Windows Server 2016

Windows Server 2016 is the successor to Windows Server 2012 R2. Built upon the same core code as Windows 10, Windows Server 2016 brings enhancements in security, servicing, and connectivity. A particular focus on this release was hybrid-cloud scenarios, and has close ties to Azure and other Microsoft cloud initiatives. This does not detract from the many improvements that are available for on-premises-only deployments

Windows Server 2016 comes in Datacenter, Standard, and Essentials editions, and for servicing, has adopted windows 10's cumulative model. The new nano-server install is designed to be remotely managed and is designed to be kept current through continuous feature updates. The full GUI install operates similarly to windows 10's "Long Term Servicing Branch" (LTSB) model with cumulative security updates.

Windows Server 2016 has also shifted from a per-processor-and-CAL licensing model to a per-core-and CAL licensing model. This brings Windows Server's licensing more in line with Microsoft's other products and makes hybrid-cloud license planning easier as well.

Share tech news, updates, or what's on your mind.

Sign up to Post

Dear Experts,
We have a Windows Server 2016 Standard running Java 8 v.211, and is getting flagged in the vulnerability scan "A remote Java JMX agent is configured without SSL client and password authentication."  The suggested solution is to enable SSL client or password authentication for the JMX agent, however, as I research for the solution, I am not getting a clear answers.

The one I wanted to try was to set up SSL, using keytool -genkey, then setting the system properties such as javax.net.ssl.keyStore Keystore location.
What I need is to understand how to accomplish these tasks, as I found the commands that need to be executed.   Am I executing this from Java environment that runs on this server?

Please advise.

java -Dcom.sun.management.jmxremote.port=9999
-Dcom.sun.management.jmxremote.password.file=jmxremote.password
-Djavax.net.ssl.keyStore=/home/user/.keystore
-Djavax.net.ssl.keyStorePassword=myKeyStorePassword
-Dcom.sun.management.jmxremote.ssl.need.client.auth=true
-Djavax.net.ssl.trustStore=/home/user/.truststore
-Djavax.net.ssl.trustStorePassword=myTrustStorePassword
-Dcom.sun.management.jmxremote.registry.ssl=true
-Djava.security.manager
-Djava.security.policy=jmx.policy
-jar lib/derbyrun.jar server start -h 0.0.0.0

(From https://docs.oracle.com/javadb/10.10.1.2/adminguide/radminjmxenablepwdssl.html)
0
I sometimes have issues on one fully patched Windows 10 computer running task scheduler (error is: The operator or administrator has refused the request). It runs fine for a while and all of a sudden, it stops running.

I have another computer running Windows Server 2016 on the same network having a lot more scheduled tasks that never have issues.

So my question is: can I schedule the tasks on the server to run on the W10 computer? The tasks absolutely need to run on the W10 computer as there are some special software running on it that can't be installed on the server.

I don't want to connect from the scheduler of the server to the one of the remote computer. I want the tasks to be scheduled and launched from the server but execute on the remote computer.
0
OK.  So, I'm finishing up a conversion from peer-to-peer to a Windows 2019 domain.
There are all those local user accounts that are being cleaned up.
But, how much cleanup is too much?

What are reasons to have local user accounts on workstations that are domain-joined and are normally used by domain users?
There must be some like the local Administrator active or not, Guest active or not, etc.  I can imagine a local user account in the local Administrators group.
What else?
Views and comments?
What is best practice?
0
Recover TypeHost Component SelectedRecover to Alternate LocationVM Configuration files in External USB HDHi,
 
 I have HyperV Server 2016. Virtual hard disks and configuration files reside in the following folders:

E:\HyperV\Configuration\Virtual Machines
E:\HyperV\Virtual Hard Disks

Recently I restored a virtual machine from an external USB hard drive (managed by Windows Server Backup) in Windows Server Backup. As seen in the screenshots, I restored the VM to an alternate location which is F drive (another external USB hard drive) . My intention was to restore VHDX files for the VM and I thought I could do that by using Windows Server Backup. But the problem was:
(1) Instead of selecting "Files and folders"  in Select Recovery Type screen, I chose "Hyper-V.
(2) In "Select Items to Recover" option screen, I ticked "VPN" VM and "Host components".

