Network connectivity test TCP Connection results unreliable
My team has spent the last 2 business days trying to get the https://connectivity.office.com/ TCP connection test to complete successfully to appease the Microsoft Unified Support Team. They don't want to take our MS Teams crash diags until they see SSL Interception Detection and TCP connection tests passing successfully. We can't get TCP connection tests to pass, we get one of the following: Success Attempt #1 Success, Attempt #2 Failure Any number of errors to unblock URLs such as (but not limited to) ocsp.digicert.com,ocspx.digicert.com,ocsp.omniroot.com,su.symcb.com,sr.symcb.com,sd.symcb.com,s1.symcb.com,sa.symcb.com We figured it was something with the corporate network but that's not the case. Last night we had about 50 employees try this test from their home (personal) computers that have no connection to our corporation. The TCP Connection test fails on home (consumer) PCs. What's the story with this TCP Connection check?
List with FQDNs and IPs for updates via proxy
Good day, I am sorry if its the wrong subspace. I have a couple of Windows servers above or equal server 2016 that do download updates directly from the internet via a proxy. I can not find a website by MS that lists all needed IPs and ports that are to be opened on the proxy to do that successfully. Since a month ago, it failed and we think the reason is that some more requirements we were not aware of were added. Best Regards
NPS fails to generate logs
I have a new 2025 domain and am setting up 802.1X to allow access to users/computers using certificate based authentication. I have a CA installed on a new 2025 member server and configured that role and also have Group Policies deployed to enroll users/computers with the certificate needed to connect internal WiFi/wired networks. I've verified clients are receiving all needed certs and the root cert. I have installed NPS (same server has CA), registered to AD, added Radius clients and configured policies. Everything looks good except...nothing works. Clients are not receiving authentication responses (just timeouts) and there are no logs being generated. Also, there are no relevant entries in the Windows Event Logs. I enabled auditing via the cmd line and verified it is enabled. I've also forced auditing via Group Policy. I've verified the NPS log location and have even tried moving it to other folders to see if it was a permission issue. I'm out of ideas. What else can I try?
Server 2025 - unable to Open shared files and webpages on another 2025 Server
I have three or 4 2025 virtual servers on our domain penciled in to replace some older servers. All the servers have file and storage roles and one is an IIS server as well. If i try and open a shared file from any 2025 server the windows users name and password pop up opens and you cannot get past it. If trying to open a IIS site from a 2025 server you cannot either. From any other older server or client the share and the webpages are accessible and work as expected. I obviously need this to work as these servers are part of an ERP Environment and need to have access to each other. I've Searched the web and tried some of the suggestions but nothing so far has worked. DNS has passed, pings have passed, Using IP brings the same issues. Help
DCs not replicating across VPN
I am at a loss here. I have looked at every CMD option I can find, verified DNS and cannot get my DCs replicating across the VPN. I don't understand how I was able to join the domain but now the connectivity is a problem. So here is my setup: 2 DCs in Site (my building) 2 DCs in Datacenter connected by IPSec VPN I can ping the IP, the DNS name, the short name, and the domain from all DCs regardless of location. I have verified on each DNS server that the name servers are correct and resolved. I have run nltest, dcdiag, syncall, repadmin, etc. The only error that keeps showing up in most commands is 1722 network error. RPC unavailable. Topology incomplete. One oddity that I found was that on the DCs in the datacenter Sites and Services was missing one of the local DCs. I added it manually but there are no NTDS Settings for it. I have flushed DNS, reregistered DNS, restarted the servers. All Windows firewalls are set to ANY ANY for domain services. My WAN firewalls are ANY ANY between the sites I have no idea what to look for next. Please if anyone has ideas let me know. Also I have already build new servers multiple times and this keeps happening.
DNS and host domain
I configured a Windows 2019 server with DNS service. The domain is contoso.com. The contoso.com domain is outside the local network. I entered the IP of the external domain and deleted the IPs of the Windows server and the replica server. After a few minutes, the server created two host domains again with the IPs of the DNS servers. How do I prevent it from setting the DNS servers as the host domain?
Active Directory Unable to reset user passwords
I am managing a Windows Server 2025 Active Directory environment with client machines. I created a test user and enabled the option “User must change password at next logon.” I then provided a temporary password to the user, expecting them to get the prompt to change it on first login. However, when the user attempts to change the password, they receive the error: “The user must change password before signing in.” My goal is that when I provide a temporary password to a user: They get the prompt to change the password at next logon. When they change it, it should not throw the “user must change password before signing in” error. I need guidance on how to achieve this so users can reset their passwords successfully.
