rss.livelink.threads-in-node

Domain users not able to logon with their password event though it has not been changed....

StoreThomas — Thu, 16 Apr 2026 10:04:06 GMT

Hi, we have this weird problem where some of the users suddenly can't login to their computer with the password they have used for almost 20 years (yes sorry, bad practise).

When the user reports it I check that I can logon to the computer with my own account (not 20 year old password) which works fine. I check the event log for problems both on the client and the DC and all I see is see which I can relate to the problem is event id 4625 with an error code which means bad password.

I check the AD account and see that pwdLastSet has a date in 2006 (not quite 20 years, but close) and I check that the account is not logged out or expired. Also make sure that the password never expires is enabled, so in my book these are all the checks needed and problem not solved.

I then change the password to the same password that the user has had for almost 20 years and problem solved, but problem source not found.

This has happend to 3-4 users within the last week or two, even a service user with domain admin permissions, only thing I pay note to that they have in common is the pwdLastSet in 2006, but I really can't seem to get my head around this being the issue. Also only other thing I can think of that has changed is that the old DC has been removed a few months ago, and a new 2025 DC has been introduced. promote/demote went without issues and this problem didn't surface before now several weeks after the DC change.

So if anyone has experienced something similar or perhaps can point me in a direction for further troubleshooting please let me know.

Thansk

Thomas

Announcing Log Monitor v2.2.0 Release Candidate

Bob_Sira — Wed, 15 Apr 2026 23:50:34 GMT

We are excited to announce the release candidate for Log Monitor v2.2.0, now available on GitHub: LogMonitor v2.2.0

Log Monitor is an open-source tool that enables Windows containers to surface logs from multiple sources, Event Log, ETW providers, and log files, directly to the container's stdout, making them visible to container orchestrators like Kubernetes and Azure Container Apps.

What's New in v2.2.0

Replaced Boost.JSON with nlohmann/json

The most significant change in this release is the replacement of the Boost.JSON library with nlohmann/json, a lightweight, header-only C++ JSON library. This change:

Removes the heavy Boost dependency, reducing build complexity
Simplifies the vcpkg dependency management
Maintains full backward compatibility with existing configuration files

New AKS + IIS Example

We've added a complete end-to-end example for running Log Monitor with IIS on Azure Kubernetes Service (AKS), including deployment manifests and step-by-step documentation. This makes it easier to get started with log monitoring in production Kubernetes environments.

Bug Fixes

This release also includes a number of important bug fixes to the configuration file parser:

eventFormatMultiLine now correctly defaults to true when not specified in the config
waitInSeconds for File log sources is now correctly parsed (previously always used the 300s default)
Optional channel level now correctly defaults to Error when omitted, instead of causing a parse failure
Invalid log sources in a config file are now skipped gracefully — valid sources in the same file continue to be processed
Fixed a path traversal vulnerability in the /Config command-line argument
Reduced unnecessary error log noise for ERROR_NOT_SUPPORTED cases

Upgrading from v2.1.x

Upgrading to v2.2.0 is a drop-in replacement — no changes to your configuration files are required. The config file format is identical to v2.1.x.

To upgrade:

Replace LogMonitor.exe with the v2.2.0 binary in your container image
Run your existing LogMonitorConfig.json as-is — no edits needed
Test your container to confirm logs are still flowing as expected

If you were building from source, see the updated build instructions below — the build system has changed and the output path is different from v2.1.x.

Building from Source

The build system has been updated from a standalone Visual Studio solution to a CMake + vcpkg workflow. A single script handles everything:

.\build.cmd

This will automatically:

Clone vcpkg into the repo root
Bootstrap vcpkg and install nlohmann-json (downloaded on first run)
Configure the project with CMake using Visual Studio 2022
Build LogMonitor.exe and LogMonitorTests.dll in Release configuration

Prerequisites: Visual Studio 2022 with the C++ workload and Git must be on your PATH. No other dependencies need to be installed manually.

