Quantcast
Channel: Windows Server General Forum forum
Viewing all 24879 articles
Browse latest View live

Workstation cannot recconnect to domain after reboot

September 20, 2018, 8:49 am
$
0
0

I have a small network of around 10 workstations connected to a Windows 2008R2 Domain Controller (serves as AD, DNS and DHCP). The workstations are primarily Windows 7, but new Win10 workstations are being added. This network does not have access to internet nor am I allowed to screen cap error logs and send them out. So any error messages I am retyping in. Additionally, I don't have much trained experience with Windows Administration, so any help is appreciated.

I have a a problem with both Win7 and 10 workstations not being able to reconnect to the Domain Controller after a reboot. The workstations were a clean install of the OS and joined (sucessfully) to the domain. I reboot the machine after the initial joining and sucessfully re-login to the machine using a Domain Administrator account. If the computer is rebooted after this point (no matter how later) the machine will log in a local cached copy of the user (in this case the Domain Admin), display a message about the local cached login, but no connection to the domain server will happen. Using ping to attempt to reach the server or switch gives a "General Failure" message. 

The local logs give several errors and warnings around that time:

Security->Audit Failure - Sensitive Priviledge Use 

System->GPO Failures (ID 1129) - Lack of connectivity to DC

System->DNS Warning (8033) - Failed to register host resource records to network adapter

System->Distributed COM Error (10016) Permission do not grant Local Activation for COM server application (various GUID) User NT_AUTHORITY\LOCAL_SERVICE SID (S-1-5-19)

The only way I can reconnect the workstation back to the domain is to go into the Network Adapter Properties->IPv4 Properties and:

- Switch to Obtain IP Address Automatically

- Ok to apply and Close Adapter properties

- Reopen the adapter and IPv4 properties

- Re-enter the static IP for the workstation and apply

The network adapter will reconnect to the domain sucessfully and all logouts/logins after that are sucessful. However the issue will occur if the computer is rebooted for any reason.

I have tried:

- Unchecking the "Register this connections address in DNS" in the Network Adapter->IPv4 Properties->Advanced

- Adding the Server to the A record in DNS (https://www.experts-exchange.com/questions/29003228/DNS-Issue-The-system-failed-to-register-host-A-or-AAAA-resource-records-RRs-for-network-adapter-with-settings.html)

- ipconfig /flushdns (https://social.technet.microsoft.com/Forums/windows/en-US/0100acd8-b7c8-416a-bd62-af92c92b259f/dns-client-server-event-8027-and-8033?forum=w8itprogeneral)

- I have looked through Group Policies, as this seems to occur after domain policies are applied, but this has not been exhaustive

Search

Passing credentials from smart card to authenticate against different domain

September 6, 2018, 4:20 pm
$
0
0

I am trying to grant user accounts on a different domain permissions to a share on my domain. But I cannot authenticate to the other domain using my smart card.

 - Users are on a different network\domain Domain B

 - I log into network\domain Domain A that the network share is on

 - There is a one-way trust between the domains: Domain A trusts Domain B

 - I can log into a computer that is part of the Domain B network using my smart card.

 - I can log into Domain A with the same smart card.

When I go to the network share properties and try to grant a new user permissions to the share, I change the "From this location." to Domain B. After I type the username into the object names text box and click OK, I am prompted to "Enter network credentials" for Domain B. My Domain B account is setup for "Smart card is required for interactive logon" so I cannot enter a username\password. I select my smart card credentials but fail to authenticate to Domain B.

Is there a way to authenticate to Domain B using my smart card?

Logon failure: user account restriction. Possible reasons are blank passwords not allowed,logon hour restrictions, or a policy restriction has been enforced.

August 27, 2014, 12:58 am
$
0
0

Hi,

I am facing with domain controllers (Active Directory server 2008)

Logon failure: user account restriction.
Possible reasons are blank passwords not allowed, logon hour restrictions, or a policy restriction has been enforced.

while access the domain controller remotely or locally but after restarting the server I am able to logon in the same sarver.

