Recent Discussions
Mandatory AccessKey parameter for Import-WACConnection Powershell cmdlet in 2410
Hello, I have recently updated to Admin Center 2410, needed to do a fresh install because I ran into some Ajax error 500 problems when I dried to updrade the existing installation. Now I had a script running one a week which fetched all AD computers and Clusters and imported them as shared connection. I have already figured that I need to use a different path to import the Microsoft.WindowsAdminCenter.ConnectionTools module, and that the syntax for Import-Connection is now Import-WACConnection. However, when trying to connect, the commandlet now has a mandatory AccessKey parameter. The help suggests: "-AccessKey <String> The access key to the endpoint for form login. The access key can be created from Advanced menu of Settings on Windows Admin Center UI." However, I cannot find that option in the UI, there is only "Advanced" in the Development section of the UI, and there is no option for generating an access key. P.S. I have installed WAC to use Kerberos integrated Windows Authentication. In the past, the Import-Connection CMDlet was also just using the credentials of the currently logged-on user. Thank you for your help, MarcThe file Microsoft_Server_InsiderPreview_LangPack_FOD_29531.iso is missing language packs.
Is it difficult to put these language packs in Microsoft_Server_InsiderPreview_LangPack_FOD_29531.iso? WinRe.wim PackageName PackageState ReleaseType InstallTime WinPE-DismCmdlets-Package~31bf3856ad364e35~amd64~~10.0.29531.1000 Installed FeaturePack 2/7/2026 15:07 WinPE-DismCmdlets-Package~31bf3856ad364e35~amd64~en-US~10.0.29531.1000 Installed LanguagePack 2/7/2026 15:07 WinPE-PlatformId-Package~31bf3856ad364e35~amd64~~10.0.29531.1000 Installed FeaturePack 2/7/2026 15:06 WinPE-PlatformId-Package~31bf3856ad364e35~amd64~en-US~10.0.29531.1000 Installed LanguagePack 2/7/2026 15:06 WinPE-PowerShell-Package~31bf3856ad364e35~amd64~~10.0.29531.1000 Installed FeaturePack 2/7/2026 15:07 WinPE-PowerShell-Package~31bf3856ad364e35~amd64~en-US~10.0.29531.1000 Installed LanguagePack 2/7/2026 15:07 WinPE-SecureBootCmdlets-Package~31bf3856ad364e35~amd64~~10.0.29531.1000 Installed FeaturePack 2/7/2026 15:07 WinPE-SecureBootCmdlets-Package~31bf3856ad364e35~amd64~en-US~10.0.29531.1000 Installed LanguagePack 2/7/2026 15:07 WinPE-UpdateOrchestrator-Package~31bf3856ad364e35~amd64~~10.0.29531.1000 Installed FeaturePack 2/7/2026 15:08 WinPE-UpdateOrchestrator-Package~31bf3856ad364e35~amd64~en-US~10.0.29531.1000 Installed LanguagePack 2/7/2026 15:09
Can't download 29531
Hi can not download 29531 I get the below, I'm located in Sweden Error We are unable to complete your request at this time. Some users, entities and locations are banned from using this service. For this reason, leveraging anonymous or location hiding technologies when connecting to this service is not generally allowed. If you believe that you encountered this problem in error, please try again. If the problem persists you may contact Microsoft Support – page for assistance. Refer to message code 715-123130 and 2c3feb13-04f8-4432-bc28-c88fc015123b.
Encrypted vhdx moved to new host, boots without pin or recovery key
Hyper-V environment. Enabled VTPM on guest Server, 2022 OS and encrypted OS drive C:\ with BitLocker. Host server 2022 has physical TPM. Shut down guest OS and copied vhdx file to another Hyper-V host server that is completely off network (also server 2022 with a physical TPM). Created a new VM based on the "encrypted" vhdx. I was able to start the VM without needing a PIN or a recovery key. Doesn't this defeat the whole point of encrypting vhd's? Searching says that this should not be possible, but I replicated it twice on two different off network Hyper-V host servers. Another odd thing is that when the guest boots on the new host and you log in, the drive is NOT encrypted. So, where's the security in that? Does anyone have any ideas on this or if I'm missing something completely? Or have I just made Microsoft angry for pointing out this glaring flaw??BitLocker Network Unlock Question
I set up network unlock for two servers in our network as a test for a future deployment of BitLocker. Both HP's. One is a DL 360 Gen9 server with aftermarket TPM, the other is a DL360 Gen11 with onboard/HP TPM. Configured first NIC on both boxes for DHCP. Just to test things, I unplugged NIC1 but kept NIC2 plugged in on the Gen11 server and rebooted. It prompted for a PIN on boot up (expected behavior). Did the same test on the Gen9 server and it boots straight into the OS (unexpected behavior). As a further test, I kept NIC1 unplugged and then unplugged NIC2, rebooted and got prompted for a PIN (as expected since box was completely off network). Does anyone have any ideas why this is happening? Could it have something to do with the aftermarket TPM? From what I've read network unlock requires the first NIC to be DHCP so it can communicate with the WDS server and allow network unlock to work. Could it be something with the NIC's on the Gen9 server? I'm at a loss to explain this behavior. Hoping someone may have some insight. TIA
Lots of DNS Server events 5504 on AD DNS server from Cloudflare etc
Hi! I'm getting about 18 events with id 5504 while trying to resolve some DNS names, like fullfiles.xyz. The DNS server is configured to use provider DNS and root hints. I can suppress these messages by disabling root hints or by disabling EDNS0 with dnscmd /config /enablednsprobes 0. I tried to use packet capture on the DC and on the router, and analyzed the results with AI, which answered: "You receive malformed patterns on the WAN interface." Can anybody explain the cause of this problem? Any ideas to fix it? Thanks!
