Bit

i have brand new windows 2008 r2 server remote desktop services installed.  old server windows 2003 server running terminal services.  on old server, had 10 user cals installed , server worked great.  on new server 10 new cals installed, users getting dropped.  message "the connection has been lost. attempting reconnect session".  nothing has changed in environment network perspective.  same firewall (cisco) , same gig switches (cisco).  have searched far , wide trying find settings can tweak prevent , have had no luck.  cannot blame internet because users on internal network getting kicked off.  appreciate can before open case microsoft , have spend money.  thanks, rusty hi rusty, the symptom seeing indication there network problem.  below suggestions resolving issue: 1. please install updates server recommended manufacturer.  example nic firmware, bios, nic drivers, chipset drivers, etc.  manufacturer has automated utility scan system , apply applicable update

hi everyone, i'm struggling understanding of password policies in domain before fine-grained password policies. it seems password policies account in ad taken default domain policy gpo if gpo not linked anywhere , "supplement" gpo password settings linked top of domain. are password settings taken default domain policy? happen if delete gpo? is behavior change forest level or after fine grained policy implemented? if have article explain of grateful. thank you > if have article explain of grateful.   there's no article on that, facts are:   you can have password policies in gpos linked on ou structure. evaluation of these policies follows simple rules:   any member computer apply password policies in gpos linked ou. not apply password policies linked domain. , these password policies applied local accounts on computer.   all dcs except 1 holds pdc emulator fsmo role not apply password policy. regardless of linked or if they e

i have downloaded app job.   i can remotely connect server, login program , works long don't toggle off page more 30 seconds.  if i'm looking @ chrome or other app when go it's frozen , have quit , restart whole process again.  i'm working on mac running os x el capitan. error code "failed read socket:-1" hi cocomeg, the next update 8.0.27 include fixes improve experience. eva Windows Server  >  Remote Desktop clients

i'm having issue folder redirection on users. using control panel creates base ou , child ous within it. when user logs in via rdp following error: the processing of group policy failed. windows not locate directory object ou=cc,ou=hosting,dc=cloud,dc=local. group policy settings not enforced until event resolved. view event details more information on error. so thing ou exist must permission issue. permission possibly missing? new forest & domain @ 2008 r2 level.   > kind of security risks getting allowing > authenticated users read permissions on ous? default when > create ou gives them read permissions automatically   risks: none, long there no sensitive information stored in ou. "authenticated" means account (user or computer) successfully authenticated sam or realm in trusted area (= computer domain or trusted domain).   sincerely,     no not evil, if know doing: or bad gpos? wenn meine antwort hilfreich war, freu

i have c# app contains embedded powershell script.  not matters, external--the important point execute the script invoking powershell.exe "-command -".  is, using -command parameter followed hyphen, allows provide body of script execute through stdin. i technique, and i've been using on year as, among other reasons, script doesn't have single command, can span many lines, declare functions etc, while without ever having script written disk in plain text or base64-encoded. after having installed anniversary update of windows 10 (1607 aka build 14393), appears broken; captured stderr shows complains missing function bodies, while stdout shows--and find part rather mind-blowing--the script got mangled in such way *all* lines contain function declaration, , following opening *and* closing curly braces, gone.  rest of script appears intact.  cascade sorts of errors. i managed write short(-ish) sample demonstrates problem.  the same exe demonstrates it's bro

we have enabled audit policies 2 windows 2008 servers. (audit  success/failiure logon,logoff,fileshare, file system, handle manipulation, registry)  after applying policies checked in both server; can able see audit events in 1 server but in server no single events logging; tried clear security logs  no more logs logging. normal logon , logoff events not logging in that server??. can me fix this??? hi, please make sure overwrite events needed(oldest events first) check box had been selected. for details: 1. event viewer -> windows logs -> security 2. right click security, point properties, select overwrite events needed(oldest events first) check box please confirm system , adminstrators account has full control permission, eventlog account has read permission hkey_local_machine\system\currentcontrolset\services\eventlog\security, restart computer. if issue persist, please try use group policy result see policy applied or not. 1. run gpresult /h gpresult.h

