Hi there,

I have a bit of a problem with Windows update on multiple servers, some 2012 r2, some SBS 2011, some 2008 r2 and this issue is present across multiple client sites.

I've found that a lot of servers we look after automatically check for updates daily but find nothing. They are set to look for all updates available.

When I manually open Windows update and click "Check for Updates", I find everything available including a lot of critical and important updates.

This is a concern because in some cases, we've found servers that have not had an update installed in several months.

This issue is affecting domain controllers, terminal servers and workgroup servers.

I have googled this extensively but cannot seem to find the right search terms to get relevant hits on this issue.

Have any of you come across this? Any help resolving this would be appreciated.

(fyi, I don't schedule updates to install automatically on the servers I look after as I prefer to have them check periodically and notify me when they are available to install)

hello

for some reason we delete some folders and virtual directories by mistake and the   

https://localhost/certsrv   not access now and showing error please how we can rebuild this directory again and fix the issue

we are using windows server 2008 r2

thanks

MCP MCSA MCSE MCT MCTS CCNA

I am posting this here as my Laptop has been turned into a Windows server without my consnet. I do have Group Policy setup but I have no control over the contents.

I need help with a serious hacker issue. Someone, somehow has complete control over my system. I have a Dell Vostro V13 laptop running Windows 7 Home Premium 64bit. Memory is 4 GB DDR301333MHz SDRAM, 1DIMM with Intel Core Processor ULV i30380UM (3M Cache, 1.33GHz, 800MHz FSB). It has a 500GB SATA Hard Drive. This issue has been going on for some time now (possibly up to 1 year) but it has gotten much worse as time has gone on and the hacker(s) have gained more control over my system. This actually started on a previous laptop I had.

The hackers have turned my machine into a server and are using it to either play games or to resell bootlegged software and or maybe to gain personal information on me. Not entirely certain of their motives but it has caused me many, many problems. At one point I found a reference to allowing up to 100 client connections into my new Dell server. Here are some of the odd things I see.

My OS Build Version shows 6.1.7600 Build 7600. When I run the Dell diagnostics utility is show something in the 4,000 range. This is the same build version I showed on my previous Laptop but it had the Home Starter Windows Package loaded.

My boot device is \device\Harddiskvolume1. I don´t know if this is strange or not. My hard disk is 0.

I have been placed into a domain and do not have complete administrative control over my system. I have admin rights but the domain server admin has more rights than I do and this person is the hacker.

Installed Physical Memory is 4GB
Total Physical Memory is 3.8GB. I believe the hacker has used some of my memory allocation to reside their malicious software.
Available Physical Memory is 3.35. This is after a safe boot load.
Total Virtual Memory is 7.6 GB. I have tried to uninstall the virtual memory but it keeps coming back.
Available Virtual Memory 7.14.
Page File Space 3.8GB. I have tried to delete the page file but I can´t. I also have what is called a hiberfil.sys file on my system and this is currently 4GB in size and I can not delete it.
Page File c:\pagefile.sys

I am now fairly convinced my problem is somewhere in the memory. I think a Ramdrive or Ramdisk loads at boot. I have a 500GB hard drive but I can only see 465BG. The remaining disk space is reserved for a X: drive that I can only see and navigate to when I get into a System Restore mode and get into the command prompt. Once I get into the z: drive I can see all sorts of files that I do not believe belong there. I have attempted to remove the files but they all recover at my next boot. I have even seen them recreate themselves before my very eyes after I deleted them. I can´t delete every file. Many are protected and I do not have the sufficient admin rights to delete them nor can I can gain those rights. I have tried to reformat the z: drive but I have been unsuccessful. I get a write protected error I have however been able to format the c: drive but this did not resolve the problem.  I have now reloaded the OS over 20 times in the past month and this is now becoming clear that it will never solve my problem. When I run the set command from the c: drive many of the settings are different than when I run that command from the z: drive. As an example the Computer Name is different. It is as if I have two computer´s and two OS ´running at the same time. One for the Domain Administrator (i.e, hacker) with complete control and one for me which allows the hacker to see everything I do and to prevent me from gaining access to my own machine.

