Forum Widgets
Latest Discussions
BitLocker Network Unlock Question
I set up network unlock for two servers in our network as a test for a future deployment of BitLocker. Both HP's. One is a DL 360 Gen9 server with aftermarket TPM, the other is a DL360 Gen11 with onboard/HP TPM. Configured first NIC on both boxes for DHCP. Just to test things, I unplugged NIC1 but kept NIC2 plugged in on the Gen11 server and rebooted. It prompted for a PIN on boot up (expected behavior). Did the same test on the Gen9 server and it boots straight into the OS (unexpected behavior). As a further test, I kept NIC1 unplugged and then unplugged NIC2, rebooted and got prompted for a PIN (as expected since box was completely off network). Does anyone have any ideas why this is happening? Could it have something to do with the aftermarket TPM? From what I've read network unlock requires the first NIC to be DHCP so it can communicate with the WDS server and allow network unlock to work. Could it be something with the NIC's on the Gen9 server? I'm at a loss to explain this behavior. Hoping someone may have some insight. TIA
Windows Activation Error 0x80072F8F
Hi, I'm getting the below error code 0x80072F8F when trying to activate the windows (Windows server 2008 R2). Though i tried the following methods to resolve the issue unfortunately issue remains the same Method 1: I checked the date, time, year in BIOS and on windows as well and they were accurate. I also set the date or year back and restarted the system (set date one year back, reboot, set actual date, reboot, activate) but no luck Method 2: Changed the media boot install registry key from 1 to 0 Kindly let me know if there is any workaround to activate windows other than the above mentioned methods. Thanks in advance
Server 2025 not accepting Ricoh scans
The scanner has stopped scanning to their server since I upgraded the server OS from Windows Server 2022 to 2025. • Installed the Ricoh drivers for both the scanner and printer (from Ricoh’s web site) • Created a new simple share/filepath for the scanner to send to (\\SERVER2022\Scans) • Used IP address (10.1.10.2) instead of server name in file (UNC) path • Entered admin credentials with or without server name (it is a workgroup server, not a DC) • Created another user and tried all above with that new admin • With either server share and/or user, tried different permissions on the shared folder • Tried disabling/enabling inherited permissions on the shared folder • Disabled the Advanced Firewall entirely for testing – no change either way • Double checked incoming ports/programs on the firewall – all required were open • Activated SMB1 on server, tried with or without SMB2/SMB3 disabled • I was able to create a share on two other computers; one running Windows 10 and one running Windows 11. They both worked.
Windows Server 2025 24H4 is not useable anymore after Nov. Update KB5068861
Hello, currently, on several Windows Server 2025 Datacenter systems, version 24H2, I am experiencing severe issues accessing network resources after the automatic installation of update KB5068861. This affects network access from Windows Server 2025 24H2 to Windows Server 2025 24H2. Access from these servers to older Windows Server 2016 systems works without any problems. When entering a UNC path—whether by name or by IP—I am always prompted for my credentials, even as a domain administrator. No matter which credentials I enter, I always receive the message that the username or password is incorrect. Under “Change advanced sharing settings,” the two switches “Network discovery” and “File and printer sharing” are set to OFF in the domain network after the update. Re-enabling these two options, which are normally enabled by default, does not improve the situation. Since this patch, I also have an issue on a Windows Server 2025 RDS host where a logged-in user cannot type in the “Search” field. Additionally, the performance on the RDS host feels extremely sluggish. Unfortunately, uninstalling the patch is not possible. The patch KB5067036 is not installed. I have already performed a restore to the day before KB5068861 was installed, but without the desired improvement in performance. Even after the restore, I still cannot access the network via UNC through File Explorer as a user. In the search window, I can access via UNC path. As an administrator, access via UNC path works both in File Explorer and in the “Search” field. Everything worked fine before 11/11/2025. Has anyone had similar experiences or already found a solution? Is a patch for the patch planned? Currently, troubleshooting feels like groping in the dark! In this state, the 24H2 server is no longer usable. What was Microsoft even thinking, releasing such faulty patches—and for weeks now? Is there still any quality control at Microsoft for such critical updates and patches? Thanks for every support, idea, and comment.
Cache drive reconfiguration in Server 2025 Storage Spaces Direct cluster
We have a three node S2D cluster running Server 2025, with the storage in a 3 way mirror, running Hyper-V VMs. Each node has 4 x NVMe drives that are currently being used as cache drives, but which are connected to a RAID controller (in HBA mode), so in the S2D configuration they appear as SSD drives rather than NVMe drives. We've purchased the required cables and drive bays to be able to reconfigure the NVMe drives so that they're attached directly to the PCIe bus, so they'll show up as NVMe drives and hopefully give us a performance boost, so I'm just trying to plan the reconfiguration. I was hoping it would be a relatively simple process of shutting everything down, reconfiguring the storage and bringing everything back online, but ChatGPT suggests things won't be that easy and that a complete reconfiguration of the storage would be required. So in a nutshell, can the cache drives be reconfigured without a complete rebuild of the S2D storage ? Cheers, RobIssues with Group Policy Update (gpupdate)
I am getting an error when I attempt to perform a gpupdate /force on workstations. I have checked the health of the DC's and find no issues. I am going to include a screenshot of the error - hoping someone can guide me as on how to resolve. The system will say to reboot but the policy never seems to run just keeps prompting for reboot.
Beyond RC4 for Windows authentication - Question regarding KB5073381
In KB5021131 MS recommends setting the value for DefaultDomainSupportedEncTypes to 0x38, in the new KB 5073381 it's 0x18. This removes the setting that forces "AES Session Keys" which should be fine if Kerberos Tickets can only use AES Encryption. But what about accounts that have RC4 enabled in their msds-supportedEncryptionTypes attribute? They could still use RC4 for Kerberos ticket encryption and would then also fallback to RC4 session ticket encryption. As far as I believe the DefaultDomainSupportedEncTypes was explicitly introduced to avoid this scenario. Or is there now some hard-coded mechanism that always ensures that Session Keys are AES encrypted?Lots of DNS Server events 5504 on AD DNS server from Cloudflare etc
Hi! I'm getting about 18 events with id 5504 while trying to resolve some DNS names, like fullfiles.xyz. The DNS server is configured to use provider DNS and root hints. I can suppress these messages by disabling root hints or by disabling EDNS0 with dnscmd /config /enablednsprobes 0. I tried to use packet capture on the DC and on the router, and analyzed the results with AI, which answered: "You receive malformed patterns on the WAN interface." Can anybody explain the cause of this problem? Any ideas to fix it? Thanks!Migrating from VMware to Hyper-v
Hi, I've recently deployed a new 3x node Hyper-v cluster running Windows Server 2025. I have an existing VMware cluster running exsi 7.x. What tools or approach have you guys used to migrate from VMware to Hyper-v? I can see there are many 3rd party tools available, and now the Windows Admin Center appears to also support this. Having never done this before (vmware to hyper-v) I'm not sure what the best method is, does anyone here have any experience and recommendations pls?Configuring WAC on standalone management desktop
I'm trying to configure WAC on a standalone notebook to be used as management station for different customer installation. After installing WAC on the notebook I've followed, I think, all the required steps to configure the connection between my computer to one customer's node. I've configured Winrm on my computer and on the customer node. I've generated a self-signed cert on the node with the CN set as the FQDN used to connect from the WAC. I've imported the cert on the trusted root cert on the WAC computer. I've checked the connectivity with the Test-WsMan from the wac to the server and it works. However from the WAC console the connection to the node fails with the "ssl connection " error. Has anyone been able to configure it in such way ? thanks