Output locations

Artifact	Path
LogMonitor.exe	LogMonitor\build\Release\LogMonitor.exe
LogMonitorTests.dll	LogMonitor\build\Release\LogMonitorTests.dll

Note for upgraders: In v2.1.x the binary was placed at LogMonitor\x64\Release\LogMonitor.exe. If you have a Dockerfile or CI script that copies the binary by path, update it to the new location above.

Example Configuration

Here is a basic LogMonitorConfig.json that monitors Windows Event Log, an ETW provider, and a log file — covering the three source types Log Monitor supports:

{
  "LogConfig": {
    "sources": [
      {
        "type": "EventLog",
        "startAtOldestRecord": false,
        "eventFormatMultiLine": false,
        "channels": [
          { "name": "System", "level": "Error" },
          { "name": "Application", "level": "Warning" }
        ]
      },
      {
        "type": "File",
        "directory": "C:\\inetpub\\logs\\LogFiles",
        "filter": "*.log",
        "includeSubdirectories": true,
        "waitInSeconds": 5
      },
      {
        "type": "ETW",
        "eventFormatMultiLine": false,
        "providers": [
          {
            "providerName": "IIS: WWW Server",
            "providerGuid": "{3A2A4E84-4C21-4981-AE10-3FDA0D9B0F83}",
            "level": "5"
          }
        ]
      }
    ]
  }
}

This config is a great starting point. Drop it alongside LogMonitor.exe in your container image and adjust the channels, file paths, and ETW providers to match your application.

Improvements to CI/CD Pipelines

We've updated both the Azure DevOps and GitHub Actions SDL compliance pipelines to correctly install nlohmann/json via vcpkg before building, ensuring reliable builds across all CI environments.

Getting Started

You can download the release binaries in the repository.

To get started with Log Monitor, check out the documentation and the new IIS + AKS example.

Feedback

We'd love to hear from you! If you run into any issues or have suggestions, please open an issue on GitHub.

Phase 2 of Kerberos RC4 hardening begins with the April 2026 Windows security update

ChrisWright — Wed, 15 Apr 2026 18:42:48 GMT

Windows updates released in April 2026 and later begin the second deployment phase of protections designed to address a Kerberos information disclosure vulnerability (CVE‑2026‑20833). This second phase continues the shift away from legacy encryption types such as RC4 by moving toward stronger default ticket behavior. After installing the April 2026 update, domain controllers default to supporting Advanced Encryption Standard (AES‑SHA1) encrypted tickets for accounts that do not have an explicit Kerberos encryption type configuration.

If your organization relies on service accounts or applications that depend on RC4-based Kerberos service tickets, now is the time to address those dependencies to avoid authentication issues before the Enforcement phase begins in July 2026. Microsoft recommends continuing to monitor the System event log for Kerberos-related audit events and identify and address misconfigurations or remaining dependencies, then enabling enforcement when warning, blocking, or policy events are no longer logged.

See How to manage Kerberos KDC usage of RC4 for service account ticket issuance changes related to CVE-2026-20833 and CVE‑2026‑20833 to learn more about the vulnerability, timelines, recommended preparation steps, and configuration options to ensure compliance before Enforcement mode begins in July 2026.

2026-04 Update Breaks Domain Logins

EMR88 — Wed, 15 Apr 2026 04:37:18 GMT

I have an Active Directory domain that is old (from 2000!) that has been upgraded and moved to newer versions of Windows Server and Active Directory. I have domain controller VMs running Windows Server 2025 Standard Edition. Unfortunately they installed the latest 2026-04 patches which my have changed the Kerberos encryption from RC4 to AES. This has resulted in my not being able to log into any Active Directory domain accounts and the domain controllers themselves. I can only log into workstations using the local account.

Suffice to say this a nightmare. Any ideas how to fix it since I can't access the usual tools like Active Directory Users and Computers, Hyper-V won't connect to the VMs, etc. Thanks.

Procedures to raise the functional level of AD 2008 r2 to 2019

Marcelo327 — Tue, 14 Apr 2026 13:06:02 GMT

Hello everyone,

Our AD has the Windows Server 2008 functional level and the servers with Windows Server 2016 OS. I intend to raise the functional level to 2019 or 2025. I would like your help with tips and documentation to decide whether 2019 or 2025 would be best, what are the risks and procedures for successful migration. I have an isolated environment to carry out rehearsals and tests before actually going into production.

