Recent Discussions
NPS fails to generate logs
I have a new 2025 domain and am setting up 802.1X to allow access to users/computers using certificate based authentication. I have a CA installed on a new 2025 member server and configured that role and also have Group Policies deployed to enroll users/computers with the certificate needed to connect internal WiFi/wired networks. I've verified clients are receiving all needed certs and the root cert. I have installed NPS (same server has CA), registered to AD, added Radius clients and configured policies. Everything looks good except...nothing works. Clients are not receiving authentication responses (just timeouts) and there are no logs being generated. Also, there are no relevant entries in the Windows Event Logs. I enabled auditing via the cmd line and verified it is enabled. I've also forced auditing via Group Policy. I've verified the NPS log location and have even tried moving it to other folders to see if it was a permission issue. I'm out of ideas. What else can I try?
RDP Long delay between Longon-Event and GPO-Processing
Hello, i have an 2019 rdp connection-broker and some 2019 session-hosts with current os. Sometimes it takes a very long time (up to 15 minutes) between the logon at the session-host till i get an desktop. In the event-log i see the security-event 4624 (an account was logged on) at 08:02. If i check gpresult for this user i see the processing of the gpo startet at 08:16 and is finished in a few seconds. And this times match with the user-experience that they see a "loading user profile" message. How can i get information which task takes so long? Regards Arnold
Unable to personalize display in Hyper-V VM
I have two physical servers running Windows Server 2025 Standard Edition, each with Hyper-V installed. On the first 2025 server, I have no issues adjusting video/personalization settings in running virtual machines. On the second server, I created a 2025 domain controller but I am unable to adjust any of the video settings ("remote resolution changes not allowed") even though enhanced sessions are enabled. How can I fix this on the second server? Thanks.
Clients failed to obtain internet right after DC 01 failover to DC02.
Hi, Recently, our team conducted a Disaster Recovery (DR) exercise where we successfully failed over from DC01 to DC02. The objective was to verify that DC02 could take over Windows services such as DNS, DHCP, and Active Directory (AD) to ensure business continuity. However, after shutting down DC01, we observed the following issues: Clients began losing internet connectivity. DHCP failed to lease addresses to clients. Connectivity on client machines was only restored after running the ipconfig /flushdns command, which forced them to communicate with DC02. Everything when back to normal when we resumed AD01. For additional context, our environment is also using ClearPass as the RADIUS server and has no issue authenticating clients. I would like to seek advice from anyone with expertise in this area: did we overlook any critical steps during or after the failover process?Server 2025 - unable to Open shared files and webpages on another 2025 Server
I have three or 4 2025 virtual servers on our domain penciled in to replace some older servers. All the servers have file and storage roles and one is an IIS server as well. If i try and open a shared file from any 2025 server the windows users name and password pop up opens and you cannot get past it. If trying to open a IIS site from a 2025 server you cannot either. From any other older server or client the share and the webpages are accessible and work as expected. I obviously need this to work as these servers are part of an ERP Environment and need to have access to each other. I've Searched the web and tried some of the suggestions but nothing so far has worked. DNS has passed, pings have passed, Using IP brings the same issues. Help
Unable to Install Windows Server 2022 standard Edition
Hi Team , i'm trying to install the iso of windows server 2022 downloaded from microsoft web site. but i'm receiving an error message at the beginning of the installation. the error message is saying : " windows cannot find the Microsoft Software License Terms. Make sure the installation source is valid " . i kindly request your help on how i can resolve this issue
DCs not replicating across VPN
I am at a loss here. I have looked at every CMD option I can find, verified DNS and cannot get my DCs replicating across the VPN. I don't understand how I was able to join the domain but now the connectivity is a problem. So here is my setup: 2 DCs in Site (my building) 2 DCs in Datacenter connected by IPSec VPN I can ping the IP, the DNS name, the short name, and the domain from all DCs regardless of location. I have verified on each DNS server that the name servers are correct and resolved. I have run nltest, dcdiag, syncall, repadmin, etc. The only error that keeps showing up in most commands is 1722 network error. RPC unavailable. Topology incomplete. One oddity that I found was that on the DCs in the datacenter Sites and Services was missing one of the local DCs. I added it manually but there are no NTDS Settings for it. I have flushed DNS, reregistered DNS, restarted the servers. All Windows firewalls are set to ANY ANY for domain services. My WAN firewalls are ANY ANY between the sites I have no idea what to look for next. Please if anyone has ideas let me know. Also I have already build new servers multiple times and this keeps happening.
