Bit

hello, hyper-v 2016 vm live migrated stand alone server 2016 cluster 2016. stand alone server have hyper-v backup on server dpm1 (dpm 2016), cluster have hyper-v backup on server dpm2 (dpm 2016). by live migrated vm try backup on dpm2 server , message: one or more of selected data sources configured protection on primary dpm server. when switch protection, replicas of these data sources protected primary dpm server. (id: 31162) and then dpm cannot access path rct\server01 because part of path has been deleted or renamed. check path , enter again. id: 36 on dpm1 backup of server01 deleted (in end backups stand alone hyper-v, because move vms stand alone hyper-v cluster). thank answers. hi， please try set dpm chaining,you follow link reference: https://technet.microsoft.com/en-us/library/gg410636.aspx if doesn't help,considering related dpm,i suggest post on dpm-setup&agent-management forum further assistant: https://social.technet.microsoft.com/f

hi, i want change local administrator password through gpu in domain environment iam following step written cant see (computer configuration, expand preferences, click control panel, , right-click local users , groups. menu select new - local user .   thanks hi,   i confirm operating system installed , have dc windows server 2008 or windows server 2008 r2 installed?   group policy preferences (gpp) introduced in windows server 2008 , windows server 2008 r2 not included in previous versions of windows server operating system. if group policy node missing, please feel free let know , try our best you.   for correct gpp path of local users , groups, please review following picture:       regards, please remember click “mark answer” on post helps you, , click “unmark answer” if marked post not answer question. can beneficial other community members reading thread. Windows Server

team, i got approx 50+ servers in dmz, per policy every 6 months need change administrator password on servers (in domain & in dmz/workgroup), have script running fine change password on servers joined domain, same script doesn't work on servers in dmz , gives access denied error, guys in suggesting other script/tool or solution can implemented change administrator password remotely on servers in dmz? thanks inderjit hello, this may caused uac , in case have run scripts using elevated prompt (i assume running locally on servers). if running script change remotely have make sure credentials inserted in script remote execution valid (you have insert local administrator account valid password computers in workgroup). anyway, can use net user command reset local user passwords. more details here: http://support.microsoft.com/kb/149427 for questions regarding scripts, please ask them here: http://social.technet.microsoft.com/forums/en-us/itcg/threads thi

hello, i use ias & eap/tls authenticate computers (not users !) connecting wireless network. these computers not in ad domain. got computers certificates generated standalone ca. these computers not have ad accounts, "hotspot" computers.   ias use validate revocation state of computer certificate trying connect network. if certificate revoked, client cannot connect network. if certificate valid, access granted. but ias not friendly me …i have set eap / “wireless connection type” access policy rule in ias, nothing relating domain user/group. the problem ias still trying authenticate certificate name a  user through active directory (ias on domain controller). and username quite strange : host/certificatename (the “host/” part of username, not domain prefix. seems telling computer authentication)… , don’t have user (and in ways, cannot create user “/” in username), ias denied connection request.   do know how rid of windows authentication , validate certificat

hi, i using exchange 2010 dag. have 1 domain. want enable archiving , journaling databases. i have plan to install 2 separate mail box servers host archiving databases and journaling. my questions are , 1.can create on these 2 mail box servers separate dag or join on existing dag? 2. have edge server works email gateway, after creation or joining dag, edge subscription again? hi john shomaker, thanks post. based on understanding, question more deploying exchange server, right? or else want set group policy? you check thread a dd new exchange 2010 mbx existing dag https://social.technet.microsoft.com/forums/en-us/1b564f1a-16b7-4492-81c1-3a714ee2ee39/add-a-new-exchange-2010-mbx-into-an-existing-dag?forum=exchange2010 and more support post in exchange forum. https://social.technet.microsoft.com/forums/exchange/en-us/home?forum=exchange2010 best regards, mary dong please remember mark replies answers if , unmark them if provide no help. if have feedback technet