Kindly help me to short out the same asas

Regards,

K.Alam

[FAILED]Installation of Language Pack on Windows Server 2008 R2 Enterprise SP1

September 20, 2018, 1:08 pm
$
0
0

Hi there!

I have 2 servers (1 main and 1 backup)
Both have been installed with the same OS with all Windows Updates Installed.

I tried installing a language pack onto both servers but it fails on one of my servers.

After Progress shows "Installing" for quite some time, it fails. What could be the cause of the failure to install?

Warmest Regards,
Jazz Chng

SBS 2011 to Exchange 2016 - Co-exist question

September 20, 2018, 2:13 pm
$
0
0

Hi

Hopefully someone can offer some advice - Please forgive my ignorance I am quite new to Windows Server! Apologies if this is a bit long winded but I want to make sure I get all the info across.

So basically we have a customer that currently runs a Hyper-V host on which there are 2 virtual servers - One is a SBS 2011 VM that runs their single domain/email (Exchange 2010 SP3)/file shares etc and the 2nd is a server 2012r2 VM that is used purely to share Sage Data (because Sage Data Service does not like SBS 2011).

They will be hiring a load more people over the next 12 months and want to upgrade their server to meet demand and also to ensure they can use the latest version of Office for Mac and Office 2019 (when its released). 

We will be quoting for a new much higher spec Hyper-V host on which we will restore their current virtual servers but to ensure that they can continue to have exchange email beyond MS Office 2016 they will also need to move away from Exchange 2010. Given that Exchange 2010 can only run on Server 2012 or above I thought about installing Exchange 2016 on their virtual Sage Server (Server 2012r2) - It is barely being used as its just effectively sharing a Sage data folder so seems like a good idea, We would assign this VM lots more RAM / CPU from the Hyper-V host.

As they don't want much downtime and have a lot of customisation on the SBS 2011 virtual machine they don't want to upgrade that they simply want to upgrade email to Exchange 2016.

So my questions are:

1. Can I install Exchange 2016 onto their current Sage Server (Server 2012 r2) and migrate their mailboxes etc onto it from their SBS 2011 (running Exchange 2010 SP3 with latest CU updates) ?

2. If the above is possible is it just a case of dismounting the databases on the SBS 2011 server and disabling the Exchange services (information store etc) after migration? Eventually I would delete the email databases on the SBS to recover HDD space.

3. Assuming I can do the above do I then just install their public SSL cert on the new Exchange 2016 server to ensure OWA works properly? Set port forwarding on the router to send port 25 to the new internal IP of the Exchange 2016 server (instead of the SBS server).

4. Assuming the above then do I just recreate new Outlook profiles on the Outlook clients to point to the new Exchange 2016.

5. Finally assuming the above I would expect the SBS 2011 server to run a lot smoother as a result because RAM is not being hogged by information store etc.

I know in an ideal world given the above they would move Active Directory onto a new 2016 DC server and then move email onto the Exchange 2016 server but they are unwilling to retire or alter the current SBS server (other than migrate the email to a new Exchange 2016 VM).

Note - I have tried to suggest O365 migration but the boss of this company totally refuses to have any form of subscription service also he is completely against having data hosted off premises so O365 is a non-starter (despite it being the best option given the small current number of users).

Thanks in advance.

Execute GPO Manual on Client?

September 17, 2018, 3:06 am
$
0
0

Hey,

is it possible to export GPOs from Group Policy Managment and execute them manually on a client? If so how? I couldnt find any informations about this and help would be wonderfull here :)

Error: GetVolumeNameForVolumeMountPoint, 0x80071126, The file or directory is not a reparse point.

September 20, 2018, 8:20 pm
$
0
0

Hi All,

Apologies if I am posting on the wrong forum.

I am getting the above error occasionally on my server running Win Server 2012 R2 and it only seems to happen most frequently between 3am to 7am. There are times the error does appear in the afternoon but maybe once or twice in a week.

What is this error ? Does it affect anything and how do i resolve it ?


