Light

hi all, can me establish best source of hyper-v install outer hosting layer on development server?  @ moment see 3 possibilities: hyper-v server 2008 r2 windows server 2008 r2 enterprise - core install windows server 2008 r2 enterprise - full install unless there reason not envisage outer layer being used other hosting virtualized operating systems within.  i would expect be: windows server 2008 r2 enterprise - full install windows 7 professional windows 7 enterprise windows small business server standard 2011 do need install full server version on hosting layer enable writing of cd/dvd's, have read never did conclusive answer on? also dual-screen setup, there reason require full install on hosting layer. many thanks,   nick "unfortunately no mouse, due being usb mouse , usb not being supported" --- think cause issue lies elsewhere. usb mice supported. Windows Server

i've never configured cluster, i'm trying understand that's bugging me - how eliminate san single point of failure in cluster? this caught interest: http://windowsitpro.com/windows-server-2012/windows-server-2012-building-two-node-failover-cluster i'm trying conceptually understand how scenario work... for maximum reliability, want cluster application runs on sql server. if understand correctly, i need @ least 2 servers , 1 san. increased reliability, should have 2 switches, , each node running sql have 2 connections - 1 each switch. far, pretty redundant...but san itself. if want run given application in cluster , have fail on node, (in "perfect" world) need 2 sans well? if so, how cluster those? application automatically fail on live san? thank you, ed i've never configured cluster, i'm trying understand that's bugging me - how eliminate san single point of failure in cluster? this caught interest: http://windowsitpro.com/

hi i have 2 domain controllers dc1  win server 2008 dc2  win server 2003 i have dns installed on both servers all clients has prefered dns refer dc1 alternate dns refered dc2 once shutdown dc1 pcs cannot resolving , when go cmd nslookup cannot identify dns if go tcp /ip configuration , make dc2 primary dns ok , can solving internal , external name question : why users pc cannot using alternative dns once primary 1 down .? how can solve issue how can monitoring ? mcp mcsa mcse mct mcts ccna try reverse dns on 2nd dc help, same me, fixed reverse dns Windows Server  >  IPAM, DHCP, DNS

when using below process want avoid possibility of changes database after ca database has been restored onto new 2008 r2 server (using process below).  have suggestions on ?  want introduce ca server network after sure server in health state. http://technet.microsoft.com/en-us/library/ee126140%28v=ws.10%29#bkmk_restoreca turn on windows firewall rule prevent adcs request incoming requests. there 4 rules disable (temporarily) - certification authority enrollment , management protocol (certsvc-dcom-in) - certification authority enrollment , management protocol (certsvc-rpc-epmap-in) - certification authority enrollment , management protocol (certsvc-rpc-np-in) - certification authority enrollment , management protocol (certsvc-tcp-in) this block enrollment requests while health of ca after restoration new os brian Windows Server  > 

hi, basically looking few ideas on how redesign our file servers. we have multiple physical file servers , few virtual servers , replicated , not quite confusing. total storage size around 6tb made of home directories, , shared resources - no particularly special file types etc. using dfs home directories mean need have single point of reference supported microsoft per: http://blogs.technet.com/b/askds/archive/2010/09/01/microsoft-s-support-statement-around-replicated-user-profile-data.aspx what thinking doing consolidating onto 4 servers. we have large single site few remote sites. remote sites have had links upgraded 1gb , have been removing our server infrastructure these areas due not having environmental/physical space/security in place. on our main site have 2 separate buildings each contain san (not linked each other). microsoft's guides show concepts of using dfs failover cluster in main site replication single server @ remote site. i model in 1 site, due

hi all web enrollment features enabled @ home lab . however, windows server 2012 r2,  when requesting cert in web enrollment, v3 templates not listed although copy of user template is configured, , logon user authorized. according  " http://blogs.technet.com/b/ad/archive/2008/06/30/2008-web-enrollment-and-version-3-templates.aspx " version 3 templates cannot requested via web enrollment using “out of box” certificate web enrollment pages.   is there way make work 2012 r2  ? puneet singh no, cannot enroll ksp_based certificate /certsrv web enrollment pages. you can request these certificates using: - certreq.exe - cep/ces (web enrollment services) - preferred method - certlm.msc (certificates mmc focused on local computer) brian Windows Server  >  Security