i have enabled 'limit profile size' group policy , enabled option notify when exceeded.  however, notify user before exceed it, when reach 85%.  possible?  there way determine current size using powershell or vb script?  i'm looking along lines of notification in fsrm quotas. hi, from page seems not have "warning" function in group policy: http://msdn.microsoft.com/en-us/library/ms812012.aspx as mentioned fsrm, "storage reports" generate reports folder size. specifically in disk quota (as said), set warning (soft quota) generate email notification. and powershell of course has kind of function may need customize command: see: getting directory sizes in powershell http://blogs.technet.com/b/heyscriptingguy/archive/2012/05/25/getting-directory-sizes-in-powershell.aspx technet subscriber support in forum |if have feedback on our support, please contact tnmff@microsoft.com.

having problem on domain server 2008. ubable login (not able see login screen) shows blue screen message. from whole message writing parts can experts find problem page_fault_in_nonpaged_area technical information: *** stop: 0x00000050 (0xfffff880009a07a4, 0x000000000001, 0xfffff8000c0dbd27, 0x00000000000000) abbas hello, for ad backup/restore see mentioned link , read documentation. installing additional domain controller http://technet.microsoft.com/en-us/library/cc733027(v=ws.10).aspx transfer fsmo roles http://social.technet.microsoft.com/wiki/contents/articles/832.transferring-fsmo-roles-in-windows-server-2008.aspx time settings must reconfigured if pdcemulator changed. http://msmvps.com/blogs/mweber/archive/2010/06/27/time-configuration-in-a-windows-domain.aspx best regards meinolf weber mvp, mcp, mcts microsoft mvp - directory services my blog : http://msmvps.com/blogs/mweber/ disclaimer: posting provided no warranties or guarante

is windows server 2016 in msdn rtm? https://msdn.microsoft.com/subscriptions/securedownloads/?#searchterm=&productfamilyid=665&languages=en&pagesize=10&pageindex=0&fileid=0 rtm when watch following information. https://blogs.msdn.microsoft.com/joetalksmicrosoft/2016/10/16/windows-server-2016-is-finally-rtm-and-in-msdn/ is there not method obtain ga version of windows server 2016? or become equivalency ga when rtm , carries out windows update? heard rumor become equivalency ga if attach  following kbs, definite information not found.   kb3176936   kb3192366 when there definite information, tell me? hi, windows server 2016 rtm was published on vlsc , msdn portals @ 12.10.2016. if have volume licensing service account or msdn subscription, can download windows server 2016 rtm there. or try evaluation: rtm version of windows server 2016 available download evaluation: https://www.microsoft.com/en-us/evalcenter/evaluate-windows-serv

good morning people :), go straight problem. we trying create active directory groups on limit access owa , mapi outside company. there 2 groups 1 granted permission other 1 declined permission. the problem follows: one of group denying access outside company , allowing access owa , mapi inside company. claim based on ip addresses using in company. unfortunatelly doesn't work. rules below. exists([type == "h**p://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy"]) && exists([type == "h**p://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid", value =~ "s-1-5-21-1177238915-764733703-1202660629-7711"]) && not exists([type == "h**p://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip", value=~"\b10\.68\.([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-5][0-5])\.([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-5][0-5])\b"]) => issue(type = "h**p://schemas.microsoft.com/auth

here have @ moment:  get-aduser -filter * -searchbase "ou=ou,dc=domain,dc=com" -properties title | sort-object title | ft title looking results of not show duplicates shows 1 of each title. possible? get-aduser -filter * -searchbase "ou=ou,dc=domain,dc=com" -properties title | sort-object -unique title | ft title grant ward, a.k.a. bigteddy Windows Server  >  Windows PowerShell

i new managing server 2012 setup. assistance or ideas appreciated the configuration windows server 2012r2 server datacenter , due power/processing requirements local terminals windows server2012 r2 standard. we have several network shares setup san switch , number of raid storage devices. i have noticed several times day network shares seem disappear our local computers , pretty reconnect straight away (like refreshing).  they disappear , reappear 1 one within explorer window.  during copying of large amount of data common in our office disconnection interrupts copy , requires user input continue.  if copy set run overnight sticks , moves no further.  it slowing our office down deal large amounts of data. believe happening on windows server 2012 local terminals.  we have windows 7 machines , not appear have issue. if has ideas on @ or settings may great? thanks martin i don't understand requirement windows server on 'local terminals'.  seems overly

