Forum Widgets
Latest Discussions
Set Time Automatically - Turns Off By It Self
Hi, Working on a bunch of 2016 & 2019 servers in a CCTV application and time sync is very important. All computers are in local workgroup, no domain. I have found servers with the wrong time and the Set Time Automatically Option grayed out or turned off. I click to enable and the time sync's with our time server so all of that is working correctly. Any idea's why auto time sync gets turned off? Thanks KevinCCTVDudeJan 15, 2025Copper Contributor38KViews0likes6CommentsConfigure Certificate for LDAPS and Others
Hi, Thought I already posted this question but can't locate it now, so I guess it didn't work. Let's try again... I've been asked to setup secure LDAP on our network, and this is something completely new to me. I've been searching around for tutorials and have found some but none of them go into how to create the certificate using Certificate Services. I have been searching but all I'm finding is information on how to install a certificate authority, but that's as far as they go. What I've learned so far is that we have a Certificate Authority (CA) and an Intermediate Authority (IA), all installed by an ex-colleague, who didn't leave any notes or instructions on how to use them. I have learned somethings, like the CA should be protected and is powered down, I guess you power it up when you need it? And when I look in Certificates on our Domain Controller, I see a certificate under Local Computer\Personal\Certificates but it was issued by the CA, not the IA and it expired last summer. Not sure how to go about renewing it or creating a new one from the IA. If someone can point me in the direction of an easy-to-follow tutorial on how to manually create certificates, I'd appreciate it. So far, I'm not having any luck finding one. Thanks in advance!lkublerJan 15, 2025Copper Contributor1View0likes0CommentsServer Manager problem: Online - Data retrieval failures occurred
Hello, I'm using Windows Server 2022 and I have this problem: data retrieval on Server Manager. Is there a fix for this issue? Obs: - this is a test lab - all servers are domain members - I'm connecting on all servers with the domain Administrator account. - tested with both Firewall on and off - do NOT recommend this workaround: delete/rename the registry keys HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\xxx Thank you.SolvedMartinikJan 14, 2025Copper Contributor202KViews2likes85CommentsPossible to recover permanently deleted files windows server 2016?
Hi everyone, I am currently managing a Windows Server 2016 setup and accidentally deleted some important files. Unfortunately, these files are not in the Recycle Bin, which makes me think they’ve been permanently deleted.The server holds critical business data, and recovering these files is a top priority. I have not installed or written any new data to the affected drive to avoid overwriting the lost files. Before diving into third-party tools or professional services, I want to explore any built-in methods or reliable tools recommended by the community forrecovering permanently deleted files on Windows Server 2016.If you've encountered a similar issue or know of any solutions, please share your expertise! Looking forward to your advice. Thanks in advance!DasnkssskJan 14, 2025Copper Contributor650Views0likes9CommentsLDAPS and Certificate Creation
Hi, I've been asked to setup secure LDAP and convert all of our LDAP services to LDAPS. Something totally new to me, so I've been trying to teach myself. One issue I've run into is I'm not finding much information on how to create the secure certificates, so I'm looking for guidance. An ex-colleague stood up a certificate authority server (CA) and an intermediate certificate authority server (IA). Currently, the CA is powered down, which seems to be a best practice. The IA server is up and running, however, when I go to my domain controller (DC) and look at the Local Computer\Personal\Certificates section I do see a certificate, but it was issued by the CA and expired last summer. Shouldn't that certificate have been issued by the IA? How do I go about issuing certificates for this and other purposes, like all of the web-based control systems in my network like vCenter that complain about not being secure when I log into them? I've been searching for tutorials on the subject but only seem to find tutorials on how to install it, not how to use certsrv to issue and renew certificates. Does anyone know of any tutorials or walk-throughs like this? Thanks in advance!lkublerJan 14, 2025Copper Contributor3Views0likes0CommentsDNS record auto registered even the auto registration option was unchecked