hi, i have .net app allows teachers remotelly close student's computer session if student not paying attention teacher says. teacher has datagrid students, , can shut the single computer where student logged by selecting student name. that, installed script on every student computer writes username / computername on mysql database. but i'm looking powershell script without having care installing script on every student computer. , find hard recover computername username....i confess it's first powershell script....what : get-qadcomputer -searchroot "ourdomainonad/students/computers" -searchscope 'onelevel' | foreach { get-wmiobject -class win32_computersystem -computername $_.name } | { ($_username -eq "studentname" )} | select-object name, username | out-string results correct script takes very longtime execute , there errors "rpc server not available". after obtaining name of computer selected student logged in still have

hi, i installed windows 2012 r2 std. server file server. attached 2 data drives , formatted ntfs. now i'm seeing lot of strange folders names "fdc97f528a940c42705c15d6acb1" fill disk. folders contain empty amd64 folder , nothing else. if don't manually cleanup there wil literally hundreds of these folders in roots of data drives. reminds me of win 2003 server windows update folders. what , how can stop them being created? ok, after few hours of logging procmon (thank goodness sysinternals) , filtering new "guid" folder appeared , culprit is... system center trying install scep... this natural since 2012 sccm not support win srvr 2012 r2 untill it's upgraded sccm 2012 r2.so i'll uninstalling sccm client there shortly , resume business usual. ps: sccm 2012 r2 upgrade has been planned long ago, , done :-) Windows Server

my question in not related server 2008 apologize in advance if message in wrong forum couldn’t find better place post it. trying idea of architecture when deploying microsoft solutions.       let’s deploying brand new setup company of 100 users. have lan domain controller , file server , have closet @ datacenter domain controller , exchange server. architecture perspective options are: 1.  1. use 2 different domains (one in lan , 1 in data center), set 2 profiles single users , pay 2 sets of licenses 2.   2. use 1 domain set firewall rules allow sync between dc on lan , dc in data center , buy 1 set of windows cals 3.   3. something else??? what “best practices” way of doing this? guess there option of trust between domains how differ (from network security perspective) 1 domain , 2 dcs (one local , 1 remote)? in advance suggestions. two things: the exchange server in data center can use domain controller have @ office.  long can connect each other there's not pro

hi all, i ask question configuring cross forest gpos. in summary.  have environment 2 forests in it. a resource domain/forest (pcresource.com) has ad computer objects in , computer based gpos.  and managed ad forest has user ad objects , user based gpos in (users.net) there one-way trust (non transitive) pcresource.com users.net cross forest gpo support has been enabled via 1 of computer based gpos in resource domain/forest. when user01 logs onto pc-dev-01 (a windows 10 pc) the computer based gpos applying successfully.  user based gpos not appear applying successfully. running rsop gpo management console or gpresults locally on pc gives report seems indicate user based gpos applying successfully.  when settings checked manually not set.  or if setting changed not reapplied @ next logon. most common examples of ie11 homepage, auto proxy script , shortcuts placed on desktop. i'm rather confused this.  because if user based policies not applying various reports

the user 'printer' preference item in 'security group {c5fd5122-3e6e-4fb1-b0cd-4d9bf3ac9259}' group policy object did not apply because failed error code '0x80070709 printer name invalid.' error suppressed.  ok above issue quite common, of ms articles, forums, , blogs have read; none have answered question or issue why occurs.  i've gone through adding registry key (does absolutely nothing), changing preferences.. no go there, , slew of other homebrewed resolutions.  have clear , consice answer above issue?  i'm running winserv2008, xp workstations.  can printers deploy editing gpo, control panel, printers, , adding shared or tcp/ip printer.. printers work checking event log i'm getting "invalid printer name error".  printer names example: bldg-rm-type / cr1-1409-hp4250. in addition, i'm deploying printers per machine, policy work if apply policy ou workstation in it.  i've tried applying policy security group test worksta

