Server 2025 Domain Join Error ASN.1
hallo we wanna join an appliance (cisco ISE) to our domain/forest and get an error. Domain Controllers was updated from Server 2022 to Server 2025 preview it was ok with the appliance in ad. With Server 2025 final we get this error: Test Name :Kerberos test obtaining join point TGT Description :Tests TGT Obtaining in joint point Instance :CCLOUD-AD Status :Failed Start Time :10:13:54 22.11.2024 MET End Time :10:13:54 22.11.2024 MET Duration :<1 sec Result and Remedy... Could not obtain TGT : ASN.1 failed call to system time library. Check Kerberos related AD configuration What we done in troubleshooting, yet: DNS Resoluion works. domain is resolvable NTP is ok and correct time from pdc and synced to all other DCs and Clients/Servers domain join user credentials and permission are correct We tested also with an Domain Admin User/Cred Container/OU and Computer Object Permissions/Owner rights are set to the join account. Delete and let the Appliance create a new Object did not work can anyone help with ideas?
Proactive private share #microsoft
Many comapanies is part of my job last two year. I desade to implement and create new public communty group at microsoft, with public share. Like universal patch insade giant org and partner companes ,microsoft deside lead postiton. Proacticve and future plan is constructed to grow on world network with client and our partners
Windows Boot Manager not updated
KB5025885 outlines how to update Windows Boot Manager, but build 26257 still has a Windows Boot Manager that is signed with the old "PCA 2011" certificate. The manual processes in KB5025885 are a real pain (and don't scale) so it would be very annoying if this is not fixed before RTM. https://support.microsoft.com/en-us/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d
Is Enforcing LDAP Signing enabled by default starting with Windows Server 2025?
When connecting to Windows Server 2025 (Preview) using LDAP simple bind, the server rejected the bind. 「The server requires binds to turn on integrity checking if SSL\TLS are not already active on the connection」was displayed as an error message. If you change the LDAP server signing requirement from the default value to disabled according to the page below, LDAP simple bind will succeed. https://learn.microsoft.com/ja-jp/troubleshoot/windows-server/active-directory/enable-ldap-signing-in-windows-server Is Enforcing LDAP Signing enabled by default starting with Windows Server 2025? If so, where is the announcement about enabling LDAP server signing requirements?Documentation on "Microsoft.OSConfig" PowerShell Module
Hi Server Insiders, is there any documentation available on the PowerShell Module "Microsoft.OSConfig"? OsConfiguration Module | Microsoft Learn does not help that much and also "Get-Help" is not that helpfull on most of the Commands. 🙂 Thanks! Best regards, Jan
Will Windows Server 2025 kernel be resilient to Croudstrike-like failures?
I know that Windows Server 2025 will soon be ready for GA, but I'm also thinking that last week's events happened still on time to do something from MS side in order for kernel of Windows Server 2025 to be more resilient to third party (or its own Defender) influence. Can Microsoft introduce something easy, like automatic last known good kernel configuration if BSOD is detected, which would automatically restart Windows without human intervention with the previous version of antivirus, and just signal in System Event Viewer, that last antivirus update had something crashing the system?
