Windows Server 2016

Windows Server 2016 is the successor to Windows Server 2012 R2. Built upon the same core code as Windows 10, Windows Server 2016 brings enhancements in security, servicing, and connectivity. A particular focus on this release was hybrid-cloud scenarios, and has close ties to Azure and other Microsoft cloud initiatives. This does not detract from the many improvements that are available for on-premises-only deployments

Windows Server 2016 comes in Datacenter, Standard, and Essentials editions, and for servicing, has adopted windows 10's cumulative model. The new nano-server install is designed to be remotely managed and is designed to be kept current through continuous feature updates. The full GUI install operates similarly to windows 10's "Long Term Servicing Branch" (LTSB) model with cumulative security updates.

Windows Server 2016 has also shifted from a per-processor-and-CAL licensing model to a per-core-and CAL licensing model. This brings Windows Server's licensing more in line with Microsoft's other products and makes hybrid-cloud license planning easier as well.

Share tech news, updates, or what's on your mind.

Sign up to Post

How do I configure multi-factor authentication on my Server 2016 RDP Server.
0
JavaScript Best Practices
LVL 13
JavaScript Best Practices

Save hours in development time and avoid common mistakes by learning the best practices to use for JavaScript.

My windows 10 user, lets call him guser is a member of the corp\administrators group (and enterprise admin groups). His windows 10 client desktop was working fine a couple of days ago, and his folders were being redirected to the server on D:\Shares\User Folders\guser. Suddenly, and we thought after an update, it says that he does not have rights to d:\shares\User Folders\guser\Desktop.
Here are some facts:
He's an admin at corp
He can map to the server
He can navigate and map to d:\shares\user folders\guser, but can't navigate further than that
He IS owner of d:\shares\user folders\guser
He is NOT owner of the Desktop, Documents, Downloads, Favorites, etc... (can't seem to get him to be an owner)
The Windows 10 client displayed the message : File and print sharing resource (Server name) is online but isnt responding to connection attempts.

I could use some help here, guys/gals!
0
Hi
Im trying to install server 2016 on a VM on hyper V, without any success
I keep getting boot failure, reboot and select proper boot media...
Ive tried Gen 1 & 2 vms no success
Ive tried the Virtual DVD drive point to ISO on Hyperv Host and from bootable USB but still no success
where am i going wrong
Thanks in advance
0
We are looking into some best practices regarding data retention for a batch of excel spreadsheet files. At present there is a requirement of the company to keep the files for 6 years, and they reside on a Windows file server share. By 'keep them', I mean if someone deleted them and they weren't recoverable this would potentially cause chaos. They are in a directory whereby permissions are set to read-only for almost everyone bar our IT support groups, therefore the number of people who could inadvertently delete the files is very limited. We don't have any sophisticated records management/EDRMS type systems to enforce data retention where we could upload the files too. Have you ever had any similar situations, and what types of controls did you put in place to do all you can to preserve the availability of the files in line with the retention requirement? I need to explore how backup retention works as well in case we had a major disaster and lost the server/data centre it was hosted on/drive etc.
0
I have a Windows Server 2016 Standard Server with a domain with local machines. I would like to integrate this server with existing Office365 users and Azure servers for email and single sign on. Is it better to use the Essentials Office365 integration or the Azure active Directory integration or the AADConnect?
0
I need to enter "exclusions" on port 443 outbound.  Want to install on our Windows Server 2016, need to open port 443 outbound for Malwarebytes sites.  How do I do that?

This is from the Malwarebytes site:

External Access Requirements

If you use a firewall or other device to control your Internet access, exclude the websites as listed here.  The Malwarebytes Endpoint Agents use the websites below reach the Malwarebytes services.  You must exclude all websites on port 443, outbound.

https://cloud.malwarebytes.com
https://telemetry.malwarebytes.com

https://detect-remediate.cloud.malwarebytes.com

https://data-cdn-static.mbamupdates.com 

https://keystone.mwbsys.com 

https://keystone-akamai.mwbsys.com 

etc...
0
This is an odd issue I can't figure out.  I have several remote users who log in to our network through a Sonicwall using NetExtender then into our Terminal Server through Remote Desktop.  They are set up in the Environment tab in Active Directory to start the specific program they need upon login so they are just taken directly to the login for that program (Abila HRMS HR program).