                             0                  i downloaded file action pack download , keys site: sw_dvd9_ntrl_win_svr_essentials_2012_64bit_english_fpp_vl_oem_core_x18-27455 i created dvd , ran setup. i go online install updates recommended. i seem updates. i see "setup restarting" next get: windows setup – product key entered not match of windows images available installation.   enter different product key help if hardware has 'bios' level product id, issue. this common on new windows 8 ready hardware. you need add pid.txt file media (extracting iso bootable usb ideal) inside pid.txt file should essentials key. http://support.microsoft.com/kb/2796988/en-us http://technet.microsoft.com/en-us/library/hh824952.aspx robert pearman sbs mvp itauthority.co.uk | title(required) facebook | twitter | linked in | google+ Windo

when try add roles or features following error window: windows 2008 initial configuration tasks encountered unexpected error while collecting data status of computer i'd install update readiness tool. http://windows.microsoft.com/en-us/windows7/what-is-the-system-update-readiness-tool http://technet.microsoft.com/en-us/library/ee619779(ws.10).aspx         regards, dave patrick .... microsoft certified professional microsoft mvp [windows] Windows Server  >  Server Manager

i tying create a vpn connection in order access files @ home. trying use sstp unfortunately no success. error getting this; error 0x8007274d: no connection made because target machine actively refuse it. can tell me can avoid error , connect home network? hi donellzz, thanks posting here. could first discuss how did set sstp before , network conditions topologic include rras located (behind nat or connect internet directly ). if have configured port mapping in order forward connection request internal rras server on nat? have set radius server ? we may first troubleshoot following kb article below: how troubleshoot secure socket tunneling protocol (sstp)-based connection failures in windows server 2008 http://support.microsoft.com/kb/947031/ meanwhile, may check our current settings following introduction in links below: sstp remote access step-by-step guide: deployment http://technet.microsoft.com/en-us/library/cc731352(ws.10).aspx screencast: d

starting windows server 2008 r2, can use server manager perform management tasks on remote computers. this feature provides administrators freedom manage multiple servers 1 single machine (running either windows 7 or windows server 2008 r2). the purpose of post start discussion around issues/questions or feedback related feature. if have issues (such setting machines remote management), feedback on feature or questions related server manager remote management please feel free post here. saqib akhtar - msft hi saqib, putting 2008 r2 build, , enable server manager remote management, how best way in unattended/scripted fashion.  info have mdt 2010 task build reference server thanks jon Windows Server  >  Server Manager

hi have old win 2000 pro client runs old app small company. until yesterday fine win 2000 pro client cannot connect mapped drives on win 2008 r2 virtual file server. sees every pc on network virtual servers when try connect through explorer or network places nothing or reports computer cannot found. win 2000 pc has no problems connecting actual pcs on network. tom power hi tom, could please answer questions tiger that: so ping virtual machine , got proper response unable access shared folder on vm via \\<ip address of vm> in windows explorer form problematic windows 2000 , xp clients getting error message “computer cannot found” . correct ? this narrow down issue. thanks help. best regards, annie Windows Server  >  Windows Server General Forum

usually use '  get-eventlog -computername . -list  | foreach {$_.log} | foreach {clear-eventlog -comp . -log $_}' to  delete logs but how use powershell  delete specific logs such administritive events or setup logs  (windows 7) there's no built-in cmdlet/function that. here's function wrote:   function clear-wineventlog {     [cmdletbinding(supportsshouldprocess=$true,confirmimpact='high',defaultparametersetname="logname")]         param(                [parameter(             position=0,             mandatory=$true,             parametersetname="logname",             valuefrompipeline=$true,             valuefrompipelinebypropertyname=$true         )]         [string[]]$logname,                    [parameter(             position=0,             mandatory=$true,             parametersetname="eventlogconfiguration",             valuefrompipeline=$true         )]         [system.diagno

help me please commands. tried find information myself, no success. subject: office 365 i want make script, checking status of "mailbox delegation->full access" in shared mailboxes, , if not empty export list excel(need names of people). also make same "mailbox features->mail flow". if know guide learn powershell, send please link. thanks.  hi v.y.d, to office 365 mailbox folder permissions, you can also start here: https://gallery.technet.microsoft.com/office/script-to-get-office-365-60e262dc if there else regarding issue, please feel free post back. best regards, anna wang please remember mark replies answers if , unmark them if provide no help. if have feedback technet support, contact tnmff@microsoft.com Windows Server  >  Windows P