Server Hardening for Windows Server 2008/2008 R2/2012/2012 R2/2016

September 21, 2018, 1:31 am
$
0
0

Hello,

I am looking for a checklist or standards or tools for server hardening of the following Windows Servers: -

1. Windows Server 2008/2008R2

2. Windows Server 2012/2012 R2

3. Windows Server 2016

Is there any out of the box tools available when we install the Operating System? or any Tools or Document guide available from Microsoft.

Thanks in advance.

Rajiv


Search

XML Filter for SessionBroker-Logins

September 21, 2018, 2:22 am
$
0
0
Hi,

i tried nearly every combination of Filter, but either i get no results or an error.

I want to filter the events that show which user gets on which RDSH.

So i need to filter for UserData\EventXML xmlns="Event_NS"\param2

*[UserData[EventXML[@Name = 'param2'] = 'Domain\username']] or
*[UserData[EventXML[2] = 'Domain\username']] has no results and some other combinations like this too.

There are many examples on the net, but none for this.

XML-Event looks like this:
- <Event xmlns="....">
- <System>
  <Provider Name="Microsoft-Windows-TerminalServices-SessionBroker" Guid="{D1737620-6A25-4BEF-B07B-AAC3DF44EFC9}" />
  <EventID>787</EventID>
  <Version>0</Version>
  <Level>5</Level>
  <Task>102</Task>
  <Opcode>15</Opcode>
  <Keywords>0x2000000000000000</Keywords>
  <TimeCreated SystemTime="2018-09-21T08:56:36.757139800Z" />
  <EventRecordID>9439</EventRecordID>
  <Correlation />
  <Execution ProcessID="5724" ThreadID="58196" />
  <Channel>Microsoft-Windows-TerminalServices-SessionBroker/Operational</Channel>
  <Computer>Terminalserver.Domain</Computer>
  <Security UserID="S-1-5-20" />
  </System>
- <UserData>
- <EventXML xmlns="Event_NS">
  <param1>43</param1>
  <param2>Domain\user</param2>
  <param3>RDSH.Domain</param3>
  <param4>AnchorTS</param4>
  </EventXML>
  </UserData>
  </Event>


Thank You in advance!

KR
Max

Error 0x80072F8F while attempting to activate Windows

September 19, 2018, 6:12 am
$
0
0

A Windows Server 2008 R2 server running is a VM hosted by a third party hypervisor.

After an hardware failure (of the hypervisor) the VM started requesting the Windows activation.

We attempted to activate Windows but we get error 0x80072F8F.
We performed several actions:
- we re-entered the product key
- we restarted the VM
- we ensured that the VM can navigate in the web
As a temporary solution we used the command slmgr.vbs /rearm, but is only a temporary fix.
What else can we do in order to activate the VM?
Regards
Mario

Windows Server removed from DNS

September 21, 2018, 7:40 am
$
0
0

Hi 

Had a weird issue this morning where a Windows 2016 server that had been listed in the correct zone for our domain was missing from it.

On the server I ran ipconfig /registerdns and the server was immediately added back.

But I don't understand how it was removed to begin with and I can't find any log or event to tell us what happened.

Anyone know how to troubleshoot this event?

 

Limited access to AD LDAP authentication inquiry

September 21, 2018, 2:51 pm
$
0
0

I just inherited a Server 2008 server. The previous admin has restricted what users show up for other users. Even though a new user, that is a member of Domain Admins, can see all users in Active Directory Users and Computers they do not all show up when a firewall tries to validate end users via LDAP. If I have the firewall use the original administrator credentials it can validate all users. This is not by OU. The reduced list comes from all the OUs with users.

A VBS script to list all users via ADO and LDAP shows the same thing. All users if run by administrator and partial list if run by another admin profile.

I had how to do this years ago, when setting up a Copier to send scans to user emails, but before it new how to recognize user groups. I can not find how I did it anymore.

What is the process to allow/deny select users to access select users?

Change DC IP Address

May 17, 2018, 3:12 pm
$
0
0

Hi,

We have three Windows 2008 R2 DC. We need to change the IP address for one of the DC which holds PDC role, provide DHCP service and one of the DNS server.

