Recent Discussions
Google fiber being blocked??
I’m on Google fiber and can't download the newest ISO. I get a msg that says some block of IPs is being blocked because they are not who they say they are. Likewise, I have no anonymizer running and my ip is my own on google fiber. error msg; message code 715-123130 and b64dd3c8-ed16-4d46-87ac-a871691f1c41.
0x000003eb Windows cannot connect to the printer.
Hello fellow Windows administrators, I have installed Windows 2025 as a print server. I share Xerox network printers from there using the Xerox Gobal PostScript driver (requirement). When installing the shared printer from that server (\\2025server\ double-click the printer), file C:\Windows\system32\spool\DRIVERS\x64\3\PS5UI.DLL gets overwritten by the version from the server (a newer version 2026-02-11 that was pushed by monthly windows updates) which comes from "\\2025server\print$\x64\PCC\ntprint.inf_amd64_c9d56d0edd975df6.cab". It overwrites the version actually in the local server before the printer installation completes. This is normal behavior. On windows 2016 and 2019 the printer installation then fails with error "0x000003eb Windows cannot connect to the printer" and 2 eventlogs : "The print spooler failed to import the printer driver that was downloaded from "\\2025server\print$\x64\PCC\ntprint.inf_amd64_c9d56d0edd975df6.cab" into the driver store for driver Xerox Global Print Driver PS. Error code = 800702e4. This can occur if there is a problem with the driver or the digital signature of the driver." And : "The print spooler failed to load a plug-in module C:\Windows\system32\spool\DRIVERS\x64\3\PS5UI.DLL, error code 0x8007007F. See the event user data for context information." If I install the the exact same shared printer on any other OS than 2016/2019 servers , local Ps5ui.dll gets overwritten with the server 2025 (2026-02-11) version and printer installs and fine. I figured that if I go to my old print server (2022) and retrieve ps5ui.dll from there, put it in local folder on the 2016-2019 servers (overwriting the 2026-01-14 | 2026-02-11 version) and install the shared printer again, now it installs fine. (It does not retreive ps5ui.dll from the 2025 again and so it does not overwrite the local onel). I even re-installed 2025 in a vm without network (so no windows update) and extracted ps5ui.dll from there, and this one works too. This issue seems to be caused by recent windows update, the first culprit I'm aware of is dated 2026-01-14. The february update installed today also modifies ps5ui.dll on the 2025 server, but does not resolve the issue either. So, either there's something I have to change on the 2016/2019 servers, or there is a bug in that file… I'm thinking the later as the original file form the 2025 iso works fine. :\
Encrypted vhdx moved to new host, boots without pin or recovery key
Hyper-V environment. Enabled VTPM on guest Server, 2022 OS and encrypted OS drive C:\ with BitLocker. Host server 2022 has physical TPM. Shut down guest OS and copied vhdx file to another Hyper-V host server that is completely off network (also server 2022 with a physical TPM). Created a new VM based on the "encrypted" vhdx. I was able to start the VM without needing a PIN or a recovery key. Doesn't this defeat the whole point of encrypting vhd's? Searching says that this should not be possible, but I replicated it twice on two different off network Hyper-V host servers. Another odd thing is that when the guest boots on the new host and you log in, the drive is NOT encrypted. So, where's the security in that? Does anyone have any ideas on this or if I'm missing something completely? Or have I just made Microsoft angry for pointing out this glaring flaw??
Modernized Gateway Extension Support via WAC SDK
Hello, I would like to build a gateway plugin for the latest WAC v2511 but according to this documentation, the latest SDK package does not support the latest modernized gateway extensions. Is there a way to workaround this without downgrading WAC version? https://learn.microsoft.com/en-us/windows-server/manage/windows-admin-center/extend/develop-gateway-plugin “The Windows Admin Center SDK and developer tools have not yet been updated to support development of gateway plug-ins compatible with the Windows Admin Center modernized gateway. Following this guide will not result in a .NET 8 extension compatible with the modernized gateway.BitLocker Network Unlock Question
I set up network unlock for two servers in our network as a test for a future deployment of BitLocker. Both HP's. One is a DL 360 Gen9 server with aftermarket TPM, the other is a DL360 Gen11 with onboard/HP TPM. Configured first NIC on both boxes for DHCP. Just to test things, I unplugged NIC1 but kept NIC2 plugged in on the Gen11 server and rebooted. It prompted for a PIN on boot up (expected behavior). Did the same test on the Gen9 server and it boots straight into the OS (unexpected behavior). As a further test, I kept NIC1 unplugged and then unplugged NIC2, rebooted and got prompted for a PIN (as expected since box was completely off network). Does anyone have any ideas why this is happening? Could it have something to do with the aftermarket TPM? From what I've read network unlock requires the first NIC to be DHCP so it can communicate with the WDS server and allow network unlock to work. Could it be something with the NIC's on the Gen9 server? I'm at a loss to explain this behavior. Hoping someone may have some insight. TIA
Shadow Copy with 6 days delay
a { text-decoration: none; color: #464feb; } tr th, tr td { border: 1px solid #e6e6e6; } tr th { background-color: #f5f5f5; } Shadow Copy Windows Server 2022 Datacenter (VMWare 7.1) The MaxShadowCopies registry value has been increased to 256. Shadow Copies have been redirected to a different hard disk; FS=NTFS. The schedule is set to run three times per day. The maximum size is set to “Limit” with 1,700,000 MB. Current issue: Shadow Copies were available normally for several months. Now, suddenly, the Shadow Copies are displayed with a 6‑day delay.NTFS permissions are partially not working.
