Hello,

I am having trouble with some Windows Updates on a Win2012R2 Server.

We have two servers which will become nodes in a 2-node-cluster. The Cluster Configuration Wizard complains about four updates not present on Server A but ok on Server B.

Both servers are identical - same model, same time of installation etc. 

These are the updates the Cluster Configuration Wizard complains about:

KB2957189 - not in list of installed updates on both machines

KB2918614 - present in list of installed updates on both machines

KB2926765 - present in list of installed updates on both machines

KB2939087 - present in list of installed updates on both machines

When I try to manually install the update KB2097189 on Server A I get this error "Windows Update Standalone Installer - This update is not applicable to your computer". However if I try the same update file on Server B I get"this update is already installed on this computer".

I already read that 2918614 can sometimes break Windows Update on a machine but am not sure how to proceed.

What I need to achieve is an identical update state on both machines to make the Cluster Configuration Wizard accept the config. It is the only issue we have.  

Any ideas?

Regards, rj

Regards, Ralph

I am attempting to script the addition of "CREATOR OWNER" to a folder and all subdirectories but it is not working as I expected. Here is what I am using:

icacls C:\Programs /grant:r  "CREATOR OWNER":F /T

The command reports success, but when I go to the security tab, CREATOR OWNER does not show up. I can manually add CREATOR OWNER just fine but I need to script it.

The command works fine when I use any other user account such as:

icacls C:\Programs /grant:r  "Admin":F /T

I am on Windows Server 2008 R1 by the way. My account is also the owner of the folder.

I figure it is because "CREATOR OWNER" is a built-in security principal but I need to figure out how to add it somehow.

Thanks for any assistance provided.

Hello

I'm trying to configure Email alerts for my TFS but whenever I do a "Send test email" I get the following error. 

This is what the log file in the error says.

[Info   @05:07:35.833] ====================================================================
[Info   @05:07:35.833] Team Foundation Server Administration Log
[Info   @05:07:35.833] Version  : 12.0.30324.0
[Info   @05:07:35.833] DateTime : 01/27/2015 10:07:35
[Info   @05:07:35.833] Type     : Configuration
[Info   @05:07:35.833] Activity : Settings
[Info   @05:07:35.833] Area     : ApplicationTier
[Info   @05:07:35.833] User     : WIN-NOBGFM4GTAF\Administrator
[Info   @05:07:35.833] Machine  : WIN-NOBGFM4GTAF
[Info   @05:07:35.833] System   : Microsoft Windows NT 6.1.7601 Service Pack 1 (AMD64)
[Info   @05:07:35.833] ====================================================================
[Error  @05:09:20.580] 
Exception Message: The operation has timed out (type WebException)Exception Stack Trace:    at System.Net.HttpWebRequest.GetResponse()
   at Microsoft.TeamFoundation.Admin.Console.Models.DlgSendTestMailViewModel.SendEmail()

I've tried searching around and have found one or two other people with the same problem but haven't found a working answer.

Nauman Abbas ICS Network Engineer

So I have a bit of a conundrum that general walkthroughs don't seem to cover.

So I have a machine running Windows Server 2012 with IIS8. There's no AD or anything fancy. I have 3 types of users for my machine: Administrators, Users, and a usergroup I created called PostUsers. I'll only be dealing with Administrators and PostUsers

I've setup FTP sites before but this is a bit tricky.

Here's what I'm trying to accomplish:

Create FTP access to a folder called DataStore (which is the FTP Root) and PostData. DataStore is a large folder that can contain anything and will have the PostData folder inside of it. Administrators will have access to the DataStore folder while PostUsers can only access the PostData folder. Aditionally I want to give the Administrator access to a folder outside of the DataStore folder, for instance his User files. I don't need any help with drive permissions, the NTFS Security settings are already fine, so ignore any concerns for this. I want to do this through Virtual Directories/User Isolation configured through IIS. I've seen some of the official guides on iis.net but they don't really give me any help on my specific situation because I'm kind of new to this.