One user (MP) can login just fine and after connecting through Remote Desktop they see the login screen for Abila HRMS. This is where the problem starts.  The user logs in to HRMS and then just sees a blank screen (note: this user is using a laptop).

I had another user (SK) login at her Desktop computer using the other user's credentials and after logging into HRMS, she sees the HRMS program running minimized.  She maximized the program and disconnected from the session leaving the program up and then the other user (MP) was able to login to HRMS and see the program.  But if he logs out and tries to get back in, the same thing happens.  I tested MP's login from a laptop and had the same issue, I just see the blank screen.

Basically the HRMS program is starting minimized and the user MP can't see it as it must be off screen on his laptop (and from the laptop I tested from), but the user SK from her desktop can see the minimized program at the bottom and then maximize.

Is there some sort of setting that would force the program to start maximized for this user?
0
Hi, I am in the process of adding new Windows Server 2016 domain controllers into my existing AD environment, which currently hosts Windows Server 2008 R2 domain controllers exclusively.

FFL = Windows Server 2008 R2
DFL = Windows Server 2008 R2

Features Enabled = AD Recycle Bin

AD Schema = 87 (Windows Server 2016)


Already migrated from FRS to DFSR.


Which brings me to my question.

When I migrated my current Windows Server 2008 R2 domain controller environment from FRS to DFSR, I noticed that the SYSVOL folder was replaced by a new folder called SYSVOL_DFSR.


So, when I introduce these new Windows Server 2016 domain controllers into my existing domain environment will I need to make sure they create a SYSVOL_DFSR folder under the "Active Directory Domain Services Configuration Wizard / Paths" during the installation of the AD DS server roles or will the default SYSVOL work just fine on them even though the existing Windows Server 2008 R2 domain controllers won't have that folder for replication?



Just wondering.


Thanks in advance.
0
I want to activate our Intune Windows 10 Edu device with a MAK key. I have tried using the Intune profile 'Edition Upgrade' and chosen the OS version and MAK key, but it doesn't activate. Manually activation works, the key is fine.

I bet I can activate using a script
slmgr /ipk 12345-12345-12345-12345-12345
slmgr /ato

but that will run every login/startup?


what to do? Id prefer a profile option.
0
Hi, I am in the process of adding new domain controllers (Windows Server 2016) into my AD environment, which currently hosts Windows Server 2008 R2 domain controllers.

FFL = Windows Server 2008 R2
DFL = Windows Server 2008 R2

Features Enabled = AD Recycle Bin

AD Schema = 87 (Windows Server 2016)

Already migrated from FRS to DFRS.


My question is probably a simple one, but I still need to ask it anyways.

When installing the AD DS server role on the new Windows Server 2016, should I use the same DSRM (Directory Service Restore Mode) password as I have for my current Windows Server 2008 R2 domain controllers?

Or can I use a different DSRM password for these new Windows Server 2016 domain controllers, which will eventually replace my current Windows Server 2008 R2 domain controllers?


Just want to leave no stones unturned as I proceed.  The last time I had to introduce new DC's in my environment was back in 2011.  So, I am a little rusty and have been refreshing up on the process, as well as, checking for any changes since then.

Just wondering.


Thanks in advance.
0
Ensure you’re charging the right price for your IT
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

I started to build a spreadsheet but decided there must be a better way:

I have a domain with workstation fileshares.
For each:

I've followed common practice in setting local groups (because there are non-joined accesses to be allowed).
One might call this the "permissions" level.

And, I've established domain groups.
One might call this the Role level.

And, I've made the domain groups members of the local groups.
Nice and tidy....  It's easy to remember the structure because it's consistent; i.e. used consistently.

But it's not so easy to analyze because there are groups within groups.  
Who has permission?
Are there any duplicate or conflicting permissions?
etc.

What's a good way to *see* all this?
It should be easy.
For a small organization, it should fit on one page.

Part of the challenge is that some of the information is only on the workstation and some is only on the AD Server.  
Maybe a PowerShell script?
I've not found any commercial or other tools that seem to address this.
0
Hyper-v Guests sluggish, random disconnects, high cpu (after September 23rd, 2019 update)

Host: Windows 2016 Server Stnd
Guests: Windows 10 Pro (6 guests)
Ram (16GB Each)
Everything is up to date; windows patches, we have removed antivirus and security tools, we still have these random issues.
Users can connect, if they get disconnected (RDP) they cant connect and we have to reset the vm.

