Windows Server 2012

16K

Solutions

8K

Contributors

Windows Server 2012 is the server version of Windows 8 and the successor to Windows Server 2008 R2. Windows Server 2012 is the first version of Windows Server to have no support for Itanium-based computers since Windows NT 4.0. Windows Server 2012, now in its second release (Windows Server 2012 Release 2) includes Foundation, Essentials, Standard and Datacenter, and does not support IA-32 or IA-64 processors.

Share tech news, updates, or what's on your mind.

Sign up to Post

I have a web server that this process is taking up 66% of my processing memory.
MICROSOFTSHELLHOST.EXE

I google it and come up with these pages that tell you that this is a virus and here is the hard way to remove it, and the easy way is to buy their product. But I've been burned by these non-legit pages before claiming something else I had was a virus, bought their product and it didn't fix it either. Got my money back by calling my credit card company since they don't respond to support at all, but still am now aware of these fraudulent practices. (Found out the other thing was due to my PC using a newer version of the software trying to VPN into a server with an older version.)

Google results are cluttered with the above type of pages.

This is on a windows server 2012 R2.

Anyway, what is this process? And why is it running? I know I didn't open it. thanks!
0
Has Powershell sent you back into the Stone Age?
LVL 6
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

I have a Windows Server 2012 R2 terminal server (we'll call it TERM01) on which we need access to a shared drive from another source (in this proof of concept case \\FileServer\test$) in order to redirect the documents folder.  The fileserver with the network share is also a Windows Server 2012 R2 server.  The folder redirection has been configured in a GPO with a scope that affects members of a security group (rdp-users).  Each time I log into TERM01 with a regular user who is a member a that security group, the folder redirection portion of the GPO fails.  I believe I have determined the cause of the failure.  In testing access to the share, I connected directly to the UNC path that is used by the GPO and I am able to establish a connection.  I can successfully create a new folder so long as I do not change the name.  If I give the new folder any name other than New Folder or if I try to rename the folder after the fact, I get the error “Can’t find the specified file” as seen in the image below.  This situation only occurs if the new folder on the remote share is created while logged into the TERM01 server only.  When I log into another server, TERM02 also a Windows Server 2012 R2 terminal server, the folder redirection does not fail and my profile folder, ladleyb, is created as seen image below also.  When I go into the ladleyb folder, I can create files with any name I choose but the folders will still only allow the default name.  The effective NTFS permissions indicate …
0
Hello,

I have a question about difficulties I am experiencing trying to connect my root DC (has PDC fsmo rule) to an external time source (time.nist.gov).
The server is running Server 2012 and all member servers are supposed to be synchronizing with this server to obtain the time.
I have followed the steps in the following KB article:

https://support.microsoft.com/en-us/help/816042/how-to-configure-an-authoritative-time-server-in-windows-server 

as well as downloading and running the applicable "fix me" msi.

Even modified the registry entries mentioned in the article.

After restarting the time service (w32time), the time is still not updating to the correct internet time.

 
After running the following query commands, here is the output received:

C:\Windows\system32>w32tm /query /source
Local CMOS Clock

C:\Windows\system32>w32tm /query /configuration
[Configuration]

EventLogFlags: 2 (Local)
AnnounceFlags: 5 (Local)
TimeJumpAuditOffset: 28800 (Local)
MinPollInterval: 6 (Local)
MaxPollInterval: 10 (Local)
MaxNegPhaseCorrection: 3600 (Local)
MaxPosPhaseCorrection: 3600 (Local)
MaxAllowedPhaseOffset: 300 (Local)

FrequencyCorrectRate: 4 (Local)
PollAdjustFactor: 5 (Local)
LargePhaseOffset: 50000000 (Local)
SpikeWatchPeriod: 900 (Local)
LocalClockDispersion: 10 (Local)
HoldPeriod: 5 (Local)
PhaseCorrectRate: 7 (Local)
UpdateInterval: 100 (Local)


[TimeProviders]

NtpClient (Local)
DllName: C:\Windows\system32\w32time.DLL …
0
I have been asked to patch office 365 but the conventional way using SCCM cannot be used because the current version level is at SCCM 2012 R2 (1302) on 2008 R2 SP1 Standard. Active Directory is at 2003, I can’t upgrade SCCM to 1606 to support office 365 because of AD SCCM would fall out of support if we changed it.

I have been tasked with patching O365 I have a few suggestions but need some advice on achieving this

1: Set up a file share for the patching and use group policy. Really dont want to take this approach as its labour intensive.

2: Set a new instance of WSUS up on a 2012 server with WSUS ver 4.0 and deploy 365 patching from it only snag is I dont know if I can run SCCM client patching along side a separate instance of WSUS. Is this achievable or is there a better solution.