DNS and host domain
I configured a Windows 2019 server with DNS service. The domain is contoso.com. The contoso.com domain is outside the local network. I entered the IP of the external domain and deleted the IPs of the Windows server and the replica server. After a few minutes, the server created two host domains again with the IPs of the DNS servers. How do I prevent it from setting the DNS servers as the host domain?Default Profile not setting Backgroud
Hello, this is driving me nuts! I'm just preparing our template for Windows Server 2025 VM rollout. I try to set a solid background in the default profile (c:\uses\default\ntuser.dat), so every new user gets this as default background. I have set HKCU\Control Panel\Colors Background REG_SZ 50 84 154 HKCU\Control Panel\Desktop Wallpaper REG_SZ HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\DesktopSpotlight\Settings EnabledState DWORD 0 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Wallpapers BackgroundType DWORD 1 but every new user/profile still gets the windows default background image (C:\WINDOWS\web\wallpaper\Windows\img0.jpg). Don't want to use GPOs, as the setting should be optional. All other settings from teh default profile copy all right. Anyone any idea? Thanx! Cheers __Leo
vNVMe on Hyper-V to unlock PCIe 5.0 NVMe performance
On hosts with NVMe PCIe 5.0 (E3.S/U.2), Hyper-V guests still use virtual SCSI and leave a lot of performance on the table. We are paying for top-tier storage, yet software becomes the limiter. A virtual NVMe device that preserves checkpoints/Replica/Live Migration would align guest performance with modern hardware without forcing DDA and its operational trade-offs.
Server 2016 Essentials Version 1607 (OS Build 14393.8246)
Hi. Ive had some problems with this server recently and im trying to use DISM to restore health. Problem is Im unable to find the copy of the OS to do it. The only version we have been able to find is a later version which obviously wont work. Any thought on where I can find a copy? MS only seem to have eval versions of 2016. ThanksServer 2025 Core ADDS DC, Network Profile Showing as "Public" and not as "DomainAuthenticated"
OS: Windows Server 20225 Standard Core (no GUI), build 26085.1 Role: ADDS, DNS ForestMode: Windows2025Forest DomainMode: Windows2025Domain Platform: Hyper-V guest When standing up a clean Windows Server 2025 using server core and configuring it as a domain controller, the network category (profile) always shows as "public." A clean load of Windows Server 2022 with server core as a domain controller has the same behavior. However, in Server 2022, the fix is to add DNS as a required service to the nlasvc (Network Location Awareness) service. Once that is done, the network category reflects "DomainAuthenticed" and persists between reboots. In Server 2025, the nlasvc service does not have the same requiredservices as Windows Server 2022, and it does not start automatically. Even after configuring the nlasvc service the same way it is in Server 2022 and adding DNS as a required service, the network category still reflects "public." The only way to get the network category to properly reflect the "DomainAuthenticated" status is to disable and reenable the network adapter after each reboot.In-place upgrade possibility planned for Windows Server 2025 Datacenter Azure Edition ?
There is currently no official ISO for Windows Server Datacenter: Azure Edition that supports setup.exe /auto upgrade for in-place upgrades. Azure Update Manager does not support OS version upgrades for Azure Edition through optional features. Is anyone aware of a supported workaround?Active Directory Unable to reset user passwords
I am managing a Windows Server 2025 Active Directory environment with client machines. I created a test user and enabled the option “User must change password at next logon.” I then provided a temporary password to the user, expecting them to get the prompt to change it on first login. However, when the user attempts to change the password, they receive the error: “The user must change password before signing in.” My goal is that when I provide a temporary password to a user: They get the prompt to change the password at next logon. When they change it, it should not throw the “user must change password before signing in” error. I need guidance on how to achieve this so users can reset their passwords successfully.
Recent Blogs
- 5 MIN READAbout media-based upgrade to Windows Server 2025 With N-4 media based upgrades, you can upgrade your organization’s physical devices and virtual machines directly from Windows Server 2012R2, Window...Sep 23, 2025
- Hello team, Manuel here. In recent years, Microsoft has introduced Strong Certificate Name Mapping (Strong Mapping) as a requirement for certificate-based authentication in Active Directory environme...Sep 05, 2025
