2012 Essentials and Backup Domain Controllers

Similar Messages

• SCCM 2012 Distribution Points on Domain Controllers

  I want to install Distribution points on all of my remote servers. They are all domain controllers though. I know one of the prerequisites to host the DP role is to have the SCCM computer object apart of that servers local administrators group. Since they
  are domain controllers they dont have a local security policy and it is controlled by AD. I'm sure you can add the SCCM computer object to the domain admins group to solve this but my question is if this is considered a supported configuration?

  If you are using the DC as a Distribution point to install clients via Client Push, the "NT Authority\Authenticated Users" group must be added to the local group "Users" to the DC/DP.
  Clients are still able to get installed manually, but Client Push fails.
  Failed to correctly receive a WEBDAV HTTP request.. (StatusCode at WinHttpQueryHeaders: 401)
  Run elevated command prompt (net localgroup users "Authenticated Users" /add)
  Test Client Push - Should be successful.
  Reason: By default the local groups NT Authority\Interactive Users and
  NT Authority\Authenticated Users are removed from the Domain Controller. Clients that are using the DP for content cannot authenticate using the computer account.

• DNS setup on server bound to AD and using domain controllers for DNS

  My server is bound to our AD network and in the network pref I have entered the two IPs for the domain controllers on our network that serve DNS.
  My question is, am I right not to enable/configure and start the DNS service on the Mac server since it is getting DNS already?
  If yes, how do I confirm that my Mac server is correctly listed in our domain controllers DNS? Should I be concerned that I get the following?
  knws3135:~ mactech$ sudo changeip -checkhostname
  Password:
  Primary address = 10.31.3.135
  Current HostName = knws3135.ad.ewsad.net
  The DNS hostname is not available, please repair DNS and re-run this tool.

  Hi
  It looks all OK to me? As for the hostname having capitals could pose a problem but only if the Mac Server was its own KDC. Which it is not. If the hostname is defined as you have it now in the AD's DNS Service then leave it alone.
  Sometimes even when DNS checks out OK you can still have fundamental errors that only demotion to Standalone will cure. I think this is the point that you are at now. To be honest I would do this. Judging from what you've said there would be very little to lose when you do this apart from managed preferences. These can easily be re-applyed on successful promotion.
  needs to be changed so it is configured in Open Directory as connected to a Directory Server
  Not sure what you mean by this?
  If you have or are about to update your Server to 10.5.4 - which I recommend you do. Then you could follow this procedure:
  Demote to Standalone
  Stop all Services
  Restart the Server
  Update to 10.5.4. Restart the Server (this happens anyway)
  Make sure your Server resolves on the forward and reverse pointers (again)
  If you want run changeip again (you may be surprised)
  Use the Active Directory plug in in Directory Utility to bind the Server to the AD. Make sure you use an AD admin account that has authority to do this. De-select 'force home directory creation on startup disk' I have a feeling this will be de-selected anyway.
  After successful binding quit out of Directory Utility and launch Server Admin
  Select the Open Directory Service
  Change the role from Standalone to Open Directory Master
  Create the Directory Administrator account's username and password. Don't be tempted to change the UID or use the system admin account's user name. You can use the same password if you wish. What I've done before in the past is to create the diradmin account on the AD first with full authority for the domain.
  On successful promotion you should now see in the Overview Pane everything running apart from Kerberos which should be Stopped. This is how it should be. Apple's 10.5.4 Update has took a lot of the donkey work out of this whole process. No need for the command line. Simply click.
  If you launch Directory Utility you should now see the server's loopback address has been added in the LDAPv3 Plugin. Also the Server should be topmost in the Search Order under the Authentication and Contacts field. Bind your clients first to the AD and then the OD (make sure use for authentication and contacts are unchecked).
  Browse the two nodes, add your groups and apply MCX in the usual way.
  Does this help?
  Tony

• Storage Server 2012 R2 and backups

  We have a network with a domain server and a few virtual servers. I was looking for a setup that would backup the servers and all of our workstations. I was looking for a backup that would make an image backup but that we would still be able to get at
  the files. Will Windows Storage Server 2012 R2 work for that? If so how hard would it be to implement without disrupting the current setup? I was looking at the Thecus W4000 or the Thecus W5000 because they come with the server software in a form factor
  that I think would be ideal. Also, does the Microsoft Azure backup service work as a good offsite backup in this kind of setup.

