Forum Widgets
Latest Discussions
DCs not replicating across VPN
I am at a loss here. I have looked at every CMD option I can find, verified DNS and cannot get my DCs replicating across the VPN. I don't understand how I was able to join the domain but now the connectivity is a problem. So here is my setup: 2 DCs in Site (my building) 2 DCs in Datacenter connected by IPSec VPN I can ping the IP, the DNS name, the short name, and the domain from all DCs regardless of location. I have verified on each DNS server that the name servers are correct and resolved. I have run nltest, dcdiag, syncall, repadmin, etc. The only error that keeps showing up in most commands is 1722 network error. RPC unavailable. Topology incomplete. One oddity that I found was that on the DCs in the datacenter Sites and Services was missing one of the local DCs. I added it manually but there are no NTDS Settings for it. I have flushed DNS, reregistered DNS, restarted the servers. All Windows firewalls are set to ANY ANY for domain services. My WAN firewalls are ANY ANY between the sites I have no idea what to look for next. Please if anyone has ideas let me know. Also I have already build new servers multiple times and this keeps happening.
Windows update failure Error 0x8024200B
Windows server 2022 standard version 21H2 Installed 08/04/2025 OS Build 20348.3807 KB5063880 installation failed. Error 0x8024200B Latest servicing stack installed 10.0.20348.4160 Can't get the update to install, been through the entire guide on how to reset windows update etc. The only solution I can find is to reset windows and reinstall the OS, but surely that is a bit drastic for a security update, especially since the server was installed only 5 months ago? Any help would be useful please!
msDFSR-options value at the end of Authoritative synchronization of DFSR
Hello, I had a Sysvol synchronisation problem between my domain Controllers, so i made an authoritative synchronization of DFSR-replicated to fix it. Everything works find but i still have a question about the msDFSR-options value, should i keep it "1" or reset it to "not defined" Source : https://learn.microsoft.com/en-gb/troubleshoot/windows-server/group-policy/force-authoritative-non-authoritative-synchronization
Can't RDP when in protected users group 2 domains no trust
I have the following issue and have read a lot about people with similar issues, but not quite the same setup as we have. We are working with 2 domains. I call them Domain A and B. So Domain A is our own domain, with our own DC and servers. Domain B is a shared setup for our customers. We all are working with our mailto:email address removed for privacy reasons accounts to gain access to servers from our customers. All customer servers are member of Domain B All admin accounts are members of protected users. When i am logged in to our management server, that is a member of domain A i cannot RDP with my mailto:email address removed for privacy reasons account to whatever server from our customers. When i am in the office, we can access domain B from our personal laptops who are only Entra ID joined. From our personal laptops we can RDP to the servers of the customers in Domain B with the mailto:email address removed for privacy reasons accounts. Strange thing is: not all admin accounts have this issue (at the same time) Issue is resolved spontaniously My first question is, do i need to have a domain trust between Domain A and Domain B Both the domains have higher domain functional level then 2012 R2. I have communication between my management machine in Domain A to the domain controllers of Domain B. Not only ping, but also KDC, DNS, LDAP, etc. Our domain controller in Domain A does not have communication to Domain B.
RDP connection not possible and RDS-Virtualization role comes back after restart
Hello everyone, I have here an Windows Server 2022 Standard 21H2 (Build 20348.4052) (essentials) with the newest updates. This is the Domain Controller. Hyper-V is installed with one VM. The VM is a terminal server. In the past I have tried to install the terminal server on the Hyper-V Server. To do so I have installed all kind of remotdesktop roles. This was stupid of me. Especially it does not work on a DC. I want to connect as administrator by RDP (mstsc) to the server but it does not work anymore since I have installed all these roles and features. No other users are connected. I can still connect to the VM. In one situation I was able to connect to the server but after entering the password I have received the error 0x808 (0x101) that there is no licence server for remote desktop available. I have now removed all roles related to the terminal server and the rdp which I have installed. But I can not uninstall RDS-Virtualization. After uninstalling it comes back when I perform a restart. I have already tried Uninstall-WindowsFeature -Name RDS-Virtualization -Remove In the server manager appears a menu item about remote desktop services. But there is written that no connection broker server is in the pool. The submenu server lists my DC. I have found in the eventmanager a error related to the uninstalling process 0x80070057 wrong parameter But I do not have more information. DISM /RestoreHealth and sfc /scannow did not find any problems. I am not using VDI but is maybe the Hyper-V reinstalling the role after the restart? Do I need to uninstall the role to make RDP working again or could be there other reasons? Do you know where I find a detailed log about the problems about uninstalling the role and maybe the installing? Do you have any idea how I can find out more about the problem? Thank you!
