• MS Server

    Tips for building a new domain controller in Server 2019

    1. File Replication Service (FRS) has been deprecated. You will need to update to DFSR before building a new DC in your domain if you are still using FRS to replicate SYSVOL. FRS and DFSR both asynchronously replicate content sets of file data. FRS was introduced in Server 2000. DFSR was introduced in Server 2003 R2 however gained the ability to replicate SYSVOL on DC’s with Server 2008. Server 2016 is the last Server OS to support FRS. If you have been running your domain since Server 2003 or 2000 domain functional level you may still be using FRS for replicating SYSVOL. FRS was actually deprecated since Server 2008 R2…

  • Microsoft KB,  MS Server

    Backup & Restore of DHCP Server 2012 and above

    I recently built a new 2016 domain controller, exported the old 2012 DHCP server config and imported it in Server 2016 via the DHCP GUI. On the new 2016 server DHCP failed with an error “The DHCP service failed to restore the DHCP registry configuration”. I was stuck and couldn’t restore the new DHCP server. Here is an alternate way of exporting/importing DHCP. Here is the solution: Open cmd on the server you want to export the DHCP config (In my case it was the older 2012 R2 server) netsh dhcp server export C:\Users\username\Desktop\dhcp.txt all  Copy this file to the new server you wish to restore the DHCP config and…

  • MS Server,  Windows Updates

    Can’t RDP into my servers! CredSSP Info

    On Friday 11th of May 2018, I tried to RDP into the servers at work and could not login. This is the error message: I learnt that a new update to Win 10 has stopped my ability to RDP into the servers. I researched more into this and found: March 13, 2018 – An update to the RDP was released to Win clients and servers. April 17, 2018 – An RDP client update enhances the error message when an updated client fails to connect to a server which has not been patched.  (Still allowing connections to unpatched servers) May 8, 2018 – An update to a reg setting from Vulnerable…

  • MS Server,  TSF Knowledge Base

    DC promo shows “Windows Server Technical Preview”

    I was setting up a new test DC server with Server 2016. When going through the setup a domain controller wizard there was an option for the forest functional level “Windows Server Technical Preview”. I thought to myself did I install Server with a preview build?? I checked this MS KB article which verified that I wasn’t going crazy and that it’s a bug. Solution: Install the latest CU update to fix this issue (Which as of 23/12/2017 is KB4019472.)

  • MS Server,  Windows Updates,  WSUS

    WSUS Update for Win 10 clients

    In your WSUS 2012 R2 server, are you noticing clients are displayed as Windows Vista instead of Windows 10? Install this patch from MS (kb3095113) which will fix this and also allow WSUS to sync and distribute feature upgrades for Windows 10. This update is not required to enable WSUS to sync and distribute servicing updates for Windows 10.

  • Antivirus,  MS Server

    Stop Cryptolocker

    Stop Cryptolocker, or at least get warned if it starts encrypting files on your file server. The link below has instructions on how to setup File Server Resource Manager in Windows Server. By adding in certain file extensions you will be able to setup automatic emailing (and shutdown if you want) to detect when Cryptolocker starts encrypting files on your file server. There are also many other great tips on how to protect your server. http://jpelectron.com/stopcrypto Screenshot

  • Microsoft KB,  MS Server,  Windows Updates

    2012 R2 VM on 2008 R2 Server

    This may be old news however it’s a good reminder. If you are running Hyper-V on 2008 R2 server and have a 2012 R2 VM server you may notice the VM stops responding and also receive STOP errors. Read the following MS KB to find the update. https://support.microsoft.com/en-us/kb/2744129  What’s the cause? The issue occurs because the Hypervisor does not handle the one-shot synthetic timer correctly.

  • MS Server,  Windows Updates

    Important Windows Server Patches

    Two patches have recently come out that are VERY important if you are running a Windows Server with Active Directory. Vulnerability in Schannel Could Allow Remote Code Execution (2992611) https://technet.microsoft.com/library/security/ms14-066 Vulnerability in Kerberos Could Allow Elevation of Privilege (3011780) https://technet.microsoft.com/en-us/library/security/MS14-068 Go get them, patch and reboot ASAP!  

  • Microsoft KB,  MS Server,  Windows Updates

    21 issues with KB2919355

    KB2919355 – Windows RT 8.1, Win 8.1 and Server 2012 R2 Update April 2014 There are 21 issues being tracked with this MS update. As quoted from the MS website “Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 Update is a cumulative update that includes all previous released security updates and nonsecurity updates. In addition to previous updates, it includes improvements such as improved Internet Explorer 11 compatibility for enterprise applications, usability improvements, extended mobile device management and improved hardware support. Important All future security and nonsecurity updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require this update to be installed. We recommend that…

  • Group Policy,  MS Server

    Windows 8.1 and Server 2012 R2 GP

    Server 2012 R2 is nearly here (Released on the 18th of Oct). Take a look here to find out what’s new in Server 2012 R2. There have been some updates to Group Policy in Server 2012: – How to configure the Windows 8.1 start screen layout with Group Policy – This will make an IT admin’s life so much easier. – Group Policy Caching – This feature will speed up the logon process because the Group Policy engine loads policy information from a local cache (Named a data store) instead of downloading it from a domain controller. – Force refresh – This feature allows you to force a client to…