Recent Discussions
Storage migration service operational log is empty
Hi I can not find logs for operational but only for debug and admin for Storagemigrationservice and storagemigrationservice-proxy. I justy disable and re-enable operational log from the gui and also from powershell but nothing change. There is some trick in the registry? I find the registration in C:\ProgramData\Microsoft\StorageMigrationService but there is a edb and their relative logs that are not txt format. I need to trace the duration of the past process because I need to sync the migration in scheduled manner0Views0likes0CommentsIssue with winlogon on Remote Desktop Services:
We are investigating intermittent session establishment failures on Windows Server 2019 servers used as CyberArk PSM / RDS hosts. At unspecified intervals, new privileged sessions fail to establish or are disconnected during the initial session/logon phase. The issue is intermittent and affects new sessions. Existing sessions may continue to work. The strongest and most consistent correlation identified so far is: Microsoft-Windows-TerminalServices-LocalSessionManager/Operational – Event ID 36 Application / Microsoft-Windows-Winlogon – Event ID 4005 We observed that TerminalServices-LocalSessionManager Event ID 36 can occur without a subsequent Winlogon Event ID 4005. However, every observed Winlogon Event ID 4005 is correlated with TerminalServices-LocalSessionManager Event ID 36 in the same incident window. This suggests that Event ID 36 is a consistent precursor or required condition for the Winlogon 4005 cases. Environment Operating system: Windows Server 2019 Role: CyberArk PSM / RDS session host Issue type: intermittent failure during new RDP/PSM session initialization Impact: affected users cannot establish privileged sessions or are disconnected during session startup Similar issue exists on previous windows server 2012 R2 and was fixed : August 16, 2016 – KB3179574 (During virtual channel management, a deadlock condition occurs that prevents the RDS service from accepting new connections.) https://support.microsoft.com/en-us/topic/august-2016-update-rollup-for-windows-8-1-and-windows-server-2012-r2-d472b5d5-4b3a-8e6e-c22a-f62fed604caf I'm looking forward for any ideas how to resolve this issue. Many thanks!!28Views0likes1CommentServer 2025 to server 2022 downgrade keys
Hello, We bought licenses with these part #'s MFR# P73-08495 and MFR# EP2-25187 which, according to searches on the internet, have downgrade rights. We need to get downgrade keys for server 2022 standard. Our reseller referred us to Microsoft for this. Could someone help? The activation portal does not give us an option to do this and a microsoft support agent told us to make a post here which seems weird to us. We don't know why they couldn't help us via the phone. Thanks23Views0likes1CommentWindows Server 2025 Failover Cluster Live Migration Issue
Hi Everyone, I am facing an issue in a Hyper-V Failover Cluster environment where Live Migration intermittently fails due to a service logon-related problem. The environment was previously working normally, but now whenever we attempt to Live Migrate a VM between cluster nodes, the migration fails unless we manually run “gpupdate /force” on the Hyper-V host first. After running gpupdate /force, the migration works temporarily, but the issue returns again during the next migration attempt. This makes it appear that some policy or permission is not being applied consistently on the cluster nodes. During troubleshooting, I attempted to add “NT VIRTUAL MACHINE\Virtual Machines” to the “Log on as a service” policy under Local Security Policy > Local Policies > User Rights Assignment. However, the account does not appear or resolve in the Object Picker when trying to add it manually. At this stage, I am trying to understand whether this is related to a domain GPO overwriting local policy settings, a Failover Cluster permission issue, or something specific to Hyper-V virtual machine accounts. Has anyone encountered a similar issue where Live Migration only works after running gpupdate /force? Also, is there a correct method to add “NT VIRTUAL MACHINE\Virtual Machines” to the “Log on as a service” policy, or should this permission already exist by default on Hyper-V hosts? Any guidance or recommendations would be greatly appreciated.25Views0likes1CommentSecure Boot update still pending on deadline day
After checking the registry keys on 2x VMs which run services for a number of important customers I found they both have: UEFICA2023Error 2147942750 Apparently this means they're pending a reboot. https://blog.mindcore.dk/2026/04/secure-boot-certificate-update-intune/ I can't reboot the VM inside working hours, can they be rebooted after the deadline or do I need to disable Secure Boot on the VMs? I'm concerned I'll have to disable Secure Boot before they're next rebooted for Windows updates.38Views0likes1CommentSave the date: Secure Boot Q&A in July
