Windows Server 2012

15K

Solutions

8K

Contributors

Windows Server 2012 is the server version of Windows 8 and the successor to Windows Server 2008 R2. Windows Server 2012 is the first version of Windows Server to have no support for Itanium-based computers since Windows NT 4.0. Windows Server 2012, now in its second release (Windows Server 2012 Release 2) includes Foundation, Essentials, Standard and Datacenter, and does not support IA-32 or IA-64 processors.

Share tech news, updates, or what's on your mind.

Sign up to Post

I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
0
On Demand Webinar: Networking for the Cloud Era
LVL 9
On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

A procedure for exporting installed hotfix details of remote computers using powershell
2
 
LVL 8

Expert Comment

by:Senior IT System Engineer
Comment Utility
Thanks for sharing !
0
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
0
OfficeMate Freezing Error
OfficeMate Freezes on login or does not load after login credentials are input.
0
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
0
Resolve DNS query failed errors for Exchange
2
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
4
 
LVL 24

Expert Comment

by:Brian B
Comment Utility
Good and useful article, but a warning to users who may read this: It is not recommended to just try and delete system files. Without going into a long explanation, if you use Lee's method above and find a lot of space being taken up by a specific directory, search on how to clean up that directory. Here is an example for one common place that files build up:
https://www.experts-exchange.com/searchResults.jsp?searchTerms=WINSXS+folder+clean+up&asSubmit=true&asSelected=true
0
 
LVL 96

Author Comment

by:Lee W, MVP
Comment Utility
Brian B - EXCELLENT point - added a warning in case people read the article and not the comments.
0
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange though but both Exchange logs are replicated.
0
 
LVL 12

Author Comment

by:Ganesh Kumar A
Comment Utility
Updated in summary, objectives, subject.
0
What to do when Windows Update is not working correctly? What tools can I use to detect the cause of the malfunction problem? What does this numeric error code mean? These and other questions that you have been asking in the past are answered here (or at least you will know what to do next).
2
 
LVL 8

Author Comment

by:Hector2016
Comment Utility
Please, dont. I had corrected it manually.
Let it just as is.
0
Searching stars
The reason that corporations and businesses use Windows servers is because it supports custom modifications to adapt to the business and what it needs. Most individual users won’t need such powerful options. Here I’ll explain how you can enable Windows Server search and indexing services.
0
Windows Server 2016: All you need to know
LVL 1
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

The article will show you how you can maintain a simple logfile of all Startup and Shutdown events on Windows servers and desktops with PowerShell. The script can be easily adapted into doing more like gracefully silencing/updating your monitoring system upon planned maintenance reboots etc.
23
 
LVL 14

Author Comment

by:Raj-GT
Comment Utility
Hi Steve,

Thank you for the comment. I am using the InstanceIDs that correspond to the EventIDs I mentioned in the article as it is somewhat faster to execute.
Get-EventLog -LogName System -Source User32 -Newest 10 | ? { $_.EventID -eq "1074"}

Open in new window


Get-EventLog -LogName System -Source User32 -Newest 10 -InstanceId 2147484722

Open in new window


Both commands above will produce the same result.

Thanks,
Raj-GT
0
 
LVL 14

Author Comment

by:Raj-GT
Comment Utility
An updated version of the scripts are now on GitHub at https://github.com/Raj-GT/Windows-Boot-Event-Logging
0
I don't know if many of you have made the great mistake of using the Cisco Thin Client model with the management software VXC. If you have then you are probably more then familiar with the incredibly clunky interface, the numerous work arounds, and the awful customer support. I can not tell you the countless hours i have spent on the phone with Cisco attempting to fix issues.

Well I have good and bad news for you all. Cisco has "End of Lifed" this platform and will no longer continue to support or sell it. The official timeline for this is below. But for some of you who have invested a lot of time and more importantly money into the product are probably pretty upset.

http://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/virtualization-experience-client-manager/eos-eol-notice-c51-731181.html

Well, there is a solution out there: the Dell Wyse Platform. The VXC platform was "purchased" from Wyse and simply branded by Cisco and they made a few coding changes but all in all the source code is the same. Even the asthetic look of the software is almost identical to the VXC. However, Wyse takes much better care of the software and has had out for quite some time a version of the management software that is compatible with Windows Server 2012 R2, that is something those of us with Cisco have been waiting for, for a while.