Issues with Group Policy Update (gpupdate)
I am getting an error when I attempt to perform a gpupdate /force on workstations. I have checked the health of the DC's and find no issues. I am going to include a screenshot of the error - hoping someone can guide me as on how to resolve. The system will say to reboot but the policy never seems to run just keeps prompting for reboot.Account blocked downloading any Insider ISO
Same basic message as the Google Fiber user, however, I know what caused my account to be blocked. I did not approve a Firewall request for Webview2 while using Server 2022 and Duck Browser (you know which one as I am not approving of nor recommending a non-MSFT issued browser here) to Download the ISO for Vnext on the Server Insider's Download page. I am still able to log into the page, select a build, choose my language, and I get the error after clicking Confirm. It also happened in Edge and on my cell phone using Cellular and it's proprietary browser. I installed 26534, and though it did allow me to attach my insider id to it, it would not dl a newer build, nor any Insider build for Windows 11 either. The page simply says to contact Microsoft support if you feel you got this in error. Of course, that would not accomplish anything except confuse some MSFT contacted Tech support and possibly incur a fee for me. You have my account info. Any help clearing it would be appreciated.
DNS DOH and DOT Server 2025
Does anyone know if Windows Server 2025 is planning to support native DNS over HTTPS or DNS over TLS? As of now, windows clients can be configured to support this, but MS DNS is not DOH or DOT compliant. I am just wondering if this is being considered or if it is on the roadmap. Thanks!
Did Microsoft make a mistake? WinServer 2022 Standard and up.
Microsoft removed functionality of Windows Deployment Service. I know their are ways to to get around this but they either are hackjobs or deploying your own windows with PE. as far as i know of writing this. I know I could go linux. they have a simple cd to follow. Or Mac has their own version for macs. but not microsoft. They THREW it away for some stupid reason. Do I really have to do a VM or worse ditch DNS & DHCP?
Access denied. 0x80090010 Enroll cert of Windows hello for Business with on-prem PKI CA Server
We have created Certficate Template from on-prem CA Server ( Windows server 2019 ) using this link : https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/rdp-sign-in?tabs=intune However We can not Enroll Certificate Windows Hello for Business Certificate from User's Desktop ( Windows 11 ) and every time error occurred or Access Denied ( Certificate enrollment for Domain\UserName failed to enroll for a WHfBCertificateAuthentication certificate with request ID N/A from -ERCA.Domain.local\Domain-ERCA-CA-1 (Access denied. 0x80090010 (-2146893808 NTE_PERM)) We have also given Read and Enroll permission to EveryOne and Autheticated Users from CA Certficiate template , but still same erro Please advise if anything more can be done to resolve this issue.
NTFS permissions are partially not working.
Participant A is sometimes unable to see Participant B’s files. The issue can be resolved by clicking the option: "Replace all child object permission entries with inheritable permission entries from this object." However, the problem keeps reappearing. Windows Server 2022 Datacenter (VMware 7.1), formatted as NTFS.Windows Admin Center 2410: cannot add computers
After a fresh installation of Windows Admin Center 2410, I cannot add any servers, clusters, PCs etc. WAC gives me "You can add this computer to your list of connections, but we can't confirm it's available" when I enter a computer name (either of FQDN or computer name alone). When I change to the Search Active Directory tab, I get: "We can’t search Active Directory because the Windows Admin Center computer isn’t joined to an Active Directory domain. It’s also possible that your account doesn’t have permission to read from Active Directory." The account I use is a domain admin, and the server running WAC is definitely joined to the AD DS. The server had the previous version of WAC installed where everything worked. Now, with the new version, that's no longer the case...Modernized Gateway Extension Support via WAC SDK
Hello, I would like to build a gateway plugin for the latest WAC v2511 but according to this documentation, the latest SDK package does not support the latest modernized gateway extensions. Is there a way to workaround this without downgrading WAC version? https://learn.microsoft.com/en-us/windows-server/manage/windows-admin-center/extend/develop-gateway-plugin “The Windows Admin Center SDK and developer tools have not yet been updated to support development of gateway plug-ins compatible with the Windows Admin Center modernized gateway. Following this guide will not result in a .NET 8 extension compatible with the modernized gateway.
Recent Blogs
- If you’re in charge of Group Policy settings, you know how critical the registry.pol file is and how nerve-wracking it can be when things go awry. Luckily, Windows now provides much more actionable i...Feb 20, 2026
- 12 MIN READHere is the link: Cross Forest - Certificate Enrollment | Microsoft Community Hub PKIsync.ps1 script At this time, we’re going to keep things simple. The goal is to create an Active Directory r...Feb 19, 2026
