Forum Widgets
Latest Discussions
Setting up MFA for RD Web Access and RD Web Client using ADFS
All servers in our Remote Desktop Gateway (RDG) environment are running Windows Server 2022 (Datacenter and Standard). The RDG environment is fully operational. Users can successfully authenticate to RD Web Access and the RD Web Client, and all published folders and servers are visible as expected. Most servers are configured for direct access, with a few configured as Session Hosts. Overall, everything is functioning correctly except the MFA. Based on my research into integrating ADFS MFA with RD Web Access / RD Web Client, it appears that MFA is only triggered when authentication flows through Web Application Proxy (WAP). Question: To support MFA for internal users without exposing RD Web externally, I’m considering creating a separate WAP cluster dedicated to internal traffic that would proxy authentication requests to the ADFS servers and trigger MFA. Since I’m still building familiarity with WAP and ADFS, is it supported for ADFS to work with two WAP clusters one handling internal traffic and another handling external traffic against the same ADFS farm? -Larry
Windows Backup taking waaaaay to long
While I'm not a heavy user of these MS forums I have had to resort to them from time to time over the last 15-20 years. Yet I still can't figure out the organizational structure and it seems I can never find the right forum for my query. Almost every time my post gets moved to the correct forum or message board, or someone gives me a link directly to it. I expect it to be no different this time, and I'm perfectly fine with that. So here we go. I have Windows Server 2025 installed as a VM using MS's built-in Hyper-V on a Server 2025 computer. the VM is set up as a DC and all that stuff functions exactly as it should. However, doing the backup has suddenly gone from taking anywhere from 2 hours to a max that comes close to but has never exceeded four hours. Obviously, it depends on how much there is to actually back up. I've already gone through the troubleshooting tips to do things like checking the VSS settings and a bit of other stuff I can't exactly recall at the moment. I have an external physical 1TB usb hard drive attached to the physical computer and then it's attached as a drive to the Server 2025 VM and shows up in computer management/disk manager ad Disk 1, as it should. I have the VM set up to use this Disk 1 as the backup disk with the Windows Server Backup program. Some things I note and add here in case it matters. - The size of the VM disk for this Server 2025 VM is 500GB and the partition size of Drive C shows as 498.91GB with the remaining shown as 100MB for the EFI system partion and 1001MB for the recovery partition. - When backup starts, a new disk labeled Disk 2 appears in the disk management window on the VM and I note it's the same size as Drive C on the VM at 498.91GB. I'm wondering if this has anything to do with why my backups suddenly went from taking a max of 4 hours to as long as 20 hours to complete. Where is this virtual disk created? I looked on the VM host machine in the C:\programdata\microsoft\windows\Virtual Hard Disks directory, and it's not there. It's not on the VM machine because the virtual hard disk directory doesn't exist in that same location on the VM. THe host machine itself has a 2TB hard drive in it with 993GB of free space. Any advice or suggestions here? I have no idea why backups went from 2-4 hours to taking 20 hours or more to complete. Thanks for any help, advice or suggestions anyone can offer here. -Carl
Remediation for CVE-1999-0532 on Windows DNS Servers
CVE-1999-0532 was detected on Windows DNS Server which involves a misconfigured Domain Name System (DNS) server that allows full or partial zone transfers (AXFR requests) to any requesting client. Based on recommendation, I have configured in DNS -> Allow Zone transfer, to only allow specific authorized servers IP addresses. Is this the correct method for CVE-1999-0532 remediation? In addition, I an unable to find any Microsoft article related to the mentioned CVE-1999-0532. Please share if there is any.
