Forum Widgets
Latest Discussions
- dsleeNov 04, 2024Iron Contributor37Views0likes0Comments
User CAL or RDS CAL for this kind of access?
My client need a VM with Windows Server 2022 installed. I've tell him to provide a Windows Server 2022 Standard 16 core installation but i'm confused with CAL license. The VM will start with an autologon on a user and then my customer will connect via RDP to that session (same user that starts in autologon) to manage the installed application (a SCADA automation software). Do I require a RDP CAL or a simple USER CAL? ThanksmaurodestroNov 04, 2024Occasional Reader38Views0likes0CommentsWindows Server 2016 on ESXi, two servers solution in case of failure
Hi, I'm facing a problem I still can't find a solution to. Short description below. ESXi virtualization environment has a Windows Server 2016 Datacenter installed. The Server has AD switched on, for the sake of our discussion I'm naming it "contoso.local". There are shared resources on the virtualized server such as shared folders and files, also there is MS SQL server which receives incoming connections from Windows clients (Win10/11). What do I need to achieve? I need to create another virtualized Windows Server 2016 Datacenter or Standard which will be an alternative server that will start offering its services immediately in case of the another server failure. What do I mean by "immediately" here? I mean, the switching procedure/time must be immediate and all the resources such as shared folders or SQL databases must be up-to-date. So, if at 1:00 PM the first server has a failure (disconnected, shut down by mistake etc), the other server must take control of the client machines at 1:05 PM. And as I mention all shared resources and SQL connections must stay the same but on the second server. The users on client machines can't have their work disrupted (any open Word documents in shared foilders intact or financial software connections kept on). I'm aware of the fact that the second server must be a sort of replica that works all the time and receives data from the server so it must be a 1-1 copy of all data that it constantly updates itself with new data coming from the first server. The question is - how can this be done ? I tried Cluster failover, storage replica already but this mechanism didn't work out. I created two disks (logs, data) according to step-by-step instructions but it is still not a solution to the problem. I'll appreciate any advice to my issue45ogrnidfso1000Nov 04, 2024Copper Contributor113Views0likes2CommentsBLOG: Windows Server Installation guidance / M365 Support on Windows Server
Windows Server 2025 will probablybe released later this year. At least signs / stars seem to align.🙂 Starting with this Windows Server release, Microsoft 365 Apps for Enterprise are supported within the mainstream support of the OS. That means 5 years peace of mind, after the release of the next Windows Server OS. For more information review the official matrix. Windows Server 2025, should be included after release. The latest Office Support Matrix can be obtained here Windows Server 2025 will be released this year with load ofsignificant improvements over 2022 or earlier versions. Please check thisannouncement + comments, and find morehere in the Windows Server 2025 AMA. Feel invited to join the Windows Server Summit and if you cannot attend, learn what's new watching the recorded sessions. This announcement and rich improvments, will make any migration plans worthwhile, noted Windows Server 2016 is already in Extended Support. Will outline later why this isn't a good thing for most. Windows Server 2019 just entered Extended Support this month. Obtaining and maintain Software Assurance for Windows Server through Volume Licensing or CSP Subscription (SA equivalency) makes sense for you this year in several ways for the adoption of the new Windows Server 2025 release Significant cost reduction through Azure Hybrid Benefits, among others for all licensed cores under SA or SA equivalency. This is not a licensing advice post, rather presents you common examples. For details hold on to Product Terms, as conditions may change. free Windows Server Datacenter OS licenses (even if on-prem only Standard licensed) in Azure. For Details hold on to Product Terms, conditions may change. free Azure Stack HCI usage for licensed cores free of charge access to the Windows Server Datacenter Azure Edition VM or ISO within Azure and when running on Azure Stack HCI, granting you exclusive features, but will also appear with Windows Server 2025. Hotpatching SMB over QUIC(fast and VPN-free access to on-prem authorized SMB shares / file server