I was setting up a new test DC server with Server 2016. When going through the setup a domain controller wizard there was an option for the forest functional level “Windows Server Technical Preview”.
I thought to myself did I install Server with a preview build??
I checked this MS KB article which verified that I wasn’t going crazy and that it’s a bug.
Install the latest CU update to fix this issue (Which as of 23/12 is KB4019472.)
Microsoft will “gradually wind down the delivery of Azure RemoteApp over the next year.” in favour for their partnership with Citrix using XenApp “Express”.
“Microsoft customers using RemoteApp will be supported through August 31, 2017, when the service will be shut down.”
MS Link here
In your WSUS 2012 R2 server, are you noticing clients are displayed as Windows Vista instead of Windows 10?
Install this patch from MS (kb3095113) which will fix this and also allow WSUS to sync and distribute feature upgrades for Windows 10. This update is not required to enable WSUS to sync and distribute servicing updates for Windows 10.
Stop Cryptolocker, or at least get warned if it starts encrypting files on your file server. The link below has instructions on how to setup File Server Resource Manager in Windows Server. By adding in certain file extensions you will be able to setup automatic emailing (and shutdown if you want) to detect when Cryptolocker starts encrypting files on your file server. There are also many other great tips on how to protect your server.
This may be old news however it’s a good reminder. If you are running Hyper-V on 2008 R2 server and have a 2012 R2 VM server you may notice the VM stops responding and also receive STOP errors.
Read the following MS KB to find the update.
What’s the cause? The issue occurs because the Hypervisor does not handle the one-shot synthetic timer correctly.
Read here for a vulnerability in HTTP.sys which could allow remote code execution. If you are running IIS update now!
Two patches have recently come out that are VERY important if you are running a Windows Server with Active Directory.
Vulnerability in Schannel Could Allow Remote Code Execution (2992611)
Vulnerability in Kerberos Could Allow Elevation of Privilege (3011780)
Go get them, patch and reboot ASAP!
KB2919355 – Windows RT 8.1, Win 8.1 and Server 2012 R2 Update April 2014
There are 21 issues being tracked with this MS update.
As quoted from the MS website
“Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 Update is a cumulative update that includes all previous released security updates and nonsecurity updates. In addition to previous updates, it includes improvements such as improved Internet Explorer 11 compatibility for enterprise applications, usability improvements, extended mobile device management and improved hardware support.
Important All future security and nonsecurity updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require this update to be installed. We recommend that you install this update on your Windows RT 8.1, Windows 8.1, or Windows Server 2012 R2-based computer in order to receive continued future updates.”
What concerns me is this update has caused BSOD INACCESSIBLE_BOOT_DEVICE issues on servers with LSI based raid cards like DELL servers and others. More info regarding this here
KB2919355 issues listed here
Server 2012 R2 is nearly here (Released on the 18th of Oct).
Take a look here to find out what’s new in Server 2012 R2.
There have been some updates to Group Policy in Server 2012:
– How to configure the Windows 8.1 start screen layout with Group Policy – This will make an IT admin’s life so much easier.
– Group Policy Caching – This feature will speed up the logon process because the Group Policy engine loads policy information from a local cache (Named a data store) instead of downloading it from a domain controller.
– Force refresh – This feature allows you to force a client to refresh it’s local and AD policies from the GPMC (Group Policy Management Console) (I can hear you screaming with joy!).
– Windows 8 support.
– New troubleshooting options.
– Download from Microsoft a full list of Server 2012 & Windows 8 group policy settings here.
Like to install WSUS on Server 2012 via powershell? Here are the instructions. If this is something you need to do quickly and you’re sick of using the GUI I recommend trying this! Let us know how you go? Powershell is definately the future for windows administration. It is very powerful!
Trivia – What does FSMO stand for and what do they mean?
This autotuning fix is definately something to try if you are experiencing slow network/internet speeds in Vista / Windows 7 or 2008 server.
How do you run this fix:
To turn off autotuning launch a command prompt as an Administrator (type “cmd” into the Start box, right click on Command Prompt and select “Run as Administrator), then enter the following line:
netsh interface tcp set global autotuning=disabled
Restart your pc after running this command.
If you want to set this back to normal type the following:
netsh interface tcp set global autotuning=normal
Here is a link for more information regarding autotuning from Microsoft.
Good ol’ ntbackup is back again. Running vista, w7 or win 2008 server and need to recover or backup files with ntbackup? I will explain how to do this (See below).
I do like the new backup in Win 7 / 2008 server. Image / block level backups are great, especially when you can run a first big backup and afterwards only backup incrementally what has changed.
What is block based file backup? Each block in a file is examined. If a duplicate already exists, even from a different file, it is not saved. After the first backup only the delta or the changed blocks are saved in the next backup.
Here how to use ntbackup on Vista / W7 / Server 2008:
Download ntbackup from MS here
Copy these files from a win xp box:
You can find these in c:\windows\system32 of Win XP.