Right now I have it so that the PostUsers can only access the PostData folder and the Administrator can access the DataStore folder, however when I log in I cannot see the Virtual Directories that I have created in the Administrator's Virtual Directory, nor have I been able to remedy this by putting a shortcut to the Administrator's User data folder in the DataStore folder. 

It seems to be that any Virtual Directories created in IIS that are below the LocalUser folder cease to exist.

Anyone know of a remedy to do this correctly or a workaround to accomplish making Virtual Directories to folders outside of the DataStore folder?

This is the situation

We have a MSSQL cluster of 2 servers the SQL03A and SQL03B windows 2008 R2 enterprise on vmware 5.5

There are 2 persistant routes, they are for the backup:

10.64.67.171 255.255.255.255 10.37.4.30

10.64.67.169 255.255.255.255 10.37.4.29

Sometimes , one?s a month, the persistant route does not work and the backup wil not work.

We delete the persistant route and we make the persistant route again, than it wil work again.

What could be the problem?

Hi guys

I have been approached by a small business owner to fix and maintain his network. The problem is I don't really have any experience with networks at all so I plan to learn on the job. The business owner is aware of the situation and appreciates things to take longer than expected.

Anyway, I seem to have stumbled at the first hurdle! He currently has a windows 2008 server with SBS which is used as a file server and mail server etc. He has 7 machines connected to it which are running xp! So my first job was to get him to upgrade his machines to at least ones which are windows 7 compatible. Which he is in the process of doing. I have attempted to join one windows 7 machine to the domain which works fine but when I log in as a user it doesn't show me a desktop or taskbar, just the desktop wallpaper. I am able to ctrl-alt-dlt and go to log off and switch user etc but nothing else. The same thing happens on the local user since adding it to the domain.

I just need someone to point me in the right direction what I could check. I am currently reading up on group policies in the hope that might be the answer.

Any help would be much appreciated.

When I try to install the application with the MSI I recieve:  the installer has encountered an unexpected error installing this package. This may indicate a problem with this package.  The error code is 2869.  Solutions I have tried but did not resolve the issue:Run as administrator command prompt, create a batch file, run msiexec /i "MSI",turn off UAC,  User Access Control

how can I attach the log file?

Hi,

I have seen numerous articles explaining svchost, and I think I have a reasonable grasp of it (although basic).  My favourite article so far is http://www.bleepingcomputer.com/tutorials/list-services-running-under-svchostexe-process/#advanced, which I think is well written and very handy indeed!

My current issue is that I am tweaking a security program called McAfee Host IPS, currently running on 2003 R2 and 2008 R2 servers, and getting a lot of events associated with svchost.exe that I believe require exceptions to be configured.  What I do not want to do, however, is configure an exception that hides something that may be useful information, however there is a balance required in what I am doing.

Focusing on my current task at hand, I can confirm I have seen a large number of events associated with the below.  The below is all of the information I have on the Host IPS signature in question, although I am currently digging further.

IPS Signature Name: CMD Tool Access by a Network Aware Application

IPS Signature details: This event indicates an attempt by a networked application to access, modify or execute a system program that may be used to modify the configuration of your system.

IPS Signature severity: Low

I have seen a large number of events with threat source process = C:\WINNT\SYSTEM32\SVCHOST.EXE, and the following files, either accessed or executed.

C:\WINNT\System32\tasklist.exe
C:\WINNT\System32\ipconfig.exe
C:\WINNT\System32\cmd.exe
C:\WINNT\System32\route.exe

As the above reference lists DLLs specifically, and not EXEs, I am not sure if this is expected (but am gathering it is, especially as the IPS signature details refers to 'system programs').