After restore job was finished, I realized that the VPN VM was running from the F drive (external USB hard drive).
So I shut down the VPN VM and got into "Settings" for VM and changed the virtual hard drive location from "F:\Restore\VPN\E_\HyperV"  to "E:\HyperV\Virtual Hard Disks".
Then I realized that Smart Paging File Location has also changed to F:\Restore\VPN\E_\HyperV\Configuration\Virtual Machines. In that folder, I saw 91A13DBB-A705-4337-8929-6F46E2023512.vmcx, 91A13DBB-A705-4337-8929-6F46E2023512.VMRS  along with 91A13DBB-A705-4337-8929-6F46E2023512  folder. At the same time, those files have been removed from their original …
0
I am working to restore a cluster that went trough hard events in last few months ( a complete hardware failure of one of the nodes, then a crash of the vm ( on the other node ) that required to rebuld a new vm. Trying to restore the Cluster now and when running the Cluster Validation option is returning the following error:  

"an error occurred while executing the test. The operation has failed. An error occurred while checking the state of the Active Directory object associated with the network name resource 'cluster name'. Access is denied "
Below is the error in event viewer:

Log Name:      System
Source:        Microsoft-Windows-FailoverClustering
Date:          10/30/2019 4:11:30 PM
Event ID:      1688
Task Category: Network Name Resource
Level:         Error
Keywords:      
User:          SYSTEM
Computer:      SITESRVR.SITEdomain.local
Description:
Cluster network name resource detected that the associated computer object in Active Directory was disabled and failed in its attempt to enable it. This may impact functionality that is dependent on Cluster network name authentication.

Network Name: Cluster Name
Organizational Unit: CN=Computers,DC=SITEdomain,DC=local

Guidance:

Enable the computer object for the network name in Active Directory.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-FailoverClustering" Guid="{BAF908EA-3421-4CA9-9B84-6689B8C6F85F}" />
 …
0
Does anyone have a powershell script that gives login and logoff times for a specific user or all
1
Hi All,

I may be being silly here. I have a Windows Server 2016 which I am using for file sharing (testing purposes). I have created a share and mapped this share. I can see the shared folder in both the file and storage / shares part of server manager, and if I navigate to the folder via This PC.

As soon as I do anything with this share, ie create a folder etc, I cannot see what has been done either  accessing the drive directly via this pc (nor does the contents show up in command prompt via the dir command unless a specifically instruct it to view the directory. IE a dir of E: shows nothing but I can run E:\New Folder and it will navigate to the hidden folder but will not display its contents)). I see the Shares folder, but nothing within the shares folder. If however I browse via the shares control panel I can see the share and if I explore the share I can see everything I have created. I can also see it via any other machine that has mapped a drive to the share.

Is this a new feature of Windows 2016, or what am I missing? I thought maybe permissions, so I gave the shared folder everyone full control, but it is still hidden from within Windows.

Cheers,
Paul
0
I have Windows Server 2016 box with DNS configured.  From the server itself, I can query DNS entries that are configured, including making new ones up.  I'll get back whatever I put in the zone.

But from workstations, they can resolve public websites just fine using that Windows box, but they cannot resolve any local addresses.

What am I missing?
0
Hi Experts,

I cannot install a module to powershell.
I like to install this module:

PS C:\> Install-Module AzureAD
Install-Module : The term 'Install-Module' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling 
of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:1
+ Install-Module AzureAD
+ ~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (Install-Module:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

Open in new window


This command is part of a script and was always working.

What I am doing wrong ?
0
Hi All

We currently have two virtualised Windows file servers. The first has a secondary Virtual hard disk attached (different datastore) that all of the shares are stored on. The second uses the iSSCSI initiator to connect to a volume directly on our SAN. All Volumes on the SAN for both servers are replicated to our dr site. Both servers are backed up using Veaam

I am currently planning one possibly two new file Servers as their replacement.

1. Which offers better performance, direct file shares on the virtual disk or the disk shares via the iSCSI initiator?
2. When Veam backs up the second server will it also back up the data or only the iSCSI initiator config? ie if I had to restore the server but the SAN volume with the datawasn’t available would the recovered server have a folder with data in it or a disconnected data drive?
3. In the event of a problem such as a ransomware attack which is better/ quicker to recover. A window share on a virtual hard disk backed up by Veeam or Windows share with an iSCSI back end from Veam/ SAN volume replication?
4 Which approach would be recommended?