Wyse also releases patches much more quickly and has much better support, as well as an FAQ with discussion boards and forums. And the…
0
 
LVL 2

Author Comment

by:Bradley Bishop
Comment Utility
How much are the Clients? We can get Wyse clients for around 300 and they are pretty good machines.
0
 
LVL 1

Expert Comment

by:jbla9028
Comment Utility
We are looking at Wyse with Cloud Client Manager. Are you aware if it's able to manage both WyseOS and Windows Embedded TCs? We're also looking at the desktop extender LinuxOS to load on old laptops to keep them from going obsolete. Working with a rep there but haven't gotten answers yet. Looking for a way to manage all the ThinClient settings from one management interface. Switching from the Teradici zero client  model .
0
Understanding the various editions available is vital when you decide to purchase Windows Server 2012. You need to have a basic understanding of the features and limitations in each edition in order to make a well-informed decision that best suits your environment. In this article I will attempt to list some of the elements you need to consider before choosing which edition is most appropriate for your case.

In Windows Server 2012, there are four editions: Foundation, Essentials, Standard, and Datacenter. Don’t let the naming deceive you. While the Foundation and Datacenter editions map directly to the Foundation and Datacenter editions in Windows Server 2008, the Essentials and Standard editions do not. The Essentials edition in 2012 is equivalent to the Standard and Web editions in 2008, while the Standard edition in 2012 maps to the Enterprise edition in 2008. That being said, it should be clear what is the most likely edition you want to choose when it comes to upgrading from your Windows Server 2008 environment. Please note that all Windows Server 2012 editions are 64-bit OS versions. There is no more support for 32-bit operating systems.
 

Foundation Edition

This edition is a scaled down edition of Windows Server 2012. It is intended for small businesses requiring simple file and print services and is limited to 15 users only. It can only be installed on a physical machine; the license for this edition will not allow for a virtual machine install. …
21
 
LVL 82

Expert Comment

by:David Johnson, CD, MVP
Comment Utility
People tend to forget that the virtual machine limitation only applies to the licence of the Microsoft Server Product. The limitation does not apply to other licensed products you could have 1000 windows 7 pro virtual machines (if you have 1000 W7P licenses) or 1000 Ubuntu virtual machines.
0
 
LVL 59

Expert Comment

by:Cliff Galiher
Comment Utility
The description of Essentials is incorrect. Essentials is *not* analogous to standard in 2008, but is like essentials 2011. It is a unique product with special features (client backups) and unique limitations (*must* be a domain controller.)
0
This article will review the basic installation and configuration for Windows Software Update Services (WSUS) in a Windows 2012 R2 environment.  WSUS is a Microsoft tool that allows administrators to manage and control updates to be approved and installed in their environment.

We will cover the following topics:
  • Installing the WSUS Role
  • Securing WSUS with SSL
  • Configuring WSUS
  • Configuring Group Policy
  • Managing Updates
  • Viewing Reports
  • Using PowerShell
  • Using wsusutil

For our test environment, we will use 3 Windows 2012 R2 servers with the following roles:
  • Domain controller
  • CA server (enterprise root)
  • WSUS

We already have a domain controller (DC1) and Certificate Authority (CA1) for mydomain.local in place.
A Windows 7 Enterprise system will also be used for this environment.
We will start with installing the WSUS role on the WSUS server.




Installing the WSUS Role


Login to the server with an account having local administrator rights.
Open Server Manager and go to Add roles and features.

WSUS-2015-06-03-20-47-32.pngClick next on the 'Before you begin' then next again on the 'Installation Type' pages.
On the Server Selection page, select the current server if it isn't already; click next.
For Server Roles, scroll to the bottom and check Windows Server Update Services.  This will bring up a dialog box to install dependent features.  Click add features.
WSUS-2015-06-03-21-08-00.pngWSUS-2015-06-03-21-08-14.png
26
 
LVL 51

Expert Comment

by:Vitor Montalvão
Comment Utility
Well done Seth
0
 
LVL 40

Expert Comment

by:footech
Comment Utility
You may want to add the content from https://support.microsoft.com/en-us/help/3159706/update-enables-esd-decryption-provision-in-wsus-in-windows-server-2012-and-windows-server-2012-r2 to your article.

Just recently I configured a WSUS (on Server 2012 R2) for SSL and no clients could connect (not just Win10 clients) until I had edited the web.config file in "C:\Program Files\Update Services\WebServices\ClientWebService" (I hadn't made the changes when the update was installed).

