Quantcast
Channel: Windows Server General Forum forum
Viewing all 24879 articles
Browse latest View live

AD Certificate Services

February 18, 2019, 9:26 am
$
0
0

Hi

I'm following https://blogs.technet.microsoft.com/pki/2010/06/19/design-considerations-before-building-a-two-tier-pki-infrastructure/

A bit confused on points:

Certification Authority Planning:

1.d. d. Root CA: Determine if the CRL and AIA are published in Active Directory or a web site that can be accessed internally and externally.

1.i. Determine the AIA and CDP distribution points for each CA. This step is very critical because these locations are hard coded in each certificate issued by the CA, and will not get updated unless the certificate is renewed.

Are these not the same points?

Best practice is to publish to HTTP - so I will build a new IIS server for this independent of the Root and Sub CA servers.

I will then change my protocol order to HTTP - LDAP - File.

All publishing will be automatic?

Search

I need some help with Restrictions and MSI packaging on Windows Server 2008 R2

February 1, 2019, 12:24 pm
$
0
0

Hi,

I work in a Primary School as an ICT Technician, we have a Windows Server 2008 R2. I wanted to install an MSI package of Google Chrome so I don't have to install on each machine. We are with Ergo and they want to charge nearly £200 for it. There must be a way I can do it myself, but how? Please could someone help with this!

Also I want to prevent users at level 1 to level 4 (but leave level 5 & 6 to be able to save to desktop) to not be able to save to their desktop, as the teachers all complain that their logins take so long. But once I login to them I see hundreds of files saved on the desktop so I want to prevent that from happening. 

Finally, I want to prevent users from changing their background/wallpaper of their login and have a set wallpaper of the Windows 7 theme.

I'd be really grateful if anyone could give me steps as to how I can make these changes. As I'm new to using servers as I was previously working with a cloud based school which had no server. Thank you.

Windows Auditing : for NIC DNS Server changes.

February 21, 2019, 9:36 pm
$
0
0

Hi Members,

How could we monitor changes for Preferred DNS Server and Alternate DNS server in Windows Event Logs.

If any user modifies/deletes the entries could we have auditing enabled for this. Could this be done with the Audit Policies built-in or had to depend on the 3rd party monitoring agents to detect any changes?

Thank you.

Venu

Venu


Windows Installer only works with MSI files directly

February 6, 2019, 3:19 pm
$
0
0

I have a Windows Server 2008 R2 SP1 terminal server running and every time I try to install a program using its setup.exe program it fails to install stating "Windows Installer could not be accessed". But if I extract that file and run the MSI directly inside it works perfectly fine. The problem happens is some programs need the setup executable to run in order to install properly. I have tried alot the Windows Installer fixes already but I don't even think that's the problem as installing regular msi files works fine. This problem has really stumped me.

Heres a log I got after a failed attempt to install a program

=== Verbose logging started: 2/6/2019  15:36:46  Build type: SHIP UNICODE 5.00.7601.00  Calling process: C:\Windows\SysWOW64\msiexec.exe ===
MSI (c) (50:B0) [15:36:46:603]: Resetting cached policy values
MSI (c) (50:B0) [15:36:46:603]: Machine policy value 'Debug' is 0
MSI (c) (50:B0) [15:36:46:603]: ******* RunEngine:
           ******* Product: {422206F8-67E6-45AA-8C2A-C0010789E1F9}
           ******* Action: 
           ******* CommandLine: **********
MSI (c) (50:B0) [15:36:46:603]: Client-side and UI is none or basic: Running entire install on the server.
MSI (c) (50:B0) [15:36:46:603]: Grabbed execution mutex.
MSI (c) (50:B0) [15:36:46:712]: Cloaking enabled.
MSI (c) (50:B0) [15:36:46:712]: Attempting to enable all disabled privileges before calling Install on Server
MSI (c) (50:B0) [15:36:46:712]: Incrementing counter to disable shutdown. Counter after increment: 0
MSI (c) (50:B0) [15:36:46:712]: Decrementing counter to disable shutdown. If counter >= 0, shutdown will be denied.  Counter after decrement: -1
MSI (c) (50:B0) [15:36:46:712]: MainEngineThread is returning 1601
=== Verbose logging stopped: 2/6/2019  15:36:46 ===