hi all, i created 1 test virtual machine , wanted delete.  , check hyper-v settings' vm location is c:\programdata\microsoft\windows\hyper-v , deleted inside folder.  vm located on san created on hyper-v host disappears!   clustered storage vm gone.  tried stop , start service console not start hyper-v vmms service due can not find file initialstore.xml.  able copy initialstore.xml other server host , the service running.  but, still can not see vm created on host.   is there way back?  btw, put vm config and vhd on san storage.  why did screw  after delete c:\programdata\microsoft\windows\hyper-v files?   also, can not locate deleted files in recycle bin. thanks help!  first of all.. this happens to default location configuration information virtual machines running on hyper-v host.  , initialstore.xml pretty important file. under virtual machines folder references actual virtual machine configuration (xml) files. any virtual machine configuration can deleted safely through hy

in order configure nat rules rras, installed feature: routing , remoteaccess; after that, i need configure , enable rras, don't want use gui, because need set these nat rules automatically, searched use "netsh routing ip nat install". @ first prepare txt file, context below: # ---------------------------------- # nat configuration                  # ---------------------------------- pushd routing ip nat uninstall install set global tcptimeoutmins=1440 udptimeoutmins=1 loglevel=error # #nat configuration interface ethernet 4 # add interface name="ethernet 4" mode=full # #nat configuration interface ethernet 2 # add interface name="ethernet 2" mode=private # #nat configuration interface internal # add interface name="internal" mode=private popd and run command this: sc config remoteaccess start= auto net start remoteaccess netsh -f c:\snat\config-rras-nat.txt nothing

hello, is there way apply group policies session based on location user logged on from. using loopback processing set user configuration gpos need group policies change depending on location user @ moment. thank you sascha     ok, sorry, first option using ad sites not option. gpps item-level targeting , wmi filtering still work though, , in specific case of drive mapping without a doubt suggest gpps if environment supports them. Windows Server  >  Remote Desktop Services (Terminal Services)

any ideas on how set "always show icons , notifications on taskbar" on set of users?  i thought under user configuration\administrative templates\start menu , taskbar, cannot find it. anyone know if can enforced via policy?     hello, thank post here. unfortunately, there not group policy settings can set "always show icons , notifications on taskbar". to distribute setting, can create default domain user profile , copy following network share. when domain user account first logged onto domain, default profile applied. \\<server_name>\netlogon\default user.v2 how customize default user profiles in windows 7 , in windows server 2008 r2 http://support.microsoft.com/kb/973289 Windows Server  >  Group Policy

hello , i want when a user saves a file in the desktop on computer that automatically saves this file files in shared folders in the file server   is this scenario possible or not ? thanks why not redirect desktops via gpo? Windows Server  >  Group Policy

hi all, in windows server 2012 essentials found new writer "windows server storage vss writer", after analyzing metadata of writer, found physical path of components not available logical  path of components present. bug or expected results.  dont find document related writer.  can point me or share me doc. related writer. thanks, uma meta data xml: <writer_metadata xmlns = "x-schema:#vsswritermetadatainfo" version = "1.2" > <identification writerid = "e376ebb9-f0fe-4e1a-adaa-bfbdaf3ab488" instanceid = "6ffe9b7a-3551-4738-a7d6-6de3a133e3f4" friendlyname = "windows server storage vss writer" usage = "user_data" datasource = "other" majorversion = "0" minorversion = "0" /> <restore_method method = "custom" writerrestore = "never" rebootrequired = "no" /> <backup_locations> <file_group logi