I believe the hacker has a system image and has a CDROM capable reboot. I do not have the technical knowledge to understand how this all works but I do now this person is accessing my system at blinding speeds. He or she is somehow contacted every time I gain network access as the moment I get online they are in my system. I have tried to prevent this via the firewall but last night the hacker just deleted my firewall. They also took over my USB dongle I was using for Internet access. They change the PIN on one of my SIM Chips which prevented me from accessing the service. I had another SIM Chip with a PIN already programmed into it and they just modified the USB software to disallow the use of a PIN. I watched as this person had internet access via my system and I was denied access somehow. One thing that I am preplexed about is how this hacker is gaining access to my Laptop. They seem to be able to access it even when I am not connected to the internet. I have found hidden files that are called hiddenpbx. I do not know if this is a back door or not. I delete the files but they always come back.

When I look at my memory resources I see IRQ 81 to IRQ 190 reserved for a device called Microsoft ACPI Compliant System. This seems odd to me. This is a lot of upper memory reserved for something.

All my Dell devices that came reinstalled have been replaced with some generic devices of unknown origin or these so called Microsoft Compliant Devices. Every time I reinstall the devices they last a day and then are replaced.

Every time I reload the OS I run across strange log files that reference this x: drive. It appears as if the OS is actually being reloaded with some bogus or bootlegged OS vs the being loaded from the OS CD Dell sent to me.

There is all sorts of information I can provide, but I am not certain what would be most beneficial. I need to leave this up to the experts. So if someone could raise their hand and give me some help I would appreciate. I know someone out there in cyberspace can fix this problem without too much sweat, but I do know this issue has gone on for some time now and this hacker now has complete control over my system. I understand it may take some time to undo what this person or these people have spent many hours creating, but I need my system back. I would be willing to offer some sort of compensation to the person who can get my system back into my hands. I do not have much money but I will certainly offer what is deemed fair in this situation. I am at the point where I just want to throw this Laptop into the thrash can.

I can´t spend a lot of time speculating as to what may be the problem. I need to know what the problem is and to have it fixed. I currently am not using that machine to access the internet or to send this Post. I have to use an Internet Cafe so my access to the internet is much more restricted.

Thanks in advance for any help someone my be able to provide.

HI

when you configure a second DHCP server to work as hot standby , there is option Maximum Client Lead time you can set, lets say we set it to 2 mints , so when a client connect to DhcP SERVER, it will get IP form active server with leas time 2 mints ... after that it will get IP for 8 days ( as leas time )

so what is the advantage of setting up the MCLT?

regards

Hi,

   I am having a windows 2003 server with SP2 installed. Recently installed IIS and ASP.Net installed through Add/remove programs.From IIS6.0 ,html pages are able to browse through rightclick. But ASPX files are not opening directly in IIS6.0 , Error is page cannot be displayed. I had allowed ASP in webservice extension. Please help to resolve.

Regards

Bala

Hi,

I have a Windows Server 2008 . I am getting the Event ID 7022 with "The Telephony service hung on starting"

When I start the service, it takes about 2 minutes then Left in the services it says Starting.

Any ideas, I have been battling this for about three days now

Regards

Suresh Ramasamy

Hi All,

we are using Windows server 2008 R2 for AD. may i know how to calculate the number of user objects and group objects in AD the fast way?

THanks

Hi ALL, I we have a multi domain environment and  I am running AD LDS on windows 2008 server with two virtual machines for load balancing, recently i noticed issues with one of the server ( 2nd server) while synchronizing with domain controllers, the sync scripts are running good on primary server, as soon as we introduce 2nd server in we are seeing  issues with user synchronizations.

In order to resolve the issue i have few options

1. Rebuild the 2nd LDS server or recreate the ADAM instance on it, i have knowledge of active directory and AD LDS seems to pretty similar however i am not very familiar with scripts running on it for importing users from domain controllers plus there seems to be other entities like metadata and ldf files and i dont have a good handle on these items.

2. My 2nd option is to power off both LDS servers, make a clone of 1st LDS server ( since this is running clean), re ip and rename the host  so that the cloned server  appear like  2nd LDS server and then power it on, rsync with domain controllers. If sync works then also power on 1st LDS server. I am thinking this is a supported configuration but not sure if there are any other underlying configuration/settings/registery that i need to modify in order to clone and re ip and rename the host.

anybody has experience of doing something like this, please share your experience/expertise. FYI we are running virtual machine on VMware instead of MS hypervisor.

below are the sync logs from malfunction server

Adamsync.exe v1.0 (5.2.3790.2075)

Establishing connection to target server localhost:389.