Hello guys, I have an DC which have two NICs, A for Domain service and B for camera server. I don't want the IP address of NIC B registered in our DNS, so I uncheck the auto register option in the advance setting of NIC B. However, the IP address of it still keep registering t our DNS even I have manually deleted that option. I have checked the steps in the official article and it doesn't help. https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/unwanted-nic-registered-dns-mulithomed-dc Any suggestion is much appreciated.Huaiping_XueJan 14, 2025Copper Contributor12Views0likes0CommentsError trying to demote via dcpromo legacy 2012 R2 DCs
Hi, I am in the process of trying to assist a customer upgrade their 2 x DCs from 2012 R2 to 2022. I have built the 2 x new 2022 servers and they are domain joined so I am at the point where I am about to demote the first 2012 R2 DC. At this point, I have Made sure that AD is healthy and there are no issues with replication Moved all FSMO roles to the other DC in this environment meaning that the DC I am working on is hosting nothing DNS is synching fine At a high level, everything looks like it should so proceeding to demote the first DC and got the following error during demote process through dcpromo.exe Error - The Active Directory Domain Services Installation Wizard (Dcpromo.exe) could not configure the computer account DC2$ on the remote Active Directory Domain Controller DC1.REC.LAN. Verify that the user running Dcpromo.exe is granted the "Enable computer and user accounts to be trusted for delegation" user right in the Default Domain Controllers Policy. For more information, see the resolution section of http://go.microsoft.com/fwlink/?LinkId=178406." Now I have looked at the MS KB and I can see from this in this environment, it could be exactly what is stated and / or the fact that the DC computer objects are protected from accidental deletion. The second option is easy to fix but given the error specifically calls out the "Enable computer and user accounts to be trusted for delegation" I wanted to look at this. The user account that was running dcpromo.exe at this time has Domain Admin membership and when I checked this right through whoami /all, it stated this right was disabled. Looking at the Default Domain Controller Policy (which is applying to the Domain Controller OU) BUILTIN\Administrators (which Domain Admin are a part of) should be getting this right assigned to them. Does anyone know what is going on here or can provide assistance? I can't raise a partner support case for the customer as it is affecting 2012 R2. From DCPROMO.LOG " 2/17/2024 13:12:36 [INFO] Removing Active Directory Domain Services objects that refer to the local Active Directory Domain Controller from the remote Active Directory Domain Controller DC1.REC.LAN... 12/17/2024 13:12:36 [INFO] Error - The Active Directory Domain Services Installation Wizard (Dcpromo.exe) could not configure the computer account DC2$ on the remote Active Directory Domain Controller DC1.REC.LAN. Verify that the user running Dcpromo.exe is granted the "Enable computer and user accounts to be trusted for delegation" user right in the Default Domain Controllers Policy. For more information, see the resolution section of http://go.microsoft.com/fwlink/?LinkId=178406. The error was: (5) 12/17/2024 13:12:36 [INFO] NtdsDemote returned 5 12/17/2024 13:12:36 [INFO] DsRolepDemoteDs returned 5 12/17/2024 13:12:36 [ERROR] Failed to demote the directory service (5)" Any help would be much appreciated.ozzeus76Jan 10, 2025Copper Contributor35Views0likes1CommentWindows Server 2019 and .NET 4.8?
Hello, On a fully updated Windows Server 2019, roles and features allow me to install only .NET 4.7. One of the solution we are using require .NET 4.8 (Adaxes). When I install .NET 4.8 using the installer available herehttps://support.microsoft.com/en-us/topic/microsoft-net-framework-4-8-offline-installer-for-windows-9d23f658-3b97-68ab-d013-aa3c3e7495e0 It works, I can install Adaxes, but it break ServerManager as well as Azure AD Connect. What's the correct procedure to install .NET 4.8 on Server 2019 without breaking anything else? Thanks a lotYoannJan 08, 2025Copper Contributor195KViews5likes31CommentsWindows DNS server crash?
Our DNS servers crashed and took our network down. I rebooted them and its back but I foud the below error I have never seen before. Can't find anything in any log but this and its never happened before. Is thewre any way to tell what caused this? Event ID 906 lsass (796,G,0) A significant portion of the database buffer cache has been written out to the system paging file. This may result in severe performance degradation. See help link for complete details of possible causes. Previous cache residency state: 64% (23809 out of 37063 buffers) (72 seconds ago) Current cache residency state: 15% (4338 out of 28472 buffers) Current cache size vs. target: 99% (214.508 / 214.711 MBs) Physical Memory / RAM size: 8191.023 MBsJason_K1290Jan 07, 2025Copper Contributor22Views0likes0Comments
Resources
Tags
- Windows Server2,073 Topics
- Active Directory780 Topics
- management357 Topics
- Hyper-V304 Topics
- Networking285 Topics
- security270 Topics
- storage206 Topics
- powershell142 Topics
- clustering138 Topics
- AMA102 Topics