we have server connection broker, changed name , connection broker wont recognize new name.  continutes want old server.  unfortunately cant change back.  there fix this?  tried powershell command doesnt see old server name , errors out. hi, changing name of a rd connection broker server not supported.  if able remove rd connection broker role service , install new rds deployment may able working again (with perhaps few registry fixes), lose of configuration data associated deployment.  if have basic rds deployment may not big deal recreate collections, configure settings, publish remoteapps, etc., before. another potential option if able temporarily change name switch ha mode database stored on local server (in sql express), add rdcb server, remove rdcb original (leaving sql express database still functional), rename server, add rdcb server, remove rdcb second server.  have not tried procedure @ first glance believe should work, although may bit complicated if not verse

hi, have been trying copy "userprincipalname" "mail" field specific ou in active directory. code im trying use doesnt bring error inst not working, can please point out going wrong? (i'm using "select-object * -first 5" test before doing full ou) get-aduser -ldapfilter -searchbase "ou=eop1,ou=le-fenwick,dc=hq,dc=local" '(userprincipalname=*)' -properties mail, userprincipalname | select-object * -first 5 | foreach-object {set-adobject -identity $_.distinguishedname ` -replace @{mail=$_.userprincipalname}} thanks your filter should follow -ldapfilter parameter. have part of search base. richard mueller - mvp directory services Windows Server  >  Directory Services

dear all 1 physical host: w2k12r2, 1 hyper-v virtual switch. 1 hyper-v vm w2k12r2 dc dns, dhcp, wds. 1 empty hyper-v vm generation 2 uefi booting network. problem: error "pxe-e16: no offer received" on empty hyper-v vm when trying uefi boot wds in ad integrated mode. i verified works when wds set-up standalone mode. see also: https://social.technet.microsoft.com/forums/windowsserver/en-us/ceca6149-bedd-4860-8a7f-a1c83bf99aa4/wds-efi-bios-wont-pxe-boot-into-efi-mode ps: switch standalone mode: on wds server: wdsutil /verbose /uninitialize-server /server:<servername>; wdsutil /verbose /progress /initialize-server /server:<servername> /reminst:c:\rminst cause (found netmon ip traffic monitoring): the client asks tftp server on udp port 4011. the tftp server takes more 8 seconds reply on port 4011. seems due nbtns (netbios name search) broadcast queries searching 1c domain controllers. solution: ??????? any appreciated. dominique, züric

we have encountered issue have published app has per user information needs write registry.  have far been unable make work , can't find in web searches either.  can this?  running in farm, , can live users needing enter information once on each server, starting on every login, has become issue our users. hello, users able write respective hkcu (current user) registry. writing hklm (local machine) prohibited. verify needs write registry keys (probably hklm) , change permissions on part of registry. if written in hkcu, settings should saved within users profile , should loaded @ next logon. otherwise there might be a profile issue. regards robert maijen Windows Server  >  Remote Desktop Services (Terminal Services)

hi everyone i'm playing around new hyper-v 3 functionality in server 8. planning convert our sql server vms. here planned setup failover cluster following hardware: 2xhp d580 servers 48 logical cpu cores 4xhp d380 servers 24 logical cores total amount of ram 1tb servers all servers connected 2port 8gb fiber channel shared sotrage hp msa 2000 (raid10 array) we have 2 sql servers , several other servers, amount of physical servers = amount vms. main reason virtualaze prevent outage due physical hardware failure. as per understanding if assign 320gb of memory sql virtual machine, take at least 10 minutes sync vm memory hyper-v host failover (used 2*8gb fc connections, there other question possible sync memory on fc or goover slow lan connection?) mcse 2003: messaging, security mcitp: server administrator, enterprise administrator, virtualization administrator mcitp: consumer desktop support, enterprise desktop support, enterprise desktop support windows 7, enterp

i recieving " type initializer 'advancedsetttings' threw exception" error when try view subscriptions in event viewer.  machine windows 2008r2 server.  working before stoped working.  tried loging in local admin account on machine , did not work.  not work account domain admin.  has else experienced or know how fix issue? hi, based on research, event subscriptions functionality depends on windows remote management (winrm) service , windows event collector (wecsvc) service, p lease make sure b oth of these services running on computers participating in forwarding , collecting process. more information you: event subscriptions http://technet.microsoft.com/en-us/library/cc749183.aspx best regards, amy Windows Server  >  Security