We aren’t using azure the o365 is static.

Any suggestions would be greatly received
0
Hello,
I have a website called www.tios.ie which is composed of a WCF service  and a Webform client. Both the client application and the Service application are separate projects. Until now I have hosted the client (which has a service reference to the service) in IIS8.5 express in the "default web site"  and I have not needed to host the service application , just build and reference in client.

I now want to host both the Client application and the Service application in IIS, outside of "default web site". I created two folders TiosServiceHosting & TiosClientHosting  and published both applications to these respectively with the service in port 81 and Client in port 82. However when I now call the website it is unable to find it.
Is it possible to host two applications like this outside of the standard port# :80 If so how do I go about it ? An example would be great.

Application Host file
        <sites>
            <site name="Default Web Site" id="1">
                <application path="/" applicationPool="DefaultAppPool">
                    <virtualDirectory path="/" physicalPath="%SystemDrive%\inetpub\wwwroot" />
                </application>
                 <application path="/bin/roslyn" applicationPool="DefaultAppPool">
                    <virtualDirectory path="/" physicalPath="C:\inetpub\wwwroot\bin\roslyn" />
                </application>
                <application path="/appinit" applicationPool=".NET v4.5">
                    

Open in new window

0
I'm planning to migrate single site to 4 sites. I read many articles and took notes.
One thing I don't see anywhere, what do I do with  Default-First-Site-Name?
Do I create 4 sites and move all DCs to 4 sites and don't create a link to/from  Default-First-Site-Name?
Or do I utilize  Default-First-Site-Name as one of 4 sites?


The other question, what happen to 24 hour running member servers running application, file server which uses ldap?
Will it experience disconnection? Anything to keep in mind?
0
My understanding of Domain computers is that they periodically need to be reconnected to a network with local access to the domain controller in order to sync and not run into the "no domain controllers available" issue.

In researching a related issues I discovered a few posts that throw this understanding into question.

Essentially, I have a client which is in an expansion period and has purchased Windows 10 Pro tablets to take when doing presentations etc. out of town. What I need to know is how long can these tablets continue to be used before the user will either see the above error or be unable to access network shares through their mobile VPN client?

Also, I'm assuming that in order for a new user to login they would of course need to be on the local network, but if multiple users have logged into the device previously will they all be able to log in or just the last user?
0
Hi,

I have a SAN Network isolated from the reset of the network and I have a Single Windows 2012 server I am using as a gateway for monitoring and updating.

I dont have any budget so using FreeProxy Internet Suite to route internet traffic and SMTP traffic for updates and monitoring alerts.

the issue I have is that the storage will not send using the Proxy and also DNS is not working for updates.

What is the best solution to all my Windows 2012 R2 Gateway machine to pass all traffic out keeping the network isolated.

thanks
0
Hi All

Does anyone know how to update to the latest powershell version on Hyper-V Server 2012??
0
Hi,

I am not able login Exchange Admin Center .

I have installed SSL certificate yesterday but It was fine till yesterday.
0
Nothing ever in the clear!
LVL 1
Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

Veeam B&R 9.5
Windows 2012 R2 Veeam Server
Windows 2012 R2 Veeam Proxy Servers have 4

When Backup runs from Veeam B&R I get this event id 157

Log Name:      System
Source:        disk
Date:          10/18/2017 8:07:12 PM
Event ID:      157
Task Category: None
Level:         Warning
Keywords:      Classic
User:          N/A
Computer:      SERV001-2012R2.net.com
Description:
Disk 1 has been surprise removed.


This happens on all servers I listed above.  

Would like to know if I can suppress this event


I applied KB2955164  no change

I ran diskpart automount disable    and diskpart automount scrub     no change

Has anyone figured this one out?

Thanks

Tom
0
I am getting a NetBT 4319 error on my server saying that I should type nbtstat -n to find out what name is in conflict state.  I have two Network Cards on this machine that interact with the same network, so is that what the problem is?
0
So we have a very strange situation.  One user's account is getting locked out continuously and instantly from the moment we unlock it.   We have an event ID 4767 where the account was unlocked, then instantly an event 4740 where that account is locked out.

Doesn't say what locked it or why.

This is only happening on 3 out of 5 domain controllers.  The other two domain controllers  will show status unlocked until the next sync then it will show locked.  

We have turned off all computers this users has ever touched, turned off his phone, ipad and anything else that would have ever had his account info on it.

It's still getting locked out on those 3 domain controllers.

Anyone seen this behavior before?  Any suggestions on what could be causing it and how to resolve it?

