[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


Windows Server 2012





Windows Server 2012 is the server version of Windows 8 and the successor to Windows Server 2008 R2. Windows Server 2012 is the first version of Windows Server to have no support for Itanium-based computers since Windows NT 4.0. Windows Server 2012, now in its second release (Windows Server 2012 Release 2) includes Foundation, Essentials, Standard and Datacenter, and does not support IA-32 or IA-64 processors.

Share tech news, updates, or what's on your mind.

Sign up to Post

No certificate templates are available in Active directory error found when trying to request a cert from forest 2 and use pki infrastructure from forest 1

Forest 1


Windows 2008 forest/domain functional level

Single forest, single domain

1 offline Root CA

2 Enterprise Issuing CA servers in domain company.com

2 NDES servers

2 OCSP servers

Forest 2:


2 web servers to host CRL for web publishing

Firewall rule to allow SMB traffic from web servers in forest 2 to computers and servers in forest 1

Single forest/domain

Windows 2008 forest/domain functional level

There is no forest trust or any trust-relationship between the 2 forest.

I need to be able to allow computer auto enrollment for computers and servers in forest 2 where is no PKI infrastructure, however I am getting the error above whenever I tried to manually request a cert from MMC on any servers on forest 2

My question

How can I allow computer autoenrollment for 2 forests without any relationship established?

How can I copy computer certificate templates across forest and test?

Tried to run certutil -dspublish -f path\file.crt RootCA on forest 2 with no luck

Please, provide instruction step by step including GPO, or any other task that should be performed on forest 2 to allow computer cert autoenrollment for servers and computers. …
Simplify Active Directory Administration
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

we have a 2008r2 terminal license server for our remote desktop clients and a few servers that points to the license server for the licenses. If i upgrade one of the servers that the clients remotes into can i have the 2012r2 server to locate or point to the 2008r2 license server and if so what services do i need to add to the windows 2012r2 to make this happen?
Hello All, I hope this isn't too easy or a repetitive question. One weak area I have is understanding how to configure DNS on a domain controller -the only DC on a network. It has the AD and DNS and we made it the DHCP server. OS is 2012r2. Let me explain what configurations I have on the server and router...  We have a static IP address on a SonicWALL router, configured with the ISP DNS servers. Now - here's one possible fault... I have teamed the NICs on the server (2), just the standard options.... I think I have read somewhere that may not be a good idea on a DNS server... not sure... So the teamed NICs have the servers IP address on the LAN assigned. I have server set up to use root hint servers and no forwarders and the root hint servers are resolving. I am using the ISP primary DNS as preferred DNS server on the DC NIC (teamed), for the secondary I am using the DC's LAN IP address - versus the loopback address...  I am away from the site at the moment but will go onsite soon. I have read a lot of stuff lately and its pretty diverse... meaning different opinions for similar circumstances others have had. Do I need to get rid of the ISP's DNS server in the DC LAN properties altogether? Using root hints, if it matters to next question, what would  use for the Primary and Secondary DNS servers in the DC's NIC properties then? I have read - use the DC's IP address as the first (primary).... I just need an answer I can feel good about - and I will wait to be at the server …
Hello Experts,

I am testing BGInfo with some of our servers. We will deploy it via GPO.

We have web servers having multiple IP Address. In BGInfo (or with a WMI query) is there a way to only show 1 IP address and not all IP addresses?

The problem is if we show all the IP Addresses of our webservers, the BGInfo information will be shifted (see example in attachment).

Yeah you'll have to set up a new Forest alright as if you created another domain within the law library.local it is still part of the same forest and therefore falls within the same security boundaries. If you are only going to have the forest internally used i.e. Nobody connecting to it etc from the outside world then you don't need to register a DNS name but when you are creating the new forest it will ask you for the name of the forest, it will need to be unique on your network.

Building a separate forest for internal use. Nobody will be connecting to it from outside. I want the naming to be separate and also different security boundaries. Just want to make sure I don't need to register a DNS name for this.

As far as I'm aware I just need to create a unique name (within the network for the forest, is this correct?)

