Quantcast
Channel: Windows Server General Forum forum
Viewing all 24879 articles
Browse latest View live

Changing Network adapter InterfaceIndex

October 8, 2015, 6:19 am
$
0
0

Hello All,

Recently we noticed that our ERP application on MS2K8 FC (failover cluster) at startup taking the network adapter for communication which has the numerically smallest Index number. 

The Interface selected by the application is unfortunately is the Microsoft Failover Cluster Internal communication with the APIPA, Cost: we are having a delay of 15-30 seconds per connection from the application to the DB. App in NodeA and DB in NodeB.

We tried to change the network binding order to correct this situation without a success as the Microsoft Failover Cluster Internal communication is a non manageable adapter.

Ipconfig /all shows this adapter in the end of the IP List.

Do we have a supported solution to change the InterfaceIndex of a network adapter to a different value, so that we can avoid a complete cluster build ?

Screenshot from application with the wrong subnet:



The problem with the interfaceIndex numbering:

The aim is to change the Idx of the local area connection* 9 which is the virtual adapter for Microsoft Failover Cluster Internal communication from 12 to say 19.

FYI: Node A and B are VMs.

Thanks in advance for your help.

Sujin JOHNY

Search

Recreate certsrv

October 17, 2015, 1:08 pm
$
0
0

hello 

I want to know how can i recreate certsrv virtual directory cause it is deleted by mistake from my certificate authority server .

Thanks


MCP MCSA MCSE MCT MCTS CCNA

logon failure the user has not been granted the requested logon type

October 18, 2015, 12:31 am
$
0
0
In my windows server 2008 R2 virtual machine, I have a few users but I am not able to login as them. I went to gpedit.msc->Windows settings->Security Settings->Local Policies->User Rights Assignment->Allow logon locally, but here the Add User or Group button was disabled. So I typed gpmc.msc,Under forest->Domains->my domain->Default Domain policy. I right clicked and choose edit. In the next window, I went to Computer configuration->Policies->Windows settings->Security Settings->Local Policies->User Rights assignment->Allow logon locally . Here I saw that it already has everyone,authenticated users, administrator. I added all the users by the domain name again. But still I am not able to login as them. I get the same error. They are not present in Deny log on locally. Their accounts are not disabled and have valid password. Kindly help.

im confused about the Restricted group in Group policy !!

October 18, 2015, 5:34 am
$
0
0

Hello All

im confused when I use the restricted group in group policy can some one explain it.

regards

Multiple roles on the same machine - WS2012 R2

October 17, 2015, 1:18 pm
$
0
0
Sorry if this is a stupid q but this is new to me. I wanted to understand whether there are any best practices or recommendations on running multiple roles on the same machine. I'm specifically interested in understanding whether it makes sense to run Active Directory on the same machine as File Server for home drives (for around 300 users). Are there any sizing guidelines around?

WinRM connection issues for domain

October 18, 2015, 9:20 am
$
0
0

Hi,

I am trying to connect remotely to WinRM to enumerate Win32_Computersystem over HTTP.

I have my HTTP listener set on the windows 2008 machine

Initially i was using a local user to connect , but the connection failed.

The issue was with UAC,to resolve this i added the registrykey HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system\LocalAccountTokenFilterPolicy with value set to 1 .

When i use a domain user, i am unable to connect to the same.

I queried the SPN via setspn -l <hostname> and found the following results,

WSMAN/<shortname>

WSMAN/<fully qualified domain name>

Is there any other configuration that needs to be done?

The domain account is part of local Administrators group.

There is an EventID 168 with the following description.

Sending HTTP 401 response to the client and disconnect the connection after sending the response.

We are using Negotiate with SPNEGO.

And also the issue is for domain user while a local user is working fine.

Firewall is turned off as well.

Tried using Analytic logs in WinRM but it seems to provide the same info as Operational.