I am suspecting that my best action here is to configure an exception for threat source process <systemdir>\SVCHOST.EXE and target files <systemdir>\*.*, as my hypothesis is that even if I have not seen it in the tuning phase, there are a lot of similar benign actions that could potentially trigger in the day to day workings of the OS.  I am also assuming that I will see similar in later versions of Windows Server OS.

To throw a slight curveball, we are also integrated with a SIEM solution.  As this signature severity is low, it is mapped to a log action so nothing will actually be stopped, but if there are no exceptions, relevant events would go through to SIEM.  They could be filtered there, but potentially used in correlation rules or troubleshooting, but that obviously takes more space in the McAfee (ePO) database and the SIEM solution, which needs to be taken into account.

Thoughts on this would be greatly appreciated - I genuinely wish I knew more about this subject!

Cheers,

Darren

I have a virtual machine that is showing a much higher VM Processor --> % Processor Time than Processor --> % Processor Time.  I have been trying to understand what this means, but have not come up with a whole lot of good information. 

Is this due to cpu's being overprovisioned?  My understanding is that we are not overprovisioning cpus.

Any insight is much appreciated.
Thanks,
Sam

Hello,

Is it Oracle database 12c compatible with Windows Server 2012. What are the system requirements needed for Windows server 2012 on Oracle database 12c?

Thanks

Voitto

I have been having problems performing a windows update only to be bombarded with errors.  I am experiencing the same issues as everyone else and it appears as though people have found a workaround.  This workaround involves going into programs and features - Installed Updates - removing KB3004394.  Unfortunately this is not in my list.  Trust me I've checked thoroughly.  Here is a list of the KB3000's I have on my machine for Updates for Microsoft Windows:

KB3000988

KB3001554

KB3006121

KB3006625

KB3008627

etc.etc.etc.

The KB3000's listed under Security Updates for Microsoft Windows are as follows:

KB3000061

KB3000869

KB3002885

KB3003057

KB3003743

and then skips KB3004394 and goes to...

KB3005607

At the moment I have also been seeing the Windows is not genuine message and have been prompted to check this by a Windows popup only to tell me that Good News! You can purchase Windows 7 for 100+ bucks?  No thanks, I spent 1600 bucks on this machine I am good.  Any help is much appreciated as I am attributing this to why some of my games are randomly CTD with no errors.  Again this stuff just started happening recently and I've had the machine for less than a year.

Hi, I love the MMC to manage my servers very much. I installed the RSAT, and the MMC is a very good utility to manage the services on the severs remotely. You can see the following screenshot. Many services are managed by my console.

However, when I tried to save the event logs as evtx format from remote server to my local laptop with MMC, it failed. I cannot understand why Microsoft doesn't allow it. I have to RDP to every server and save the event logs. It's too troublesome. And I believe Mircorosft originally recommend us to use RAST and MMC to manage remote servers!

• Servers: Windows Server 2008 R2
• My laptop: Windows 7

Hi,

We have a backup server running 2008 R2 and it gets randomly restarted due to the BSOD 0x0000007a. I have pasted the result of bugcheck here. I ran a test on hard disk using chkdsk commend but nothing was found on Windows.

0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

KERNEL_DATA_INPAGE_ERROR (7a)
The requested page of kernel data could not be read in.  Typically caused by
a bad block in the paging file or disk controller error. Also see
KERNEL_STACK_INPAGE_ERROR.
If the error status is 0xC000000E, 0xC000009C, 0xC000009D or 0xC0000185,
it means the disk subsystem has experienced a failure.
If the error status is 0xC000009A, then it means the request failed because
a filesystem failed to make forward progress.
Arguments:
Arg1: fffff6fc5000d8f8, lock type that was held (value 1,2,3, or PTE address)
Arg2: ffffffffc000000e, error status (normally i/o status code)
Arg3: 00000001170b3880, current process (virtual address for lock type 3, or PTE)
Arg4: fffff8a001b1f000, virtual address that could not be in-paged (or PTE contents if arg1 is a PTE address)

Debugging Details:
------------------


ERROR_CODE: (NTSTATUS) 0xc000000e - A device which does not exist was specified.