I have the 2012R2 server deployed from template. I'll go through creating it and then adding it to a new forest anything else I need to take into account

A smaller question:Is it worth doing this through Azure instead  looking to create a new internal forest with a new domain for 60 pcs thanks 👍👍
I have a request to share a LUN with HA.
I mapped a LUN to 2 servers. But not sure how to do that.
Is it possible to share LUN by CSV (clustered shared volume)?
My server, running Hyper-V (it that matters) is off on its time but about 45 seconds. I decided to try to set the host to get its time from external time servers, and I followed the following under Manually Configure the Windows Time service:


When I did everything there in the registry as recommended I can’t get the Windows time service to start. It’ll remain in starting status after giving me the following error:

Windows could not start the Windows Time service on Local Computer.
Error 1053: The service did not respond to the start or control request in a timely fashion.

I used the following time servers:

0.pool.ntp.org,0x1 1.pool.ntp.org,0x1 2.pool.ntp.org,0x1 3.pool.ntp.org,0x1

Any idea what I might be doing wrong? How do I successfully get the time on my server, and subsequently the guests, to be accurate?
How do I integrate mailgun with my Exchange 2016 Server?

My mailgun setup is complete and verified. Just need to get my Exchange mail to pass through mailgun.
How to install NPS role and configure the NPS server

I have a interview coming up soon and I'm trying to find the best answer when they ask me how do you troubleshoot replication for servers?
Free Tool: ZipGrep
LVL 11
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

I need solution for one issue I am facing in my organization and I am hopefull to get some good solution for this issue. Below is the details of my query.

1- Currently we are running 4 sites and all 4 sites are connected with each other throw site to site VPN tunnal.
2- We kept all the data under SAN storage. This data backed up regularly through backup exec in Tape drive and these tapes tapes moved to other location after backup .

We want all the data available at our branch offices should be replicate on the SAN storage which is installed at our Head office. In coming days we will put one more server in our branch office and copy approx. 2 TB data on that server. In case any disaster happen in any of our site, we can easily recover data from backup.

1- All three branch offices has 10 MBPS Link and approx. 2 TB data. If we will replicate data over network, it will be big load on network and slow down the network performance. It will affect regular operation until its all the data replicate successfully into SAN. This situation will affect our Business.
2-  There are much more chances of data duplicate because they are moving the same and use same data as case reference.

Solution required:
1- How can we replicate all location data in SAN storage without affecting our day to day operation?
2 -How to avoid data duplication?
Trying to apply the volume license key and I get this error:

Error 0x80070005 action denied: the requested action requires elevated privileges

Application log shows an error 1017
Installation of the Proof of Purchase failed. 0x80070005
Partial Pkey=MG8F8
Detailed Error[?]
Referencing my original question here:

Here is my setup:

AD Domain
KMS Server - Windows Server 2012
Office2013KMS Pack Installed
VAMT 3.1
Windows 7 w/ Office 2013 Professional Plus SP1

We have used the KMS server in the past to activate Windows 7 without issue. Works every single time.

When I go to activate Office 2013 I use the following commands and the errors I receive after using them:

cscript ospp.vbs /sethst:serveraddress - This command processes successfully and I've verified the correct IP for the KMS is working with nslookup
cscript ospp.vbs /inpkey:XXXXX-XXXXX-XXXXX-XXXXX-XXXXX - (Key used = KMS) ERROR CODE: 0xC004F050 ERROR DESCRIPTION: The Software Licensing Service reported that the product key is invalid.

Without getting into the activation problems, why is it telling me the product key is invalid?

The version of Office is Office Profession ProPlus 2013 KMS. The product key I am using is a KMS version obtained from the Microsoft VL website.

When I try to activate it says:

LICENSE NAME: Office 15, OfficeProPlusVL_KMS_Client edition
ERROR CODE: 0xC004F050
ERROR DESCRIPTION: The Software Licensing Service reported that the product key
is invalid.

Why is it not accepting my key?