To help, Microsoft is continuing its Q&A series with several opportunities to connect directly with Microsoft experts. Whether you're managing physical servers, virtualized workloads, or working with your hardware partners on firmware readiness, you can get answers to the questions that matter most to your environment. Learn more and add the events to your calendar: 8:00 AM PDT July 1 - Windows Server Secure Boot AMA 8:00 AM PDT July 8 - Secure Boot Office Hours for virtualized environments 7:00 AM - 7:00 PM PDT July 15 - OEM Secure Boot Office Hours If there's a question that's been holding up your rollout—or one you simply want to validate before moving forward—this is a great opportunity to ask. Feel free to post questions ahead of time or join the conversation live. We look forward to seeing you there.108Views1like0CommentsEvent 4768 for one user
Hi all, We have two domain controllers running server 2019 with Domain Functional Level 2016. We have one user who has been with us for almost a year, and they were suddenly getting a message in the last week that username or password were incorrect even though we confimed they were not. They were able to initally switch to another user and re-enter their username and log in, but now it won't allow that. On the domain controller I see events for the user Audit Failure 4768 with Result Code 0x6. This result suggests the username doesn't exist which isn't true. The account isn't being locked. Has anyone seen this before and know what the issue might be? thanks jm43Views0likes1CommentWindows Crash During NVMe Over TCP Disk Disconnect
While evaluating the Windows NVMe Initiator, we have observed that disconnecting an NVMe disk frequently results in a Windows system crash. This occurs during the disconnect operation and appears to be reproducible in our test environment. Questions: Has anyone else encountered similar behavior? Are there any known issues related to NVMe/TCP disconnect handling? Are there recommended troubleshooting steps, logs, or diagnostics that we should collect to help identify the root cause? Any insights would be greatly appreciated.24Views0likes1CommentMultiple Namespace Detection in Windows NVMe Over TCP Initiator
We are evaluating the Windows NVMe Initiator and have observed an issue with namespace handling. Our NVMe subsystem contains multiple namespaces. When we connect to the subsystem over TCP and establish connections to all namespaces, they are all shown as connected under the controller. However, only one namespace (shared block device) is exposed and accessible within Windows. Based on our testing, it appears that the initiator may be mapping only the first namespace associated with a given Friendly Name. We were able to connect another subsystem, whose friendly name was different. Questions: Is support for multiple namespaces within a single subsystem currently available in the Windows NVMe Initiator? If so, are there any configuration requirements or known limitations related to namespace discovery and mapping? Is the initiator expected to expose all connected namespaces as separate disks within Windows? We would appreciate any guidance or clarification on the expected behavior.26Views0likes1CommentStatic IP Issue with Windows Server 2022
Hi Community, I installed my first Windows server to learn about the server and Active Directory. I installed Windows Server 2022. I configured a static IP and disabled IPv6. Then I installed Active Directory/DNS. After the reboot, the system is up, and I can access the internet and ping hosts. However, there is a world icon (No internet access) instead of a computer icon (internet access). In the static IP config, it replaced the DNS with 127.0.0.1, I know it'll use the local host as DNS. When I click on Network & Internet settings and Troubleshoot, I see an error 'DHCP is not enabled for "Ethernet"'. The only way it goes away is if I change the static to automatic. How can I fix this issue? Thanks, Also, I added forwarders such as 1.1.1.3 and 1.1.1.2 to DNS.108Views0likes2CommentsWAC vMode fails validating SMB
Hi Reviewing vMode and try add a Hyper-V 2025 (non hyperconverged) cluster with a FC SAN. Fails on Validating "SMB port accessibility". Have gone through firewall settings and opened all neccesary ports that i can find mentioned. Even tried without FW turned off without any success so hit the wall now. WAC vMode is installed on a vm running Win2025std and in same domain as the cluster (and hosts) i try to add. Probably some obvious thing i have missed so any suggestions?23Views0likes0CommentsCertificate Error Connecting to only to some of the Cluster's resources