I think it's also important to note that the order of steps is important when configuring WSUS for SSL.  As in the order you've shown, the IIS changes have to made before running the wsusutil configuressl <fqdn> command (if the output doesn't show the https with the 8531 port you know something isn't right).
0
Recently, I was assigned the task of performing a hardware refresh in the datacenter. The previous Windows 2008 systems were connected to the SAN via fiber channel HBA’s and among other thing, had PowerPath installed in order to provide sufficient failover and load balancing to a VNX. When the new equipment was purchased, part of the refresh was a migration to Windows Server 2012 R2 using Emulex FCoE adapters for connectivity.

Once the operating system was installed, I went to the Emulex website to download the appropriate drivers and network teaming software. However, I could not locate a download for the teaming software for Windows Server 2012 R2. After trying various methods, I noticed a notation at the bottom of the screen indicating that for Windows Server 2012 R2, the built-in services were to be used.

cna.pngFurther research found that Microsoft has also built in multipath services into the 2012 R2 product. While there may be varying opinions on the need, it appears that PowerPath is no longer required when using the new Windows Server operating systems. However, if you still chose to use PowerPath, the minimal version needed will be PowerPath 5.7 SP2. Otherwise, the instructions below will walk you through configuring the MPIO feature in Windows Server 2012 for multipath failover in a SAN environment. 

The first step is the installation of the MPIO feature. To install this feature from the dashboard, click on the “Add Roles and Features” selection. 

dashboard.png
6

Background Information


Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure is five levels deep. All shared folder access is granted on per user basis and no groups are defined, causing the folder access control list (ACL) to become exhausted.


The file server is part of one domain and since they have acquired another company, we have to grant the second company's users (another domain) appropriate rights to the file server data. The domain level trust is already in place.

The problem:


For many folders, administrators don’t have even read access and can’t even check folder ACL. They are unable to see the folder owner and are unable to access the folder as well and hence they are unable to handle file server access.


For example:

Folder-Access-1.jpgFolder-Access-2.jpgI went to folder properties, and it shows me that folder is empty, when in reality the folder is not empty, but I don’t have permission to view folder size.

Folder-Access-3.jpgI don’t have access to view the folder NTFS permissions, but I am able to view share permissions, and share permissions are full control for everyone.


I am even unable to see folder owner:

Folder-Access-4.jpgThe administrator can take folder ownership forcefully with the replace permissions option, but this will destroy existing file server permissions, which is not desirable.

Folder-Access-5.jpgIf I click here Yes now, all existing permissions will be destroyed by granting me full control (in addition to ownership) which is not the objective here. I have to click on No by force. I immediately got the following warning messages:

Folder-Access-6.jpg 

 

Folder-Access-7.jpg  

Unless I get folder ownership, I can’t add or modify anybody or myself on the folder access control list.

 

The root cause of this problem is that multiple users have Full Control NTFS permissions on the root folder. Some smart users have removed the built-in administrators group from the access control list and from the owners tab. The Creator Owner group is listed on the ACL of folders, as a fact the person \ user who creates files and folders automatically becomes the owner of those files and folders. The permissions model became complicated. User level access is granted instead of groups, which is difficult to track.


NTFS Folder ownership


  • Every object has an owner, whether the object is in an NTFS volume or in Active Directory Domain Services (AD DS). The owners can controls how permissions are set on the object and to whom permissions are granted.
  • An administrator who needs to repair or change permissions on a file must begin by taking ownership of the file if he does not have already.
  • By default, the owner is the entity that created the object. The owner can always change permissions on an object, even when the owner is denied all access to the object.

Ownership can be taken by

  • By default, the Administrators group is granted the Take ownership of files or other objects user right.
  • Any user or group who has the Take Ownership permission on the object.
  • A user who has the Restore files and directories user right.

Ownership can be transferred in the following ways:

  • The current owner can grant the Take Ownership permission to another user. The user must actually take ownership to complete the transfer.
  • A member of local administrators group can take ownership.
  • A user who has the Restore files and directories user right can double-click Other users and groups and choose any user or group to assign ownership to.

 

CREATOR OWNER

Folder-Access-8.jpgIf you look at above diagram, there is special group called CREATOR OWNER. This group is getting inherited from drive root and because of this group, the person who creates files and folders is automatically assigned ownership of those files and folders as long as this group is listed on the ACL.

 

I have shared folders with size from 10GB to 250GB; I need some method to take ownership of all folders without destroying existing folder permissions.