  Hi,
  Windows Storage Server 2012 R2 can be used to centralize client backup. Azure Backup is a simple and reliable data protection solution that enables customers to back up their on-premises data to the cloud. We can use Windows Storage Server 2012 R2 Essentials
  to make Azure Backup easy to turn on “offsite backups” to help protect against catastrophes such as a fire, water damage, or theft of the NAS.
  For more detailed information, please see:
  Windows Storage Server 2012 R2 Essentials: A Closer Look
  http://blogs.technet.com/b/storageserver/archive/2014/12/10/windows-storage-server-2012-r2-essentials-a-closer-look.aspx
  Best Regards,
  Mandy
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• Licensing help needed for datacenter server with vm running windows server 2012 essentials and ten virtual desktops for remote access

  NPO wants to get windows server 2012 r2 datacenter as the main operating system and then windows server 2012 r2 essentials plus 10 windows 8.1 as virtual desktops.  Each desktop for one remote user running office 2013.  Is there a better configuration?
   In either case what licenses does the NPO need to purchase?
  Bob

  Hi,
  For license related questions we recommend you contact Microsoft licensing specialist.
  http://support.microsoft.com/kb/141850/en-us
  Regards.
  Vivian Wang

• Windows Server 2012 Essentials and Microsoft SQL Server 2014 Standard Core Edition

  Our company is planning to buy Windows Server 2012 R2 Essentials edition (Volume license) and install it on Citrix Xenserver based virtual machine with 4 virtual processor cores. Can we install Microsoft SQL Server 2014 Standard Core Edition (2 licenses
  for 2 cores) and run it on this virtual machine?

  you can install SQL Server Standard 2014/2012 on the Essentials Windows Server but without Server core Installation while installing SQL Server 2014 is supported on the Server Core mode of the following editions of Windows Server:
  Windows Server 2012 R2 Datacenter 64-bit
  Windows Server 2012 R2 Standard 64-bit
  Windows Server 2012 Datacenter 64-bit
  Windows Server 2012 Standard 64-bit
  Windows Server 2008 R2 SP1 Datacenter 64-bit
  Windows Server 2008 R2 SP1 Enterprise 64-bit
  Windows Server 2008 R2 SP1 Standard 64-bit
  Windows Server 2008 R2 SP1 Web 64-bit
  http://msdn.microsoft.com/en-us/library/ms143506.aspx
  thanks
  diramoh
   

• Lost connection between 2012 Essentials and Office 365

  We had a network issue on site last week and had to restart the internet router. Since then we now have no link to office 365 from the dashboard. I can login to the office 365 portal using the admin credentials from the server but cannot get the server to
  auto link between the two.
  Any help would be great.

  Hi
  I know its a server but have you tried a reboot or flushing the dns and see if it connects?
  Hope this helps. Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

• Client PC migration fails from SBS 2003 to SBS 2012 Essentials

  Please check out this entire message before making an assumption about what it says, thanks.
  Our old SBS 2003 Server hard failed a few weeks ago.
  Rather than repair it, we ordered a new server with SBS 2012 Essentials and loaded the backup data from the old server.
  The Server is just fine.  We are having no issues whatsoever with the server.  I kept the old domain name and server name.
  The Client Computers, some Win7 some Win8.1, have turned into a nightmare to re-connect.
  What happens is, the user can log in, but has no files in desktop, downloads or documents, nothing has been migrated:
  The process I'm using is this:
    1> I take them off the old domain and set them up as workgroup: NOGROUP... that works fine.
    2> I bring up http://SERVERNAME/connect and begin installing the server software, no problem yet...
          >> This goes to a point where it asks for a restart, followed by a lot more waiting.
          >> Eventually it crashes with a message I have, unfortunately, not documented (sorry).
    3> When I restart the PC, I'm able to log into the user account : DOM\username, but none of the users files are there.
  Looking at the file tree at C:\Users I see a folder structure like this:
    C:\Users
          |_   _client.setup_  (essentially empty)
          |_  username         (the old account... and yes, it has all of the files and app data)
          |_  username.DOM (the new account, but essentially empty)
  It appears that the setup was supposed to migrate 'username' thru '_client.setup_ into 'username.DOM' but failed.
  I can move all of the data from 'username' to 'username.DOM' to solve the data and files problem.
  But the AppData folder cannot be moved in its entirety (I tried, and it clobbers the user completely), I have to manually transfer files from 'username\AppData' folders (Local, LocalLow and Roaming) making sure to transfer only the files that don't exist
  in the 'username.DOM\Appdata' folders.
  I realize that this process leaves me with a 'Less Than Perfect' AppData setup.
  Since I have many Clients left to convert, I'd like to know if I'm doing something wrong, or how to make it right.