Participant A is sometimes unable to see Participant B’s files. The issue can be resolved by clicking the option: "Replace all child object permission entries with inheritable permission entries from this object." However, the problem keeps reappearing. Windows Server 2022 Datacenter (VMware 7.1), formatted as NTFS.
Server 2025 not accepting Ricoh scans
The scanner has stopped scanning to their server since I upgraded the server OS from Windows Server 2022 to 2025. • Installed the Ricoh drivers for both the scanner and printer (from Ricoh’s web site) • Created a new simple share/filepath for the scanner to send to (\\SERVER2022\Scans) • Used IP address (10.1.10.2) instead of server name in file (UNC) path • Entered admin credentials with or without server name (it is a workgroup server, not a DC) • Created another user and tried all above with that new admin • With either server share and/or user, tried different permissions on the shared folder • Tried disabling/enabling inherited permissions on the shared folder • Disabled the Advanced Firewall entirely for testing – no change either way • Double checked incoming ports/programs on the firewall – all required were open • Activated SMB1 on server, tried with or without SMB2/SMB3 disabled • I was able to create a share on two other computers; one running Windows 10 and one running Windows 11. They both worked.ASP Classic stop working after Windows Server 2012 for x64-based System KB5073698
I hope this will be useful to others. We have a legacy application implemented using classic ancient ASP after the most recent windows server rollup update the ASP pages stop working, without any error message, the worker thread just crashed. It turned out that the network stack was hardened and the old ASP engine did not expect a failure on network operations. I did a short write up here with the solution https://www.linkedin.com/pulse/classic-asp-bug-took-four-days-solve-ridiculous-root-cause-pedruzzi-adw9eIssues with Group Policy Update (gpupdate)
I am getting an error when I attempt to perform a gpupdate /force on workstations. I have checked the health of the DC's and find no issues. I am going to include a screenshot of the error - hoping someone can guide me as on how to resolve. The system will say to reboot but the policy never seems to run just keeps prompting for reboot.
Lots of DNS Server events 5504 on AD DNS server from Cloudflare etc
Hi! I'm getting about 18 events with id 5504 while trying to resolve some DNS names, like fullfiles.xyz. The DNS server is configured to use provider DNS and root hints. I can suppress these messages by disabling root hints or by disabling EDNS0 with dnscmd /config /enablednsprobes 0. I tried to use packet capture on the DC and on the router, and analyzed the results with AI, which answered: "You receive malformed patterns on the WAN interface." Can anybody explain the cause of this problem? Any ideas to fix it? Thanks!Beyond RC4 for Windows authentication - Question regarding KB5073381
In KB5021131 MS recommends setting the value for DefaultDomainSupportedEncTypes to 0x38, in the new KB 5073381 it's 0x18. This removes the setting that forces "AES Session Keys" which should be fine if Kerberos Tickets can only use AES Encryption. But what about accounts that have RC4 enabled in their msds-supportedEncryptionTypes attribute? They could still use RC4 for Kerberos ticket encryption and would then also fallback to RC4 session ticket encryption. As far as I believe the DefaultDomainSupportedEncTypes was explicitly introduced to avoid this scenario. Or is there now some hard-coded mechanism that always ensures that Session Keys are AES encrypted?Migrating from VMware to Hyper-v
Hi, I've recently deployed a new 3x node Hyper-v cluster running Windows Server 2025. I have an existing VMware cluster running exsi 7.x. What tools or approach have you guys used to migrate from VMware to Hyper-v? I can see there are many 3rd party tools available, and now the Windows Admin Center appears to also support this. Having never done this before (vmware to hyper-v) I'm not sure what the best method is, does anyone here have any experience and recommendations pls?Configuring WAC on standalone management desktop
I'm trying to configure WAC on a standalone notebook to be used as management station for different customer installation. After installing WAC on the notebook I've followed, I think, all the required steps to configure the connection between my computer to one customer's node. I've configured Winrm on my computer and on the customer node. I've generated a self-signed cert on the node with the CN set as the FQDN used to connect from the WAC. I've imported the cert on the trusted root cert on the WAC computer. I've checked the connectivity with the Test-WsMan from the wac to the server and it works. However from the WAC console the connection to the node fails with the "ssl connection " error. Has anyone been able to configure it in such way ? thanksSetting up MFA for RD Web Access and RD Web Client using ADFS