shares). per VM licensing on-premises on Azure Stack HCI and in Azure (currently with a minimum 8 cores per VM (vOSE)) dynamic licensing with Windows Server 2025* *SA or equivalent not required Use Microsoft (server) products, within mainstream support wherever possible especially, when production critical. Some (german) software manufacturers also specify that the Windows Server OS must be in mainstream support in order for their software to be supported. Microsoft 365 joins this chorus now. Caveat: Microsoft Exchange Server on-premises is currently only available in Extended Support (MS Exchange Server 2016 / 2019). So only the OS (WS 2022) can be kept in Mainstream support at the moment. Reasons against operating products in Microsoft Extended Support: support comes at extra costs hard to obtain / not immediately available, especially in emergencies there is no guarantee of solution or workaround Microsoft sometimes removes or replaces documentation of products outside of mainstream support Extended Security Updates are costly (free on Azure Stack HCI on-prem / and when running in Azure) Install Windows Server always in english language (en-us), if necessary use Language Packs (LP) / LIPs Reasons and pain points from the field: Microsoft’s / own PowerShell scripts or modules may be language dependent, e.g. Windows Features, local security groups etc. mass evaluation in Server Manager or PowerShell are hindered, as Eventlogs, Roles & Features and Windows services descriptions are language dependent. For example this renders full text search in Server Manager unhelpful. some roles are language dependent and therefore cannot be (easily) migrated (e.g. DHCP, AD CS) Documentation and error messages are easier to find and understand in English (crude translation) + operational bonus for Microsoft CoPilot in Edge, possibly replacing Dr. Google (Mechanical Doctor) when searching for solutions 🙂 way easier collaboration with Microsoft Support proven fewer problems with Windows Admin Center GPO Search Engine only exists in English. The translation of GPOs is very arbitrary. Direct in-place upgrade to Windows Server Azure Edition possible, when switching to Azure Stack HCI Windows Server 2022 and 2025 Support dynamic user based language packs (LIPs). Internet connection is required for download and updates. Bonus: You can leverage group policy to assign OS language, keyboard and regional settings based on user, or AD group membership. Choose / prefer to install Windows Server as Core option where possible This will enhance your "need" to adopt RBAC and Remote Management without RDP. Possible usecases: Domain Controller, Exchange, SQL (GUI Setup exists), FileServer etc. Remote Management via Privileged Admin Workstation (PAWS :paw_prints:) / Windows Server VM (RDSH) + Tools Windows Admin Center Server Manager DSAC and other RSAT tools sconfig Install Windows Server only as UEFI / GPT Windows Server 2022 and 2025 support VBS and Secured Coresettings. GPT / UEFI is a prerequisite for this. Windows Server 2022 / 2025 can use vTPM for Bitlocker and other things like Windows 11. GPT / UEFI is a prerequisite for this. easier migration paths VMware <> Hyper-V / Azure Stack HCI. These VMs are deployed as Gen 2 Hyper-V. Gen 1 VMs or VMware BIOS VMs are no longer preferred, see above. Keep the WinRE partition behind the OS partition easier maintenance of the OS in an emergency Uninstall of defective Windows Updates before the boot process (starting with Windows 2022) Re-Partitioning / Resizing using 3rd party tools possible via VHD(X) / VMDK mounting in another VM if required. You can find more information on WinRE and WinRE patching considerationsin this guidance. As you've made it to the end of this lengthy and hopefully helpful post, here's your bonus material / extended edition: Windows Server Upgrade guidance. Thanks for reading and adopting changes to your environment and strategy!2KViews1like1CommentError Occurred While Enrolling for a Certificate - Certificate Server
I am getting the above error when try to renew or enroll a new certificate. Additional information is The Certificate request could be submitted to the certification authority. Error: The RPC server is unavailable. 0X800706ba (WIN32: 1733 RPC_S_SERVER_UNAVAILABLE) Our CA was on a domain controller where we were getting this error. I moved the CA to it own server, restored the CA but still getting this. I have searched and followed numerous suggestions on the above topic but none have resolved the issue. This is running on a patched Windows Server 2022. Any additional suggestions would be appreciated.Solvedbfry2461Oct 30, 2024Brass Contributor114Views0likes1Comment(Another) Issue with RADIUS authentication for some users