DISK_HARDWARE_ERROR: There was error with disk hardware

BUGCHECK_STR:  0x7a_c000000e

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  DRIVER_FAULT_SERVER_MINIDUMP

PROCESS_NAME:  System

CURRENT_IRQL:  0

TRAP_FRAME:  fffff88006678f70 -- (.trap 0xfffff88006678f70)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000002858460001 rbx=0000000000000000 rcx=fffffa800639bd90
rdx=fffff8a001b1f001 rsi=0000000000000000 rdi=0000000000000000
rip=fffff800016d3ac5 rsp=fffff88006679100 rbp=0000000000000000
 r8=fffff8a001b1f000  r9=fffff880015ee2d4 r10=fffffa800639bd90
r11=0000000000000140 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei ng nz na po nc
nt!ExpInterlockedPopEntrySListFault16:
fffff800`016d3ac5 498b08          mov     rcx,qword ptr [r8] ds:9090:fffff8a0`01b1f000=9da0d778cf494fa2
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff8000174e752 to fffff800016dbbc0

STACK_TEXT:  
fffff880`06678c98 fffff800`0174e752 : 00000000`0000007a fffff6fc`5000d8f8 ffffffff`c000000e 00000001`170b3880 : nt!KeBugCheckEx
fffff880`06678ca0 fffff800`0170291f : fffffa80`0b0ea010 fffff880`06678dd0 fffff800`01916600 00000000`00000000 : nt! ?? ::FNODOBFM::`string'+0x36c1a
fffff880`06678d80 fffff800`016e91b9 : 00000000`00000000 00000000`00000000 ffffffff`ffffffff 00000000`00000000 : nt!MiIssueHardFault+0x28b
fffff880`06678e10 fffff800`016d9cee : 00000000`00000000 fffff8a0`01b1f000 fffff8a0`0ab1ae00 fffff8a0`107109a0 : nt!MmAccessFault+0x1399
fffff880`06678f70 fffff800`016d3ac5 : fffff8a0`107109a0 fffff880`00e19480 00000000`0ab1aeb0 fffff880`00e02ada : nt!KiPageFault+0x16e
fffff880`06679100 fffff880`00e19480 : 00000000`0ab1aeb0 fffff880`00e02ada fffff8a0`01a48010 fffff880`066798d0 : nt!ExpInterlockedPopEntrySListFault16
fffff880`06679110 00000000`0ab1aeb0 : fffff880`00e02ada fffff8a0`01a48010 fffff880`066798d0 fffff8a0`03092130 : msrpc+0x19480
fffff880`06679118 fffff880`00e02ada : fffff8a0`01a48010 fffff880`066798d0 fffff8a0`03092130 fffff880`066797b8 : 0xab1aeb0
fffff880`06679120 fffff8a0`01a48010 : fffff880`066798d0 fffff8a0`03092130 fffff880`066797b8 fffff8a0`107109a0 : msrpc+0x2ada
fffff880`06679128 fffff880`066798d0 : fffff8a0`03092130 fffff880`066797b8 fffff8a0`107109a0 fffff880`00e023ed : 0xfffff8a0`01a48010
fffff880`06679130 fffff8a0`03092130 : fffff880`066797b8 fffff8a0`107109a0 fffff880`00e023ed fffff880`06679440 : 0xfffff880`066798d0
fffff880`06679138 fffff880`066797b8 : fffff8a0`107109a0 fffff880`00e023ed fffff880`06679440 fffff880`06679440 : 0xfffff8a0`03092130
fffff880`06679140 fffff8a0`107109a0 : fffff880`00e023ed fffff880`06679440 fffff880`06679440 00000000`00000000 : 0xfffff880`066797b8
fffff880`06679148 fffff880`00e023ed : fffff880`06679440 fffff880`06679440 00000000`00000000 fffff880`015eef10 : 0xfffff8a0`107109a0
fffff880`06679150 fffff880`06679440 : fffff880`06679440 00000000`00000000 fffff880`015eef10 00000000`00000001 : msrpc+0x23ed
fffff880`06679158 fffff880`06679440 : 00000000`00000000 fffff880`015eef10 00000000`00000001 00000000`000007ff : 0xfffff880`06679440
fffff880`06679160 00000000`00000000 : fffff880`015eef10 00000000`00000001 00000000`000007ff fffff880`066793a0 : 0xfffff880`06679440