sorry cross post, couldn't find forum last night odd reason :( a client has ou contains 2 rds servers, there 7 gpo applied here,  none of contain loopback processing. users in default users container :(  needless things not working they'd like. for test created new ou user accounts , create new user there (with admin rights test).   create simple gpo user setting , link ou.  then log rds server.  gpresult /r shows simple gpo under user setting applied group policy object expected. what i'm lost on computer configuration settings.  the applied group policy objects follows: favorites redirect (only user config) term serv timeout (only user config) ffscript (only computer config) browser proxy (only user config) ie connections lock (only computer config) adagentdeploy (only computer config) default domain policy (only computer config) then 2 gpo not applied because filtered: local (empty) shared folder (empty) has user configuration\pr

my setup: ws 2008 r2 ent, tmg 2010 sp1. internal network uses native ipv6. i've deployed directaccess, clients can succesfully connect via iphttps , teredo da server , reach internal servers ping. after enabling edge traversal icmpv6, can ping teredo da client address internal network. but, can access internal network services (dns, fileshare, http, etc.) when connected iphhtps. when disable iphttps , teredo still active, can ping. from wf.msc console can see main mode , quick mode secure channels teredo clinet ip address (2001:...) established da server (2002:...). how can teredo work? mcitp: ea, ema, va; mcsa i think @ point, your question seems point to a tmg configuration question. if may suggest , recommend, may better post to the tmg forum tmg specific assistance. for convenience, here's link forum: http://social.technet.microsoft.com/forums/en/forefrontedgegeneral/ ace ace fekay mvp, mct, mcitp ea, mcts windows 2008 & exchange 2007, mcse &

we had consultant set windows virtual server our symantec endpoint manager software.  unable connect internet on virtual server.  have virtual server running right next , internet works fine.  there way pay @ configuration?    regards,   stephanie hi,   this not right place troubleshoot virtual server issues. please discuss virtual server issues in virtual server newsgroup:   http://technet.microsoft.com/en-us/virtualserver/bb676714.aspx   tim quan   Windows Server  >  Server Manager

hell there, i trying implement desktop wallpaper policy clients using desktop policy desktop wallpaper under. user configuration > policies > administrative templates: policy definition (admx files) retrieved central store. > desktop > desktop > desktop wallpaper. set fill wallpaper style.  i enabled user group policy loopback processing mode , set merge. but xp clients not getting wallpaper after manual gpupdate , restart systems  can guide me problem behind it jazaib hussain hi, as desktop wallpaper policy user configuration, no matter where the user logon to, have same wallpaper. i confirm why enable loopback policy. because loopback policy in merge mode means users logon computer have user settings in gpo linked computer. please refer below link more information loopback policy: loopback processing of group policy http://support.microsoft.com/kb/231287 in addition, please run gpresult/z collect group policy result, , check out whether wallpape

greetings, i have vm have uploaded hosted service.  regenerate sid, not have console access.  in short, cannot use sysprep.  doing cause windows boot oobe prompts, , system dead in th e water. how can regenerate sid without sysprep, , without impacting server boot process (so can still rd it) thanks! it's not reboot concerns me, it's console access required re-enter data.  there's no way auto-answer? it's possible. sysprep, when executed on live machine resets server name, licensing , network interfaces apart changing sids. can automate , supply hostname, license configurations , static ip in auto answer file can used sysprep.  please see nice article by    brian jackson   on sysprep. http://theitbros.com/sysprep-a-windows-7-machine-%e2%80%93-start-to-finish also, refer tim quan's reply on setting static ip address against mac address in unattend file forum thread. unattend.xml automate static ip http://social.technet.microsoft.com/forums

  hi  i'm etting  error below when runing cluster validation configured wizard  1st have 2 server running in esx-vmware windows 2008 r2 ent  i have templates windows 2008 , deployed , name of server server1 , server2  basically cloned templates .. please advise waht error below,i disabled firewall , server in same segment  error: validate windows firewall configuration validate windows firewall configured allow failover cluster network communication. validating windows firewall configured allow failover cluster network communication. error occurred while executing test. there error verifying firewall configuration. item same key has been added.   robert you have turn off firewall functions, not disable firewall service.  service disabled, system cannot query firewall status properly. geoff n. hiten principal consultant microsoft sql server mvp Windows Server

