AD domain controllers are Windows 2008 R2.

What is the best way to do this?

Thanks for helping
Hi Guys,

I am looking for a recommendation for an antivirus solution to be installed on a Windows 2008 R2 server.
The server is running a smart host mail server (not Exchange),

Any ideas are welcome?
On a Windows Server 2008 R2 Domain Controller we can no longer connect to it using a UNC path from another server or desktop which is causing problems for people printing on the printers shared on that server.

The error is "The specified network name is no longer available "

This DC is also the FSMO role holder, DHCP, RRAS and Veeam Proxy Server, no other network related issues seem to be effected at the moment.

Here's what we know/have tried:

1) The server can connect to its own UNC path and other UNC paths.
2) Other devices CAN connect to the UNC path using its static IP address and they can ping the server name successfully indicating DNS is working
3) The NIC is using domain profile (not private or public)
4) No configuration changes have taken place
5) Nothing in the event logs indicate a serious issue
6) Workstation, Server and Netlogon services along with all other Automatic services are started on the problem server
7) We've tried a reboot of the server
8) We have disabled the Windows Firewall and AV to test

Temporarily we are adding the printers for the user connecting to the IP address

There are loads of links out there but there are various reasons why this could be the case?

Thanks for any advice

Windows Server 2008





Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.