There are TWO options left:

Either I take folder ownership from top to bottom without destroying existing permissions

OR

I need some user who already has got full control permissions on folder who can grant my admin account access to folder and from there I can take it ahead. There are multiple free tools available on the internet to accomplish this. Membership in the server local administrator group is the minimum prerequisite to use any tool.


Takeown – Built-in tool available in Windows-based systems for managing folder ownership


Takeown has its own limitations and can destroy existing NTFS permissions in addition to take folder ownership. In order to take ownership with the Takeown utility without destroying existing permissions, you must have read permissions at least on folder and files; otherwise you cannot take ownership. So the verdict is until you get ownership of all sub folders and files you have to run below TWO commands one by one again and again.

takeown /f <directory path> /r /a
                                        where
                                        /f stands for file \ folder
                                        /r stands for recursive
                                        /a stands for administrators group
                                        
                                        AND
                                        
                                        Icacls <Directory Path> /grant administrators:f /t
                                        /t switch will take care of sub folders and files
                                        f stands for full control permission
                                        
                                        Example:
                                        takeown /f C:\TFolders /r /a
                                        Icacls C:\Tfolders /grant administrators:f /t

Folder-Access-9.jpgIn above example Takeown has assigned ownership of the "C:\TFolders" folder root to only the administrators group, even you specify /r switch for recursive ownership because you do not have read permissions to subfolders and files. If you press Y in above command when prompted, all folder permissions will be destroyed and only your admin account would granted full control permissions. You can specify additional /D switch with Y OR N parameter to suppress every permission replacement prompt. You have only ownership of root folder; you still don’t have any ownership of subfolders, nor any permission on the root folder or subfolders.


This is the same case when you try to take folder ownership from the GUI in recursive mode:

Folder-Access-10.jpgIn the above snapshot, if you select yes, it will destroy existing folder permissions by granting you full control in addition to ownership.

 

Now that you have ownership of root folder, you need to run below command with the Icacls Windows built-in utility to grant administrators full control. This utility will grant administrators full control on root folder only because you don't have ownership of rest of subfolders and files yet.

Folder-Access-12.jpgAgain you have to run Takeown utility to take ownership of further subfiles and subfolders since you have access to the root folder.

Folder-Access-13.jpgOnce you have ownership of further folders, again you need to assign permissions with the Icacls utility as shown below.

Folder-Access-14.jpgIn above diagram still there is one access denied error.You need to run both commands multiple times until you get ownership and access of entire folder. Then you can manage all aspects of that folder.

  

Subinacl – Free utility available from Microsoft

 

SetACL and Subinacl are very powerful tools and can do much more than Takeown. I prefer these tools over Takeown utility. The major advantage of these tools is that they can take ownership of entire folder, including subfolders and files regardless of access permissions in one shot without destroying existing permissions, even if you don’t have read permissions on the folder root, subfolders and files.


Syntax of command: 

Syntax:
                                        Subinacl /noverbose /Subdirectories <Directory Path> <action parameter>
                                        
                                        Ex:
                                        To take ownership of folder root:
                                        Subinacl /noverbose /Subdirectories F:\Projects\1016120 /setowner=administrators
                                        If folder name having spaces in name:
                                        Subinacl /noverbose /Subdirectories "F:\Projects\My IMP Data" /setowner=administrators
                                        
                                        To take ownership of all sub folders and files underneath root folder:
                                        Subinacl /noverbose /Subdirectories F:\Projects\1016120\ /setowner=administrators
                                        If folder name having spaces in name:
                                        Subinacl /noverbose /Subdirectories "F:\Projects\My IMP Data\*" /setowner=administrators
                                        
                                        To grant administrators full control on folder root:
                                        Subinacl /noverbose /Subdirectories F:\Projects\1016120 /grant=administrators=f
                                        If folder name contains spaces:
                                        Subinacl /noverbose /Subdirectories "F:\Projects\My IMP Data" /grant=administrators=f
                                        
                                        To grant administrators full control on all subfolders and files underneath folder root:
                                        Subinacl /noverbose /Subdirectories F:\Projects\1016120\ /grant=administrators=f
                                        If folder name contains spaces:
                                        Subinacl /noverbose /Subdirectories "F:\Projects\My IMP Data\*" /grant=administrators=f


The example below shows how to take folder ownership and access with Subinacl tool. The tool can take ownership of all subfolders and files including root folder and can grant full control access to the built-in administrators group without destroying any existing permissions.