digital media: digital media refers audio, video, , photo content has been encoded (digitally compressed). encoding content involves converting audio , video input digital media file such windows media file. after digital media encoded, can manipulated, distributed, , played computers, , transmitted on computer networks. many people store music, video, , pictures in shared folders in windows server 2012 essentials. there may times when want do: watch videos, play music , present photo slide shows. the media streaming feature in windows server essentials makes possible networked computers , networked digital media devices play digital media files stored on server. when turn media server on, content share in media libraries available play on devices on network capable of receiving streaming media server. can stream types of digital media files. how media streaming feature on windows server 2012 r2 essentials generally, when open dashboard view settin

hello, can tell me how add entry dns on win2008, such if user tries browse hosting.somecompany. com , re-directed 192.168.220.5? i have dns setup , working fine single domain have, somecompany. local .  not case of adding record called 'hosting'.  i've re-worded several times, hope makes sense. kind regards karl please remember mark appropriate replies answer after question solved, thanks. hello, the answer create new forward lookup zone name whatever.somecompany.com, , create host (a) record without name , provide internal ip. answer by kevin d4 dad goodknecht sr. [mvp] answering elses post on eggheadcafe. http://www.eggheadcafe.com/forumarchives/windowsserverdns/jul2005/post23146385.asp please remember mark appropriate replies answer after question solved, thanks. Windows Server  > 

hi, i have sbs 2003 , has 2 network cards. 1 ip address 10.0.0.2 , 172.16.0.2. desktop clients on 10.0.0.x network. have linux server (172.16.0.1) desktop clients access. on server can see web page of linux box. on desktop clients when ping windows server adapter (172.16.0.2) gives reply. when desktop clients try ping (linux server adapter) 172.16.0.1, has request time out. did tracert desktop clients see going on, , see traffic go 10.0.0.2 adapter ,   traffic times out. i thought use static routes around this...so created static routes on server desktop clients hits server (10.0.0.2)  interface first. still same problem. (timeout on ping). i have list of static routes here. active routes: network destination        netmask          gateway       interface  metric           0.0.0.0          0.0.0.0       172.16.0.1       172.16.0.2     20           0.0.0.0          0.0.0.0     172.16.0.254       172.16.0.2     20          10.0.0.0    255.255.255.0         10.0.0.2  

i have setup second nic on domain controllers , assigned new vlan backup-only network dpm.  works i've found 2nd nics broadcasting available domain authentication points.  causing problems our wireless access points not vlan aware.  how can prevent 2nd nics offering authentication services on network? thanks, joe hi, as far know, multihomed dc not recommended numerous issues can occur in such environment, such name resolving (dns, wins). here similar thread discussed issue, please refer it: can dc multihomed in windows 2008 server http://social.technet.microsoft.com/forums/windowsserver/en-us/a1583d7f-fa59-4497-89de-666d683e53a0/can-dc-be-multihomed-in-windows-2008-server hope helps. regards, yan li cataleya li technet community support Windows Server  >  Security

we using server in our organization , can log in server using rdp. when try access shared files , folders in server using run command in client entering ip address of server asks enter network password, , enters correct username , password (i'm 100% sure entered correct username ans password) shows "logon failure: unknown username or bad password". , if enters same username , password through rdp it'll connect without errors. please give solution problem. regards, vijay kumar c.m. hi, please change lan manager authentication level "send lm & ntlm responses" see if helps.  there similar thread, please go through troubleshoot issue: can't log on w2k server windows 7 pro http://social.technet.microsoft.com/forums/windowsserver/en-us/376974d2-2a25-48c9-a52d-330739003dfe/cant-log-on-to-w2k-server-from-windows-7-pro regards, mandy we trying better understand customer views on social support experience, participation in

hi all, i know there many topics out there still want make clear me. i found article here : http://msmvps.com/blogs/acefekay/archive/2010/10/05/complete-step-by-step-to-remove-an-orphaned-domain-controller.aspx . scenario: i have 3 domain controllers in environment : 1 primary dc @ heard office (holds 5 fsmo roles), 1 additional dc @ branch1 office (can write/edit active directory data), 1 read-only dc @ branch2 office. pdc  <==== replicate ====>  adc read-only dc @ branch2 office replicated pdc if dc @ branch1 or branch2 office dead , have restore them new hardware, should ? - remove meta data of crashed dc in active directory, go through dns delete references crashed dc ... - install windows server on new hardware, name , ip address same crashed ad, join domain, dcpromo upgrade dc. - active directory data replicated 2 other dcs new 1 ? if have system state backup of crashed ad, there way ? greetings! >>  if dc @ branch1 or branch2 office dead , hav