Latest version of WAC, winrm configured to connect over HTTPS. No issues connecting to the servers that are members of the cluster, or clients and other servers in our AD. No issues connecting to the cluster Dashboard (I can see health, CPU usage, etc.) and some of the resources (such as Drives, Volumes, Servers). Configuration -> Settings or Security works fine. It's only when I go to some resources, such as virtual switches, GPU's or a handful of others that I get errors connecting to member servers; Specifically, the error will state that for each server: Connecting to remote server servername.local failed with the following error message : The server certificate on the destination computer (servername.local:5986) has the following errors: The SSL certificate contains a common name (CN) that does not match the hostname. The one oddity I see is that .local is being added to the end of the server name. Also, servername will not contain the domain extension, just the name. Here's what I've checked so far: DNS is correct for the member servers and the cluster, both with Host (A) and PTR entries, can be pinged and resolved. As far as I can tell the certificates are setup correctly, no issues connecting to the member servers individually, or the cluster at first. The AD entry for the cluster is in place with the correct permissions for the cluster's service account I've read that .local is appended if the server/cluster is not part of AD, but that's not the case. We have two additional clusters and this issue does not appear on them. I also have not been able to identify any obvious differences between the setup of the two fully functioning clusters and this one. In the Event Viewer on the WAC server, under Applications and Service Logs _> WindowsAdminCenter, I can see Error Entries ID 304 for each member server with a similar message as above: Unable to create PowerShell session on node, status: 400, error code:PSRemotingTransportException, error message:Connecting to remote server server.local failed with the following error message : The server certificate on the destination computer (server.local:5986) has the following errors: The SSL certificate contains a common name (CN) that does not match the hostname. For more information, see the about_Remote_Troubleshooting Help topic.. As a side note, opening a remote Powershell session to each member server via WAC works fine and by contrast, in the WAC Event viewer there will be corresponding Information entries list the server's FQDN. Here's an example Category: Microsoft.AspNetCore.Hosting.Diagnostics EventId: 2 SpanId: 50d2635d1f6eb737 TraceId: b8c8e1de80ac2f84f1230c5ec3305b38 ParentId: 3e0619ce2c5decca ConnectionId: 0HNMB39BE0AS7 RequestId: 0HNMB39BE0AS7:0000009F RequestPath: /api/PowerShell/nodes/serverFQDN/invokeCommand Request finished HTTP/2 POST https://WACserverFQDN:6601/api/PowerShell/nodes/serverFQDN/invokeCommand - 200 - application/json;+charset=utf-8 230.3283ms It seems that when it comes to accessing only some of the cluster's resources WAC no longer has the member servers FQDNs, and I'm not sure where to look for changing that. Anyway, any guidance would be appreciated.23Views0likes0CommentsOut of Band Cumulative Updates Question
I installed March 2026 Cumulative Update on a new server instead of April due to some RC4 changes to test something. I noticed that after the update installed in the event viewer it thinks the June 2026 update was installed. I don't see the June update under installed updates but shows up in update history. The build version of the server matches with the March 2026 update. Is this a weird side effect of installing a superceded update? I'm having trouble understanding what is going on.34Views0likes0CommentsKB5094128 ntoskrnl.exe version wrong?
For update KB5094128 The list of updated files contains an ntoskrnl.exe with file version 10.0.20348.5257 which in my opinion should be 10.0.20348.5256. https://go.microsoft.com/fwlink/?LinkId=2368532 We use scanning tools which rely on this list of updated files. But the installed file version is different and therefore our scanning tools report these installations as "vulnerable" After applying patch KB5094128 the version of \windows\system32\ntoskrnl.exe is 10.0.20348.5256 Does anybody know if the information in this .csv is wrong?2.2KViews2likes4CommentsWindows Server Datacenter: Azure Edition preview build 29602 now available in Azure
Hello Windows Server Insiders! We welcome you to try Windows Server vNext Datacenter: Azure Edition preview build 29602 in both Desktop experience and Core version on the Microsoft Server Operating Systems Preview offer in Azure. Azure Edition is optimized for operation in the Azure environment. For additional information, see Preview: Windows Server VNext Datacenter (Azure Edition) for Azure Automanage on Microsoft Docs. For more information about this build, see Announcing Windows Server vNext Preview Build 29602 | Microsoft Community Hub.Server flighting not being offered on 29595 on 3 VMs
Hi, I'm on not getting build 29602 offered as a flight through Windows update on any of my VMs and I can figure out why, it has not been offered in the last couple of builds. Is anyone else experiencing this or have any ideas of how to fix this? Optional diagnostics are on and they are connected to my account under insider setting in Windows update settings. I am just not getting offered the build flight. Thanks Kevin83Views2likes2CommentsAnnouncing Windows Server vNext Preview Build 29602