Can someone provide me the instructions for things I should prepare before change and things I should do after change?

Thanks in advance!

Grace


Windows Server 2008 R2 Update fails due to system-protected font

July 18, 2018, 3:44 am
$
0
0

Hello,

My windows Server 2008 R2 has been failing to install the

2018-07 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4338818)

every day for many days (it was already failing the preview of it, which I then declined on WSUS).

The only apparent problem I see in the WindowsUpdate.log is this (in bold below):

...

2018-07-17    07:41:08:522     856    169c    Report    ***********  Report: Initializing static reporting data  ***********
2018-07-17    07:41:08:522     856    169c    Report      * OS Version = 6.1.7601.1.0.196880
2018-07-17    07:41:08:522     856    169c    Report      * OS Product Type = 0x00000007
2018-07-17    07:41:08:678     856    169c    Report      * Computer Brand = Dell Inc.
2018-07-17    07:41:08:678     856    169c    Report      * Computer Model = PowerEdge R210 II
2018-07-17    07:41:08:678     856    169c    Report      * Bios Revision = 2.8.0
2018-07-17    07:41:08:678     856    169c    Report      * Bios Name = InsydeH2O Version 03.70.452.8.0
2018-07-17    07:41:08:678     856    169c    Report      * Bios Release Date = 2014-06-24T00:00:00
2018-07-17    07:41:08:678     856    169c    Report      * Locale ID = 1033
2018-07-17    07:41:08:694     856    3b0    Handler    Post-reboot status for package Package_for_RollupFix~31bf3856ad364e35~amd64~~7601.24180.1.8: 0x80070020.
2018-07-17    07:41:08:694     856    3b0    Handler    WARNING: Got extended error: "POQ    Operation    HardLinkFile    OperationData   \SystemRoot\WinSxS\amd64_microsoft-windows-font-truetype-tahoma_31bf3856ad364e35_6.1.7601.24145_none_8e5c4f96a47869ce\tahomabd.ttf, \??\C:\Windows\fonts\tahomabd.ttf"
2018-07-17    07:41:12:640     856    3b0    AU    ###########  AU: Initializing Automatic Updates  ###########
2018-07-17    07:41:12:687     856    3b0    AU      # WSUS server: http://whiskey
2018-07-17    07:41:12:687     856    3b0    AU      # Detection frequency: 22
2018-07-17    07:41:12:687     856    3b0    AU      # Approval type: Scheduled (User preference)
2018-07-17    07:41:12:687     856    3b0    AU      # Scheduled install day/time: Every day at 6:00
2018-07-17    07:41:12:687     856    3b0    AU      # Auto-install minor updates: Yes (User preference)
2018-07-17    07:41:12:687     856    3b0    AU      # Will interact with non-admins (Non-admins are elevated (Policy))
2018-07-17    07:41:12:750     856    3b0    AU    Setting AU scheduled install time to 2018-07-18 09:00:00
2018-07-17    07:41:12:750     856    3b0    AU    Successfully wrote event for AU health state:0
2018-07-17    07:41:12:750     856    3b0    AU    Initializing featured updates
2018-07-17    07:41:12:750     856    3b0    AU    Found 0 cached featured updates
2018-07-17    07:41:12:750     856    3b0    AU    Successfully wrote event for AU health state:0
2018-07-17    07:41:12:750     856    3b0    AU    Obtained Post reboot hr from Agent:80070020
2018-07-17    07:41:12:781     856    3b0    AU    WARNING: Post-reboot install failure, error = 0x80070020
2018-07-17    07:41:12:781     856    3b0    AU    AU setting pending client directive to 'Forced Reboot'
2018-07-17    07:41:12:796     856    3b0    AU    Successfully wrote event for AU health state:0
2018-07-17    07:41:12:796     856    3b0    AU    Triggering Offline detection (non-interactive)
2018-07-17    07:41:12:796     856    3b0    AU    Successfully wrote event for AU health state:0
2018-07-17    07:41:12:796     856    3b0    AU    AU finished delayed initialization

...

