Windows Server 2012





Windows Server 2012 is the server version of Windows 8 and the successor to Windows Server 2008 R2. Windows Server 2012 is the first version of Windows Server to have no support for Itanium-based computers since Windows NT 4.0. Windows Server 2012, now in its second release (Windows Server 2012 Release 2) includes Foundation, Essentials, Standard and Datacenter, and does not support IA-32 or IA-64 processors.

Share tech news, updates, or what's on your mind.

Sign up to Post

Dear Experts, I have one AD (server2012R2) and one Mail Exchange 2016 server. When I configured the complexity of password in AD and applied it with "gpupdate /force", the policy could not applied in Exchange mail users. They can still change the password with simple phrases. For example: no need special characters, or number,...

Can you please explain and suggest?

Many thanks!
Free Tool: ZipGrep
LVL 12
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

System: Windows 2012 R2, CRM 2016

I completed the configuration of ADFS, Claims-Based Authentication and IFD without any errors.  The login form opens both internally and externally.

The issue is that it is pointing to the wrong site.  It is pointing to the sts1 address, however, the System Admin tells me that this is a production site.

I don't want to try ripping out ADFS and starting over, I have seen that cause major problems

Can someone tell me how I can change the site from sts1 to the correct site?

The system admin had me try but it reverts back to the sts1 site.

I am at the last  step of the IFD setup and if I can get this issue resolved, I am done

I have a Microsoft Access application that is running on Server "2012 R2".  Currently, users login and run the application via RDP.  Whilst this works well, I have come across the term "RemoteApp", where the user can run the application as if it's running locally, making it easy to switch between our application and those running locally. In some cases, this might be a nice option, but I do have a couple of questions about it.

1. Does it have any obvious downsides?
2. Does it help reduce the load on the server in any way?
3. I can currently logon to a users session and help them out (if they need me to).  Would this still work?

Thanks as always
Dear experts,

I have a Window 2012 R2 server running DNS, DHCP, and AD DS and a sonicwall firewall. For some reason that my DNS server is not working. When I look at my network connection from Window 7, I can see that IPv4 Default Gateway is, IPv4 DHCP server is on but IPv DNS server is on 68.x.x.x It is not pointing to my DNS which should be the same as the DHCP server ( I am not sure what went wrong as in if there is a mis-configuration in sonicwall firewall/router or the DNS server at

I can see my client PC is not talking to the local DNS server but instead on 68.x.x.x my ISP. Is there a way to configure in order to ensure my client PC will ask my local DNS first if no information can be found then forward to the DNS of my ISP and so forth?  I have set my TCP/IPv4 to Obtain an IP address automatically and Obtain DNS server address automatically. Is there a way to set obtain IP and DNS server automatically rather than set those to static?
I am in the process of setting up our Windows Server 2012R2 VM in Azure for PCI compliant ciphers and protocols. When I disable TLS 1.0 I get an error in my system log:

A fatal error occurred while creating an SSL client credential. The internal error state is 10013.
with an Event ID of 36871

Most of the answers I have seen are for server 2008 and in regards to SMTP. There is nothing that runs SMTP on this server, it's just an IIS box hosting a few web services. RDP works just fine, everything else seems fine, kind of confused as to why disabling TLS 1.0 would do this. When I re-enable it, the errors go away.  

Any Suggestions?

Error image
I finished configuring ADFS and Claims Based Authentication for CRM 2016 but I am getting an error when I try to connect.  The login page comes up but I am getting the error below:

A WS-Trust endpoint that was configured could not be opened.
Additional Data
Mode:    WindowsTransport
MSIS0006: A Service Principal Name is not registered for the AD FS service account.

I could use some assistance in where to start to troubleshoot this error.  

Note: during ADFS setup, I ran the setspn command below and it told me that the spn already existed, so I just continued on.
(setspn -a http/ wwmh\CRMTest )

This appears to be causing the problem:

Note: during ADFS setup, I ran the setspn command below and it told me that the spn already existed, so I just continued on.
(setspn -a http/ wwmh\CRMTest )

I received the following information from the System Admin:

You'll need a different one. If I change the current sts1 record it will break production crm.
Can we do

My question:
How do I change the spn to  I entered the following into a cmd prompt and it seemed to add the spn but sts1 still comes up when I browse the IFD externally.