Dot net patch error : some updates were not installed

February 16, 2019, 11:45 am
$
0
0

Hi

We have  issue  with  Patch update   .Appreciate  if any solution  for the error 

Server OS  | Windows 2008 Ent x86

Issue :When we try to install Dot net patches  it shows error 

 some updates were not installed  ' Following  update not installed 

Following Dot Net patches  not getting installed . However  new patches are installing.  no issues in  windows security patches

Only Dot net patches have issue

running dot net version :  .NET Framework 4.5.2

KB2604094Security Update for Microsoft .NET Framework 2.0 SP2 on  Windows Server 2008 SP2 x86 
KB2729453Security Update for Microsoft .NET Framework 2.0 SP2 on  Windows Server 2008 SP2 x86 
KB2937608Security Update for Microsoft .NET Framework 2.0 SP2 on  Windows Server 2008 SP2 x86 
KB2974268Security Update for Microsoft .NET Framework 2.0 SP2 on  Windows Server 2008 SP2 x86 
KB4019109Security Only Update for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008 SP2
KB4099640Security Only Update for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008 SP2
KB4340007Security Only Update for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008 SP2 
KB4345682Security Only Update for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008 SP2
KB4487081Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008 SP2 

Appreciate  if solution for this Patch update error  :   some updates were not installed  ' Following  update not installed   "

Thanks

Muthu.

Unable to delete DNS records of demoted DCs

February 18, 2019, 7:18 am
$
0
0

Hello, have an issue in a 2008 Forest/domain where a recently demoted 2016 DC is not able to be deleted in DNS. On <g class="gr_ gr_122 gr-alert gr_gramm gr_inline_cards gr_run_anim Punctuation only-ins replaceWithoutSep" data-gr-id="122" id="122">deletion</g> the record comes back on hitting refresh. 

Dcdiag and <g class="gr_ gr_133 gr-alert gr_spell gr_inline_cards gr_run_anim ContextualSpelling" data-gr-id="133" id="133">repadmin</g> do not seem to have any issues. Two 2016 DCs were introduced but they were not getting any <g class="gr_ gr_134 gr-alert gr_spell gr_inline_cards gr_run_anim ContextualSpelling" data-gr-id="134" id="134">sysvol</g> or <g class="gr_ gr_135 gr-alert gr_spell gr_inline_cards gr_run_anim ContextualSpelling" data-gr-id="135" id="135">netlogon</g> folders replicated so both of them were demoted. These 2 demoted DCs are no longer showing up in Domain Controllers OU in AD, I will need to promote them back once I have issue below addressed

Issue I am having is in DNS when I am trying to delete the DNS entries for these 2 demoted DCs (_ldap, _kerberos) on hitting refresh they come back and I am unable to delete any of their SRV records in DNS, this occurs on both of the existing 2012R2 DCs. The demoted DCs are not present under Name Servers any longer

Have you come across this scenario before?

A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider.

February 19, 2019, 2:21 am
$
0
0

Trying to connect to VPN server using EAP(PEAP) certificate based authentication. Receive error: "The message received was unexpected or badly formatted." In NPS server event log I can see Event 6273 with reason "A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider."

We use internal CA. NPS  server version 2012 R2 and RRAS server version 2016 R2 . 

Thanks for suggestions where to look.


File server getting error: event id 2019

February 22, 2019, 6:50 am
$
0
0

Hello

I am facing a issue on my file server. Even id is 2019 and message is showing 'The Server was unable to allocate from the system nonpaged pool because the pool was empty'. When I checked my vm memory and hyperv. It is look like a OK. Can you please tell me why I happend. thanks

Search

Windows Firewall Active Profile

October 26, 2017, 8:48 pm
$
0
0

Within our environment we are having an issue with a number of Windows 2012 and 2016 servers that are not applying the correct Windows Firewall profile.

These machines (generally) only have a single network connection (from a vSwitch).