We are on windows 2012 R2 domain/forest functional level,  4 AD sites, the 3 DC's that are locking out instantly are spread out among 2 sites.  the 2 DC's that are not locking out instantly are at the remaining sites.
all FSMO roles are on one of the DC's that locks out the account instantly.
0
I recently setup a two-tier PKI with Microsoft Active Directory Certificate Services on Server 2012 R2. When I attempt to verify my configuration with the LDP.exe tool, I am prompted for a smartcard.  I have to click cancel serveral times, before the tool will connect to my domain controller.   (Similar issue when I use a 3rd party notifcation utility ADSelfService Plus and configure LDAP over SSL authentication, at login it prompts for smartcard).  I am not using smartcards for authentication.  Why might this be occuring? Where can I look to begin troubleshooting?
0
I have a url in my database so when I display a record per page I would like to have the web page from the url display as part of the report page. I see I can do it in 2016 but I only have 2012.
0
Hi, recently due to some unauthorized changes on web.config we had to restore the complete windows server 2012 backup.
after restoration Crawl is not running and its showing top level 3 errors: protocol handlers missing with three web applications URL.
and below is the event and uls log error message.
 6482      Critical      Application Server Administration job failed for service instance Microsoft.Office.Server.Search.Administration.SearchServiceInstance (343233de-d8ff-47cf-8dca-19f0a590431b).  Reason: Unable to cast COM object of type 'Microsoft.Office.Server.Search.Administration.MSSITLB.CGatheringManagerClass' to interface type 'Microsoft.Office.Server.Search.Administration.MSSITLB.IGatherManagerAdmin3'. This operation failed because the QueryInterface call on the COM component for the interface with IID '{0FF1CE15-013A-0000-0000-000000000000}' failed due to the following error: Error loading type library/DLL. (Exception from HRESULT: 0x80029C4A (TYPE_E_CANTLOADLIBRARY)).  Technical Support Details: System.InvalidCastException: Unable to cast COM object of type 'Microsoft.Office.Server.Search.Administrati...      58ab239e-eb29-4066-30de-79ee6e9a7605
10/17/2017 06:12:57.73*      OWSTIMER.EXE (0x32AC)                         0x31AC      SharePoint Server                   Shared Services                     6482      Critical      ...on.MSSITLB.CGatheringManagerClass' to interface type 'Microsoft.Office.Server.Search.Administration.MSSITLB.IGatherManagerAdmin3'. This operation failed because the QueryInterface call …
0
I wrote a parser that reads from several files to produce a consolidated file.
This works fine when invoked interactively either from the command line or from file manager.
When I run this from Task Scheduler, the program starts, and writes the header to the target file, but nothing from there.
When run interactively, all of the data populate.

VB.Net  written using VS 2017
Running on Windows Server 2012
0
Does anybody know the exact function/meaning of the Windows regedit setting
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\StrictTimeWaitSeqCheck

I find no real documentation from Microsoft, but some sources state something like:
  "This key tells the system to wait for TCPTimedWaitDelay to pass before reopening a socket."


It sounds like that would be applicable only for creating new outbound connections, not for responding to inbound connections.
Is that correct, does anybody know?

Thus, TCPTimedWaitDelay affects handling of both outbound and inbound connections, but StrictTimeWaitSeqCheck only affects outbound connections?

And if not - why bother with StrictTimeWaitSeqCheck at all. Why not just set TCPTimedWaitDelay to 0?


Also, in addition, I cannot find any formal Microsoft documentation on the default value for TCPTimedWaitDelay. Some sources say 240 seconds and some say 120 seconds. My test results lead me to think that the default value changed at some time (when?) and at least since Win2012 it is 120. Any ideas on this?
0
I've got a normal MS (IIS8) web serve (IIS8 on Windows 2012), to which client browsers connect to request html pages.

One client (or rather its proxy) behaves like this:
1) Outbound connections use a quite small port range
2) Connections in time-wait ,or where the other side is supposed to be in time-wait, are reused for new outbound connections after 60 seconds (the web server uses 120 seconds for this setting, hence the incompatibility)
3) New connections initiated from the client do NOT use a TCP sequence number that is always larger than the last packet sequence number on that particular src/dst pair. Instead a completely random value is used as initial sequence number.

Issue 1) means that the client quite often makes the web server run into a "port re-use" situation, such that a new inbound connection is using a src/dst port combination that has already been used before (the server port is always 80, of course)
Nothing bad with this, though.

