Forum Widgets
Latest Discussions
When using multiple monitors with Windows Server 2025, the screen flickers
Windows Server 2025, with a graphics card of NVIDIA 5070, and three monitors with different resolutions, all at 60Hz. There is a certain chance of flickering on the screen when using Server 2025. Especially when dragging windows, is there a solution? If I use Windows 11, everything is normal
Windows event collector (WEC) troubles
Hi all. I have really frustrating issue I can`t resolve. We have set up WEC, a long time ago... Now I upgraded in-place to server 2025 and it`s behaving really weird. Problem is this: I created new subscription and my PC was sending events just fine yesterday. I rebooted server and my PC, still all is fine. Turned off my PC, went to sleep, started working in the morning and NO logs from my machine in WEC. At all. Other PCs also randomy sending logs some yes some no. So I tested WinRM connectivity all fine. Error on my PC: The forwarder is having a problem communicating with subscription manager at address http://MYWECSERVER:5985/wsman/SubscriptionManager/WEC. Error code is 2150859263 and Error Message is <f:WSManFault xmlns:f="http://schemas.microsoft.com/wbem/wsman/1/wsmanfault" Code="2150859263" Machine="MYWECSERVER"><f:Message> <f:ProviderFault provider="Subscription Manager Provider" path="%systemroot%\system32\WsmSvc.dll"> <f:WSManFault xmlns:f="http://schemas.microsoft.com/wbem/wsman/1/wsmanfault" Code="2150859263" Machine="MYWECSERVER"> <f:Message>The event source of the push subscription is in disable or inactive on the Event controller server. </f:Message></f:WSManFault></f:ProviderFault></f:Message></f:WSManFault>. I have also some errors on WEC server: The Subscription DomainComputers could not be activated on target machine MY-PERSONAL-PC due to communication error. Error Code is 0. All retries have been performed before reaching this point and so the subscription will remain inactive on this target until subscription is resubmitted / reset. Additional fault message: eventsource is in either disable or inactive state OR The Subscription DomainComputers could not be activated on target machine MY-PERSONAL-PC due to communication error. Error Code is 20. All retries have been performed before reaching this point and so the subscription will remain inactive on this target until subscription is resubmitted / reset. Additional fault message: eventsource is in either disable or inactive state Also runtime status is like this: A lot of Active computers, mine is in yellow Inactive state... I have NO idea how to fix this, and why it works for some clients and not for others and most perplexing question, why it worked yesterday until sleep. Just like that WEC sets status to Inactive and then my PC sends logs and does not change status back to Active. Thanks for all suggestions!
WiFi Computer-based authentication not working (WS 2019)
We are trying to do computer-based authentication for our endpoints locally (on-prem AD) and it is not working whatsoever. My CA and NPS are all on one server (WS 2019) and are setup correctly. - I deployed a certificate template (I duplicated Computer and gave read, enroll, and autoenroll to Desktop Computers) - I registered NPS with AD. - I setup RADIUS through my Unifi setup and NPS (including the APs) - I created a Connection Request Policy that checks to see if it is a wireless connection coming in. - I created a Network policy for Smart Card or other Certificate ensuring that the CA certificate is selected. - I created a Wireless policy for my endpoints and selected the CA as the option in the security settings (and as Computer authentication). When I go to connect to the SSID, it shows the Certificate details for issued to and issued by as the CA server, but it gives an error that it can't connect to the network.Install RD Web Client on Windows Server 2022 – Complete Setup Guide
To access Remote Desktop only via the browser, install the Web Client package --- Step 1: Export the Self-Signed Certificate * Open **Run** → type `certlm.msc` * Navigate to **Personal** → **Certificates** * Select the certificate created for the **RD Connection Broker** * Export the certificate (e.g., to `C:\temp\abcde.cer`) --- Step 2: Install and Publish Web Client Package Open Windows PowerShell 5.1 and run: powershell Install-Module PowerShellGet -Force Install-Module RDWebClientManagement Import-Module RDWebClientManagement # Clean up any stale IIS locks Reset-IISServerManager -Confirm:$false Remove-Module IISAdministration -ErrorAction SilentlyContinue Import-Module RDWebClientManagement # Install the Web Client Install-RDWebClientPackage # Import the exported certificate Import-RDWebClientBrokerCert "C:\temp\abcde.cer" # Publish the Web Client for production Publish-RDWebClientPackage -Type Production -Latest --- Step 3: Access the Web Client Visit: https://<your-serverFQDN>/RDWeb/webclient/index.html If the page does not appear: Restart the **Default Web Site** in **IIS Manager**. Ensure the **webclient** folder is present under the IIS site directory. Check if the correct certificate is applied under **Bindings** in IIS. If want Beginning from Remote access deployment- use this link - Remote Access via HTTPS RDP Web Client on Windows Server 2022 - Installation Issue Solved . | Microsoft Community Hub
Workgroup Failover Cluster backup service account
Hello, We have built a workgroup Hyper-V cluster. Live migration works well when taking a node. But the only account that we can use is the one used at the cluster creation. I found some post about account creating the same user / password on both node and grant cluster full access. But this account gets access denied in the cluster manager. But I would like to have specific account for backup and also a nominative account for administration. I just read Orin Thomas post , but it did not help. Have someone ever be able to use a different local local account to manager a workgroup cluster ? Or to achieve this need, I must stick to AD registered servers. Thanks for any help. Jean MarieVirtualization-Based Security (VBS): Elevating Modern IT Protection
