Active Directory Unable to reset user passwords
I am managing a Windows Server 2025 Active Directory environment with client machines. I created a test user and enabled the option “User must change password at next logon.” I then provided a temporary password to the user, expecting them to get the prompt to change it on first login. However, when the user attempts to change the password, they receive the error: “The user must change password before signing in.” My goal is that when I provide a temporary password to a user: They get the prompt to change the password at next logon. When they change it, it should not throw the “user must change password before signing in” error. I need guidance on how to achieve this so users can reset their passwords successfully.
NPS fails to generate logs
I have a new 2025 domain and am setting up 802.1X to allow access to users/computers using certificate based authentication. I have a CA installed on a new 2025 member server and configured that role and also have Group Policies deployed to enroll users/computers with the certificate needed to connect internal WiFi/wired networks. I've verified clients are receiving all needed certs and the root cert. I have installed NPS (same server has CA), registered to AD, added Radius clients and configured policies. Everything looks good except...nothing works. Clients are not receiving authentication responses (just timeouts) and there are no logs being generated. Also, there are no relevant entries in the Windows Event Logs. I enabled auditing via the cmd line and verified it is enabled. I've also forced auditing via Group Policy. I've verified the NPS log location and have even tried moving it to other folders to see if it was a permission issue. I'm out of ideas. What else can I try?
Server 2025 - unable to Open shared files and webpages on another 2025 Server
I have three or 4 2025 virtual servers on our domain penciled in to replace some older servers. All the servers have file and storage roles and one is an IIS server as well. If i try and open a shared file from any 2025 server the windows users name and password pop up opens and you cannot get past it. If trying to open a IIS site from a 2025 server you cannot either. From any other older server or client the share and the webpages are accessible and work as expected. I obviously need this to work as these servers are part of an ERP Environment and need to have access to each other. I've Searched the web and tried some of the suggestions but nothing so far has worked. DNS has passed, pings have passed, Using IP brings the same issues. Help
The TLS connection request has failed.
We are in the process of configuring a new SharePoint 2016 on-premises Farm using Azure VMs. The App and WFE run on Windows 2019 R2. The SQL DB is Windows 2022 running in CM 110. All DataCenter editions The farm is not completely configured and is not having traffic yet. I am seeing the following event (id 36874) in our Event Viewer An TLS 1.2 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed. The servers were setup by another team so I'm not sure on what all they did to prepare them and I am not a Sysadmin by training or experience, but I can try and answer questions you may have. Could there be something missing in the setup of these servers that will prepare them for TLS communication? Is this an issue with having different ciphers available to each server due to different OS and not being able to agree on one? I verified that there are ciphers available on the DB that are in common with the ones on our SP Servers, which are in the same order on each server and should be usable. This is why I'm wondering if TLS has to be eabled or tuned on in some way when newly installing these or perhaps I'm missing something? THese are normal messages? Thank you!Virtualization-Based Security (VBS): Elevating Modern IT Protection
In the rapidly evolving world of cybersecurity, traditional approaches to protecting operating systems are being continuously challenged by increasingly sophisticated threats. Cyber attackers now target the very core of our computing environments, seeking privileged access that can bypass conventional defenses. In this context, Virtualization-Based Security (VBS) emerges as a transformative solution, leveraging hardware virtualization to create robust isolation for critical system processes. What Is Virtualization-Based Security? VBS is a security feature integrated into modern Windows operating systems. It utilizes hardware virtualization to establish a virtual secure mode—an isolated environment that runs sensitive security tasks, shielded from the main operating system. Even if malware compromises the OS, this isolated environment prevents unauthorized access to protected processes and data. At its foundation, VBS operates through a lightweight hypervisor, enforcing strict security boundaries. This architecture ensures that, even if an attacker gains administrative rights within the operating system, vital security assets remain inaccessible. Core Benefits of VBS Credential Protection With Credential Guard, VBS stores sensitive credentials—such as NTLM hashes and Kerberos tickets—in a secure container. This strategy effectively blocks tools like Mimikatz from extracting credentials, significantly reducing the risk of lateral movement attacks. Kernel-Level Code Integrity Hypervisor-Enforced Code Integrity (HVCI) ensures that only approved, digitally signed drivers and binaries can execute at the kernel level. This defends against rootkits and kernel-level malware. Zero-Day Exploit Mitigation By isolating mission-critical processes, VBS minimizes the attack surface and lessens the impact of previously unknown vulnerabilities. Secure Boot Synergy VBS complements Secure Boot, ensuring the device loads only