how change in distribution group replicated between 2 different domains in ad? for example: domaina (root domain) , domainb in same forest. if make change in distribution group distgrp.domainb adding/removing member how replicate dc on domaina. for example distgrp domainb member of distgrpa.domaina. how info processed? infrastructure master? how long take? the domain partition replicated between dcs within same domain. all groups listed within global catalogs. global , domain local groups not have members listed in gc. however, universal groups have members , nested groups listed in gc. more details here: https://social.technet.microsoft.com/forums/windowsserver/en-us/57025d48-3c1b-42c8-866e-16aaf77ef095/are-global-groups-and-domain-local-groups-replicated-to-global-catalog-?forum=winserverds the infrastructure master fsmo holder 1 in charge ensure cross-domain object references handled properly, such when objects in 1 domain referenced objects in different domain. more

what best method setup quota's , restrictions dfs-n namespaces?  is fsrm best practice or there way within dfs set quotas? also, best practice settings namespace referrals options under referrals tab cache duration (in seconds) ordering method: clients fail prefferred targets , under advanced tag optimize polling or scalability? thanks yes fsrm recommended way define quotas on dfs targets (file servers) - there no way in dfs implict/enforce quotas. question dfs optmization has been answerd in other thread: http://social.technet.microsoft.com/forums/windowsserver/en-us/ee4737e9-44c5-409d-ac14-b06c1e0ffad0/deploy-dfs-to-large-enterprise for dfs optimization see: http://technet.microsoft.com/en-us/library/cc771083.aspx enfo zipper christoffer andersson – principal advisor http://blogs.chrisse.se - directory services blog Windows Server

i have 2012 rds server i'm trying prevent ad searches. i have set gpo maximum size of active directory searches 0 , yet still returns results. set registry entry hkey_current_user\software\policies\microsoft\windows\directory ui\querylimit 0 , still can search. all other policies applied fine, not one. hi, thanks posting issue in forum. since still search ad after trying 2 methods, have tried see if change take effect when the user logs on next time? in order narrow down cause of issue, suggest try collect following information troubleshooting. gpmc.log ================== a. on domain controller, click start ->run, type gpmc.msc, load gpmc console. b. right click on "group policy result" , choose wizard generate report problematic computer , user account (please place appropriately). (choose computer , select proper user in wizard) c. right click   the resulting group policy result , click "save report…" => save report sa

i want script telnet unix box. should run telnet 172.16.x.x. should given login prompt, user name "user, , password "password". that’s script should , ideally report logged in or not. have sample script written correctly?   [sourcecode language="vbscript"] set oshell = createobject("wscript.shell") oshell.run("telnet") wscript.sleep 1000 oshell.sendkeys("open 172.16.x.x 23") wscript.sleep 1000 oshell.sendkeys("{enter}") wscript.sleep 1000 oshell.sendkeys("user") wscript.sleep 1000 oshell.sendkeys("{enter}") wscript.sleep 1000 oshell.sendkeys"password" wscript.sleep 1000 oshell.sendkeys("{enter}") wscript.sleep 1000  [/sourcecode] this powershell forum, not handle vbscript here. if need vbscript help, can post on in scripting guys forum: https://social.technet.microsoft.com/forums/scriptcenter/en-us/home?forum=itcg also, you'll find s

hi all, i have child domain force removed. after force removal, know need use ntdsutil cleanup records still exists. 1st step tried: http://technet.microsoft.com/en-us/library/cc738713(ws.10).aspx but didnt find domains in site:   "select operation target: list domains in site found 0 domain(s)" 2nd step tried: http://support.microsoft.com/kb/230306 i got error result:   "dsremovedsdomainw error 0x2015(the directory service can perform requested o peration on leaf object.)" looked solution error , tried my 3rd step: http://support.microsoft.com/kb/887424 and error gives me:   "ldap_delete_ext_sw error 0x20(32 (no such object). )"   i made sure syntax correct , "listed" in domain management list. im running out of ideas on how clean metadata , cannot recreated child domain untill it's cleaned.   any appreciated.   thanks!     i think object not able delete lingering object, had simil