Issue 2) means that the the port re-use according to 1) sometimes occurs while the web server is still in time-wait state for that particular src/dst port pair.
This is a problem, as the web server will then not accept the request for some more time (until the server time-wait timeout period finishes), and the client will end up retransmitting its SYN connection attempt during that time, delaying connection.
However, that would not be so bad if it wasn't for issue 3)

Issue 3) means that when 2) happens, the web …
0
Creating Active Directory Users from a Text File
LVL 6
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

My setup is: HP Proliant 360G8 server with a p222 adapter added. On this adapter I've connected a external HP Ultrium tape unit. On the server I run VMware Vshpere 5.5. I've setup three virtual servers (DC/Exchange, file/printer and remote access desktop server). The fileserver also functions as the backup server with Symantec BackupExec 14 running. I've connected the external tape unit to this machine in the virtual machine setup. In backup Exec I've configured backupjobs (one running daily, one for fridays; the daily one runs over the designated tape each week, the friday jobs run on five tapes so I can run back into time for 5 weeks). The jobs are complete backups of all three servers (including all data, system state and bricklevel backup of Exchange).

What I run into is that at least once a week the fileserver completly 'freezes'. This goes to the point that you can't even power off from the VMware consile and need to reboot the whole server to get everything working again. From the log files i see this happens at a point just after the backup finishes. On most occasions, but not on all, the P222 card is shown as 'dead' in VMWare manager.

What I have done so far is: installed both windows server and backup exec completly fresh (as a new virtual server). I've replaced the P222 with a new adapter. I've update the firmware on the P222 and the driver in VMWare (april 2017). But nothing changes this behavior.

After the server 'freezes' it is completely …
0
I have a virtual machine with Windows 2012 R2 Datacenter with Windows key activated ( created by someone else atleast one year before). It looks like windows update was never done and  when I try to update it does not happen even after kept for  10 hours.  
Internet looks fine ( But I get the popup for adding site to exception when I visit a site)

How can I run the windows update? Any help is appreciated
0
hi everybody
i tested DAC in vmware like this post
https://blogs.technet.microsoft.com/canitpro/2013/05/06/step-by-step-protecting-your-information-with-dynamic-access-control/
but when in effective access tested access for my user it had all deny permision and limited access by the rule ,however i apply to it read,write and modify permission with the rule
and check the steps in above post two times and everything allright.
Does anyone have a comment?
0
Hello there.  I am wondering If I can use old IBM QLE2460 cards, fiber channel with a switch, like brocade 300 to emulate ethernet connections of 4GB.
In the same manner, I am wondering If I can HP 10GB MELLANOX CONNECTX-2 cards ( windows 2012R2 of windows 10) with a switch like  Mellanox MIS5025Q-1SFC to emulate 10GB connection. Also, it would be fantastic if there was ESXi 6.x support for this. Please advise!!!!  Are there any limitations that I would be aware???

Ps. When I say emulate I mean to use Fibre or Infinity band to work as ethernet with proper drivers and switch configuration.
0
In Win 2012 R2 Datacenter machine ( this is a VM) , How do I install and enable Distributed transaction service ( for support for 32 bit com+ application installation)
0
I am a scripting newby, but have a script that works for updating AD users based on a .csv file.  The working script is based on whether or not there is a street address for a users office location.  Here is the example of the working script for that portion and it will dump a success or error file in the C:\Temp directory:

Import-module ActiveDirectory

$ADServer="sccdc8pr01.ncu.local"

$userList = Import-Csv 'ADUpdate.csv'

  foreach ($user in $userList)
  {
    TRY
    {
      $ErrorActionPreference = "Stop"
      $myu=Get-ADUser -Filter "mail -eq '$($user.mail)'" -SearchBase "DC=NCU,DC=local" -server $ADServer
        if ($user.streetaddress -eq "") {
         $myu | Set-ADUser -office $user.physicalDeliveryOfficeName -department $user.Department -title $user.title -description $user.title -company $user.company -state $user.st3 -manager $user.manageralias -server $ADServer
             }
            Else {
         $myu | Set-ADUser -office $user.physicalDeliveryOfficeName -department $user.Department -title $user.title -description $user.title -company $user.company -streetAddress $user.streetAddress -state $user.st3 -postalCode $user.postalCode -manager $user.manageralias -server $ADServer
            }                      
      $user  | export-csv -path "C:\Temp\ADUpdater-Success.txt" -delimiter "`t" -append
    }
    CATCH
    {
        $msg=$user.mail
      $msg =$msg + " : " +  $_.Exception.Message
      $msg =$msg + " : " +  $_.Exception.InnerException
        $msg = $msg + "`r`n`r`n"
        
0

Windows Server 2012

16K

Solutions

8K

Contributors

Windows Server 2012 is the server version of Windows 8 and the successor to Windows Server 2008 R2. Windows Server 2012 is the first version of Windows Server to have no support for Itanium-based computers since Windows NT 4.0. Windows Server 2012, now in its second release (Windows Server 2012 Release 2) includes Foundation, Essentials, Standard and Datacenter, and does not support IA-32 or IA-64 processors.