1 of customer have problem x1600 storage server have unexpectedly rebooted. , make dump debug dump file , attached details please let me know cause rebooting.. ++++++++++++++debugging details:++++++++++++++ not read faulting driver name read_address: fffffa80fffffff1 faulting_ip: srv!srvsessionlastusecompare+0 fffff880 0b419390 8079f200 cmp byte ptr [rcx-0eh],0 mm_internal_code: 5 customer_crash_count: 1 default_bucket_id: win7_driver_fault_server bugcheck_str: 0x50 process_name: system current_irql: 0 analysis_version: 6.3.9600.17029 (debuggers(dbg).140219-1702) amd64fre trap_frame: fffff880021a58e0 -- (.trap 0xfffff880021a58e0) note: trap frame not contain registers. register values may zeroed or incorrect. rax=fffff8800b419390 rbx=0000000000000000 rcx=fffffa80ffffffff rdx=fffff880021a5bb0 rsi=0000000000000000 rdi=0000000000000000 rip=fffff8800b419390 rsp=fffff880021a5a78 rbp=0000000000000100 r8=0000000000000000 r9=0000000000000000 r10=fffffa8007801010 r11=fff

greetings, i see 3 vulnerabilities on scan. 2 patches( kb2813430,kb3097966 ) installed on server out of three(kb2677070,kb2813430,kb3097966 ) vulns. installing kb2677070 fix 3 vulns?  i trying check needed automatic updater? use windows update? ports required? if have disconnected environment (no internet connection). below details on vulnerabilities. ms kb3119884: improperly issued digital certificates allow spoofing plugin text: plugin output: the remote host has kb2677070 or kb2813430, disallowed ctl has not been updated. synopsis: the remote windows host has out-of-date ssl certificate blacklist. description: the remote host missing kb3119884, kb2677070 (automatic updater), or latest disallowed certificate update using kb2813430 (manual updater). if kb2677070 has been installed, has not yet obtained latest auto-updates. note plugin checks updaters have updated disallowed ctl list, not kbs listed installed. approach w

i have had windows server 2012 essentials setup , running on 12 months , have been using remote web access share files our employees. when using rwa can download files in seconds without issue. i wanted setup vpn connection server remote manage server if needed rather have go office time. added role on server, forwarded port 1723 needed whilst @ office. @ home created vpn connection on windows 7 pc. vpn connects without issue when trying lag slow. on laptop used cmd prompt ping server see going on, lot of time outs when doing anything, when trying open folder shared rwa , opens without issue. if use remote desktop times out , closes, cant anything. it appears vpn issue rwa works perfectly. ideas cause this? hi, regarding current issue, suggest refer following similar thread see if helps. please follow suggestions tiger provided in thread. slow vpn connection windows server 2008 http://social.technet.microsoft.com/forums/en-us/3e68223a-26d8-4f39-a476-e7092c44af

hi, i running windows 7 error: log name:      application source:        microsoft-windows-wmi date:          10/25/2012 9:57:42 am event id:      4 task category: none level:         error keywords:      classic user:          n/a computer:      description: error 0x80041002 encountered when trying load mof c:\windows\system32\wbem\tscfgwmi.mof while recovering .mof file marked autorecover. warning: log name:      application source:        microsoft-windows-wmi date:          10/25/2012 9:57:44 am event id:      63 task category: none level:         warning keywords:      classic user:          system computer:      description: provider, faronicsstoragespace, has been registered in windows management instrumentation namespace root\faronics use localsystem account. account privileged , provider may cause security violation if not correctly impersonate user requests. steps did resolve did not fix it... 1.  i ran script did not fi

1. how configure dhcp add dns entries machines not in domain. want keep dns secure updates only. 2. when dns entry domain machine made dhcp. necessary machine account should have full control. ex :- when machine hostname  "test" gets ip dhcp. dns entry made dhcp in dns. when go rights clikc - resource record security tab. necessary " test$ " id should have full control ? if hostname id not added write permission afect refresh process of resource entry? thanks please let me know if asking question in wroong category of forum. hi, you in right forum. all dns registration according dns suffix clients obtained. easy manage if choose dhcp register dns records. here dchp server owner records. here blog talk this: dns dynamic updates in workgroup http://blogs.msmvps.com/acefekay/2013/06/12/dns-dynamic-updates-in-a-workgroup/ another concern records update when have dhcp server, add dhcp server dnsupdateproxy group resolves secure update is