Hello Windows Server Insiders! Today we are pleased to release a new build of the next Windows Server Long-Term Servicing Channel (LTSC) Preview that contains both the Desktop Experience and Server Core installation options for Datacenter and Standard editions and Azure Edition (for VM evaluation only). Branding remains Windows Server 2025 in this preview - when reporting issues please refer to Windows Server vNext preview. Build 29531 established a new Server preview baseline build. Please perform a clean install of Build 29531 (or later) using the installation media linked below. Please note: Upgrades from Windows Server vNext preview builds older than 29531 are not supported. We encourage all Windows Server vNext preview users to perform a clean install using 29531 or later to successfully upgrade to future Windows Server vNext preview builds. While upgrades from earlier Windows Server previews (Build 26525 and older) are not technically blocked by setup.exe, a number of known issues have been identified related to upgrades necessitating the establishment of a new baseline build for our Server vNext Preview Program. The new baseline build (29531) will not be Flighted due to upgrade issues. Flighting support resumed with preview build 29550 or later. What's New Quick Machine Recovery available in Windows Server vNext Insider Previews. Quick machine recovery (QMR) is now available for Server vNext Insiders to test. This feature enables the recovery of Windows Server devices when they encounter boot critical errors that prevent them from booting. QMR can automatically search for cloud‑based remediations to recover from widespread boot failures significantly reducing the burden on IT administrators when multiple devices are impacted. This supports the goals of the Windows Resiliency Initiative by enabling applicable fixes to be delivered through trusted Windows Update to restore affected devices, helping reduce downtime and minimize manual recovery efforts across enterprise environments. This feature is currently enabled in the latest Server vNext Insider builds for customers to experience test mode. A Group Policy option to enable or disable the feature will be introduced in upcoming builds to provide additional administrative control. To simulate the quick machine recovery experience, use the following commands from an elevated command prompt: 1. Enable test mode: reagentc.exe /SetRecoveryTestmode 2. Configure Windows to boot to Windows Recovery Environment on the next boot: reagentc.exe /BootToRe 3. Reboot your device.The system goes through autoremediation of a simulated crash safely and reboots back to Windows Server. For more information, please review Quick machine recovery (QMR) and Windows Resiliency Initiative. When providing feedback using Feedback hub, please select QMR from the Recovery and Uninstall category in the app. NVMe-over-Fabrics (NVMe-oF) extends the NVMe protocol—originally designed for local PCIe-attached SSDs—across a network fabric. Instead of using legacy SCSI-based protocols such as iSCSI or Fibre Channel, NVMe-oF allows a host to communicate directly with remote NVMe controllers using the same NVMe command set used for local devices. In this Insider build, Windows Server supports: NVMe-oF over TCP (NVMe/TCP), allowing NVMe-oF to run over standard Ethernet networks without specialized hardware. NVMe-oF over RDMA (NVMe/RDMA), enabling low-latency, high-throughput NVMe access over RDMA-capable networks (for example, RoCE or iWARP) using supported RDMA NICs. For more information, please visit: Introducing the Windows NVMe-oF Initiator Preview in Windows Server Insiders Builds | Microsoft Community Hub ReFS Boot is enabled for Windows Server vNext preview builds. Known Limitations ReFS Boot systems create a minimum 2GB WinRE partition. When WinRE cannot be updated due to space constraints, the system may disable WinRE. Disabling WinRE does not remove the partition. If the WinRE partition is deleted and the boot volume is extended over it, this operation is unrecoverable without a clean install. For more information, please visit: Resilient File System (ReFS) overview | Microsoft Learn Feedback Hub app is available for Server Desktop users! The app should automatically update with the latest version, but if it does not, simply Check for updates in the app’s settings tab. Known Issues [NEW] A race condition in the TLS hybrid key exchange implementation may cause the LSASS service to crash when hybrid groups are negotiated by a TLS server. To avoid this issue until the fix is released, please disable hybrid groups (X25519_MLKEM768, SecP256r1_MLKEM768, SecP384r1_MLKEM1024) using TLS cmdlets or Group Policy, as outlined here. Server Core Upgrades and AppCompat FOD: Enabling AppCompat FOD after reinstall may fail due to legacy 3rd-party license compatibility issues on Server Core devices. Server Core users may be unable to install the latest AppCompat FOD after upgrading to build 29574. This appears to be limited to Server Core installations with 3rd-party application licenses that fail compatibility checks after upgrade. This will be addressed in a future build. Upgrading from older builds of Windows Server vNext previews (26525 or older) are not supported. Please perform a clean install of build 29531 or later. Users may experience failures when attempting to upgrade from earlier previews (build 26525 