How to Create a Backup Domain Controller in 2008 R2 for a Primary Domain Controller in 2012 R2

October 18, 2015, 8:22 am
$
0
0

I currently have a server running 2012 R2 foundation as a domain controller. A also now have an available server running 2008 R2 foundation, which is no longer needed for its original purpose. I'd like to use that second server as a Backup Domain Controller for redundancy and fault tolerance etc., but I don't know exactly how to go about that. I have demoted the '08 R2 server from it's previous use and joined it to the '12 R2's domain, but that's as far as I can go.

I've searched far and wide - both in my '08 R2 and '12 R2 books (by Mark MInasi) that I have, and online - for help, but have come up empty.  I could find lots of descriptions for NT, 2000 and 2003, but nothing for the versions I have, and none of the books nor articles tell me H O W to accomplish this. They only describe its purpose and THAT it can be done, but not how to do it.  I'm completely frustrated and befuddled.

I'd be very grateful if someone could point me to someplace that has step-by-step instructions for setting this up.

 

Capt. Dinosaur


Exchange 2010, .local domain and a wildcard certificate

October 13, 2015, 11:11 pm
$
0
0

I have just started with a new company and one of the first jobs to come across my desk is to replace the certificate on the exchange server that expires at the end of the month. I tried to renew the current cert with godaddy but it hasmydomain.local as a 'subject alternate name' so it cannot be renewed. We have a wildcard certificate here so I have used it but then internal clients get a certificate error as they are resolving to theservername.mydomain.local which does not match our external name on the certificate. Is there an easy way to fix this? I have read some stuff about split DNS and changing some virtual directories via powershell to make this work but I just want to make sure that nothing is going to stop working during this process as the server is live with over 2500 users.

Here is the article I was looking at. It refers to exchange 2013 so are there any different commands for my exchange 2010 environment? http://exchangeserverpro.com/avoiding-exchange-2013-server-names-ssl-certificates/

Search

802.1x computer and users certificate vlan trouble

October 14, 2015, 2:34 am
$
0
0

Hi

I wasn't sure where to ask this question and apologies if it's in the wrong place. 

We had a great plan to enable 802.1x for wired connections using both computer and user certification, our users are split in to regular and VIP and our initial thought had been that the computer cert and some users would go on one vlan and vip would be assigned another.  I have Group Policy set to User or Computer authentication, we can see the machine sits on the correct vlan when nobody is logged on, if a user with a profile logs on the vlan switches as required. 

The problem we are hitting is new profiles, I think we're in a race situation but the user cert is being pulled down but the authentication already seems to have failed and our switches (brocade or cisco) put them on a failed vlan, windows seems oblivious to this and leaves the computer with the ip from the regular network which obviously doesn't work.

Is there a way around the above?

I can only find a description of User Authentication relating to wireless and that description seemed to be a solution, use computer certs until the link is restarted which we could have scripted as required.  In practise this option doesn't use the computer cert at all, which makes sense considering the option name but not the descriptions I've seen.

Any help on the above would be great.

Thanks

Generating Certificate Request with 'Description' Field

October 15, 2015, 4:06 am
$
0
0

I have been tasked with automating the certificate request and renewal process between two groups at my company and have had a request to incorporate the "description" field into the certificate. This field is available when using MMC - Certificates to request a new cert; however, the field does not show up in the CA cert and parsing through the raw cert data field by field does not show the field either. The requests are being made from 2008R2 servers and 2012 servers using certreq.exe and anini file; it seems that all other fields are available by OID at the very least, except this one. Has anyone generated certificate requests using thisfield in a programmatic way? Is the field something that windows is hiding in the background somewhere but it isn't truly a certificate attribute?

Thank you very much,

Patrick



VAMT vs. Office 2016 / Windows 10?

October 7, 2015, 12:23 pm
$
0
0

I have the VAMT that is included in Windows 10 ADK. It can see my Office 2016 and Windows 10 KMS keys under AD Activation section but I can't add them under product keys as it says they are invalid product keys. Works fine with my Office 2013 and Server 2012 R2 / 8.1 KMS keys though. Is there a newer version of VAMT than 3.1 / 10.0.10240.0?