hi, new adfs custom claim rules, our external application , requesting users should login using empid@theirdomain.com have 2 attribute store. 1.ldap.(empid@domain.com) 2.anotherldap(emp@anotherdoamain.com) need claim incoming claim rule passing empid@doamin.com users need claim incoming claim rule passing empid@anotherdoamin.com users if possible incoming rules in one. thanks ragav hi, it seems issue more adfs, suggest may ask in: http://social.msdn.microsoft.com/forums/vstudio/en-us/home?forum=geneva regards. vivian wang Windows Server  >  Directory Services

two questions - apologize if have been asked already, didn't see them definitively answered in forum. 1. i have windows 8.1 enterprise.  can upgrade windows 10 enterprise insider preview msdn iso if bitlocker enabled, or need disable bitlocker before doing so?  want upgrade windows insider enterprise preview, if possible, not fresh install.  doing fresh install i'm sure require disabling bitlocker. 2. to confirm, if i have enterprise insider preview installed, able windows update windows 10 rtm version when released later month, correct?  believe true because i'll still configured insider , either slow or fast updates.  msa registered windows insider , connected machine, btw. thanks! -josh source : windows 10 faq can enterprise customers free windows 10 upgrade?      enterprise customers active software assurance subscription in volume licensing have benefit upgrade windows 10 enterprise offerings outside of offer.

hello, i setting server 2008 r2 vpn server in active directory domain , having trouble getting conditions on network access policy work.  basically, restrict access policy based on both user membership in ad security group *and* computer membership in different ad security group.  in other words, want specified users able connect specified computers.  ("specified computers" broad domain computers group, preferably not.) my network access policy has following conditions: nas port type: virtual (vpn) tunnel type: layer 2 tunneling protocol (l2tp) user groups: <domain user security group> machine groups: <domain computer security group> it doesn't work.  can connect if remove machine groups condition.  client test machine running windows 7 , has computer certificate works making l2tp/ipsec connection. if have machine groups condition in place, client connection fails error 629 "the connection closed remote computer", , server logs er

event forwarding - question kindly answer question in layman term or simple question 1: source initiated         a. polling interval of client push logs collector server default?        b. there permission required if used source initiated? , because create gpo below setting          "computer>policies>admin templates>windows components>event forwarding>configure target subscription manager"           server=http://fqdnofsubscriptionserver:5985          c. there port/firewall requirement ? , because not of port allow in our environment        d. need configure "event log readers" in source iniiated ?    note: in subcription , configured source initiated , add "domain computer" in selected group option question 2: collector initiated        a.  polling interval of collector collect data in client default ?        b. there permission required if used source initiated? , because create gpo below setting      

hello, background, last year migrated 2003 2008r2 windows server, used robocopy move everyones redirected home folder, went fine , last year no issues. last week have stopped using old 2003 server, turned off , moved storage, end users started complain long file open , save times, (taking 2 minutes open 29kb word doc!!!) checked everything, , made changes our 2008r2 server, no avail, remembered old server, , thought 'why not' plugged in , problem went away, speed of file opening went normal, cannot work out why, migrated 2008r2 server, old server doing nothing (i thought) network needs users open files. way solve, delete end users roaming profiles/local profiles , when log in problem gone, cant 300 users  there on users profile pointing them old server,  idea where? or how fix? or doomed rebuilt 300 user accounts??? alos users on windows 7 updates hi, whether files still exists in old server? i think can have try creating new ou new folde