Thankyou
0
Facing issues with PowerCLI Script automated though Scheduled task on OS Win 2016

Earlier it was all fine now days getting multiple errors failing script execution

Installed Power shell and PowerCli versions are ...
PowerCLI Version
----------------
   VMware PowerCLI 11.3.0 build 13990089
---------------
Component Versions
---------------
   VMware Cis Core PowerCLI Component PowerCLI Component 11.3 build 13964830
   VMware VimAutomation VICore Commands PowerCLI Component PowerCLI Component 11.3 build 13964826

PowerShell is 5.1

 And frequent error is
Connect-VIServer : Could not load file or assembly 'VMware.Vim, Version=6.7.0.2048, Culture=neutral, PublicKeyToken=null' or one of its dependencies. The system cannot find the
file specified
I want to execute my script for vSphere 5.5 and 6.5 Health check

Please help to get this fixed
 did tried reinstall /removal of existing powercli module/vmware module etc -but no success
0
We are planning in place upgrade For VMs ruining with OS Win 2008 R2 Std to Win 2012 R2 /Win 2016/2019

What all are prerequisites to get this done with minimum downtime, and most of the VMs are in use as File Server

 Can we have latest iso created/customized so that OS upgrade and patching can alos be done in single go ,else we have to download patches separately
 
any config required @VM end ?

 Any way to automate the same for multiple VMs?

Thanks
0
Restored VM Hard Drive PathRestored pathHi,

 I have W2016 HyperV Server and backup VMs to external USB HD using Window Server Backup. Fyi, the vhdx files for VMs reside on E:\HyperV\Virtual Hard Disks folder.
 Today I wanted to restore this VM "PDC" to an separate external USB hard drive (F drive) so that I can set it up on another HyperV in different network.

 During Recover Operation in Window Server Backup, chose "Recover" in Windows Server Backup", I chose "This Server", "Hyper-V", selected "PDC" VM, "Recover to alternate location" and selected "F:\Restore" folder. I believe I chose to restore "HyperV components...?" as well.

 The vhdx was restored to F:\Restore\PDC\E_\HyperV\Virtual Hard Disks, which was what I wanted. However, I discovered that the virtual machine was shut down and when I started this VM, I realized  that it was slow coming up and discovered that Virtual hard disk location was changed to F:\Restore\PDC\E_\HyperV\Virtual Hard Disks\PDC.vhdx.

Can I simply shutdown this VM,, change virtual hard disk path to E:\HyperV\Virtual Hard Disks folder and start it?
Will it do no harm?

Thanks.
0
Hi Experts,

I have to setup a new mail flow from a new exchange management server.
This server is just management server and relay server.
The server was moved to another location and datacenter. This means the external IP has also changed.

When I send a testmail via telnet I receive an error.

ConnectorId             : Outbound Internet via Office 365
Source                  : SMTP
EventId                 : FAIL
InternalMessageId       : 3105261355011
MessageId               : <d0b8f7c0-8d7e-4f68-a5b3-49b508cd625d@svatsmwmx2.sal.co.at>
NetworkMessageId        : 0c1a26a6-ed0a-4d7f-84d9-08d75959aaf6
Recipients              : {gw@company.com}
RecipientStatus         : {[{LED=550 5.7.606 Access denied, banned sending IP [external ip]. To request removal from this list please visit
                          https://sender.office.com/ and follow the directions. For more information please go to
                          http://go.microsoft.com/fwlink/?LinkID=526655
                          (AS16012609)};{MSG=};{FQDN=company-com.mail.eo.outlook.com};{IP=104.47.1.36};{LRT=10/25/2019 2:43:15 PM}]}

Open in new window


I went to the site https://sender.office.com/ and tried to remove the IP from the list.

But this is 4 hours ago.
How long does it take ?

Or do you have any other ideas ?
1
I have a service written in Delphi.  it has been tested and run on many machines.
it writes to a log file(on create/install/uninstall), then starts an executable periodically

however, setting it up on a new 2016 server VM (created through Azure if that helps)
isn't going to well.

the log file isn't being written to(ever), and the the service absolutely is refusing to start.

the application it is starting has been tested and is runs with no issue.

the Account being used is the local system.
we have also tried using the admin user, same result.
It fails with error 1053,  and no log is generated (I have startup message in the create statement), I don't know where to look

any idea would be appreciated
0
When I try to install Print and document Services Role I get a error 0x800f0831this is server 2016
0
Hi Experts,

I have a question regarding AD scurity groups.
Lets say I have two security groups.
One group is filled with users (modify rights).
The other group is filled with FullAccess Users.