Brian Hoyt

Server Manager and Windows 10

October 15, 2015, 2:42 am
$
0
0

Hello,

I'm looking for Server Manager (to manage my Windows 2008R2 servers) from my station witch is Windows 10

Does anyone know where to find it.

Thank's

Arnaud BAROUX - Theradiag

Can't add the 2nd domain controller, please help

October 19, 2015, 4:56 am
$
0
0

Hello,

I have two servers:

1st - windows 2008 server with domain controller on it

2nd - windows 2012R2

I'm trying to promote a server as the 2nd domain controller but I get this error message when I do that:

Verification of prerequisites for Active Directory preparation failed. Unable to perform Exchange schema conflict check for domain contoso.com
Exception: Access is denied.
Adprep could not retrieve data from the server dc01.contoso.COM through Windows Managment Instrumentation (WMI).
[User Action]
Check the log file ADPrep.log in the C:\Windows\debug\adprep\logs\20151019163506-test directory for possible cause of failure.

In log files I see this error message:

Adprep failed while performing Exchange schema check.

[Status/Consequence]

The Active Directory Domain Services schema is not upgraded.

[User Action]

Check the log file ADPrep.log in the C:\Windows\debug\adprep\logs\20151019163506-test directory for possible cause of failure.
[2015/10/19:16:35:06.177]
Adprep encountered a Win32 error.

Error code: 0x5 Error message: Access is denied.

Could you please help me to resolve this issue

Thank you in advance

MS07-042 – the vulnerability is in MSXML 5.0

October 13, 2015, 12:10 am
$
0
0

Hello All,

I Use a WIndows 2003 SP2 machine and it running with "The 2007 Microsoft Office Servers service pack 2 (SP2) and WIndows Sharepoint services 3.0 SP2, 32 but Editions only"

Got the update from our security team that the msxml5.dll version available on the server is 5.20.1072.0 and as vulnerable fix the msxml5.dll has to be upgraded.

Could any one help me to fix the vulnerability by upgrading the msxml5.dll version to next available version.

Thanks,

stanjoan

Failure with CheckSUR

October 12, 2015, 8:28 am
$
0
0

OK, so I have a single server out of about 600 that's failing to install updates. Platform is 2008R2x64. Ran checksur, and having received 3 errors, I managed to find one file and replace it (it was KB3045645, the bottom one). However, that still leaves the first two:

(f)CSI Manifest Failed Catalog Check0x00000000winsxs\Manifests\amd64_7d88f408973e0c5073002ef4dee3e196_31bf3856ad364e35_8.0.7601.18896_none_72cf836c9c6ef2fb.manifestamd64_7d88f408973e0c5073002ef4dee3e196_31bf3856ad364e35_8.0.7601.18896_none_72cf836c9c6ef2fb

(f)CSI Manifest Failed Catalog Check0x00000000winsxs\Manifests\x86_microsoft-windows-ncrypt-dll_31bf3856ad364e35_6.1.7601.23072_none_602c4338692e80c8.manifestx86_microsoft-windows-ncrypt-dll_31bf3856ad364e35_6.1.7601.23072_none_602c4338692e80c8

(f)CSI Manifest Failed Catalog Check0x00000000winsxs\Manifests\amd64_516e37536595bb49867e514e4ba0e992_31bf3856ad364e35_6.1.7601.18777_none_23bb4a006696cfa0.manifestamd64_516e37536595bb49867e514e4ba0e992_31bf3856ad364e35_6.1.7601.18777_none_23bb4a006696cfa0

(fix)CSI Manifest Failed Catalog CheckCSI File ReplacedFile: amd64_516e37536595bb49867e514e4ba0e992_31bf3856ad364e35_6.1.7601.18777_none_23bb4a006696cfa0.manifest From: C:\Windows\CheckSur\v1.0\windows6.1-7601-x64-neutralcab-v2.cab

I can't find the first two despite some hefty googling. Any ideas where I can get these, KBs ?