Error: Unable to find specified configuration file (dc=lab,dc=voice,dc=local).

Done.

Here's my scenario.  One physical server running HyperV, with two virtual servers.  One is the DC, the other is an application server.  I attempted to install remote access on the application server so this business could connect via a VPN. The install added direct access and VPN services, then seemed to go haywire because after a restart, things were not working as expected.  I removed the remote access features and restarted again.  Things are working mostly, but this server cannot process group policy or register itself in DNS because it says it cannot connect to a domain controller.  From the server, we can ping the DC just fine.  DCDIAG on the DC is clean with no errors.  Nothing has been done to the DC except cleaning up of the A records that the direct access install created that were pointing to the application server.  I've manually created an a record in DNS, but that hasn't helped.  

Another issue is the application server thinks its connected to a private network now and not a domain network.

Configuration of the NIC has the DC listed as the DNS server with no other DNS servers.  On the DNS, we have the proper DNS forwarding addresses setup, and internet routing is working fine.

Trying to move off SBS 2011 and migrate to all 2012 R2. Existing SBS 2011 server was originally migrated from an SBS 2003 server and contains a lot of remnants from the old 2003 DC in Active Directory because the migration process was not completed 100%. I've had to clean up a lot of issues in AD, DNS, DHCP, etc. that were left behind by the former IT company.

The new 2012 R2 server will only support DC/file/print services and won't be hosting Exchange or SharePoint. I've seen numerous articles on moving to 2012 R2 but none seem to mention cleaning up Group Policies.

Any suggestions on how to start with a setup of 2008 R2 Group Policies that don't contain all the SBS stuff, move all the roles to 2012 R2 DC, demote SBS 2011 server, and then bring DC up to 2012?

Is restoring generic 2008 R2 GPs and option? Need to purge the clients of this junk too.

Mark M. Carpenter

I wrote a powershell script that creates a scheduled task on a remote host. The script works on all of my servers accept any that have 2012R2 as an OS.

ERROR: The parameter is incorrect.
    + CategoryInfo          : NotSpecified: (ERROR: The parameter is incorrect.:String) [], RemoteException
    + FullyQualifiedErrorId : NativeCommandError

This a generic error that results when this command is run in my script

Invoke-Command -ComputerName $_ -ScriptBlock {
         Schtasks /create /sc Once /st 02:00 /tn PS_Script /tr "powershell.exe -file $Args " /s localhost /ru SYSTEM
    } -ArgumentList $LocalScriptLocation

The task gets created and run on 2008R2, and 2012 servers but not 2012R2. Is this a known issue? My google search were fruitless

Thank You,

Rich

Success is a lousy teacher. It seduces smart people into thinking they can't lose. -Bill Gates

I have few similar (same model) usb external hdds, one of them apparently isn't stable and I see that in event viewer,

How can I found how which hdd is it?

Many thanks!

Hi There,

Last night we had power failure in the server room, this morning I try to power on the server, while trying to login to admin account system is getting restarted. I'm able to login to safe mode for your information.

Kindly let me know what should be done in order to resolve this issue.

Regards,

Ali

3532: 2009-08-08 19:31:03.294 [CBS]                       installing 'WindowsServerBackup ' ...
3532: 2009-08-08 19:31:03.294 [CBS]                       CreateSessionAndPackage: begin
3532: 2009-08-08 19:31:05.872 [CBS]                       CreateSessionAndPackage: done
3532: 2009-08-08 19:31:05.872 [CBS]                       ...parents that will be auto-installed: '<none>'
3532: 2009-08-08 19:31:05.872 [CBS]                       ...default children to turn-off: '<none>'
3532: 2009-08-08 19:31:06.028 [CBS]                       ...current state of 'WindowsServerBackup': p: Staged, a: Staged, s: UninstallRequested
3532: 2009-08-08 19:31:06.028 [CBS]                       ...setting state of 'WindowsServerBackup' to 'InstallRequested'
3532: 2009-08-08 19:31:06.075 [CBS]                       ...'WindowsServerBackup' : applicability: Applicable
3532: 2009-08-08 19:32:23.887 [CbsUIHandler]              Initiate:
3532: 2009-08-08 19:32:23.903 [InstallationProgressPage]  Installation...
3532: 2009-08-08 19:32:51.496 [CbsUIHandler]              Error: -2147024809 :
3532: 2009-08-08 19:32:51.496 [CbsUIHandler]              Terminate:
3532: 2009-08-08 19:32:51.496 [CBS] Error (Id=0) Function: 'NativeMethods.GetPackageStatus(out status)' failed: 80070057 (-2147024809)
3532: 2009-08-08 19:32:51.496 [CBS]                       ...done installing 'WindowsServerBackup '. Status: -2147024809 (80070057)
3532: 2009-08-08 19:32:51.496 [InstallationProgressPage]  Installation wird überprüft...
3532: 2009-08-08 19:32:51.590 [Provider]                  Skipped configuration of 'CoreWindowsServerBackupOptionalComponent' because install operation failed.