NPS network policy with multiple Client ip4 addesses
I have a wireless policy on my NPS server with the primary wireless controller added using a Client IPv4 address entry in the policy. I want to add the backup controller as well but it seems it is adding it as a and condition. I need it to be added as an or condition when the primary controller is unreachable. How can I add multiple Client ip4 addessess in a Network policy with an or condition? An and condition would require both to be reachable. thanks.WSUS changing Update Source on its own
We have 2 WSUS Servers and ConfigMgr. A week ago, one of the WSUS servers began changing the Update Source on its own, no changes had been made. It began pointing to the ConfigMgr and when changed back to use MS Update, shortly after checking again it reverted back to use ConfigMgr. Checked all Events, checked the SQL SUSDB for the WSUS server however there was no information related to this action. Any ideas where I can look next ? Thank you
AOVPN / Reasoncode 16
We have an always on vpn configuration. This worked fine till few months ago, users can't get connected anymore. After reboot of NPS server, all works fine for some time (random, sometimes 1 day, 2 days, 1 week), till the users can't get connected again. Reboot of nps server solves it. When users can't connect, I see an event on NPS server with reason code 16 Network Policy Server denied access to a user. Contact the Network Policy Server administrator for more information. User: Security ID: xxx Account Name:xxx Account Domain: xxx Fully Qualified Account Name: xx Client Machine: Security ID: NULL SID Account Name: - Fully Qualified Account Name: - Called Station Identifier: x.x.x.x Calling Station Identifier: x.x.x.x NAS: NAS IPv4 Address: x.x.x.x NAS IPv6 Address: - NAS Identifier: server-VPN01 NAS Port-Type: Virtual NAS Port: 14 RADIUS Client: Client Friendly Name: server-VPN01 Client IP Address: x.x.x.x Authentication Details: Connection Request Policy Name: Virtual Private Network (VPN) Connections Network Policy Name: Virtual Private Network (VPN) Connections Authentication Provider: Windows Authentication Server: server-NPS01 Authentication Type: PEAP EAP Type: Microsoft: Smart Card or other certificate (EAP-TLS) Account Session Identifier: 33373834 Logging Results: Accounting information was written to the local log file. Reason Code: 16 Reason: Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect. As said, reboot of nps solves issues temporary. Already installed new nps server but same issue. Any suggestions where to check ?
SystemSettings. exe on Windows server 2025 crashes after installing Xbox game
I installed the Microsoft App Store on Windows Server and installed Minecraft. However, entering the system>display>graphics tab in the settings will cause the settings to crash.I tested both Bedrock and Java and found this issue. I think any Xbox game in the Microsoft Store should be able to reproduce this issue. + System - Provider [ Name] Application Error [ Guid] {a0e9b465-b939-57d7-b27d-95d8e925ff57} EventID 1000 Version 0 Level 2 Task 100 Opcode 0 Keywords 0x8000000000000000 - TimeCreated [ SystemTime] 2025-12-04T08:55:23.2042032Z EventRecordID 27146 Correlation - Execution [ ProcessID] 10988 [ ThreadID] 20000 Channel Application Computer WIN-JSD290TH0EL - Security [ UserID] S-1-5-21-868965638-952098041-1598110278-1002 - EventData AppName SystemSettings.exe AppVersion 10.0.26100.7019 AppTimeStamp f88449de ModuleName Windows.Gaming.Preview.dll ModuleVersion 10.0.26100.7019 ModuleTimeStamp 8e7f4dfa ExceptionCode c0000005 FaultingOffset 000000000003aadd ProcessId 0x1230 ProcessCreationTime 0x1dc64fbb631455a AppPath C:\Windows\ImmersiveControlPanel\SystemSettings.exe ModulePath C:\Windows\System32\Windows.Gaming.Preview.dll IntegratorReportId f2340132-82be-40d6-9c76-ec8fcbb9d19e PackageFullName windows.immersivecontrolpanel_10.0.8.1000_neutral_neutral_cw5n1h2txyewy PackageRelativeAppId microsoft.windows.immersivecontrolpanel
Allow VMs attached to internal switch on hyper-V win2k19 access Internet
Hi, I have 4 VMs attached to an internal switch with IPs 10.10.0.*, assigned 10.10.0.1 to the switch. One of the NICs on the host has the 192.168.1.70 which I shared its connection with the internal switch but I am not able to browse internet from the VMs. What can be missing? ThanksAllow Hyper-V VM attached to Internal Switch access internet and host folders
I have Created an internal switch and attached it to 4 VMs (for a lab setup) on a win2k19 hyper-V host. The hyper-V is in the my local home subnet 192.168.0.1. The 4 VMs are configured with following IPs and gateway. VM1 10.10.0.10 -DefaultGateway 10.10.0.1 VM2 10.10.0.11 -DefaultGateway 10.10.0.1 VM3 10.10.0.12 -DefaultGateway 10.10.0.1 VM4 10.10.0.13 -DefaultGateway 10.10.0.1 In the lab document, it is not indicated how/where to assign the 10.10.0..1 IP? When I check the vEthernet (Private Network), It has "DHCP" for IP and got my local DNS IP. Checking its status, I see DHCP Enabled: Yes Autoconfiguration IPv4 Address: 169.254.32.39 IPv4 Subnet Mask: 255.255.0.0 IPv4 Default Gateway: Not sure where this 169.254.... IP comes from? I tried assigning the IP 10.10.0.1 to this but it fails. In fact I need to allow VMs to access some host folders as well as internet to download some Microsoft tools. Thanks for your help