Virtual printer in windows server 2019 standard is not shown after configuration

AnaRuiz1 — Tue, 14 Apr 2026 08:55:18 GMT

Hello,

I am, trying to configure a virtual printer in a Windows server 2019 standard edition that is deployed in OCI cloud. This instance has windows server license included in the pricing. The problem comes when after ending the process of configuration this virtual printer is not displayed in "Devices and printers" any idea why is this happening?

Regards,

Ana

Networking in Windows Server 2025

Pearl-Angeles — Mon, 13 Apr 2026 18:58:53 GMT

Explore the latest networking capabilities in Windows Server 2025, including new announcements and enhancements across host management, physical network visibility, and virtual machine (VM) network management. This session will also provide an in-depth look at encrypted DNS, Windows Firewall improvements, along with what’s coming next!

This session is part of Windows Server Summit 2026. Questions can be posted in advance and throughout event week. Drop yours in the comments below.

How do I participate?

Select Add to calendar to save the date, then click the Attend button to save your spot, receive event reminders, and participate in the Q&A. (Don’t see the Attend button? Sign in to join the conversation!)

If you can’t make the live event, don’t worry. This session will be recorded and available on demand shortly after airing. Q&A with the product team will also remain open in the comments for the full week.

Error al agregar Windows Server 2025 a dominio existente, nivel funcional 2016

HugoPerez — Sat, 11 Apr 2026 19:23:48 GMT

Buenas a todos,

Me dirijo a esta comunidad en busca de orientación para resolver un problema que se me está presentando al intentar integrar un nuevo servidor con Windows Server 2025 Standard a mi infraestructura de Active Directory existente.

Descripción del entorno:

Dominio de Active Directory activo con Windows Server 2019 Standard.
Nivel funcional de dominio y bosque configurado en Windows Server 2016.
Controladores de dominio actuales: server-dc01.impresoratec y server-ad2019.impresoratec.
El nombre de dominio interno utilizado es impresoratec (nombre NetBIOS/dominio de etiqueta única, sin sufijo DNS completo tipo .local o .com).

Problema:

Al intentar agregar el nuevo servidor con Windows Server 2025 al dominio, el proceso falla y se presenta el siguiente mensaje de error:

"Es posible que el nombre de dominio "impresoratec" sea un nombre de dominio NetBIOS. Si este es el caso, compruebe que el nombre de dominio está registrado correctamente con WINS. [...] La consulta se refería al registro SRV para _ldap._tcp.dc._msdcs.impresoratec. La consulta identificó los siguientes controladores de dominio: server-dc01.impresoratec y server-ad2019.impresoratec. Sin embargo, no se pudo contactar con ningún controlador de dominio."

El mensaje sugiere que los registros de host (A) o (AAAA) pueden contener direcciones IP incorrectas o que los controladores de dominio no son accesibles desde el nuevo servidor.

Lo que he verificado hasta ahora:

Los controladores de dominio existentes están en línea y operativos.
La replicación entre los DCs actuales funciona con normalidad.
El nuevo servidor con 2025 tiene conectividad de red general, pero no logra localizar los DCs al momento de unirse al dominio.

Mi consulta:

¿Alguien ha experimentado este comportamiento al incorporar un servidor con Windows Server 2025 a un dominio con nivel funcional 2016 y un nombre de dominio de etiqueta única (single-label domain)? ¿Existe algún requisito previo adicional —como la actualización del esquema de AD, ajustes en DNS o en WINS— que deba cumplirse antes de agregar el nuevo DC?

Agradezco de antemano cualquier orientación o experiencia que puedan compartir.