Folder-Access-15.jpgThe Subinacl utility gives you one additional facility that allows you to back up NTFS security along with ownership on entire folder before making any chnages. In case you make a mistake during taking folder ownership or modifying folder access control list, you can restore entire NTFS access control list.


Syntax of command:

Subinacl /noverbose <action parameter> /subdirectories <Directory path>
                                        
                                        To backup NTFS permissions of root folder:
                                        Subinacl /noverbose /output=C:\TFolders_Root.txt /subdirectories C:\TFolders
                                        If folder contain spaces:
                                        Subinacl /noverbose /output=C:\MyData_Root.txt /subdirectories "C:\My Data"
                                        
                                        To backup NTFS permissions of all sub folders and files underneath root folder:
                                        Subinacl /noverbose /output=C:\TFolders_Child.txt /subdirectories C:\TFolders\
                                        If folder contain spaces:
                                        Subinacl /noverbose /output=C:\MyData_Child.txt /subdirectories "C:\My Data\*"
                                        
                                        To restore NTFS permissions on folder root:
                                        Subinacl /noverbose /playfile C:\TFolders_Root.txt
                                        
                                        To restore NTFS permissions on sub folders:
                                        Subinacl /noverbose /playfile C:\TFolders_Child.txt
                                        
                                        The 1st command will restore security on root folder (C:\TFolders)
                                        The 2nd command will restore security on all subfolders and files underneath folder root (C:\TFolders\*)

For example:

Folder-Access-18.jpgThe Subinacl command line reference help file is attached here subinacl.zip


SetACL

The command line version is freeware. There is no need to install as it is a standalone .exe file. Download it, and use it from elevated command prompt. This utility also works great like Subinacl, capable of taking folder ownership and granting folder access without destroying existing folder permissions.


Syntax of command: 

SetAcl -on <Directory Path> -ot <object type> -actn <parameter> -rec cont_obj -silent
                                        Where
                                        -on stands for "object name",the name of directory
                                        -ot stands for "Object type"
                                        -actn stands for action to be performed, setting up owner (setowner) in our case
                                        -rec stands for recursive action, to be carried out on all sub folders and files (cont_obj)
                                        -silent no output will be printed on screen.
                                        
                                        Ex:
                                        To set owner on entire folder:
                                        SetAcl -on C:\TFolders -ot file -actn setowner -ownr n:administrators -rec cont_obj -silent
                                        If folder name contain spaces:
                                        SetAcl -on "C:\My Imp Data" -ot file -actn setowner -ownr n:administrators -rec cont_obj -silent
                                        
                                        To grant administrators group full control on entire folder:
                                        SetAcl -on C:\TFolders -ot file -actn ace -ace "n:administrators;p:full" -rec cont_obj -silent
                                        If folder name contain spaces:
                                        SetAcl -on "C:\My Imp Data" -ot file -actn ace -ace "n:administrators;p:full" -rec cont_obj -silent

For example:

Folder-Access-16.jpgThe above command will assign entire folder ownership to the built-in administrators group and will grant full control access permissions without destroying any existing folder permissions. You can refer SetAcl online command reference for more information: https://helgeklein.com/setacl/documentation/command-line-version-setacl-exe/


Some best practices about setting up standard share folders to minimize management efforts:


  1. Always share folder with everyone full control share permissions.
  2. Control user access over NTFS access control list.
  3. In order to control user access over NTFS permissions, disable inheritance from advanced NTFS security page on the root share folder.
  4. Avoid granting users full control NTFS permissions on root shares and subfolders unless absolutely necessary.
  5. Ensure that the server local administrators group has full control NTFS permissions on the root share and has root folder ownership as well. Never grant individual administrator full control NTFS permissions.
  6. Remove the Creator owner group from root share. This is the main culprit that can cause most of folder ownership and access issues. This will ensure that individual users never get subfolder and files ownership.
  7. Try to avoid granting deny permissions to users or groups on the NTFS access control list.
  8. Avoid granting permissions to individual users on shared folder access control list as far as possible.
  9. Instead of adding individual users on access control list, create global security groups and add required users to them, and grant these security groups appropriate rights on access control list.
  10. The process to setup roaming profiles is bit different than above; by default these folders are not accessible to administrators. However you can apply group policies in advance on the server where you want to store roaming profiles so that built-in administrators group can have access to roaming profile folders if necessary. The GPO setting "Add the administrator’s security group to roaming user profiles" can be found under Computer configuration => Administrative templates => System => User profiles. A great article is already published on the TechNet blog to set up Roaming Profiles \ home directories: http://blogs.technet.com/b/askds/archive/2008/06/30/automatic-creation-of-user-folders-for-home-roaming-profile-and-redirected-folders.aspx
  11. Another option is to take complete roaming profile share ownership with SetACL OR Subinacl without destroying existing ACL, and then add the administrators group to the roaming profile root share. That will eventually be inherited by subsequent profile folders.
9
 