Can someone help me here? Please and thank you :P
0
I'm migrating to new hardware from SBS 2011 to Window Server 2016 Standard (not Essentials), I will add the Essentials role. I've done half a dozen SBS 2011 to Windows Server 2012 R2 Essentials and to 2012 R2 Standard but it's be a while and this is 2016. We are not migrating Exchange, already on Office 365. We don't use WSUS or Sharepoint.

I am looking for a step by step document, I previously used https://blogs.technet.microsoft.com/sbs/2014/03/31/windows-server-2012-r2-essentials-migration-keys-to-success/ but that is from 2014. Is there a more current step by step for 2016?
0
I have created an azure dynamic device group withe a rule
(device.devicePhysicalIDs -any _ -contains "[ZTDId]")

In ‘Windows enrolment / windows autopilot devices’
There are 2 devices listed which did indeed autopilot when built.

The group has a status of ‘up to date’ But a last update status of ‘unknown’

We only have a small tenant, the group was created hours ago by an admin. We have a license which supports Intune.

Why doesn’t the group have any members?
0
Could someone explain to me the difference between Anywhere Access and a VPN with Remote Desktop on Windows Server 2016 Essentials?  I am in the throes of setting up remote access and have to figure out how to set this stuff up.  Any advice on how to proceed would be appreciated.
0
We set up a new RDS server that should pick up our licenses from the existing RDS2016 server.
The existing server licenses are all current.  It has been placed in the correct groups in the domain and all looks good.
 
The new server is not configured as a license server. Under deployment, the server is set to look at the other server to pick up its licenses.  The server does not seem to do this and is using its own grace period licenses.

When you enter the license diags the server tells me there are no licenses available for the session host server.

How do I go about getting the new server to pick up the licenses correctly?
0
I have a system with 3 Domain Controllers (Server 2019).  One of them got out of sync (my best description) and wasn't replicating - while the other 2 seem to be working fine.
The problem seemed to be RPC errors but all 3 DCs were running together in a test lab before being deployed.
This one was deployed a month or so after the first two, having been powered down during the interim.
The failure would cause me to suspect the real network they are now in somehow - but "how?" is elusive.
I have wireshark captures taken during replication attempts but I don't see much that jumps out.

Eventually, I was advised to take the "bad" DC off the domain and re-promote it.  
I've proceeded with thatprocess and have tried a lot of suggested things but so far no luck in promoting this DC.
Fortunately, this DC wasn't in the mainstream of operations and, without replication, had less configuration data on it than the others.
So, taking a step back is of little concern.

I think I did a pretty good job of bringing the DC down but I'm unsure of its status.  There's a first time for everything...
I still see remnants of its name on the others for example.
So, I think the first step is to confirm that stuff is removed as required in preparation for promotion.
I've run a bunch of tools but don't know when to be happy or sad re: the results.  Just no experience.
So, I'm wasting calendar time by running down blind alleys.

I *did* try to promote this DC but the process won't …
0
Hello – I have a client with a large MS Access application that  has asked me to migrate their backend database to SQL Server.
The admin there set up a Windows Server 2016 evaluation instance (on VMWare), and installed SQL Server 2017 Express on it, so I could work out the details in an isolated environment.
I have migrated the Access database to that SQL Server, but I have not been able to create a DSN to it from a client PC.
I have tried following a couple of troubleshooters, changing several settings, but nothing has worked.
I am an Access developer, and I’m out of my element with this. The network admin there is not able to help.
Is the WS 2016 eval crippled in any way that would cause this?

Thanks
0
I have some very odd services showing up on a Windows Server 2016 Essentials Server:

CDPUserScv_8222e
ContactData_8222e
SyncHost_8222e
User Data Access_8222e
User Data Storage_8222e
Windows Push Notification User Service_8222e

   Google doesn't have much on these services. Anyone know what they are and if they are needed?
0
Exploring ASP.NET Core: Fundamentals
LVL 13
Exploring ASP.NET Core: Fundamentals

Learn to build web apps and services, IoT apps, and mobile backends by covering the fundamentals of ASP.NET Core and  exploring the core foundations for app libraries.

I have a domain policy where the password must be changed every 2 months.