In the rapidly evolving world of cybersecurity, traditional approaches to protecting operating systems are being continuously challenged by increasingly sophisticated threats. Cyber attackers now target the very core of our computing environments, seeking privileged access that can bypass conventional defenses. In this context, Virtualization-Based Security (VBS) emerges as a transformative solution, leveraging hardware virtualization to create robust isolation for critical system processes. What Is Virtualization-Based Security? VBS is a security feature integrated into modern Windows operating systems. It utilizes hardware virtualization to establish a virtual secure mode—an isolated environment that runs sensitive security tasks, shielded from the main operating system. Even if malware compromises the OS, this isolated environment prevents unauthorized access to protected processes and data. At its foundation, VBS operates through a lightweight hypervisor, enforcing strict security boundaries. This architecture ensures that, even if an attacker gains administrative rights within the operating system, vital security assets remain inaccessible. Core Benefits of VBS Credential Protection With Credential Guard, VBS stores sensitive credentials—such as NTLM hashes and Kerberos tickets—in a secure container. This strategy effectively blocks tools like Mimikatz from extracting credentials, significantly reducing the risk of lateral movement attacks. Kernel-Level Code Integrity Hypervisor-Enforced Code Integrity (HVCI) ensures that only approved, digitally signed drivers and binaries can execute at the kernel level. This defends against rootkits and kernel-level malware. Zero-Day Exploit Mitigation By isolating mission-critical processes, VBS minimizes the attack surface and lessens the impact of previously unknown vulnerabilities. Secure Boot Synergy VBS complements Secure Boot, ensuring the device loads only trusted software at startup and preventing bootkits and early-stage malware. Enhanced Compliance and Assurance Organizations in regulated industries—such as finance and healthcare—benefit from VBS’s robust controls, which support regulatory compliance and increase stakeholder confidence in IT security measures. System Requirements for Deploying VBS To implement VBS, ensure the following prerequisites are met: Windows 10/11 Enterprise, Pro, or Education editions 64-bit architecture UEFI firmware with Secure Boot capability enabled Hardware virtualization support (Intel VT-x or AMD-V) TPM 2.0 (Trusted Platform Module) for Credential Guard functionality Adequate RAM (VBS may slightly increase memory consumption) Practical Applications: Challenges Addressed by VBS Enterprise Credential Protection: Prevents credential theft and lateral movement across networks. Driver Vulnerability Defense: Blocks unauthorized or malicious drivers from executing. Mitigating Insider Threats: Restricts access to sensitive processes, even for users with administrative rights. Combating Advanced Persistent Threats (APTs): Provides a hardened layer of defense that significantly complicates APT infiltration efforts. VBS: Transforming Security for IT Professionals and Organizations For IT Professionals: Stronger Security Posture: Defense-in-depth with minimal complexity Streamlined Compliance: Simplifies adherence to standards such as NIST, ISO 27001, and HIPAA Future-Ready Infrastructure: Lays the groundwork for secure hybrid and cloud environments For Businesses: Lowered Breach Risks: Reduces the likelihood and impact of data breaches or ransomware incidents Increased Trust: Demonstrates robust security practices to clients and business partners Business Continuity: Safeguards critical systems, ensuring operational resilience Conclusion Virtualization-Based Security represents more than just another operating system feature—it marks a paradigm shift in how organizations and IT professionals approach endpoint protection. By isolating and safeguarding the most sensitive components of the OS, VBS empowers businesses to stay ahead of evolving threats and secure their digital assets with confidence. Whether you are an IT administrator, a security architect, or a business leader, adopting VBS is a strategic decision that paves the way toward a safer, more resilient future in the Microsoft ecosystem.
Windows Server update keeps promptiing to install
Hi, We have a 2019 DC server that keeps prompting to install / restart windows update. I have done clicking the "install", "check for updates" and "restart" button multiple times already but everytime it comes back online, the update is still there. When I check the history it looks like this: Troubleshooting steps I did are: 1.) -Run windows update troubleshooter - couldn’t find any problem 2.) net stop wuauserv net stop cryptSvc net stop bits net stop msiserver ren C:\Windows\SoftwareDistribution SoftwareDistribution.old ren C:\Windows\System32\catroot2 catroot2.old net start wuauserv net start cryptSvc net start bits net start msiserver I am stuck and appreciate any help resolving this issue. Regards, MinaServer 2022, network drives and content searching
We have two drives with close to 1TB of data, The one drive has a specific folder where end users want to search for a file using content from the files. The files are generally .xls based files End users are 99% Windows 11 based and server is server 2022. Indexing on the server with content aware filtering has occurred and can find the files when searching for their names however not when searching content. This needs to happen using Windows Search in explorer. Data is unstructured, however structured in a folder system. (Year, month, etc) I have read that Windows Content Search is not supported on network drives, can this be confirmed? Any suggestions on a resolution would be appreciated.
HTTP.sys request logging
Hi, several services like Remote Access (Windows Server Reverse Proxy) or KDC Proxy do use HTTP.sys as engine to deliver their sites to the user. I am aware that there is an error log in "C:\Windows\System32\LogFiles\HTTPERR" but how do I enable a normal "request logging" like IIS does? I want to track every connection, its source ip address and other information in a log file but how can I do this?