trusted software at startup and preventing bootkits and early-stage malware. Enhanced Compliance and Assurance Organizations in regulated industries—such as finance and healthcare—benefit from VBS’s robust controls, which support regulatory compliance and increase stakeholder confidence in IT security measures. System Requirements for Deploying VBS To implement VBS, ensure the following prerequisites are met: Windows 10/11 Enterprise, Pro, or Education editions 64-bit architecture UEFI firmware with Secure Boot capability enabled Hardware virtualization support (Intel VT-x or AMD-V) TPM 2.0 (Trusted Platform Module) for Credential Guard functionality Adequate RAM (VBS may slightly increase memory consumption) Practical Applications: Challenges Addressed by VBS Enterprise Credential Protection: Prevents credential theft and lateral movement across networks. Driver Vulnerability Defense: Blocks unauthorized or malicious drivers from executing. Mitigating Insider Threats: Restricts access to sensitive processes, even for users with administrative rights. Combating Advanced Persistent Threats (APTs): Provides a hardened layer of defense that significantly complicates APT infiltration efforts. VBS: Transforming Security for IT Professionals and Organizations For IT Professionals: Stronger Security Posture: Defense-in-depth with minimal complexity Streamlined Compliance: Simplifies adherence to standards such as NIST, ISO 27001, and HIPAA Future-Ready Infrastructure: Lays the groundwork for secure hybrid and cloud environments For Businesses: Lowered Breach Risks: Reduces the likelihood and impact of data breaches or ransomware incidents Increased Trust: Demonstrates robust security practices to clients and business partners Business Continuity: Safeguards critical systems, ensuring operational resilience Conclusion Virtualization-Based Security represents more than just another operating system feature—it marks a paradigm shift in how organizations and IT professionals approach endpoint protection. By isolating and safeguarding the most sensitive components of the OS, VBS empowers businesses to stay ahead of evolving threats and secure their digital assets with confidence. Whether you are an IT administrator, a security architect, or a business leader, adopting VBS is a strategic decision that paves the way toward a safer, more resilient future in the Microsoft ecosystem.
RDP black screen
Hello everyone, On several Windows server 2022 ,up to date, attached to a domain, when domain users initiate an RDP connection they end up with a black screen and mouse cursor only. I don't have this problem with local machine administrator accounts. The problem only occurs on Windows server 2022, not on 2019. On the server, the user who initiated the connection has only 4 processes, and they're always the same: In the server logs, we can see that several processes have been blocked by SRP: The problem is that I haven't defined anything like that... I don't encounter this problem with local administrators on the machine. What's more, it happens randomly. I can have the problem for several days and then nothing for several weeks. Does anyone have any idea what it could be? Have you encountered this problem before? Thank you in advance for your help. MatthieuHTTP.sys request logging
Hi, several services like Remote Access (Windows Server Reverse Proxy) or KDC Proxy do use HTTP.sys as engine to deliver their sites to the user. I am aware that there is an error log in "C:\Windows\System32\LogFiles\HTTPERR" but how do I enable a normal "request logging" like IIS does? I want to track every connection, its source ip address and other information in a log file but how can I do this?
Windows Server 365 Edition
Windows Server 365 Edition (working title) This is a new product idea for Microsoft for a specialized version of Windows Server that is tightly integrated with MS365/Azure and geared towards small - medium sized businesses and MSP's. As an admin that works in the MSP space the need comes from supporting clients that are basically cloud managed but still have a need for on-premise servers to support local network applications (think QB SQL Server) locally. The central ideal behind this edition is ditching active directory for EntraID and reworking core services around this. Benefits No such thing as local accounts, you log in with your work account and can take advantage of MFA, Conditional Access etc. Rework Admin Center so you can manage MS365 and the local server seamlessly. Still provide services like DHCP, DNS, Group Policies Group Policy would be redesigned to abstract policies to Intune for deployment File Shares and Security permissions would be tightly integrated with EntraID users and security groups... Having this work with WinClient would be helpful too. For On-prem applications that integrate with AD for ACL (SQL Server) either provide a service that abstracts EntraID to a virtual DC. OR better yet provide API's for applications to integrate with EntraID or proxied via a service on the server. OneDrive Server edition to Sync SharePoint Document Library, Aure File Shares etc. that can be shared locally on the network and additional act as a cached proxy for OneDrive on WinClient machines to optimize WAN usage. Imagine your ISP has an extended outage, but you still have access to everything locally and very fast. PowerShell would come pre-packaged and logged into Azure to make our lives that much easier. Certificate Services would integrate with Intune's Premium addons and extend that use case.. think device authentication for AP's and Switches. Radius server would become that much more useful if it worked with EntraID. These are some of the ideas I can think of, but I'm sure there is a lot more that could enhance our use of a solution like this.