LVL 37

Author Comment

by:Mahesh
Comment Utility
Thanks

There is slight difference between authenticated users and everyone
Everyone group contains Guest, IUSR & the IWAM accounts in addition to authenticated users \ domain users in trusted domains and forests
Previously anonymous users are part of everyone group, but with 2003 AD, it is removed

The Authenticated Users group includes all users whose identities were authenticated when they logged on. This includes local user accounts as well as all domain user accounts from trusted domains and forests
Authenticated users do not contains guest, ISSR, IWAM, Anonymous, local service and network service accounts.
Normally these accounts cannot logon to any machine to access shared resources and guest account is disabled by default unless you enable it

As a fact I really do not see noticeable difference between TWO, however you may use authenticated users instead of everyone
The major permissions control remains on NTFS permissions

Probably we need to disable UAC, otherwise it will unnecessarily prompting, in some organizations they have policy to keep UAC enabled

Normally I do want to clear Creator owner from share folder root at beginning, you can remove it from drive root, however I don't think it is required.

I observed on 2012 and above servers, If you are server administrator and if you trying to open share folder for which you don't have access on NTFS ACL, and you tried to access it through local path, it will prompt you popup so that you can click on continue and you will get access.
0
 

Expert Comment

by:Gaurav Chauhan
Comment Utility
Many thanks for this detailed article this subinacl tool is just awesome far better than icacls,solved my greatest problem,  now I am surprised why this tool is mentioned nowhere this should be promoted as built in tool by Microsoft . Many thanks again.
1
Every now and then, Microsoft does something that totally impresses me. It doesn't happen often, but in this case I must say I am thoroughly impressed with Windows Server Backup. One of the long time issues with Windows Backup has been the ability to send your backups to a location not on the local machine. In fact the limitation is still there. Many of us have gotten around this by setting up a NAS or SAN device and then connecting to the server via iSCSI. But what if I simply want to use a network share? Here's how I did it. Simply create a VHD in Disk Manager! Ok maybe not that simple, there are some issues with this method, like VHD's that do not reconnect after the system is rebooted (Really Microsoft?), so you need to create a scheduled task to reconnect the VHD, otherwise it's pretty straight forward. The first step is to create the VHD, this easy to do in Disk Management. Open Disk Management by going to the Control Panel > Administrative Tools and open Computer Management, then drill down to Disk Management:
CreateVHD

Right Click on Create VHD, then fill in the blanks. I recommend using a VHDx because you can create drives larger that 2TB on up to 64TB, the only caveat is that only Windows Server 2012 and Windows 8 can read VHDx. I also recommend using Dynamically Expanding so that the file space is not used unless it is needed. The location can be a mapped drive as shown below or a UNC path like \\SERVER\FOLDER\FILE.VHDX.
CreateVHD_Dialog
13
 
LVL 9

Author Comment

by:Frank McCourry
Comment Utility
Why are my images there when I edit the article, but missing when I submit?
0
Storage Spaces Cluster JBOD
The following article is comprised of the pearls we have garnered deploying virtualization solutions since Virtual Server 2005 and subsequent 2008 RTM+ Hyper-V in standalone and clustered environments.
13
My GPO's made for 2008 R2 servers were not allowing me to RDP into a new 2012 server by default.  That’s why I tried to allow RDP via Powershell, because I could log into a remote shell without further configuration.
Below I will describe how I went step by step to find and change the necessary setting.

In a NON-Admin session, one of the first things I do, is to save my admin credentials.
$cred = Get-Crendetials

Open in new window

A window will open and you can enter your admin-user credentials and now they are stored in $cred and there is no need to enter them over and over again.