and older). VMs may fail to upgrade or start after upgrade from older preview builds impacting live migration and failover cluster scenarios. Download Windows Server Insider Preview (microsoft.com) Flighting: The label for this flight may incorrectly reference Windows 11. However, when selected, the package installed is the Windows Server vNext update. Please ignore the label and proceed with installing your flight. This issue will be addressed in a future release. Available Downloads Downloads to certain countries may not be available. See Microsoft suspends new sales in Russia - Microsoft On the Issues. Windows Server Long-Term Servicing Channel Preview in ISO format in 18 languages, and in VHDX format in English only. Windows Server Datacenter Azure Edition Preview in ISO and VHDX format, English only. Microsoft Server Languages and Optional Features Preview Keys: Keys are valid for preview builds only Server Standard: MFY9F-XBN2F-TYFMP-CCV49-RMYVH Datacenter: 2KNJJ-33Y9H-2GXGX-KMQWH-G6H67 Azure Edition does not accept a key. Symbols: Available on the public symbol server – see Using the Microsoft Symbol Server. Expiration: This Windows Server Preview will expire September 15, 2026. How to Download Registered Insiders may navigate directly to the Windows Server Insider Preview download page. If you have not yet registered as an Insider, see GETTING STARTED WITH SERVER on the Windows Insiders for Business portal. We value your feedback! The most important part of the release cycle is to hear what's working and what needs to be improved, so your feedback is extremely valued. Please use the new Feedback Hub app for Windows Server if you are running a Desktop version of Server. If you are using a Core edition, or if you are unable to use the Feedback Hub app, you can use your registered Windows 10 or Windows 11 Insider device and use the Feedback Hub application. In the app, choose the Windows Server category and then the appropriate subcategory for your feedback. In the title of the Feedback, please indicate the build number you are providing feedback on as shown below to ensure that your issue is attributed to the right version: [Server #####] Title of my feedback See Give Feedback on Windows Server via Feedback Hub for specifics. The Windows Server Insiders space on the Microsoft Tech Communities supports preview builds of the next version of Windows Server. Use the forum to collaborate, share and learn from experts. For versions that have been released to general availability in market, try the Windows Server for IT Pro forum or contact Support for Business. Diagnostic and Usage Information Microsoft collects this information over the internet to help keep Windows secure and up to date, troubleshoot problems, and make product improvements. Microsoft server operating systems can be configured to turn diagnostic data off, send Required diagnostic data, or send Optional diagnostic data. During previews, Microsoft asks that you change the default setting to Optional to provide the best automatic feedback and help us improve the final product. Administrators can change the level of information collection through Settings. For details, see http://aka.ms/winserverdata. Also see the Microsoft Privacy Statement. Terms of Use This is pre-release software - it is provided for use "as-is" and is not supported in production environments. Users are responsible for installing any updates that may be made available from Windows Update. All pre-release software made available to you via the Windows Server Insider program is governed by the Insider Terms of Use.SCCM- Upgrade from 2409 to 2509 WSUS timeout issue
Had a working task sequence on 2409 that performed software updates at the end of the task sequence. Upgraded to 2509 - I get a timeout issue when getting to that point on the task sequence. Ive performed maintenance on the WSUS Server, (obsolete, expired etc) I removed the Software Update Point - and re installed it selected the Products of Server 2016,2019, server operating system 21h2 , Windows 10 1903 or later and Windows 11. rebooted both the SCCM and SQL Server. after doing the above but the HRESULT 0x80244010 still persists. "Exceeded max server round trips" — client couldn't retrieve all updates in one cycle. Software centre updates in the OS seem to be unaffected or unknown if clients are affected, only in a task sequence this occurs. Blog posts refer to older items, what would cause this to fail after a upgrade from 2409 to 2509? AI help repeats about reducing metadata and updates but for weird reason i keep getting 700+ updates for the above categories!147Views0likes1Comment
Events
Recent Blogs
- We're pleased to announce the availability of the latest release for Windows Admin Center, version 2606! This update focuses on improving the overall reliability, accessibility, security, and user ...Jun 25, 20261KViews10likes4Comments
- Today, we’re excited to announce that DoH support for Windows DNS Server is generally available on Windows Server 2025 for client-to-server DNS traffic. When we first introduced DNS over HTTPS (DoH...Jun 11, 202610KViews4likes10Comments