Windows Admin Center - Couldn't configure PowerShell authentication error

shipwreck78 — Fri, 10 Apr 2026 17:27:41 GMT

We have a lab setup to test migrating VMWare VMs to Hyper-V. Everything was working fine, however today whenever we try and access the settings of a VM we get an error. We're going through Cluster Resources -> Virtual Machines -> VMName -> Settings. The error is:

Notification details

Error

Couldn't configure PowerShell authentication

1:25:15 PM

SourceGo to Virtual machines.

Type

Error

Message

Unable to configure either CredSSP or local PowerShell options. Error: RemoteException: You cannot call a method on a null-valued expression.

Now, the two Hyper-V hosts had been disconnected from the network for quite a while during some network upgrades and were only reconnected to the network this morning, having been disconnected for 56 days. domain health is fine. we're using an admin account. not really sure what the issue is.

Thanks

Side-by-side Upgrade: Server 2012 R2 Foundation to Server 2025 Essentials

V3N7UR4 — Thu, 09 Apr 2026 11:29:07 GMT

Hello everyone!

Is a side-by-side upgrade from Server 2012 R2 Foundation (DC) to Server 2025 Essentials (DC) allowed?

Is there a guide to follow?

Thank you in advance.

Configuring Compute in Windows Admin Center: Virtualization Mode

Davanna-White — Mon, 06 Apr 2026 15:35:02 GMT

We’ve been walking you through Virtualization Mode’s “Add resource” wizard step-by-step, first with a adventurous overview, then a no-nonsense networking walkthrough, followed by a shagadelic storage summary. We’re almost finished!

But our wizard would not be complete without the final member of our trio—Compute. Configuring Compute when onboarding Hyper-V (compute) systems to Windows Admin Center: Virtualization Mode (vMode) through the Add resource wizard is as simple as counting to four.

Compute configuration

On the Compute page, you’re configuring Hyper-V settings for your system. Doing this through vMode’s Add Resource wizard is especially beneficial when you’re adding multiple machines. Manually configuring all these settings yourself, on every machine you want to manage, is a recipe for inconsistency. Instead of worrying about whether a script ran correctly or triple-checking that you set the proper values on all machines, vMode takes care of that for you.

1: Removing non-essential features

If you’ve ever set up a Windows Server, you’re probably familiar with the Get-WindowsFeature PowerShell command. Microsoft provides a plethora of roles, role services, and features for configuring a server exactly the way you need it to run for your business needs.

And that’s awesome! But often, many of these features will go unused on your systems. Even without use, these features will still need to be patched and serviced, creating increased operational overhead. When you select this checkbox, vMode will go ahead and remove all features not required for running compute workloads and those not already installed on the system already.

Removing Windows Features that aren’t essential keeps the host OS leaner and reduces the system’s attack surface. It also lowers patching and servicing overhead over time, helping improve uptime and reduce operational cost.

2: Enable Enhanced Session Mode

Hyper-V Enhanced Session Mode lets you connect to a Windows VM through Virtual Machine Connection (VMConnect) using Remote Desktop Protocol (RDP), which enables a richer console experience than basic mode. Enabling it makes the VM window resizable and high-DPI aware and allows convenient host-to-VM integration—like shared clipboard, file copy/paste, and device redirection—so day-to-day admin tasks are faster and less error-prone.

This is another setting where manual configuration can cost you precious time. You have to configure this setting for both the system and the user. Forget to do one and you’ll spend hours trying to figure out where you went wrong (and might feel quite silly when you figure it out). Select this checkbox and we’ll just set these settings for you, possibly saving hours of frustrating debugging time.

3: Configure concurrent migrations

Enabling concurrent Live Migrations (often called “simultaneous live migrations”) lets Hyper-V move more than one running VM at a time, which is valuable when you need to drain a host quickly for patching, hardware maintenance, or cluster rebalancing. In well-provisioned environments, increasing concurrency can reduce the total time it takes to complete a batch of migrations and get hosts back into service—while still giving you a knob to tune so migration traffic doesn’t overwhelm CPU, storage, or network bandwidth.

In vMode, you can select 1, 2, 4, or no concurrent migrations. This is another case where we’re ensuring consistency in your setup by configuring multiple settings for you at once, saving you the pain of manual configuration.

