Forum Widgets
Latest Discussions
Why can't the server generate a report about deleting folders and files?
Hello, I enabled Audit Policy through the following method: Open the Local Group Policy Editor (gpedit.msc). Navigate to Windows Settings -> Security Settings -> Advanced Audit Policy Configuration -> Object Access. Open the Audit File System policy and check "Success". Update Group Policy Settings: Run the command "gpupdate /force" in Command Prompt to apply the changes. Then I enabled Audit policy on a folder and created and deleted a folder, but when I check the Event Viewer, there is only an ID of 4663. What is the problem? Thank you.WindowsgeekMar 10, 2025Occasional Reader2Views0likes0CommentsEdit subnet mask or scope in dhcp server running in windows server - Solved
it's not possible to directly change the subnet mask of an existing DHCP scope in a running Windows DHCP server. Here are the steps: 1. Export the Existing Scope Configuration: Open a command prompt with administrative privileges. Type the following command to export the scope configuration to a text file: netsh dhcp server \\<DHCP_Server_Name> scope <Scope_IP_Address> dump > C:\dhcp.txt 2. Modify the Configuration File: Open the dhcp.txt file in a text editor. Locate the line that specifies the subnet mask (e.g., SubnetMask 255.255.255.0). Change the subnet mask to the desired value. Save the changes to the file. 3. Delete the Old Scope: In the DHCP management console, right-click the scope you want to modify and select "Delete." 4. Import the New Scope: In the command prompt, type the following command to import the modified configuration: netsh exec c:\dhcp.txt 5. Verify the Changes: In the DHCP management console, check if the scope has been re-created with the new subnet mask. Right-click the scope and select "Properties" to confirm the subnet mask change. (Major Point - Ensure that your existing network address and subnet network address remain the same after making changes. If they are not the same, you need to modify the entire network address in the text file. For example, if the original subnet is 255.255.255.0 and the network address is 10.1.10.0, and you change it to 255.255.252.0, then the network address should also be updated to 10.1.8.0. Therefore, you must replace all instances of 10.1.10.0 with 10.1.8.0 in the entire text file (using Ctrl+H for the replacement). Thats it....ARUNKRISHNARRMar 10, 2025Copper Contributor30KViews2likes2CommentsHyper-V: How do VMs communicate with external?
Simple scenario: VM --> vNIC --> vSwitch (external) --> physNIC --> physSwitch The vNIC assigned to the VM has MAC address aa:aa:aa:aa:aa:aa, the physical NIC (physNIC; the vSwitch of type external is connected to it) has bb:bb:bb:bb:bb:bb. What mechanism ensures that when the VM sends a network packet to the external network (the physical network connected to the physical switch physSwitch), the MAC address of its vNIC (aa:aa:aa:aa:aa:aa) is used, and not the MAC address of the physNIC (bb:bb:bb:bb:bb:bb)? In other words: what makes physSwitch "see" aa:aa:aa:aa:aa:aa when the VM communicates to an external endpoint?ahinterlMar 10, 2025Brass Contributor12Views0likes0CommentsDHCP Failover Issue – Standby Server Responding When It Should Not
Hi everyone, I'm encountering an issue with my DHCP failover setup in Hot Standby mode, and I need insights into why the standby server is providing DHCP leases when it shouldn’t. Setup Overview: I manage a network with over 100 sites worldwide, each having a local DHCP server. Each site has a dedicated DHCP server running on the server VLAN. Clients reside on different VLANs, and IP helpers (DHCP relay) are configured on a Checkpoint firewall at each site. The IP helper forwards DHCP requests to: The local DHCP server (primary) in the site's server VLAN. The standby DHCP server (failover), located at an on-premises data center (DC). DHCP servers are configured in Hot Standby mode using Microsoft DHCP Failover. Issue: Despite the Hot Standby configuration, I noticed that my Cisco Meraki dashboard frequently reports a new DHCP server detected, referring to the standby DHCP server, even though the primary DHCP server at the local site is available. Cisco Meraki triggers this alert when it detects DHCPACK packets from the standby DHCP server traversing the local networks. However, in Hot Standby mode, the failover server should only issue leases if the primary server is unreachable. Example: Site-1's primary DHCP server (DHCP-1) has a failover partnership with Failover-1 at the DC. Site-1's connectivity to the DC is stable, yet Cisco Meraki occasionally detects DHCPACK packets from Failover-1, triggering alerts. Troubleshooting Done So Far: Verified that failover mode is correctly set to Hot Standby (not Load Balance). Confirmed that the primary DHCP server is healthy and responding. Checked DHCP logs on both servers but found no clear failover events. Performed packet captures of DHCP traffic, but the results were inconclusive. Investigated whether Checkpoint firewall’s IP helper can prioritize the primary DHCP server, but it appears not to support this functionality. Created a PowerShell script to check for failover-related event logs (Event IDs: 20254 and 20255). This provided better visibility but did not correlate with the Meraki alerts. Questions: Are there any known scenarios where a standby DHCP server in Hot Standby mode might mistakenly issue leases, even when the primary is active? Is there any detailed information on the failover “heartbeat” mechanism between primary and standby servers? I found that it uses TCP port 647, but I couldn’t locate official documentation on the interval and failure conditions. Could failover state synchronization delays cause this behavior? Are there specific logs or PowerShell commands I should check to confirm why the standby server is responding? Is there a way to prevent the standby server from responding unless the primary is truly unreachable (e.g., registry settings, advanced configuration)? Any guidance or troubleshooting steps would be greatly appreciated! Thanks in advance.60Views0likes1CommentUntagged VLAN - Server 2025 Hyper-V
Hi, I have a strage issue and not finding a solution. Using Server 2025 with two node Hyper-V cluster. Most of the machines using VLANs which works fine. Some machines using no VLAN config. Which usually means the "Access VLAN 1" regarding our switch configuration. With Server 2019 this worked fine. With Server 2025 same NIC port, same server/NIC hardware "Untagged" VMs don't get any network connection. If I add a second NIC to the VM "Untagged" the NIC get immidiatly an IP address and has a proper connection. If I remove the first NIC, the second NIC stop working. It looks like something has changed with Server 2025 (maybe already with Server 2022). Do you have any idea what kinde of problem I have found? Thanks JackJackThunderMar 08, 2025Copper Contributor4Views0likes0CommentsLaunching EXEs on File Server Slow on Hyper-V Host
We have a Server 2019 Hyper-V host that hosts a Server 2008 file server (yeah, I know, too old) and other virtual machines we use as work stations that access various EXE files on the file server. Recently, (not sure when it's started) launching EXE files stored on the 2008 server from one of the workstations (all on the same host) is getting delayed, sometimes as long as 20-30 seconds. An odd thing is that when you first log on to the work station and run the EXE it starts in what I think is a reasonable time, until now a second launch would be a little faster, I'm assuming due to caching. But not, launching it a second time gets the delay. Other file types seem to be OK. Opening large PDFs, for instance, does not have the problem. Working on a virtual machine hosted on our OTHER, older 2012 R2 Hyper-V host (yeah, again, I know) and going across the network, host to host, to access those same EXE files never has the delay problem. Because of virtual machines the 2012 host not having the problem, I'm thinking there's something on the 2019 host that's been updated. Update history shows KB5052000 installed in February and KB5050182 in January. I see that the January update mentions "Remote Code Execution" but the info seems to be specific to Visual Studio so I'm not sure that would apply. Has anyone seen this behavior or can maybe give me a clue as to where to start even looking? Thanks, KenKenK1110Mar 07, 2025Copper Contributor26Views0likes0CommentsWindows 11 clients cannot authenticate to NPS server using computer authentication
We have a Windows server 2019 datacenter server running NPS. Our WiFi Office clients authenticate to this server for access to the corporate WiFi network. We use computer authentication, so members of the "domain computers" group are allowed access in the policy (we only want domain computers on this network and we don't want users to need to enter their user credentials). We use GPO to provision a WiFi profile to the domain computers, in which we configure that computer authentication is needed. Our Windows 10 clients (literally all of them) are connecting nicely (I have anonimized the event log for security purposes: Network Policy Server granted access to a user. User: Security ID: DOMAIN\COMPUTER$ Account Name: host/COMPUTER.domain.nl Account Domain: DOMAIN Fully Qualified Account Name: DOMAIN\COMPUTER$ Client Machine: Security ID: NULL SID Account Name: - Fully Qualified Account Name: - Called Station Identifier: xx-xx-xx-xx-xx-xx:SSID Calling Station Identifier: XX-XX-XX-XX-XX-XX NAS: NAS IPv4 Address: x.x.x.x NAS IPv6 Address: - NAS Identifier: AP01 NAS Port-Type: Wireless - IEEE 802.11 NAS Port: 1 RADIUS Client: Client Friendly Name: SonicPoint HQ 1 Client IP Address: x.x.x.x Authentication Details: Connection Request Policy Name: NAP 802.1X (Wireless) Network Policy Name: NAP 802.1X (Wireless) Non NAP-Capable Authentication Provider: Windows Authentication Server: NPS.DOMAIN.nl Authentication Type: PEAP EAP Type: Microsoft: Secured password (EAP-MSCHAP v2) Account Session Identifier: "edited" Logging Results: Accounting information was written to the local log file. When a Windows 11 client (all of them actually) tries to connect, we see the following logged (again, anonimized): Network Policy Server denied access to a user. Contact the Network Policy Server administrator for more information. User: Security ID: NULL SID Account Name: host/COMPUTER.domain.nl Account Domain: DOMAIN Fully Qualified Account Name: DOMAIN\COMPUTER$ Client Machine: Security ID: NULL SID Account Name: - Fully Qualified Account Name: - Called Station Identifier: XX-XX-XX-XX-XX-XX:SSID Calling Station Identifier: XX-XX-XX-XX-XX-XX NAS: NAS IPv4 Address: x.x.x.x NAS IPv6 Address: - NAS Identifier: AP01 NAS Port-Type: Wireless - IEEE 802.11 NAS Port: 1 RADIUS Client: Client Friendly Name: SonicPoint HQ 1 Client IP Address: x.x.x.x Authentication Details: Connection Request Policy Name: NAP 802.1X (Wireless) Network Policy Name: - Authentication Provider: Windows Authentication Server: NPS.domain.nl Authentication Type: PEAP EAP Type: - Account Session Identifier: "edited" Logging Results: Accounting information was written to the local log file. Reason Code: 16 Reason: Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect. The only real difference I see is that for the Windows 11 client, NULL SID is provided as "Security ID". Could it be that this is causing NPS to not be able to verify that the machine that is attempting to connect is a member of the security group which is allowed to connect (the default group "Domain Computers")? Looking forward to either a quick bug fix or a configuration change I need to make. Maybe other Windows Server admins are also experiencing this issue?SolvedPaulvDamMar 07, 2025Copper Contributor154KViews2likes19CommentsIncrease the size of user profile disk in my remote desktop server
Hi all experts. I have a server for remote desktop services purposes, Windows 2016 standard, and domain joined. It is configured using User Profile Disk, and the maximum limit is set to 5GB. I want to increase the maximum limit but I can't do it under the collection's properties because that field is grayed out. My questions: How to increase the maximum limit? Please guide me and let me know how. Can I increase the maximum limit for 1 single user only? If yes, please let me know how. I found some info from the web that this can be done by the Diskpart command, is it true? If I follow the Diskpart method, do all user profiles encounter data lost? I need your guidance and input, I appreciate it. Here are some images:szuguanMar 07, 2025Copper Contributor132Views0likes3CommentsHow to Reset Windows Server 2008 R2 Administrator Password?
I am struggling to reset the administrator password on my Windows Server 2008 R2 machine. Unfortunately, I do not remember the password and cannot access the system. I have tried use a password reset disk or access the built-in administrator account, but have been unsuccessful thus far. I am worried about losing access to critical files and applications as a result of being unable to log in. Therefore, I am seeking advice and guidance on the most effective and secure way to reset administrator password for Windows Server 2008 R2. I am hoping that other forum members who have encountered similar issues in the past can share their experiences and offer tips and solutions. Thanks.FendiStaveMar 07, 2025Copper Contributor11KViews0likes7CommentsServer 2025 Highlight Selection Color
Just loaded Server 2025 Standard for the first time to play around with it. Did all the updates, installed VM Tools. Is there a bug in the highlighted selection color in Computer Management? When you highlight an object from the Local Users and Groups and Shared Folders, it's a bright blue highlight and the text is yellow. Anywhere else, the highlight seems to be the usual soft blue and white text color. Is that happening to anyone else? Went back to check a 2022 VM and it's not a problem.NismoZMar 06, 2025Copper Contributor11Views0likes0Comments
Resources
Tags
- Windows Server2,102 Topics
- Active Directory787 Topics
- management364 Topics
- Hyper-V316 Topics
- Networking292 Topics
- security272 Topics
- storage209 Topics
- powershell144 Topics
- clustering141 Topics
- AMA102 Topics