Forum Widgets
Latest Discussions
Windows event collector (WEC) troubles
Hi all. I have really frustrating issue I can`t resolve. We have set up WEC, a long time ago... Now I upgraded in-place to server 2025 and it`s behaving really weird. Problem is this: I created new subscription and my PC was sending events just fine yesterday. I rebooted server and my PC, still all is fine. Turned off my PC, went to sleep, started working in the morning and NO logs from my machine in WEC. At all. Other PCs also randomy sending logs some yes some no. So I tested WinRM connectivity all fine. Error on my PC: The forwarder is having a problem communicating with subscription manager at address http://MYWECSERVER:5985/wsman/SubscriptionManager/WEC. Error code is 2150859263 and Error Message is <f:WSManFault xmlns:f="http://schemas.microsoft.com/wbem/wsman/1/wsmanfault" Code="2150859263" Machine="MYWECSERVER"><f:Message> <f:ProviderFault provider="Subscription Manager Provider" path="%systemroot%\system32\WsmSvc.dll"> <f:WSManFault xmlns:f="http://schemas.microsoft.com/wbem/wsman/1/wsmanfault" Code="2150859263" Machine="MYWECSERVER"> <f:Message>The event source of the push subscription is in disable or inactive on the Event controller server. </f:Message></f:WSManFault></f:ProviderFault></f:Message></f:WSManFault>. I have also some errors on WEC server: The Subscription DomainComputers could not be activated on target machine MY-PERSONAL-PC due to communication error. Error Code is 0. All retries have been performed before reaching this point and so the subscription will remain inactive on this target until subscription is resubmitted / reset. Additional fault message: eventsource is in either disable or inactive state OR The Subscription DomainComputers could not be activated on target machine MY-PERSONAL-PC due to communication error. Error Code is 20. All retries have been performed before reaching this point and so the subscription will remain inactive on this target until subscription is resubmitted / reset. Additional fault message: eventsource is in either disable or inactive state Also runtime status is like this: A lot of Active computers, mine is in yellow Inactive state... I have NO idea how to fix this, and why it works for some clients and not for others and most perplexing question, why it worked yesterday until sleep. Just like that WEC sets status to Inactive and then my PC sends logs and does not change status back to Active. Thanks for all suggestions!
Windows Server 2019 AD & DNS replication
Hello, I'm running into issues with AD & DNS replication on a recently joined server in our environment. Environment: Three writable DCs in separate sites: Server A (Site A) – Windows Server 2019, AD DS & DNS (healthy) Server B (Site B) – Windows Server 2019, AD DS & DNS (healthy) Server C (Site B, new) – Windows Server 2019, AD DS & DNS (failing) Issues Observed Inbound replication to Server C from Server A & Server B successfully propagates for both AD and DNS zone/record changes. Outbound replication from Server C to Server A & Server B fails for both AD and DNS zone/record changes. Server A logs Event ID 1311 (KCC). Server A & B logs Event ID 1925 when trying to establish the link to Server C. What I’ve Tried: Pointed each servers NIC's to a heathy DC with the correct suffix. I've checked any windows FW and network FW rules to make sure no blockages. Verified A+SRV records for both heathy DC's. Confirmed AD-Integrated zones on all 3 servers show correct ACLs and records. I've tried running repadmin → still errors. Tested RPC connectivity: TCP 135 open. Ensured subnets/site mappings are correct in Sites and Services. I've tried to seed a zone and record on the healthy servers in efforts of t/s. Any help would be greatly appreciated!
WiFi Computer-based authentication not working (WS 2019)
We are trying to do computer-based authentication for our endpoints locally (on-prem AD) and it is not working whatsoever. My CA and NPS are all on one server (WS 2019) and are setup correctly. - I deployed a certificate template (I duplicated Computer and gave read, enroll, and autoenroll to Desktop Computers) - I registered NPS with AD. - I setup RADIUS through my Unifi setup and NPS (including the APs) - I created a Connection Request Policy that checks to see if it is a wireless connection coming in. - I created a Network policy for Smart Card or other Certificate ensuring that the CA certificate is selected. - I created a Wireless policy for my endpoints and selected the CA as the option in the security settings (and as Computer authentication). When I go to connect to the SSID, it shows the Certificate details for issued to and issued by as the CA server, but it gives an error that it can't connect to the network.HyperV 12 on Windows 2025 ready for production?