STACK_COMMAND:  kb

FOLLOWUP_IP:
msrpc+19480
fffff880`00e19480 ??              ???

SYMBOL_STACK_INDEX:  6

SYMBOL_NAME:  msrpc+19480

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: msrpc

IMAGE_NAME:  msrpc.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  0

FAILURE_BUCKET_ID:  X64_0x7a_c000000e_msrpc+19480

BUCKET_ID:  X64_0x7a_c000000e_msrpc+19480

Followup: MachineOwner

Hi Guys,

I'm having issues setting up a script that enables the IE proxy with IP and port.
In the batch file I'm using the set command to make variables so my collegues don't have to change anything below a certain line.

Example: 
set proxyip=192.168.1.10 %=change proxy IP%=
set proxyport=8080 %=change proxy port%=

Then I've tried to change it using the command line (registery) but for some reason it doesn't like the fact that I'm using these variables since it keeps adding everything in the IP box in IE which makes it look like: 192.168.1.10;:8080
When entering it manually without using the variables it's working fine as intended.

My next option was to look into an vbscript that I can call up from the batch file, however I don't have any experience with VBscript and I'm unable to find the right answer on the internet.
Basically what I'm looking for is a adjustment  that allows me to provide the IP and port directly from the command line (for example: proxyscript.vbs /Address:"%proxyip%:%proxyport%"

Thanks for your time

I have two dedicated servers (both Windows 2012 Server) hosted in a data centre somewhere.   I want to share a folder on one server with the other server, but it's obviously not as straight forward as one might think.  My servers are called "Maximus" and "Apprentice".

On Maximus I shared a folder by right clicking on it and choosing "Share with... / Specific People", I then typed in the name of a local user account which also exists on Apprentice with the same name and password.  (so each server has a local user account with the same name and password).

So then on Apprentice, I was hoping I could access the share (while being logged in as this user with whom the folder was shared) by simply typing  "\\ipaddress\sharename" into the address bar in file explorer.  Unfortunately it comes back with "Windows can not access [ip address]".

Now, I do have a website setup on the IP address for Maximus.  This is actually the reason I want to create this share.  I need the second server for load balancing and need to share IIS config as well as the website itself.  (So I will need two shares eventually, but for now I'm just trying to get one to work).  I don't know if the fact that the ip address is pointing to the website is causing me problems here or if it's something else.

Are there any network gurus out there who can tell me what the issue is and how to resolve it?

hello guys, we have a Win 2012 server with documents and photos on it.

The photos when browse from the network, it takes a few seconds to load and before the photo/s can be seen.

Is there a way to speed up the loading of the photos?

Any suggestions is greatly appreciated.

Thanks.

Every second counts..make use of it. Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
IT Stuff Quick Bytes

Hi,

i created a RMS template in our AD RMS Environment, with the Setting "User License Expiration - 1 day". So, i thought that the protected file (in this case a Word document) is available for 1 day, after the Client contacted RMS Server. This file is then also "offline" available. But after 1 day/24 hours is the file still available.

I want to create the template that the protected file is no more available after 1 day. But the User should be able to open this file also "offline".

My question is which Setting i have to set that the file cannot be open after 1 day? Is it possible that i have to set a value in the database?!

Thanks for responding.