windows 2012 failover cluster , iscsi exposed targets , clustered storage iscsi path used shared clustered volume i attempting discover iscsi target used failover clustered storage disks ( did not set ) , no security set on targets , same san being exposed vmware being used windows 2012 failover cluster. vmware straighforward process exposes data in properties datastore. what command exposes iscsi target used clustered storage disk? i have tried following get-clustersharedvolume | select * |fl presetpathacl : sharestate : online availabilitytype : nonclustered sharetype : filesystemdirectory folderenumerationmode : unrestricted cachingmode : manual catimeout : 0 concurrentuserlimit : 0 continuouslyavailable : false currentusers : 0 description : remote admin encryptdata : false name : admin$ path : c:\windows scoped : fa

in windows 2003, active directory. how can create new attribute in user object? , how administrator can fill value of these new attributes gui? for example, want add new attributes such employee number, division, car type ;) … users. what want achieve not simple solution, modifying or adding new attribute in schema requires knowledge of object classes & different attributes linked. employee id included in ad. open aduc, right-click user account, choose properties, switch attribute editor tab, can find employee id. http://www.kreslavsky.com/2008/11/add-custom-field-to-aduc-employee-id.html creating other attributes division, car type etc, require extend schema using script & programming skill. actual gui comes vb interface & in order change & display custom attribute on dc, require developer that. take @ references below, before make changes schema, take system state backup of ad first & test in lab prior live environment. extending schema http://

hello, with windows 2008, want make restriction in name of shared files (smb). shall want prevent users under linux/unix/mac write files or folders :  - characters ntfs proscriptions : / [ ] ; = " \ : | , * .  - blank between name of file , extention  (exemple : "name.txt" instead of "name .txt") in case, have not possibility use active directory , gpao on linux/unix/mac. the software "macname" doesn't work because afp don't exist in windows 2008. nfs not work under mac. thank in advance hello, as far know, of invalid characters have been block use in file, folder name ntfs. you may check kb information. error message: filename invalid or cannot contain of following characters http://support.microsoft.com/default.aspx/kb/177506 thanks. this posting provided "as is" no warranties, , confers no rights. Windows Server

i seem getting weird errors in dns log after installed vpn on our server, server 2003 sp2. 180 address below seems refer ppp ras server dial in adaptor think created vpn when installed it, strange have vpn server setup on ip address.   the dns server not open socket address 192.168.0.180. verify valid ip address server computer.  if not valid use interfaces dialog under server properties in dns manager remove list of ip interfaces.  stop , restart dns server. (if ip interface on machine , dns server may not have started result of error.  in case remove dns\parmeters\ listenaddress value in services section of registry , restart.)   if valid ip address machine, make sure no other application (e.g. dns server) running attempt use dns port.   more information, see "dns server log reference" in online help. more information, see , support center at ------------------------------------------------------------------ and getting : ----------------------

hello all we have 2008 dc's 2003 dfl. have share hosted on member server. now there application runs on workgroup machine. application access share on member server. user (domain user) double clicks application modifies share. how can allow access application on share hosted on domain machine?? gpo/local gpo etc. appreciate in advance!! you can allow anonymous access share. but, beaware of security risks involved in enabling anonymous access share. http://technet.microsoft.com/en-us/library/cc755781%28v=ws.10%29.aspx http://technet.microsoft.com/en-us/library/jj852200%28v=ws.10%29.aspx awinish vishwakarma - mvp my blog: awinish.wordpress.com disclaimer posting provided as-is no warranties/guarantees , confers no rights. Windows Server  >  Directory Services

i renew certificate of our issuing ca. before want make sure of something. this issuing ca used client network authentication , certificate distributed through gpo. when renew certificate , client not have new certificate in it's certificate store yet certificate trusted?  when right authority information access  is entered , root ca trusted work, right? hi dan, >>when renew certificate , client not have new certificate in it's certificate store yet certificate trusted? >>authority information access is entered , root ca trusted work, right? as far know, when renew ca, ca have 2 ca certificates. the domain joined machines automatically trust domain ca. the old ca , renewing ca are both remained in "trust root certification authorities". besides, gpo location : best regards, andy_pan Windows Server