I've already installed the Office 2013 Pack on our KMS server. Is there some kind of difference between VL_KMS and KMS versions?
I have a Dell PowerEdge R710 with a PERS 6/I controller running one RAID5 with 4 SAS drives
Windows Server 2012 R2 STD.
I found drive 00 blinking with lights amber and green, I opened up Dell OpenManager. Went into Storage and can see the DISK status as the following:
"Physical DISK 0:0:0 Failed"
"Physical DISK 0:0:1 Online"
"Physical DISK 0:0:2 Online"
"Physical DISK 0:0:3 Online"
I then went into Event Viewer and found event 2235
"Controller event log: Predictive failure: PD 00 (e0x20/s0): Controller 0 (PERC 6/1 Integrated"
So now I'm sure the amber blinking drive is DISK0
I received my replacement drive and instead of hot swapping I booted into the PERC controller with CNTRL-R
I shutdown the server and swapped drive and booted
At boot I get an error message that one of my drives my be disconnect and to check cables
I shutdown the server again and put back the old drive
It booted up just but now when I go to open manager, instead of a failed status I see
"Physical DISK 0:0:0 Foreign"
"Physical DISK 0:0:1 Online"
"Physical DISK 0:0:2 Online"
"Physical DISK 0:0:3 Online"
I was thinking of just hot swapping but I'm concern
Please advice?
I do have a backup of the system with Server Backup
Dear Experts, please help to solve our scenario:
- Normally, we use google public DNS ( for our LAN users, then they can go to our website (let's say in IP: A.B.C.D - www.website.com) properly

- When we change the DNS of LAN users to our local DNS (the same domain - website.com), they could not go to that website anymore although I specified its DNS record (www) in the DNS server.

Do you have any idea please?
Hello - we have a new 2016 Server (March this year installed) where the RDP console has started giving us "license expired" notifications and we're now told our "session will be disconnected in 60 minutes".  This is for administrative use, so we should still be allowed up to 2 RDP connections - so what happened?  Registry glitch?  Anyone else run into this before?

thanks for your help.
Disclaimer:  Completely new to IIS and asp.net.  I was assigned the task of copying a website that resides in an Windows server 2003 running on IIS 6.0 and making run on a Windows 2012 R2 server with IIS 8.5.  I have read you can deploy websites using IEMT or Web deploy.  My fear using these tools is that if I use them the website on the source server will stop working.  What we want is to test if the site can run in IIS 8.5.  Can anyone help me and tell me more less how to do this?  A couple of thing more.  The website was created using ASP 1.1.4xxxx and the SQL server is sitting in another computer.  Can I make this happen or do I need to recreate the website.

I have a Server 2012 that hangs after seeing a series of megasr1 event ID 129 warnings.  The only way to restore function is to power cycle the server.

Here is the exact eror:
Log Name:      System
Source:        megasr1
Date:          12/7/2017 7:15:28 AM
Event ID:      129
Task Category: None
Level:         Warning
Keywords:      Classic
User:          N/A
Computer:     SERVER1.domain.local
Reset to device, \Device\RaidPort1, was issued.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <Provider Name="megasr1" />
    <EventID Qualifiers="32772">129</EventID>
    <TimeCreated SystemTime="2017-12-07T12:15:28.067812200Z" />
    <Security />

There are other warnings, such as 260 that happen on rare occasions.

Any ideas?

Dear All

    May I know the different between 2012 and 2016 server on file deduplication ?

Creating Active Directory Users from a Text File
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Windows server 2012 standard
Is it safe to renamn/move-delete/compress this logfil?
What is it this file logs?

// Tony

A customer has DFS running between 2 domain controllers. When trying to access the DFSprivate folder on any of the servers i get an error saying that i dont have any permissions.
When going through the permissions i can see that my domain admin user is present and has full rights. I can also check my rights by viewing my permission in the effective access tab.

Any suggestion of what im missing?