4: Setting your default virtual machine path

The last setting we ask you to configure is your default virtual machine path. Historically, Hyper-V has set two different paths for your virtual machines and virtual hard disks—you can see this If you navigate into the tool today.

Having a different path for every VHD can make it challenging to find what you’re looking for. In vMode, we ask you for one path that is accessible for all machines you added in the beginning of the wizard, and we’ll use this same path for all machines. Even if the path doesn’t exist yet, we’ll create it for you as long as the drive letter exists and the path is valid. Your VHDs will appear in nested folders under this directory.

Your options for this are dependent on what you told us about on the “Storage” screen. If you added storage, it will appear in the dropdown menu. If you elected to use storage already provisioned for a cluster, the dropdown may be greyed out—this path should default to a location like %SystemDrive%\Virtual Machines or… Additionally, if you elected to use storage already provisioned for the system, and you added one or multiple standalone hosts on the “Getting started” screen, the dropdown menu will contain all local drives that appear on all the standalone systems. If one system doesn’t have a particular drive, it will not show up in the menu.

What happens next

After proving we can count and hit submit, vMode will configure Hyper-V settings on all systems based on your selections. We’ll install the following features on all Compute systems:

Hyper-V
Network ATC
Data Center Bridging (required for Network ATC)
Failover Clustering (required for Network ATC and used for HA Hyper-V)
AD RSAT PowerShell tools (required for storing VMs on file shares)
Multipath-IO (only installed if SAN storage was configured)

And uninstall everything else (while leaving features already installed outside of this wizard alone).

This song and dance will require a reboot, and we’ll do that for you. When dealing with existing clusters already running workloads, it can get a bit complicated. vMode will perform node drain and ensure seamless reboot of your cluster nodes.

Summary

On the Compute screen, vMode reduces the time you have to spend fiddling with Hyper-V settings by performing smart configurations for you, getting you up and running faster. The Add Resource wizard is designed to make your system onboarding experience as easy as possible, simplifying your networking, storage, and compute configuration. Public Preview 2 is dropping with the features we’ve discussed here and more very soon. Give vMode a try and leave us feedback at aka.ms/wacfeedback!

Thanks for reading,

Davanna White

package ssu and online windows update service

zoomzoom — Mon, 06 Apr 2026 00:33:35 GMT

Hi,

i've a new installation, i update online Windows server 2022. the windows update service install the last cumulative package.

I don't see previous ssu update installed package are mandatory because it's online update ?

Failover clustering: heart of the private cloud and datacenter

Pearl-Angeles — Wed, 01 Apr 2026 19:46:13 GMT

Failover clustering remains the foundation of resilient private cloud and datacenter infrastructure. Walk through the failover clustering roadmap and key investments coming in the next version of Windows Server. Learn about new and improved capabilities, such as enhanced update orchestration and admission control, which is designed to improve availability, predictability, and operational confidence at scale. We’ll also dive into how failover clustering continues to evolve to meet the real‑world needs of modern private cloud and private datacenter environments, informed directly by customer feedback and real-world experiences.

This session is part of Windows Server Summit 2026. Questions can be posted in advance and throughout event week. Drop yours in the comments below.

How do I participate?

Let’s talk storage: NVMe, ReFS, and what’s coming next

Pearl-Angeles — Wed, 01 Apr 2026 19:43:56 GMT

Take a closer look at how storage is evolving in Windows Server, from NVMe improvements to high‑level platform investments. Dive into the details of native NVMe support, NVMe‑OF direction, ReFS enhancements, and Storage Spaces and S2D improvements. We’ll walk through what’s available today in Windows Server 2025, highlight recent performance and resiliency enhancements, and share what’s coming next in future versions of Windows Server.

This session is part of Windows Server Summit 2026. Questions can be posted in advance and throughout event week. Drop yours in the comments below.

How do I participate?