GroupPolicy/Registry issue
My MDR product is having an issue with scanning the registry of our hosts. It times out and causes performance issues, essentially bringing down the host. I opened a case with their support and we narrowed the issue down to this reg key: Computer\HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects There are hundreds of sub keys, each with their own sub keys. It seems each time group policy is applied to the host, 2 new keys are created, a machine and a user key. As a test, I deleted everything under the main key and rebooted. After logging back in, 2 new keys had been created. After a day I checked again and there were a dozen or more. Now after a few weeks we're back up to hundreds. Does anyone have any ideas as how to automatically clean up the older entries to keep the number to a minimum? Or is there a way to stop this behavior? ThanksWindows Server 2022 Updates Anomaly
Hi, I've got 4 Windows 2022 servers configured for automatic updates using the following Group Policy option on the 3rd Wednesday of each month: 2 - Notify for download and auto install These servers are meant to have Windows updates manually installed by an Administrator. One of those servers stopped reporting to WSUS and it turns out the computer certificate (issued by an internal Microsoft CA) was missing. Once that was resolved, it reported to WSUS correctly. To test, I ran the following commands: usoclient.exe startscan Get-WindowsUpdate Several minutes after running the above commands, Event ID 44 was generated by the Windows Update Client downloading the updates. This was quickly followed by Event ID 43 where it started installing the updates. And about 12 hours later at 11:58PM, Event ID 1074 was generated where svchost.exe on behalf of NT AUTHORITY\SYSTEM initiated a reboot. 2 minutes later at 12:00AM, another Event ID 1074 saw TrustedInstaller on behalf of user NT AUTHORITY\SYSTEM initiated a reboot. And finally at 12:03am, Event ID 19 was generated saying the update was successfully installed. Event ID 19 was repeated again 1 minute later. As far as I can tell, usoclient.exe startscan and Get-WindowsUpdate without any options does NOT initiated a download and install of the updates. The other 3 servers behaved themselves until an Administrator went in and downloaded and installed the updates. This 1 rogue server decided to take its own initiative and the only difference from the other 3 is the missing computer certificate which was subsequently restored. Any pointers as to how this could happened would be much appreciated. Thanks.
Receiving many WMI issues in Server 2025 after applying KB5063878
After applying August 2025 updates, I am seeing many problems with WMI that are causing applications to fail with WMI related errors. There are tons of 5858 events logged. I'm observing this on several systems with that update. Any else experiencing this or know the cause? These problems were not occurring before KB5063878. Thanks.KB5063880 (2025-08 Cumulative Update for Microsoft server ) update 0x800f081f on W2022 server
Hi and sorry for my poor english I have a problem with this KB on my Win 2022 server : failed 0x800f081f I have try : DISM and SFC Tools - DISM.exe /Online /Cleanup-image /Restorehealth - sfc /scannow : Windows Resource Protection did not find any integrity violations. - Reboot & retry : failed 2. Reset Windows Update Components : a. net stop bits b. net stop wuauserv c. net stop appidsvc d. net stop cryptsvc e. ren %systemroot%\SoftwareDistribution SoftwareDistribution.bak f. ren %systemroot%\System32\catroot2 catroot2.bak g. net start bits h. net start wuauserv i. net start appidsvc j. net start cryptsvc Retry : Failed : failed 3. Offline Installation via Microsoft Update Catalog Have you an idea ? ThanksFailed test VerifyReferences
Hello everyone, We are using Windows Server 2019 Standard as the primary and currently only domain controller. Previously, there were several additional domain controllers, but they have all been demoted. dcdiag test VerifyReference returns me the following error: Starting test: VerifyReferences Some objects relating to the DC 18DC06 have problems: [1] Problem: Missing Expected Value Base Object: CN=NTDS Settings,CN=18DC06,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vk, DC=local Base Object Description: "DSA Object" Value Object Attribute Name: serverReferenceBL Value Object Description: "SYSVOL FRS Member Object" Recommended Action: See Knowledge Base Article: Q312862 [1] Problem: Missing Expected Value Base Object: CN=18DC06,OU=Domain Controllers,DC=vk, DC=local Base Object Description: "DC Account Object" Value Object Attribute Name: msDFSR-ComputerReferenceBL Value Object Description: "SYSVOL FRS Member Object" Recommended Action: See Knowledge Base Article: Q312862 ......................... 18DC06 failed test VerifyReferences Please advise on how to further investigate and resolve this issue. Thanks in advance.