Hi All,

I have windows 2003 enterprise 32bit (vmware guest) has weird issue.

Server works normal and all of a sudden the remote desktop won't respond , application won't work and the solution will be restart the server. Happened twice in a day and become thrice...i have logged in when the issue happened. task manager works fine able to open services.msc through the task manager but not the my computer which means the drive icons won't display at all and unable to open the perfmon.

no event logs will be recorded during the hung..

CPU utilization was normal during the server hung.

PTE value is 183986 when the server is normal.

Installed memory is 4GB

Page file on separate disk 

Initial set - 6142 and max is also 6142

also one page file in c drive with the size of 256

[boot loader]
timeout=5
default=multi(0)disk(0)rdisk(0)partition(1)\WINNT
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINNT="Windows Server 2003, Enterprise" /fastdetect /NoExecute=OptIn /PAE
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

One time i did not allow the server to restart. waited for 45 mins and the server started working normal.

Need your valuable input to resolve the issue.

Karuna

I am trying to move the pagefile onto a dedicated disk but, after moving the paging file and rebooting, a message pops up stating it has created a temporary paging file. 

Here is what I have configured, please advise if there is anything I have missed:

Windows 2008R2 SP1 with 20GB of memory. It is to be used as RDS Session Host.

B:\ is for the paging file
C:\ is the System Drive

Because I wanted to keep dump files, in case of system errors, I set the following within registry:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\CrashControl
REG_SZ: DedicatedDumpFile   Value: B:\DedicatedDumpFile.sys
DWORD: DumpFileSize           Value: 2060MB
DWORD: IgnorePagefileSize   Value: 1

Under Virtual memory settings, B:\ is configured for the paging file custom set to maximum size. C:\ drive is set to none.

But, as I stated, every time I log on I get a message stating a temporary paging file was created on the C:\ drive which is not what I want.

Can anyone help?

Regards
Mark

Event ID:

Source: Schannel

Description:  

Hello Friends,

I have been using the trial version of 2008R2 Enterprise & 2012 Datacenter edition in my lab for practice. I had created a sysprep with generalize option and was using multiple machines for different practicals and they were getting activated properly with a 6 months license.

Recently, I tried to activate the new installations to replace my DCs in the lab however found issues while activating. Initially, I though that it could be something with the sysprep but found the same issue with the new installation of the server as well. Tried activating 2008 R2 Enterprise, 2012 & 2012 R2 Datacenter editions and none of them are getting activated as a trial. Could you please let me know what is happening as per the screenshot or MS has changed the policy for trial version as well

I have a Windows Server 2008 R2 . The server went into a hung state. On rebooting , The server boots up to the windows screen and blacks out, Tried the following options on the server to bring it back online however unsuccessful.

1. Safe Mode
2. Safe mode with networking
3. Last Known good configuration
4. Tried Booting the server from CD for repair option, However once the cd is in, it does not provide the option to repair. A little bit of search concluded that Start Repair is not available in Windows Server 2008
5. System file check (SFC.exe)
6. I tried BCDeidt
7. I tried to backup registry from C:\Windows\System32\Config\Regback

Only thing that works is

1. Safe Mode 

I disabled the non microsoft services like symantec and also the SQL services while in Safe mode with command prompt and tried to restart it in normal mode, However ,It again boots up to the Windows Screen and blacks out. Also checked the system and application logs in eventviewer, However no direct indications of what went wrong

Any clues on what to do further to bring it up normally other than the one that we tried?