Modernize AD for hybrid identity in Windows Server 2025

Pearl-Angeles — Wed, 01 Apr 2026 19:41:42 GMT

Active Directory is evolving to meet modern security and hybrid identity needs. Get a closer look at key updates in Windows Server 2025 including Microsoft Entra Source of Authority enhancements, new security features, and auditing mechanisms. Get tips on how to prepare your environment for an NTLM-less future. Learn how these changes help you modernize and operate Active Directory with greater control and visibility. Walk away with clear guidance on adopting Windows Server 2025 domain controllers in a hybrid world.

This session is part of Windows Server Summit 2026. Questions can be posted in advance and throughout event week. Drop yours in the comments below.

How do I participate?

Future-proofing PKI with AD CS in Windows Server 2025

Pearl-Angeles — Wed, 01 Apr 2026 19:39:45 GMT

As security requirements evolve and cryptographic standards advance, organizations must rethink how they manage and scale their Public Key Infrastructure (PKI). Join the Active Directory Certificate Services (AD CS) product team as we explore the capabilities and investments in Windows Server 2025. Explore key investments across security, including post-quantum cryptography readiness, as well as scalability enhancements, along with guidance to support modern enterprise deployments. Learn how to prepare your PKI for emerging threats and confidently plan your next steps with AD CS on Windows Server 2025.

This session is part of Windows Server Summit 2026. Questions can be posted in advance and throughout event week. Drop yours in the comments below.

How do I participate?

Azure Virtual Desktop deep dive for Windows Server admins

Pearl-Angeles — Mon, 13 Apr 2026 19:00:16 GMT

Azure Virtual Desktop continues to expand beyond the cloud to support hybrid deployment scenarios. Tour the latest Azure Virtual Desktop hybrid capabilities, including how Azure Virtual Desktop integrates with Azure Local to support on‑premises and hybrid desktop environments. Walk through recent enhancements, learn when hybrid Azure Virtual Desktop fits best, and gain an understanding of how these capabilities extend Azure Virtual Desktop to meet performance, locality, and operational requirements.

This session is part of Windows Server Summit 2026. Questions can be posted in advance and throughout event week. Drop yours in the comments below.

How do I participate?

This session has been changed from 60 minutes to 30 minutes so that we can add a session on Networking in Windows Server 2025.

Feedback time! Windows Server 2025 and vNext

Pearl-Angeles — Wed, 01 Apr 2026 19:35:27 GMT

This is your chance to be heard. Join us for an open feedback session focused on the current state of Windows Server 2025 and the roadmap for the next version of Windows Server (vNext). We’ll share a brief status update and look ahead at what’s coming, then open the floor for honest, constructive feedback. What’s working well today? Which features are frustrating? Where are the usability gaps? And what do you need most from a future version of Windows Server? This session is all about listening to you. Your insights help shape priorities, influence design decisions, and guide where we invest next. Don’t be shy—we’re eager to hear your perspectives and learn from your real‑world experience.

This session is part of Windows Server Summit 2026. Questions can be posted in advance and throughout event week. Drop yours in the comments below.

How do I participate?

Upgrade your Windows Server troubleshooting skills

Pearl-Angeles — Wed, 01 Apr 2026 19:32:52 GMT

Explore some of the most common Windows Server issues—and solutions—based on real‑world support cases. We’ll break down why these issues occur, what typically triggers them, how they surface in customer environments. More importantly, we'll share practical guidance and remediation tips to help you troubleshoot, resolve, and avoid these problems in your own environment.

This session is part of Windows Server Summit 2026. Questions can be posted in advance and throughout event week. Drop yours in the comments below.

How do I participate?

AI workloads on Windows Server

Pearl-Angeles — Wed, 01 Apr 2026 19:31:11 GMT

Azure delivers a robust foundation for AI workloads, complemented by modern Windows Server deployments that enable AI scenarios on‑premises. Find out what to look for when planning AI‑ready server hardware, and how to think about performance, security, and operational consistency as AI becomes part of your server strategy. Explore real‑world considerations for running AI workloads on‑premises. You’ll come away with a clearer understanding of how to plan, deploy, and operate Windows Server for today’s AI scenarios and how to prepare for what's next.

This session is part of Windows Server Summit 2026. Questions can be posted in advance and throughout event week. Drop yours in the comments below.