Thanks

AW

edit: checksur.log at pastebin: http://pastebin.com/PJHAYXaZ

and another edit: just noticed the pastebin clearly names KB2765809 and KB3067505. Checksur running again, will see if that sorts it.

Search

Secuity Eventlog - The event logging service has shut down

October 19, 2015, 7:53 am
$
0
0

I have a Windows server 2008 R2 box with SQL Server 2008 R2 installed.

About 2 months ago I believe, my supervisor noticed that the security event log was not logging any events.  in the log, there is an Audit Success with the details of The event logging service has shut down. 

I have performed the following steps.

in services, I set the Windows Event Log service to disabled, and then reboot the box.

I navigate to c:\windows\system32\winevt\logs, and I delete the security.evtx files from the folder.  I set the Windows Event Log service to Automatic and then reboot again. after the bootup and log in, I see not additional events, which should be fine I would guess. I reboot again just for fun.  after this boot up and login, I get the same message, The event logging service as shut down.

the source type is eventlog and the event ID is 1100.  I can not find anything useful out there except for one post that mentioned deleting the security.evtx log.  I have actually done this process twice.

any suggestions?

Ian

Hyper-V cluster not able to migrate VMs after windows updates

October 19, 2015, 9:04 am
$
0
0

I have two hosts in a Win 2008 R2 Hyper-V cluster. I moved my VMs to one host while I installed Windows updates on the other host. During the updates it also tried to install a Dell System Device Manager update. This update failed. After the updates I was not able to migrate VMs to the updated host. I've since backed out the Windows updates and updated the hardware drives on the Dell PE R610. If I go into Device Manager I see the vhdparser driver has an alert next to it.

I also see that most of my volumes listed in the Cluster Management Console are redirected. (all volumes are on the working Host)

 

Not enough storage available to complete this operation

October 15, 2015, 11:17 pm
$
0
0

Hi,

whenever I tried to click any MMC like server manger,Hyper-V MMC etc its gives this error.

"Not enough storage available to complete this operation"

Windows update standalone installer - the update is not applicable to your computer windows

October 20, 2015, 12:17 am
$
0
0

Hi,

Windows Server 2008 R2 SP1.

Try to install KB2577795.

get error 

---------------------------
Windows Update Standalone Installer
---------------------------
The update is not applicable to your computer.





Unable to manage computer by IP where as able to manage by HostName

September 22, 2015, 12:08 pm
$
0
0

Hi Techies,

I am unable to access the 192.168.174.21 server from 192.168.174.13 server through run \\192.168.174.21 and unable to manage the computer. Whereas I am able to access via hostname quickly.

Source Server - 192.168.174.13 [Windows 2003 Server]

Destination Server - 192.168.174.21 [Windows 2003 Server]

Issue Description – Unable to manage Server - 192.168.174.21 from 192.168.174.13 using computer management using IP. Also Share drive takes long time to open from source Server using IP. To be noted this access issue is only via IP address. We are able to manage and access the destination server using Hostname or FQDN.

Troubleshooting steps tried.

  • Rebooting both the Servers
  • Validated NIC duplex settings.
  • Tried accessing 192.168.174.21 from different server on same subnet [no issue found] and even different subnet no issue found
  • Validated DNS
  • Checked persistent route
  • Checked Time, Checked whether password save, Both servers are in same Domain
  • Tried ping, Tracert, no firewall between both servers.
  • Checke and validated HOST, LMhost file on both servers

Only issue found in accessing share or managing computer using computer Management usingIP only from Source to destination server by host name no issue found,

Please help me to resolve this issue.


With Regards, Raviraj Nagenhatti - System Administrator

Viewing all 24879 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>