(setspn -a http/ wwmh\CRMTest
I am testing arcserve for my backups, but on one server, the proram keeps on failing with the following error: Event ID 22, source: VSS
Here's the error message:


I have already tried the following, but to my surprise the registry entry was already there:
System: Dynamics 365 | Windows 2012 R2

I configured ADFS 3.0 and I am working on the Claim-Based Authentication,  I am getting the error below when browsing the ADFS Xml:
There was an error in enabling endpoints of Federation Service. Fix configuration errors using PowerShell cmdlets and restart the Federation Service.

I restarted the CRM server and the ADFS service but it still shows the error.  I am working on using PowerShell but cant find the ADFS 3.0 snap-in on the CRM server
Every time we move a mailbox from Exchange 2010 to Exchange 2016 we need to restart the Autodiscover and Exchange Web Services Application pools.

We are running Exchange 2016 CU6.  Does anyone know if a fix for this has been released yet?
Need to set up Single Sign on in Microsoft 2008/2012 environment.  I have installed Host Integration Server 2016 but cannot access any documentation to configure it
Microsoft has proven useless as the continually run me around to people that have no idea why I cannot access the configuration documents. We are trying to setup sso for internet access to our application servers.

Can someone get me started on this issue?
Free Tool: Subnet Calculator
LVL 12
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Hello, We need to upgraded old hardware which has server 2008 r2 dc running its a single dc environment so I thought it’s better to upgrade to server 2012 r2 along with hardware upgrade, can someone please help how can I initiate this upgrade process smoothly to have all our existing domain controller information and get rid off of server2008 r2.
I would like to use VMST Tool service in order to update patches on virtual machines that are offline within the Vcenter infrastructure.
My main questions are:
Can the VMST service tool scan missing security patches in a offline VM?
Does this tool generates reports from the scans?

Thanking you in advance for your support.
Best Regards
I have read multiple articles online on move the WIndows 2012 R2 ADFS SQL DB from one server to another. The one items I cannot get clarification on is does the moving of the configuration DB automatically move the Artifcate DB?
can you tell me any difference between windows server 2012 and windows server 2016

any other functionalities I should be aware of
Hello all, could you please provide some guidance on common best practices for configuring secure email relay?  What port number should be used, TLS, certificates, authentication, etc.  Thanks.
This is a strange one.  I have a developer who wants to test code on a dev server, but.... he has to change the clock for some reason.  Meaning the time is off on the server from the time on the rest of the domain.  So, once his PowerShell script changes the clock it then can't continue because Kerberos freaks out.  (PowerShell is running on his laptop and remoting into said server, but he doesn't change his laptop's time)

"Starting a command on the remote server failed with the following error message: WinRM cannot process the request.  The following error with errorcode 0x80090324 occured while using Kerberos authentication: There is a time and/or date difference between the client and server."

Everything I Google talks about time syncing errors and how to fix that... but that's not the problem.  I WANT time to be off and authentication to work.

We are trying to restrict our service accounts in AD to do interactive logon process by pressing the CTRL-ALT-DEL key sequence.

What is the best way to do it?  We have all service accounts in an OU in AD.  Is it possible to use group policy to restrict that?  

Or should I do that in the machine level?

Please advise.

I am copying from C:\Folder to \\backup\folder$

My Command:
ROBOCOPY C:\Folder \\backup\folder$ /E /MIR /copy:datso

Robocopy ERROR 1307 (0x0000051B) Copying NTFS Security to Destination Directory ...This security ID may not be assigned as the owner of this object

If I change the cxommand to /copy:dats (without the o) it works OK, but I need the ownership!

C:\Folder has ownership of "domain\domain admins"
C:\Folder has a few user folders in it with ownerships of "domain\username"

any ideas?
Hello -

We are in the process on implementing Sharepoint 2016 on prem. I’d like to know what are the user requirements as far as utilizing our Sharepoint? What are the AD best practice?