Fighting with three HyperV servers in a failover cluster. I understand that now you have to use SET teaming and lbfo is no longer supported. I also understand that SET is still quite buggy. I have created three teams with two adapters in each of them, but it confuses me how they appear in "Network and internet > Ethernet" vs "Advanced Network setting. I have set the vEthernets to the static IPs that I need. But the way the NIC shows up seems random... Some of them shows the IP of the vEthenets and they are all set to DHCP Network seems very unstable if I use more than one NIC in a team. As far as I can google, I am not the only one having these issues. SET networking does not work stable if more than 1 NIC - correct? So if one needs an HA setup - how to handle NIC teaming correct? Can HyperV 12 on Windows 2025 be used in a prof. live setup? thx...Install RD Web Client on Windows Server 2022 – Complete Setup Guide
To access Remote Desktop only via the browser, install the Web Client package --- Step 1: Export the Self-Signed Certificate * Open **Run** → type `certlm.msc` * Navigate to **Personal** → **Certificates** * Select the certificate created for the **RD Connection Broker** * Export the certificate (e.g., to `C:\temp\abcde.cer`) --- Step 2: Install and Publish Web Client Package Open Windows PowerShell 5.1 and run: powershell Install-Module PowerShellGet -Force Install-Module RDWebClientManagement Import-Module RDWebClientManagement # Clean up any stale IIS locks Reset-IISServerManager -Confirm:$false Remove-Module IISAdministration -ErrorAction SilentlyContinue Import-Module RDWebClientManagement # Install the Web Client Install-RDWebClientPackage # Import the exported certificate Import-RDWebClientBrokerCert "C:\temp\abcde.cer" # Publish the Web Client for production Publish-RDWebClientPackage -Type Production -Latest --- Step 3: Access the Web Client Visit: https://<your-serverFQDN>/RDWeb/webclient/index.html If the page does not appear: Restart the **Default Web Site** in **IIS Manager**. Ensure the **webclient** folder is present under the IIS site directory. Check if the correct certificate is applied under **Bindings** in IIS. If want Beginning from Remote access deployment- use this link - Remote Access via HTTPS RDP Web Client on Windows Server 2022 - Installation Issue Solved . | Microsoft Community Hub
Workgroup Failover Cluster backup service account
Hello, We have built a workgroup Hyper-V cluster. Live migration works well when taking a node. But the only account that we can use is the one used at the cluster creation. I found some post about account creating the same user / password on both node and grant cluster full access. But this account gets access denied in the cluster manager. But I would like to have specific account for backup and also a nominative account for administration. I just read Orin Thomas post , but it did not help. Have someone ever be able to use a different local local account to manager a workgroup cluster ? Or to achieve this need, I must stick to AD registered servers. Thanks for any help. Jean MarieVirtualization-Based Security (VBS): Elevating Modern IT Protection
In the rapidly evolving world of cybersecurity, traditional approaches to protecting operating systems are being continuously challenged by increasingly sophisticated threats. Cyber attackers now target the very core of our computing environments, seeking privileged access that can bypass conventional defenses. In this context, Virtualization-Based Security (VBS) emerges as a transformative solution, leveraging hardware virtualization to create robust isolation for critical system processes. What Is Virtualization-Based Security? VBS is a security feature integrated into modern Windows operating systems. It utilizes hardware virtualization to establish a virtual secure mode—an isolated environment that runs sensitive security tasks, shielded from the main operating system. Even if malware compromises the OS, this isolated environment prevents unauthorized access to protected processes and data. At its foundation, VBS operates through a lightweight hypervisor, enforcing strict security boundaries. This architecture ensures that, even if an attacker gains administrative rights within the operating system, vital security assets remain inaccessible. Core Benefits of VBS Credential Protection With Credential Guard, VBS stores sensitive credentials—such as NTLM hashes and Kerberos tickets—in a secure container. This strategy effectively blocks tools like Mimikatz from extracting credentials, significantly reducing the risk of lateral movement attacks. Kernel-Level Code Integrity Hypervisor-Enforced Code Integrity (HVCI) ensures that only approved, digitally signed drivers and binaries can execute at the kernel level. This defends against rootkits and kernel-level malware. Zero-Day Exploit Mitigation By isolating mission-critical processes, VBS minimizes the attack surface and lessens the impact of previously unknown vulnerabilities. Secure Boot Synergy VBS complements Secure Boot, ensuring the device loads only trusted software at startup and preventing bootkits and early-stage malware. Enhanced Compliance and Assurance Organizations in regulated industries—such as finance and healthcare—benefit from VBS’s robust controls, which support regulatory compliance and increase stakeholder confidence in IT security measures. System Requirements for Deploying VBS To implement VBS, ensure the following prerequisites are met: Windows 10/11 Enterprise, Pro, or Education editions 64-bit architecture UEFI firmware with Secure Boot capability enabled Hardware virtualization support (Intel VT-x or AMD-V) TPM 2.0 (Trusted Platform Module) for Credential Guard functionality Adequate RAM (VBS may slightly increase memory consumption) Practical Applications: Challenges Addressed by VBS Enterprise Credential Protection: Prevents credential theft and lateral movement across networks. Driver Vulnerability Defense: Blocks unauthorized or malicious drivers from executing. Mitigating Insider Threats: Restricts access to sensitive processes, even for users with administrative rights. Combating Advanced Persistent Threats (APTs): Provides a hardened layer of defense that significantly complicates APT infiltration efforts. VBS: Transforming Security for IT Professionals and Organizations For IT Professionals: Stronger Security Posture: Defense-in-depth with minimal complexity Streamlined Compliance: Simplifies adherence to standards such as NIST, ISO 27001, and HIPAA Future-Ready Infrastructure: Lays the groundwork for secure hybrid and cloud environments For Businesses: Lowered Breach Risks: Reduces the likelihood and impact of data breaches or ransomware incidents Increased Trust: Demonstrates robust security practices to clients and business partners Business Continuity: Safeguards critical systems, ensuring operational resilience Conclusion Virtualization-Based Security represents more than just another operating system feature—it marks a paradigm shift in how organizations and IT professionals approach endpoint protection. By isolating and safeguarding the most sensitive components of the OS, VBS empowers businesses to stay ahead of evolving threats and secure their digital assets with confidence. Whether you are an IT administrator, a security architect, or a business leader, adopting VBS is a strategic decision that paves the way toward a safer, more resilient future in the Microsoft ecosystem.