2018-07-17    07:44:49:528     856    104c    Report    REPORT EVENT: {3A6776D8-A21A-42AA-BED5-F975A6DE086E}    2018-07-17 07:41:12:640-0300    1   182    101    {1C930EAB-7B7E-4616-B5B5-D6E4A723BC71}    200    80070020    AutomaticUpdates    Failure    Content Install    Installation Failure: Windows failed to install the following update with error 0x80070020: 2018-07 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4338818).
2018-07-17    07:44:49:528     856    104c    Report    REPORT EVENT: {34F70FF8-C07D-4190-AC13-E7B3CFAFEA9F}    2018-07-17 07:41:12:750-0300    1   202    102    {00000000-0000-0000-0000-000000000000}    0    0    AutomaticUpdates    Success    Content Install    Reboot completed.

That font (tahomabd.ttf) is a system-protected font, so I suppose the update fails as it cannot overwrite it.

I've found a similar issue that required a fix, but for Vista and Windows Server 2008 (not R2):

https://support.microsoft.com/en-us/help/980248/some-font-files-that-are-marked-as-system-protected-cannot-be-updated

Any hints on how I can complete this update?

Thanks!

Reset password

September 22, 2018, 2:27 am
$
0
0
Dear,
Within Windows server (to which I logon through RDP), how to reset the password of the current domain administrator?

Many Thanks & Best Regards, Hua Min

Search

Bought a Windows Server 1 User CAL, cant find the key.

September 22, 2018, 6:40 am
$
0
0

I bought a "Windows Server CAL 2016 English 1pk DSP 1 Clt User CAL"

I was lead to believe this is for upgrading a Windows Server 2016 Evaluation so that I can use it indefinitely. However I can't see any Product Key or any numbers in the xxxxx-xxxxx-etc format.

What was sent to me was a sticker. It has a tracking number and a barcode with numbers and letters.

What am I doing wrong?

i stuck when restore image , it shows error 0xD0000451

September 22, 2018, 7:06 am
$
0
0

server 2008 r2, raid1 mirror, always auto update

I crashed few days ago, I don't know the reason.

fortunately, I have backup everyday.

I use image recovery file made by backup server,

at last it shows error 0xD0000451 say It don't recognize some hardware, but I use same server.

it continue blue screen

and I can't restore my server

sometimes it can run in safe mode but stuck in 'bfad_up.sys '

please help me

Under what circumstance runas as administrator default to working directory as system32 and when it default to current directory

September 17, 2018, 11:58 pm
$
0
0

There is a batch file I found behaving different on two Windows 2012 R2 servers.

On the first server, when runas administrator the batch file runs from its current directory (in this case c:\app) but on another server, when runas administrator the bath file, it runs from c:\windows\system32.

I googled, there are solutions to make the batch file to always run from its current directory. However, that is not the point here, I want to know why the behaviour is not the same on 2 servers, both has the same patch level, same hardening settings, different being one is a physical server, the other is a virtual server.

Valuable skills are not learned, learned skills aren't valuable.

Moving Windows Update Download Folder

August 25, 2009, 7:38 am
$
0
0
Does anyone know how to move the locations that Windows Automatic Updates downloads updates to?  I have a Dell server that was partition with an 8 gig C drive and it tends to fill up I'm looking to move anything I can to the larger D drive.

BSoD 0x0000003b occurs when I click into a remote control (Windows server 2008 Enterprise R2)

September 14, 2018, 3:03 am
$
0
0

Hello,

The problem is like as described in the title. I tried applying the hotfix KB 2359223 but when I push it then I receive theupdate is not addressed into this system.

We currently are not able to use the remote control function that is essential for us. It is difficult to me what crucial happened before encountering this problem.

Unfortunately I have not managed to make the Microsoft reply why I am not able to run the hotfix that is already designated to the system I own.

Any hints are very welcomed.

Thank you in advance.regards,

Tomek

Viewing all 24879 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>