All servers in our Remote Desktop Gateway (RDG) environment are running Windows Server 2022 (Datacenter and Standard). The RDG environment is fully operational. Users can successfully authenticate to RD Web Access and the RD Web Client, and all published folders and servers are visible as expected. Most servers are configured for direct access, with a few configured as Session Hosts. Overall, everything is functioning correctly except the MFA. Based on my research into integrating ADFS MFA with RD Web Access / RD Web Client, it appears that MFA is only triggered when authentication flows through Web Application Proxy (WAP). Question: To support MFA for internal users without exposing RD Web externally, I’m considering creating a separate WAP cluster dedicated to internal traffic that would proxy authentication requests to the ADFS servers and trigger MFA. Since I’m still building familiarity with WAP and ADFS, is it supported for ADFS to work with two WAP clusters one handling internal traffic and another handling external traffic against the same ADFS farm? -LarryWindows Admin Center - Vmware migration to HyperV
We have a vCenter (multiple hosts) with about 30 VMs and need to migrate them to a single HyperV host. I installed the Windows Admin Center and the other components (https://learn.microsoft.com/en-us/windows-server/manage/windows-admin-center/use/migrate-vmware-to-hyper-v). I migrated 2 servers, one at a time, and both seemed to work, though I had to set the IP manually. I then chose 2 servers to migrate both at the same time and it seems to be hung. The sync process completed successfully. The migration process for both got to 25% and has been stuck there for a day now. The disks aren't that big and, presumably most of that was created/copied during the sync process. I also don't see an option to stop the process or restart it. I know the VM Conversion is a Preview function, so I'm sure support it limited. Any help or direction would be appreciated.Windows Backup taking waaaaay to long
While I'm not a heavy user of these MS forums I have had to resort to them from time to time over the last 15-20 years. Yet I still can't figure out the organizational structure and it seems I can never find the right forum for my query. Almost every time my post gets moved to the correct forum or message board, or someone gives me a link directly to it. I expect it to be no different this time, and I'm perfectly fine with that. So here we go. I have Windows Server 2025 installed as a VM using MS's built-in Hyper-V on a Server 2025 computer. the VM is set up as a DC and all that stuff functions exactly as it should. However, doing the backup has suddenly gone from taking anywhere from 2 hours to a max that comes close to but has never exceeded four hours. Obviously, it depends on how much there is to actually back up. I've already gone through the troubleshooting tips to do things like checking the VSS settings and a bit of other stuff I can't exactly recall at the moment. I have an external physical 1TB usb hard drive attached to the physical computer and then it's attached as a drive to the Server 2025 VM and shows up in computer management/disk manager ad Disk 1, as it should. I have the VM set up to use this Disk 1 as the backup disk with the Windows Server Backup program. Some things I note and add here in case it matters. - The size of the VM disk for this Server 2025 VM is 500GB and the partition size of Drive C shows as 498.91GB with the remaining shown as 100MB for the EFI system partion and 1001MB for the recovery partition. - When backup starts, a new disk labeled Disk 2 appears in the disk management window on the VM and I note it's the same size as Drive C on the VM at 498.91GB. I'm wondering if this has anything to do with why my backups suddenly went from taking a max of 4 hours to as long as 20 hours to complete. Where is this virtual disk created? I looked on the VM host machine in the C:\programdata\microsoft\windows\Virtual Hard Disks directory, and it's not there. It's not on the VM machine because the virtual hard disk directory doesn't exist in that same location on the VM. THe host machine itself has a 2TB hard drive in it with 993GB of free space. Any advice or suggestions here? I have no idea why backups went from 2-4 hours to taking 20 hours or more to complete. Thanks for any help, advice or suggestions anyone can offer here. -Carl
Recent Blogs
- Bring encrypted, authenticated DNS to Windows DNS Server with our new DoH public preview, designed for Zero Trust‑minded enterprises that want stronger security without disrupting what already works....Feb 09, 2026
- “1‑mode, 2‑mode, 3‑mode 4… Two modes together in one platform core.” -Windows Admin Center developer limerick In our last blog, we introduced Windows Admin Center: Virtualization Mode (vMode) a...Feb 09, 2026