Hi I thought I'd found the solution to our problemin this Tech Community thread from 2021, only to find that there was only one reply. Our NPS logs looks very very similar to those described in that 'DenverCoder' post, here's a screenshot to illustrate (the working one is in green, and shows the full AD path to the user account in AD, and the Network Policy name): We use NPS servers as part of the solution to provide MFA for our staff VPN. It works perfectly for about 127 out of 130 staff. but three of them don't even get an MFA prompt. Just now I thought I'd found a 4th victim, as she'd tried about 20 times today, only to succeed about an hour ago (not sure what inspired her to try again) Looking at the Event View on the NPS shows events 6273 (“Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect.”) and 4625 (“Failure Reason: Unknown user name or bad password.”) To me it looks like it's failing to recognise the user's group membership (you have to be in the AD group for the MFA to work, otherwise you ain't coming in bruv!) All suggestions gratefully received.SolvedJJefferyOct 29, 2024Brass Contributor864Views0likes9CommentsDrivers to install Windows after wiping out partisions
I have two servers (an old physical server and a VM hosted by VMware Workstation) with 3 iSCSI disks each. A previous Linux installation was wiped out using Gparted from both servers. When I try to install Windows Server 2022 I can't select any drive to install Windows and I am requested to load a driver. Where can I find the driver to recognize the disks? What can I do with Gparted or any other tool to make the disks visible by Windows installer? By the way, I can install Linux on both servers without any problem. RegardsMarius_RomaOct 29, 2024Brass Contributor60Views0likes0CommentsServer Manager problem: Online - Data retrieval failures occurred
Hello, I'm using Windows Server 2022 and I have this problem: data retrieval on Server Manager. Is there a fix for this issue? Obs: - this is a test lab - all servers are domain members - I'm connecting on all servers with the domain Administrator account. - tested with both Firewall on and off - do NOT recommend this workaround: delete/rename the registry keys HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\xxx Thank you.MartinikOct 29, 2024Copper Contributor197KViews2likes73CommentsFailover Cluster Manager error when not running as administrator (on a PAW)
I've finally been trying (hard) to use a PAW, where the user I'm signed into the PAW as does NOT have local admin privileges on that machine, but DOES have admin privileges on the servers I'm trying to manage. Most recent hiccup is that Failover Cluster Manager aka cluadmin.msc doesn't seem to work properly if you don't have admin privileges on the machine where you're running it from. Obviously on a PAW your server admin account is NOT supposed to be an admin on the PAW itself, you're just a standard user. The error I get when opening Failover Cluster Manager is as follows: Error The operation has failed. An unexpected error has occurred. Error Code: 0x800702e4 The requested operation requires elevation. [OK] Which is nice. I've never tried to run cluadmin as a non-admin, because historically everyone always just ran everything as a domain admin (right?) so you were an admin on everything. But this is not so in the land of PAW. I've run cluadmin on a different machine where I am a local admin, and it works fine. I do not need to run it elevated to make it work properly, it just works. e.g. open PowerShell, cluadmin <enter>. PowerShell has NOT been opened via "Run as administrator" (aka UAC). I've tried looking for some kind of access denied message via procmon but can't see anything obvious (to my eyes anyway). A different person on a different PAW has the same thing. Is anyone successfully able to run Failover Cluster Manager on a machine where you're just a standard user?RobinCMOct 28, 2024Brass Contributor950Views1like2CommentsPrinting issues with Remote Desktop on mac OS Sonoma 14.0 (Windows Server 2016)
Hi, We have a user that since upgrading to MacOS Sonoma has been unable to print from remote desktop using a redirected printer like he normally would. Colour/printing options are also missing. The user prints from a RDS server running server 2016.jamiewilliamsOct 28, 2024Copper Contributor61Views0likes0Comments
Resources
Tags
- Windows Server2,039 Topics
- Active Directory768 Topics
- Management352 Topics
- Hyper-V299 Topics
- Networking279 Topics
- Security263 Topics
- Storage204 Topics
- PowerShell139 Topics
- clustering138 Topics
- AMA102 Topics