Now I connect to the server where I want to enable the RDP connection:
Note: IP addresses will not work here
Enter-PSSession servername -Credential $cred

Open in new window

The PSDrive cmdlet shows me the available providers I can connect to, filesystem, Registry, ActiveDirectory or Certificate Store by default for example.
Get-PSDrive

Open in new window


Output example:
Name           Used (GB)     Free (GB) Provider      Root
----           ---------     --------- --------      ----
Alias                                  Alias
C                 402,81         46,34 FileSystem    C:\ 		-> Filesystem
Cert                                   Certificate   \			-> Certificate Store 
HKCU                                   Registry      HKEY_CURRENT_USER 	-> Registry
HKLM                                   Registry      HKEY_LOCAL_MACHINE	-> Registry

Open in new window

I was interested in editing the Registry, that's why I connect to HKEY_LOCAL_MACHINE:
cd HKLM:

Open in new window

I don't remember the exact location, where to find the Registry entry that will allow the RDP connection, but it was under "Control":
cd '.\SYSTEM\CurrentControlSet\Control

Open in new window

This was the part I could remember, now I have to search for the missing pattern, because it was something like *Fdeny*:
ls -Recurse -ea SilentlyContinue | where-object {($_.property -LIKE "*fdeny*")}

Open in new window

Output:

Open in new window

3
Has Powershell sent you back into the Stone Age?
LVL 6
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

2
Table of Contents:
Lesson 1 - Installing Windows Server 2012
Lesson 2 - Configuring Server 2012
Lesson 3 - Active Directory (this article)

Windows Server 2012 Active Directory

following the previous lessons, we installed and configured our server. now, we are going to create users and connect them on the client PCs.

NOTE:
Active Directory: is the software role to be installed on the server, which will contain users, computers, Organization Unit and other.
Domain: is the repository in which users are defined in. Each Server can have one domain

So let's proceed. log in to the server with your administrator account. if you don't see the server manager window, click on its icon in the lower left corner.  From the Server Manager Dashboard , click on Add Roles and Features . You will get the Before You Begin screen (usually basic information, you can skip it for future times)
before you beginyou will need to select the Installation Type . Since this is a standalone server, we will select the Role Based or Feature Based Installation .
installation typeselect the Destination Server . this is to define which server to install the role or feature, in case you have multiple servers. in our case we have only one server (our server name as described before in server12 with IP 192.168.174.128)
select servernow we are going to select our server role. in this tutorial we are going to select Active Directory Domain Services
5
 
LVL 10

Author Comment

by:Sam Simon Nasser
Comment Utility
one small question, i have submitted this article on June 20th, but under my name in the top of the page, it's mention (Posted on2013-05-20 at 05:06:23), which is the day which i started composing this article.

is there a way to change this date or it's common in EE that it's the date of composing?

regards.
0
 
LVL 10

Author Comment

by:Sam Simon Nasser
Comment Utility
june 12 not 20th .... sorry
0
In my previous Experts Exchange Articles, most have featured Basic and Intermediate VMware Topics.  As a Virtualisation Consultant, we implement many different virtualisation solutions using VMware vSphere, Citrix XenServer and Microsoft Hyper-V, as per client requirements. Most fall into the VMware vSphere camp, but that does not prohibit us, from using equally good Corporate Enterprise Hypervisors from Microsoft or Citrix, as both are now "considered equal".

In this article, we will show you HOW TO:  Add a Dell EqualLogic PS Series Array (SAN) to System Center Virtual Machine Manager 2012 SP1 as a SMP Provider.

System Center Virtual Machine Manager (SCVMM) 2012 SP1 supports the same storage arrays that were supported in SCVMM 2012, plus the SMP provider. For more information see this SCVMM 2012 Storage and Load Balancer Provider Downloads

Why and What is a SMP Provider? (Andy's Laymans Definition)

It provides the ability to integrate SCVMM and your storage array, e.g. the ability to create logical units (LUNs) from within SCVMM, traditionally you would login to your SAN, via command line or Dell PS Group Manager using a browser. Integrating into SCVMM, you can create and manage Pools and LUNs from within SCVMM.

1. Prerequisites

Compatible Dell EqualLogic PS Series Array (SAN) running 5.2.4 FW or higher
Microsoft Windows Server 2012
Microsoft System Center Virtual Machine Manager 2012 SP1 (SCVMM)
Dell EqualLogic Host Integration Tools 4.5.0
2
 
LVL 123

Author Comment

by:Andrew Hancock (VMware vExpert / EE MVE^2)
Comment Utility
@LHerrou

Its' been a real pain in the arse, software release from Dell for Windows 2012, Bug ridden rubbish, and we told them!