The network connection is being correctly evaluated by NLA as 'DomainAuthenticated' and Get-NetConnectionProfile is reflecting that the machine can correctly bind to a DC.

However our Windows Firewall is continually activating the 'Public' Profile.

As far as I can determine the firewall profile should be bound to the network type that is detected by NLA and for the life of me I cannot figure out why the profile is not changing to 'Domain'.

If anyone has any ideas about what could be causing it I'd greatly appreciate it.

As an aside even a number of Domain Controllers are setting their Firewall profile to 'Public'

Cheers,

Will


storage pool premordial gone

February 22, 2019, 12:33 pm
$
0
0

Hi re-installed windows server

Had a bad hard disk therefore replaced with different size one.

Wanted to start over my storage pools as before I had a few smaller disks and now have 2 x 4t disks

I got rid of my old storage pool (ok probobly dumb of me) to start from scratch

Now as you can see my premordial pool is gone. my disks don't show up anywhere.

I have one unallocated disk and one disk which contains all my data which I can't erase or make unallocated or I will loose all data.

What can I do to fix this?

Shouldn't at least the unallocated disk appear?

Can't I add a disk to pool with my data on it?

BTW don't mind the disk 2 which is my windows SSD, and disk 3 which is my serveillance disk which will not be part of the pool

Thanks

Capture entire HDD to WDS server

February 22, 2019, 12:35 pm
$
0
0

I am trying to set up WDS so I can image all my laptops off one sysprepped baseline. My baseline is a Latitude 5570, with a 250gb GPT drive split into several partitions, including 3 mounted drives- C:, d:; a:. C: is system, D: and A: are data drives. 

I am currently capturing the C: drive through PXe using a capture image on my WDS server. 

My question, I want to basically clone this configuration in its entirety when I image- programs, partitions, etc...then deploy with a prompt to set up the computer hostname. This is all in a non-active directory environment. Since WIM only captures one partition, what is the best way to accomplish this?

Wrong file associated app launch via shell command

February 23, 2019, 3:16 am
$
0
0

The problem:

Windows Server 2012 R2. Some user when logon and use a custom software that preview xml files via shell command, the xml is previewed with the wrong application (chrome), but if the file is open via the Explorer windows, the file is opened with the right application (iexplorer). I set the right file associations in each account, but only certain user account are affected. If I create a new one, the problem doesn't exist.

Thanks!

Event 140 Error

February 18, 2019, 9:57 pm
$
0
0

Hello,

           I receive this Error in my Event Viewer log and unable to Access my 1Tb Drive .

Following are the Error Details :

Event : 140

The system failed to flush data to the transaction log. Corruption may occur in VolumeId: D:, DeviceName: \Device\HarddiskVolume4.
(The request failed due to a fatal device hardware error.)

TFTP not working on Surface

February 23, 2019, 7:13 pm
$
0
0
I have a microsoft surface pro and no matter what TFTP server I download and use I cannot transfer files from my switch.  The TFTP server works fine from my HP laptop and Dell but, not on the surface.  I Did a netstat -aon to see the PID associated with the TFTP server I have downloaded and I see it.  On the switch it shows error accessing image and on the TFTP server i downloaded it show no activity during download attempt.  TFTP client has been turned on and the firewall and anti-virus have been disabled.  Has anyone ran into this issue and found a solution?  I have tried solarwinds, TFTP64, HaneWin, and WinAgents.  Of those Solarwinds stated I need to update my Netframe to 3.5 but when I attempt it gives me an error and says I have to do an image and erase some files not sure I want to do this unless absolutely necessary.  Thanks in advance for any help on this issue.

how do you find a ghost?

February 23, 2019, 11:16 pm
$
0
0

Windows Server 2008 R2 domain, functional level

i keep getting this event 5723 in my event logs referring to a non-existing (as far as we know) computer:

"The session setup from computer X failed because the security database does not contain
a trust account 'X$' referenced by the specified computer."

did a search (to double check) in my AD and found non. checked with hardware/systems team and they haven't deployed nor created such computer name.

where else should i check?