Lets say one teamleader is in both groups, which group counts ?
The group with the highest right or lowest ?
1
Hi,

For Windows Shadow Copy activation, is it better to create the copy in same drive or different drive.. or doesn't matter? With Windows 2008 and 2016 file servers env.
0
Hi,

I am looking FTP server with FTP, FTPS and SFTP protocol.
I need FTP server in Tenant (Hosted) mode where I can configure different domains (segregation) and assign disk space as per requirement.
If server is windows based than its excellent. I am not looking hosted/cloud FTP server. I would like to host/configure server in our data center offer service to end users.
0
We have a network link from one site to another site that has a latency of 4 milliseconds and we are in the process of configuring a Windows Server 2016 and SQL 2016 Failover Cluster and with a maximum of 3 nodes.

Two of the nodes will be on the same site.

Is a 4ms latency link between sites acceptable for the Windows Failover Cluster?
0
Recently, I deployed a new Windows Server 2016 - Std as a domain controller.

It's not being used for other than AD replication, AD-Integrated DNS, AD Sites & Services, etc.

In other words, it will eventually become my new PDC, but not at the moment.

Well, I was reviewing my steps and realized that it would be nice to change the IP address of this new DC before I go any further.  The main reason for the abrupt IP change is for future server deployment management/documenting.

The IP change would remain in the current subnet (VLAN).

Is there any issues I may cause or run into if I would proceed in changing this new DC's IP address now?


If you need further information to assist in answering my question, just let me know.


Thanks in advance.
0
Hi experts,

I have a question about shares and publish them to AD ?
Is it useful to publish shares in AD ?

1. is it useful for users to do that ?
2. What kind of benefit I have when I publish a share to AD ?
3. Do I get performance issues when I use it ?
0
I have an old 2008 R2 server that is hosting our 8 Hyper-V VMs and I'm looking to upgrade. Just need some sound advice since the landscape has changed a bit.

I want to have some redundancy of the VMs and if possible, run them off the flash based array we have connected to it (This server also shares the array storage to the rest of the network).

Was thinking about this simple solution, but can you provide feedback on what you think of the design?
2 identical servers running Windows Server 2019 (not sure which version would suffice)
Both run Hyper-V for load balancing but mostly for redundancy.
Also wanted to share our storage array (which is currently connected to my 1 server, but want to somehow connect it to these two new ones) to my end users.
1
How do I configure multi-factor authentication on my Server 2016 RDP Server.
0
I am trying to demote a Windows Server 2008 as DC and uninstall AD/DNS, I have already promoted the WIndows Server 2016 with AD/DNS/DHCP/FSMO Roles
I tried to run the DCPROMO to demote and got an error "DCPROMO was unable to remove DNS Delagations from the Parent Zone...then i went in to Server Manager and remove Roles and tries to uninstall ADS/DNS and it just hangs on Initializing removal and does not process any further.
Any Suggestions appreciated on how to remove these roles, we are demoting the Server and taking it offline
0

Windows Server 2016

Windows Server 2016 is the successor to Windows Server 2012 R2. Built upon the same core code as Windows 10, Windows Server 2016 brings enhancements in security, servicing, and connectivity. A particular focus on this release was hybrid-cloud scenarios, and has close ties to Azure and other Microsoft cloud initiatives. This does not detract from the many improvements that are available for on-premises-only deployments

Windows Server 2016 comes in Datacenter, Standard, and Essentials editions, and for servicing, has adopted windows 10's cumulative model. The new nano-server install is designed to be remotely managed and is designed to be kept current through continuous feature updates. The full GUI install operates similarly to windows 10's "Long Term Servicing Branch" (LTSB) model with cumulative security updates.

Windows Server 2016 has also shifted from a per-processor-and-CAL licensing model to a per-core-and CAL licensing model. This brings Windows Server's licensing more in line with Microsoft's other products and makes hybrid-cloud license planning easier as well.