1.  Does the password change policy occur the same "day" for all users, or is it unique for each individual user?

2.  if the policy is set on January 1st, does the password expire on March 1st?

3.  If a new employee is hired on February 1st, does there password expire on March 1st or April 1st?

4.  If I manually reset a user's password in Active Directory on January 5th, does it expire on March 5th?
0
Our Remote Desktop Gateway is Windows Server 2016.

I need to be able to disable a RD CAP and RD RAP via powershell.  We are going to set up a scheduled task to run the script to disable certain RD CAP and RD RAP rules.  So I need to be able to disable the rules by name.

Ideas?

James
0
Hi experts,

our linux guys use two scripts for their linux file servers.
1. When a user logs on, one script checks the SCRTACH share, if the user has already a folder, if not, the script creates one.
2. Another script deletes the content of the SCRATCH folders.

Is it possible to to do the same for a windows fileserver ?
Do you have some hints and ideas ?
0
Hi Experts,

I need some advise about the DefaultDomainControllerPolicy (DDCP).

At one customer I have seen, this policy was edited.
And of course they have some strange behaviors here with logon of personal domain admin users.
I have a named domain admin user, but I am not able to open DNS or AD or anything else from the administrative tools.

Can you show me the defaults of the DDCP ?
0
We currently have a AD domain with two replicating 2012 Server DCs. Domain Functional level is at 2012.  

The Primary DC is a physical server with Windows Server 2012 Standard, and will be (7) years old.  

The other replicating DC is a Windows Server 2012 DC that's a VM.  The Hyper-V server that hosts this VM and another VM that is an Exchange 2010 Standard server is Windows Server 2012 Standard and is also close to (7) years old as well.

Overall, AD is healthy without issues.   At the end of this year we will retire the existing Exchange 2010 server and move to O365 hosted mailboxes.

I am getting ready to purchase a Dell R440 that will serve as a Hyper-V server.  Will purchase Windows Server 2019 Standard.  I will install a new VM that will replace the primary 2012 DC that's on the physical server.

I also have an existing Dell R440 server that is a Hyper-V Server with Windows Server 2016 Standard.  I have one VM that is a Windows Server 2016 that serves as a Storage server.
I plan on spinning up a second VM on the server to serve as a new replicating DC server.

When I purchase the new Dell R440 server along with Windows Server 2019 Standard, should I go ahead and install the Hyper-V Host with Windows Server 2019 Standard, and then also install the new primary DC that will hold all FSMO roles as a Windows Server 2019 Standard VM or downgrade it to Windows Server 2016 Standard?

I already have 25 Windows Server 2016 CALS.  I can go ahead and bite the …
0
Really I just want to check that what i am doing is a supported config.

I have 3 servers i use for HCI using S2D 2019.

I have 3 Virtual Disks all using 33% of the storage minus 1 spare HDD for failure(cache + ssd + hdd) seems to be working ok.

I want to add 8 1TB drives into each of the servers to create a new virtual disk that only uses cache + hdd.

The HDDs are a different model than the HDDs used in the other 3 virtual disks. I know that i should utilise only the one storage pool, but would i still be in a supported configuration, on top of that how would it know what disks to create the new virtual disk on? I dont want it to attempt to use the space capacity disks i currently have (they are 1.6tb disks) with the new ones i intend to use (1tb disks)

Thanks in advance for any feedback!
0

Windows Server 2016

Windows Server 2016 is the successor to Windows Server 2012 R2. Built upon the same core code as Windows 10, Windows Server 2016 brings enhancements in security, servicing, and connectivity. A particular focus on this release was hybrid-cloud scenarios, and has close ties to Azure and other Microsoft cloud initiatives. This does not detract from the many improvements that are available for on-premises-only deployments

Windows Server 2016 comes in Datacenter, Standard, and Essentials editions, and for servicing, has adopted windows 10's cumulative model. The new nano-server install is designed to be remotely managed and is designed to be kept current through continuous feature updates. The full GUI install operates similarly to windows 10's "Long Term Servicing Branch" (LTSB) model with cumulative security updates.

Windows Server 2016 has also shifted from a per-processor-and-CAL licensing model to a per-core-and CAL licensing model. This brings Windows Server's licensing more in line with Microsoft's other products and makes hybrid-cloud license planning easier as well.