i'm manager small company. looking replace our collection of aging office servers running windows 2003 , 1 x esxi 4 new virtualized setup. the plan run on esxi 5.5: - 1 x windows 2012 vm - domain controller (new domain - old 1 mess) - 1 x windows 2012 vm - file storage , source control - 1 x windows 2012 vm - sql server 2012 , iis - 1 x windows 2012 vm - telephone system (this come later) - plus possibly 2 virtualized old windows 2003 machines (sql 2005) on esxi 4 - possibly secondary windows 2012 domain controller on separate low spec server (do need 2?) - nas device backups sync cloud i have hardware ready setup , think our developer action pack has covered software licensees. i'm thinking hyper-v might better route us, work primary microsoft systems (windows, .net, sql server) , looking use azure services in long term. the problem have no experience configuring hyper-v , windows 2012. current hosting experience working windows 2003 / 2008 , esxi 4

hola, lo que quiero es saber la mejor o mas efectiva manera de bloquear sitios web dentro de mi red, tanto paginas que tengan relación un contenido determinado como pornografía y también sitios determinados como 'facebook.com'. les comento que mi red cuenta con un servidor con windows server 2008, el cual actua como servidor dns. desde ya saludos  y gracias leo lequini leo , ¿como estas? lo que necesitas para bloquear paginas web dentro de tu red es un firewall como por ejemplo tmg 2010, el cual microsoft ha descontinuado pero seguira teniendo soporte finalizando en el año 2020 con su soporte extendido. a continuacion te dejo el link:  http://technet.microsoft.com/en-us/forefront/ee807302.aspx tambien puedes optar por firewall de cisco como los asa:  http://www.cisco.com/en/us/products/ps6120/index.html o en una opcion mas economica como puede ser el router cisco rv082 el cual tiene capacidad para bloquear web: http://www.cisco.com/en/us/products/

hi all.  i’m looking server operating system (or software) manage network of ~20 computers (all running win 7 ultimate) in computer lab @ middle school.  labs users consist of middle school students, , teacher has own computer @ front of class.  i’d teacher’s computer able remotely control of student computers in following ways: modify , lock various windows settings such desktop themes , windows updates. create/modify user accounts, including resetting of passwords. modify , lock various 3^rd party software settings, e.g. internet browser, office, photoshop, antivirus). deploy software clients. bulk modify client hard disk configurations, such add directories, partition drives, , allocate disk space per user. the network should allow relatively easy file sharing capability between clients, including password protection (but believe more aspect of network itself, not server software). some of these no-brainer server features, while others may difficult

hello people of technet! i'm having problem hyper-v failover cluster , hoping me out... please bear me, have had figure hyper-v out myself mostly, happily provide missing information. start off, have set following failover cluster: operating system: hyper-v server 2012r2 core edition, note: not server 2012r2, hyper-v server 2012r2. number of nodes in cluster: 2 number of physical nics in use on each host: 8 storage: dell equallogic san storage access: iscsi port configuration: 2x iscsi in nic team 4x virtual switch, each different ip range, not shared host os 1x management nic, connecting straight main lan 1x heartbeat nic between hosts , san 2 switches wish separate lan isolate traffic on cluster , traffic cluster san main lan security reasons , comply microsoft best practices. aim make hyper-v nodes accessible via management nics main lan. following nics have connections lan: 1x management nic on each server 1x virtual switch provid

  hello i having problem connecting via rdp guest hyper-v virtual server accross wan.  can connect via rdp in local subnet , when vpn home.  know can rdp across wan other servers without problems.  not sure if missed configuration on host virtual server or guest virtual server.  appreciated.  configuration: host server has windows server 2008 enterprise installed.  hyper-v role enabled.  has guest windows 2008 enterprise server machine running. guest server has remote desktop enabled, users have been added local remote desktop user group of guest server.  firewall has been disabled on guest server.       hello john,   how connect vm (guest windows server 2008) host hyper-v server?   does vm have public ip address?   generally speaking, can connect server in vm directly if has pubic ip address. however, if vm has private ip address need use routing technology, such nat or port forwarding, publish specific port (rdp port 3389) external clients can connect se