Free Tool: Port Scanner
LVL 12
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

I have a small AD with ONE forest and ONE domain

Are below "Part #3" the correct steps ?
Part #1, 20 hours ago
  1. setup new domain controller
  2. moved 5 FSMO roles to it
  3. made sure everything has replicated

Part #2, Now
  1. open Active Directory Sites and Services
  2. open existing SITE
  3. see NEW server
  4. click "NTDS Settings"
  5. shows PARTNER server is OLD server that is in the same SITE
  6. click on other SITES
  7. see that NEW server does NOT display
  8. make sure I can ping new server's IP and HOSTNAME from other SITES

Part #3, Adding NEW server to above #7 ?
  1. rightClick on "NTDS Settings"
  2. leftClick "New", then "Connection"
  3. doubleClick the NEW server from the list
  4. demote and remove OLD server
  5. OLD server automatically removes itself
     from "NTDS Settings" on all locations
RDS 2012 Load balancing

I have two RDS Hosts at two offices. They are used by staff to connect to a database in the other office. Unfortiunaly load balancing keeps sending users to their same office RDS Host how do I disable this from happeing?

I wanted to get people's feedback on PtoVing a primary domain controller emulator and GCS server.  It is running on a 2012R2 server.  What are the ramifications of doing this, is it a good idea, considerations etc?  Server 2012R2 is supposed to be an enlightened OS.

The only reason I am considering this, is I have inherited this setup and currently this role is running on an overpowered bare metal server, which has plenty of room for hardware upgrades.  It would make a great virtualization host.  Also domain controllers although massively important, don't need a whole lot of horsepower.

Thanks for the feedback and tips.
How can I find the ip address of my windows server 2012 hyperv vm when turned off since I want to make sure it is NOT a static IP I already have in use before I turn it on ?

I did the below, but do not see an IP address field ?
  1. open Physical Server
  2. open Hyper-V Manager
  3. right click on the VM that is OFF
  4. left click SETTINGS
Hello Friends, If you have any depth understanding of the queries below, please help me with your expert answers.

1. How does Advance Open File mechanism work in the backend of Symantec Backup Exec? A depth technical background of this method...

2. Does it protect unsaved open files? Example: I have an open file and I am continuously writing some data to it, but I have not saved (Ctr+S) this file yet (since 1 or 2 hrs of time). Will it be backed up by Backup exec even if it is not saved to have current modified data with latest contents I have written in this file, or it will just backup this file with what has been already saved (ctrl+s)?

IIS/DNS, Well, it was working last week '???'

I have a windows 2012 R2 server running IIS with 2 sites.  A public facing IP using an external DNS source.  The Default site has always been on but is not used.  My 2 sites are, where http is redirected to https.  and on port:xxxx.   I built a new server last week to replace the original yet, this same problem existed prior to the original server being replaced.  An additional problem arose today where  my users who had favorite links are also experiencing this issue too.  I forgot the important part.  The main web site has always been accessed as or simply and resolved either way.

I noticed a couple weeks back when I accessed my main site, omitting SITE1(i.e. my request was being resolved to the MS default IIS page.  This struck me as odd as I was able to resolve the intended page weeks prior. The server was having other issues with updating and some old software that wouldn't properly uninstall and I felt it was time to replace it with a new VM, and move my sites over. As well I exported my certificates out and imported them into the new server.  I feel confident I did my due diligence in ensuring like for like settings in all of IIS.

Upon bringing the new server up my access to SITE1 and SITE2:1234 works as it should yet, and still, when I try to access the url http:// it …

Windows Server 2012





Windows Server 2012 is the server version of Windows 8 and the successor to Windows Server 2008 R2. Windows Server 2012 is the first version of Windows Server to have no support for Itanium-based computers since Windows NT 4.0. Windows Server 2012, now in its second release (Windows Server 2012 Release 2) includes Foundation, Essentials, Standard and Datacenter, and does not support IA-32 or IA-64 processors.