Search

Bug Check Code: 0x00000133 - ntoskrnl.exe+149f90

February 23, 2019, 6:11 pm
$
0
0

Hi All,

I've been having troubles with my Dell R530 server Blue Screen onetime yesterday. The server hangs and freeze need to reset server by power button to back normal work.

OS: Windows server 2016

Below is result when i read minidump file.

Bug Check Code: 0x00000133
Cash address: ntoskrnl.exe+149f90

Caused By Address: hal.dll+4e390 

I am wondering if someone at MS would be able to analyse and deep - investigate the issue. Please let me know if you need anything else.

Thank you!

How do I get rid of second 169.254.x.x IPv4 address on Windows Server 2008 SP2 x86?

May 5, 2012, 7:00 am
$
0
0

I'm sure this is an obvious one but can't figure it out.

I have a Winserver 2008 Sp2 (x86) DC with a static IP address allocated to its only NIC.  It seems to have acquired a second 169.254.x.x address automatically which I can't get rid of and which intermittently causes DNS problems (and possibly other) problems.

ipconfig results are shown below:

-----------------------------------------------------------------------------

C:\Users\Administrator.STRATIS2>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : STRATIS-SVR02
   Primary Dns Suffix  . . . . . . . : stratis2.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : stratis2.local

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 XT Network Connection
   Physical Address. . . . . . . . . : 00-0F-1F-67-B8-CE
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.11.128.1(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   IPv4 Address. . . . . . . . . . . : 169.254.140.227(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . : 10.11.128.99
   DNS Servers . . . . . . . . . . . : 10.11.128.1
                                       10.10.128.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 8:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{D60B08E6-D119-4CB8-BD18-380B7ED48
771}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

-----------------------------------------------------------------------------

Any ideas as to how this might have happened and how I get rid of it (a simple re-boot doesn't do the job).

Windows update error 800f0922

February 24, 2019, 5:28 am
$
0
0

Hello everyone , 

I have problems with specific server , this is server 2012r2 , one day its stoped to install updates and give me error 800f0922 

i already did few things to workaround this issue but the problem still persist 

1. Run the Windows Update Troubleshooter 

2. run the command to check and restore windows health 

3. sfc /scannow don't find any problems 

4. Delete software distribution folder 

5. delete Av 

6. disable all non microsoft services 

7. disable all startup programs 

on this server installed veeam backup and replication application. 

I uploaded the cbs file to gdrive on this link

https://drive.google.com/open?id=1L-rPs8c2wiCU9rR6l3e3CB7NK51lAL6t

If anyone can help me with this its be great.. i try to fix this for long time. 


Robocopy - path of data being copied

February 24, 2019, 9:18 am
$
0
0

If on ServerA I run this command: Robocopy \\ServerB\DriveB \\ServerC\DriveC dbdatafile.mdf does the data go from ServerB -> ServerC or does it go ServerB -> ServerA -> ServerC.

I was under the impression that with Robocopy the data went from Source to Destination directly regardless of where the command was executed but I can't find any documentation to support this.

Windows Backup

February 4, 2019, 3:13 am
$
0
0

Hello!

Recently I asked about the free space on the volume to which the backups are being taken - https://social.technet.microsoft.com/Forums/en-US/e4bea301-7c97-402e-9dd7-2fe721272fc4/system-volume-information-consumes-600gb?forum=winservergen - now I can't understand the following:

To prevent Windows Backup from consuming all the space on my volume E: I have set theMaximum Shadow Copy Storage space: to 700GB (total volume space is 1TB):


- and I was hoping that Used space will not succeed the 700GB. Nevertheless Windows Backup keeps consuming the free space - now it takes ~750GB so

Q1: Which VSSadmin parameter corresponds to the Windows Backup'sUsed space - the Allocated Shadow Copy Storage space: orMaximum Shadow Copy Storage space: ?

Q2:Windows Backup shows that Used space (750GB) > then the Allocated Shadow Copy Storage space: ANDMaximum Shadow Copy Storage space: - is it normal?


Thank you in advance,
Michael

Viewing all 24879 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>