hi, could let me know if possible remove keypack id 6 , 7 our server? – not required <v:shapetype coordsize="21600,21600" filled="f" id="_x0000_t75" o:preferrelative="t" o:spt="75" path="m@4@5l@4@11@9@11@9@5xe" stroked="f">  </v:shapetype> hi, what’s operating system of server? if mean remove rds cal key pack, please refer thread below detailed steps: uninstall ts device cals - windows 2008 standard edition https://soc ial.technet.microsoft.com/forums/windowsserver/en-us/7ced888b-30ad-42cb-af9b-816ff252f383/uninstall-ts-device-cals-windows-2008-standard-edition if not, please provide more information requirement. best regards, amy please remember mark replies answers if , un-mark them if provide no help. if have feedback technet subscriber support, contact tnmff@microsoft.com. Windows Server

i'm running more 60 domain controllers across 2 forests, , have been randomly getting ntfrs event 13559 error reported (via ultrasound).  the event - description: file replication service has detected replica root path has changed "c:\windows\sysvol\domain" "c:\windows\sysvol\domain". if intentional move file name ntfrs_cmd_file_move_root needs created under new root path. detected following replica set:     "domain system volume (sysvol share)"   changing replica root path 2 step process triggered creation of ntfrs_cmd_file_move_root file. ultrasound propagation tests successfull, network links between sites on 20 meg pipes, , not getting other replication errors.  specific 13559 event - i've far been unable determine causing 'move' default location same default location, killing sysvol share.  creating ntfrs_cmd file, , restarting replication service rebuild , share sysvol folder.   what causing this, , how ca

good day, i running windows 2008 r2 enterprise edition on stand-alone server with hyper-v role installed. server joined domain. have 1 domain controller. vm running same system stand-alone host. setup has been working me several months of sudden (around 2 weeks ago.) network location keeps changing "work" "public" , again whenever reboot either machine, which causing sorts of problems clients accessing services on the intranet. know network location should "domain" (obviously). there way "force" network location "normal" settings? have not found helpful in log files. all services seem work fine "inside" network i.e.: nps, powershell remoting, dhcp, dns, , file sharing. when windows-7 sp1 clients connect (via wifi/nps radius server), network shares not available in windows explorer (client-side). (but are available via unc paths.) clients able "browse" shares have access like before. know wrong can not seem

i'm attempting find list of students have license yammer. get-msoluser -all -title student | where-object {$_.islicensed -eq $true -and $_.licenses.servicestatus[2].provisioningstatus -ne "disabled"} this returns thousands of results value true all. yet, when check admin center of results not have access yammer. need modify or add in order receive list of users have license? thank you! hi, same command has no issues, suggest check -title parameter: best regards, andy please remember mark replies answers if help. if have feedback technet subscriber support, contact tnmff@microsoft.com . Windows Server  >  Windows PowerShell

why not remove printer icon "hp universal printing pcl x" devices , printers? at customer site printer situation in rds server perceived jungle , users send print jobs left , right. i'm going clear up, delete printers lead , forth. but i've been thinking before, these "hp universal printing pcl 5/6" icons seem appear when install driver. looks printers users, "printers" doesn't shoot job actual machine, it's clutter them. why there? can delete them? did on own workstation , actual printer (icon) still works fine; since there have been printer problems lately, don't want create bigger mess "testing" on rds server. anybody has experience or knowledge regarding these pseudo printers, or whatever are? hi, as way see it, long there no printer must use printer driver, driver can removed. more information you: update , manage printer drivers https://technet.microsoft.com/en-us/library/cc732946.aspx failed remove

i have setup 2 virtual pc (both on same physical machine) test wsus update. virtual pc1: server 2008 (dcsrv1) configured wsus, synchronised."wsus clients not installing updates" selected on automatic update settings. virtual pc2: server 2008 (boston) used wsus client, gpupdate /force applied. "net stop wuauserv" , "net start wuauserv", "net stop wuauserv" commands ran. type http://dcsrv1/iuident.cab on browser of wsus client(boston), prompted download file. means client can connect wsus server, connectivity not problem. after waiting half hour, wsus client not appear on wsus server under computers/ unassigned computer. no update notification prompted on wsus client though server has available updates applied client. please help thanks pw i have resolved problem. difference did apply computer configuration\policies\administrative templates\windows components\windows update settings on default domain control policy. before had