Andy
0
Table of Contents:
Lesson 1 - Installing Windows Server 2012
Lesson 2 - Configuring Server 2012 (this article)
Lesson 3 - Active Directory

As described before (lesson 1), we have installed Windows Server 2012, and set up the administrator password. Now we are going to make some system configurations before installing any roles or features to our server.

so, when you log in with your administrator account, first thing you'll notice is the modified SERVER MANAGER dashboard.
server managerHINT: in you want to see the metro interface, click windows icon from your keyboard
as you see in the figure, you can add roles and features connect to other servers or create groups. for now, we are going to configure and customize or server, so click on LOCAL SERVER on the left side. you'll see this screen:
local serverinside this screen you'll find our server initial configuration and general information, which we will customize now.
first, we will change our server name, so click on the computer name . from the windows that appeared (system properties ) click on change . type your desired server name (in my case i named it server12) and hit OK. you will need to restart the system to apply settings.
server namenext step is to configure the remote desktop. this is essential if you don't have physical access to the server, and need to connect to it from another place or another computer. so click on local server from the left menu, and click on remote desktop which is currently set to disabled
remote desktop setting
5
 
LVL 10

Author Comment

by:Sam Simon Nasser
Comment Utility
thanks
0
 
LVL 10

Author Comment

by:Sam Simon Nasser
Comment Utility
thanks alot
0

Table of Contents:

Lesson 1 - Installing Windows Server 2012 (this article)
Lesson 2 - Configuring Server 2012
Lesson 3 - Active Directory

Hi All.
In this tutorial, and the upcoming tutorials, I will show you how to become a great system administrator :). I will show you how to install Windows Server 2012, configure it, and deploy the server functionality to it, in order to control your systems.
You can install all these functionalists on one server, but it's preferred that you have multiple servers with each function on it.

Mainly, when someone mentions SERVER, you should bear in mind the following:
Windows Server software : This is the software that will be deployed on the server hardware in order to manage your network. There are many server software used, mainly: Microsoft Windows Server, RedHat, Ubuntu . There are the editions with graphical user interface (like MS and RedHat) and other light editions without graphical interface, and you only write your commands (like MS Core and Ubuntu)

Managing users : which is done (in our case we are using Microsoft windows server), it's called Active Directory . we will configure users on the server and configure the PCs to allow login to their profiles

DHCP Server : This manages the machines IPs and MAC addresses. it will make it easier to give each PC a fixed it through it, for remote controlling.
Control Sites and access
9
 
LVL 9

Expert Comment

by:Mike Roe
Comment Utility
Good article hit no by accident
0
 
LVL 2

Expert Comment

by:piedthepiper
Comment Utility
I like the idea!
0
Many things have changed in Windows Server 2012.  To setup the print server, you can use the old way through Control Panel / Hardware / View devices and printers > Add a printer in which the wizard will discover all the network printers for you to add.  However, you need to add a new Role Service for Print and Document Services (Figure 1 & Figure 2) to manage all the print drivers in a single pane of glass management (Figure 3).

Figure 1
Fig.1Figure 2
Fig.2Figure 3
Fig.3
In Windows server 2008R2 x64, you need to install both 32/64bit printer drivers for Windows7/8 32/64bit OS clients. Windows server 2012 is straightly x64bit OS only.  It introduces the support for x64 Type 4 printer drivers which support both Windows7/8 32/64bit OS clients without installing x86 printer drivers (Figure 4).  

Figure 4
Fig.4
When you have installed the x64 Type 4 printer driver for a printer, the “Additional Drivers…” button will be grayed out (Figure 5).

Figure 5
Fig.5
In most cases, Windows server 2012 will find the x64bit Type 4 print driver for your printer.  If Windows server 2012 cannot find the driver for your printer, you need to download both x86/x64 print drivers unless it is the Type 4 print driver.  For most HP printers, you can download the PS/PCL6 Type 3 Universal Print Driver (UPD).  

Add New Print Drivers

To install the additional print drivers, click on Drivers under Print Management / Print Servers / your_print_servername
13

Windows Server 2012

15K

Solutions

8K

Contributors

Windows Server 2012 is the server version of Windows 8 and the successor to Windows Server 2008 R2. Windows Server 2012 is the first version of Windows Server to have no support for Itanium-based computers since Windows NT 4.0. Windows Server 2012, now in its second release (Windows Server 2012 Release 2) includes Foundation, Essentials, Standard and Datacenter, and does not support IA-32 or IA-64 processors.