We have Windows 2013 Exchange Server running on Windows 2012 Server.  it is separate server from out domain controller/AD server.
We use a few copies of Outlook  2007 on some workstations and Outlook 2010 and 2013 on others.   We have one currrent external domain pointing to our network/Exchange  say   @company1.net      we have a couple of people who want to use a different domain name we have, @company2.net    that is pointing to Go Daddy email and they want o send out mass emails to our tenants and news letters.  About 450 email addresses. Due to the security on GO Daddy and other vendors mail setups we can't send that many in one email blast and they only  allow for certain numbers of emails per minute/hour/day.      They also don't include Group mailing to be able to send 450 in one group/email.  Obviously it is for spamming issues.
Question is can we repoint the @company2.net  to our internal network and Exchange server.  If we do can we have  both domains pointing there and can we have one person receive emails in their Outlook from each domain?  I think our issue will be that we can't have the person send out mass mailings as the "@company2.net" address while maintaining all of her corporate "@company1.net" sending as ability.
Does anyone know a way around this other than having the "@company2.net" emails going to say an Office 365 Outlook setup through GO Daddy or Microsoft directly and then using the web interface for that email address and sending from there.
We're using Meraki MX400 security appliances.  The Meraki devices use WMI to grab information about who's logged into what. The issue I'm having is that on many occasions when people log onto a VMware View linked clone desktop, Meraki will misidentify the name of the client as a desktop in a pool that hasn't been in existence for many many months.  I have checked ADUC, DNS, DHCP and WINS and have confirmed that those names do not exist anywhere in my network,

The Meraki tech has wanted me to gather AD logs on WMI Queries. I sent him the one listed in the event log area of the DC we'd be using to log in for this and he says its the wrong log, but has no information as to what log I should be pulling. I am not a WMI expert by any means. His words to me are:

The MX uses WMI queries to pull info for log on events on particular clients.
If you could grab the logs for a client on the AD that corroborate or conflict with the MX's output I can use that to scope the problem.

And then when I sent him the "wrong" log:

I don't think this is the correct log. This log shows instances of WMI queries occurring on the device, not the information a WMI query would grab.
If you're unsure how to gather and interpret the logs from AD I would recommend getting in touch with the relevant support.

And then finally when I reiterated that I've not been able to find anything:

If it appears that the MX is seeing false positive log on events for particular clients we'll need to …
Up until a few weeks ago when I created an Account in AD - gave it a default email address -
Then when our system synched to Office 365 - this email address was the default SMTP.
It took priority as it should.

However this has now changed.
Because our tenant is different - basically the system is defaulting to the tenant email as the default SMTP.

There is a workaround - in that when I create an account - I add the SMTP:joe.bloggs@acme.com into the Attribute Editor/Proxy Address and it then synchs fine.

What has changed - how is this resolved?

Setup : On - prem DC/AD
synchs to Office 365 cloud
We are failing from multiple methods to get this installed. We've used the Server Manager, PowerShell and DSIM from an elevated command prompt.

We have the 2012R2 ISO mounted as X: and an alternative path as X:\Sources\sxs

Here are the command lines we've used without success:

C:\>DISM /Online /Enable-Feature /FeatureName:NetFx3 /All /LimitAccess /Source:X:\sources\sxs

Deployment Image Servicing and Management tool
Version: 6.3.9600.17031

Image Version: 6.3.9600.17031

Enabling feature(s)
[===========================66.2%======                    ]

Error: 0x800f081f

The source files could not be found.
Use the "Source" option to specify the location of the files that are required t
o restore the feature. For more information on specifying a source location, see

The DISM log file can be found at C:\Windows\Logs\DISM\dism.log

PS C:\> Install-WindowsFeature NET-Framework-Core –Source X:\Sources\sxs
Install-WindowsFeature : The request to add or remove features on the specified server failed.
Installation of one or more roles, role services, or features failed.
The source files could not be downloaded.
Use the "source" option to specify the location of the files that are required to restore the feature. For more
information on specifying a source location, see http://go.microsoft.com/fwlink/?LinkId=243077. Error: 0x800f0906
At line:1 char:1
+ Install-WindowsFeature …

Windows Server 2012





Windows Server 2012 is the server version of Windows 8 and the successor to Windows Server 2008 R2. Windows Server 2012 is the first version of Windows Server to have no support for Itanium-based computers since Windows NT 4.0. Windows Server 2012, now in its second release (Windows Server 2012 Release 2) includes Foundation, Essentials, Standard and Datacenter, and does not support IA-32 or IA-64 processors.