Windows Server update keeps promptiing to install
Hi, We have a 2019 DC server that keeps prompting to install / restart windows update. I have done clicking the "install", "check for updates" and "restart" button multiple times already but everytime it comes back online, the update is still there. When I check the history it looks like this: Troubleshooting steps I did are: 1.) -Run windows update troubleshooter - couldn’t find any problem 2.) net stop wuauserv net stop cryptSvc net stop bits net stop msiserver ren C:\Windows\SoftwareDistribution SoftwareDistribution.old ren C:\Windows\System32\catroot2 catroot2.old net start wuauserv net start cryptSvc net start bits net start msiserver I am stuck and appreciate any help resolving this issue. Regards, MinaRemote Access via HTTPS RDP Web Client on Windows Server 2022 - Installation Issue Solved .
Step 1: Install Remote Desktop Services** * Install the **Remote Desktop Services** role using (note role and feature installation) * Choose **Quick Start** for the deployment type. * Select **RD Connection Broker** as the default server. * Choose **Session-based desktop deployment**. > *Note: If you need a virtual machine–based environment, ensure Hyper-V or another virtualization platform is installed on the server.* * The following roles will be installed automatically: * Remote Desktop Session Host * Remote Desktop Gateway * Remote Desktop Licensing * Remote Desktop Web Access --- Step 2: Configure Core RDS Components** Configure all the following roles on the **same server** (or on different servers if desired): * RD Connection Broker * RD Gateway * RD Licensing * RD Web Access Use a **domain user** account that has administrative privileges (Domain Administrator or Server Administrator group). --- Step 3: Configure Certificates** * Open **Server Manager** → **Remote Desktop Services** → **Deployment Overview**. * Click **Tasks** → **Edit Deployment Properties**. * Under **Certificates**, create a **self-signed certificate** and apply it to all roles: * RD Connection Broker * RD Gateway * RD Licensing * RD Web Access > Make sure all roles use the **same certificate**. --- Step 4: Configure RD Gateway Policies** * Go to **Tools** → **Remote Desktop Services** → **RD Gateway Manager**. * Create a policy for: * **User authentication** * **Network access** > Allow only ports **443** (HTTPS) and **3389** (RDP). --- Step 5: Configure Quick Session Collection** * If a collection is not created automatically, create one by: * Navigating to **Server Manager** → **Remote Desktop Services** → **Collections**. * Choose the same server and create a new **QuickSessionCollection**. * Under **RemoteApp Programs**, add and publish the desired programs. * Check accessibility by browsing to: `https://<your‑FQDN>/RDWeb/` --- Access via Web Only (Web Client Setup) -------------------------------------------------------------------- To access Remote Desktop only via the browser, install the **Web Client package**. --- **Step 1: Export the Self-Signed Certificate** * Open **Run** → type `certlm.msc` * Navigate to **Personal** → **Certificates** * Select the certificate created for the **RD Connection Broker** * Export the certificate (e.g., to `C:\temp\abcde.cer`) --- #### **Step 2: Install and Publish Web Client Package** Open **Windows PowerShell 5.1** and run: ```powershell Install-Module PowerShellGet -Force Install-Module RDWebClientManagement Import-Module RDWebClientManagement # Clean up any stale IIS locks Reset-IISServerManager -Confirm:$false Remove-Module IISAdministration -ErrorAction SilentlyContinue Import-Module RDWebClientManagement # Install the Web Client Install-RDWebClientPackage # Import the exported certificate Import-RDWebClientBrokerCert "C:\temp\abcde.cer" # Publish the Web Client for production Publish-RDWebClientPackage -Type Production -Latest ``` --- #### **Step 3: Access the Web Client** Visit: `https://<your-serverFQDN>/RDWeb/webclient/index.html` If the page does not appear: * Restart the **Default Web Site** in **IIS Manager**. * Ensure the **webclient** folder is present under the IIS site directory. * Check if the correct certificate is applied under **Bindings** in IIS.