  With a new server with a new domain you have started down the right path.  Disjoin and the http:// technique should have worked, but we can address that when you can give us more info.
  When joining a new domain the old users profiles get blocked by security to the new users.  But the local admin or the domain admin should have access.  The way I do it is to copy out the required data from the old profile to a safe place then
  copy it back to the new profile when finished.  But there are profile migration wizards, one of them at
  www.forensit.com, that work very well.
  As for the system crash when you did the join... please see if you can get the message, and then examine the logs in both the server and the client.   For the server, look here:
  http://blogs.technet.com/b/sbs/archive/2014/09/30/windows-server-essentials-log-files.aspx
  For the client, scroll down in the link above to the section about client side logs.
  Larry Struckmeyer[MVP] If your question is answered please mark the response as the answer so that others can benefit.

• Clustering Configuration with Primary & Secondary Domain Controllers

  Hello.
  I am trying to configure Failover Clustering on my Server 2012 computers.
  I have a primary domain, as well as a secondary domain.
  We will call them dc1.domain.com and dc2.domain.com.
  I have Failover Clustering Manager installed on both servers.
  Upon adding them both to the Create A Cluster Wizard, I receive the following error message on my report.
  (My account is fairly new, so it will not let me attach an image, but I assure you, it is safe)
  s14.postimg.org/lssjm2vu9/Screenshot_1.png

  More that trying to avoid clustering domain controllers, you simply cannot do it.  Active Directory has high availability built into it.  It is known as multimaster, meaning there is no primary and secondary domain controllers.  All are 'masters',
  meaning you can make changes on any domain controller and the change will be replicated to the other DCs.
  If you only have two physical servers and you want to cluster them, you will first need to install the Hyper-V role on the servers (it is not recommended to install both Hyper-V and Domain Controller on the same box, so we will get this fixed).  Once
  you have Hyper-V installed, build a VM on each server, join them to the domain, and promote them to domain controllers.  On one of the VMs, seize the FSMO roles from the FSMO master.  Then demote the physical hosts from being domain controllers. 
  You can now form a cluster of the two physical servers.
  . : | : . : | : . tim

• Where do I find Offer Remote Assistance on Server 2012 Essentials

  Where the heck do I find the Offer Remote Assistance capability in Server 2012 R2 Essentials?  (I'm guessing this a just plain Server 2012 thing, but in my case I'm specifically using Server 2012 R2 Essentials.)
  From the server console, I want to be able to offer remote assistance to workstations joined to the Essentials domain.
  I have the Remote Assistance Feature installed on the server, and I have the group policy configured and active for workstations to allow Remote Assistance.  I just cannot find in the Server 2012 user interface (which is of course based on the Windows
  8 interface which I have not used yet), where the Remote Assistance option is.
  In Windows 7, and Small Business Server 2011 Essentials, which is of course built on top of Windows 2008, I could click Start, then All Programs, then Maintenance, and "Windows Remote Assistance" was a shortcut there.
  In Server 2012 R2 Essentials I can't find it anywhere.  Even when I display the full Start "Menu" list on the new Start screen I can't find it.  "Remote Assistance" does not show up as an option when I try to search for it in
  the Start screen search box.
  Thank you.

  Thanks everyone. I finally found it, but it's far less than obvious in any way.  But first to address some of the other comments...
  That's funny. The only way I've been able to find the tool on Win7 or Win8 has been to type "remote assistance" at the start menu, and then select the appropriate program. 
  I just rechecked 3 different Windows 7 PCs and both of my older Small Business Server 2011 Essentials servers (which of course are based on Server 2008). On all of them in the Start Menu, I can click Start, then All Programs, then I have a folder called
  "Maintenance", then inside of that I have a "Windows Remote Assistance" shortcut along with several other shortcuts. Of course I know the interface changed in Windows 8 and Server 2012, but it seems odd they'd remove access to the tool
  entirely without any way to get to it.
  I just did this on my Windows Server 2012 Essentials, and it offered me the right selection, but then when I clicked that I got the message "Windows cannot find 'C:\Windows\system32\msra.exe'. Make sure you typed the name correctly, and then try again."
  Funny that it obviously had the shortcut installed, but not the underlying program.
  Wim.
  I believe it may have been removed from the Server OS in 2012 in favour of using a Desktop to Offer Remote Assistance.
  http://blogs.msdn.com/b/hyperyash/archive/2013/01/18/remote-assistance-in-windows-8.aspx
  It was 'put back' in R2 so it seems.
  Anyway, i went to Server Manager, installed Remote Assistance. Rebooted.
  Went to search and found remote assistance.
  Yes, mine is specifically 2012 R2 Essentials. After some additional Google searching, it does appear that there is no direct "shortcut" to Remote Assistance in Windows 8, and thus I'm guessing in Server 2012 R2. Everything I find on Windows 8 indeed
  says to "search" for "remote assistance" as you guys have suggested and select it from the search results. The problem is that on my 2012 R2 Essentials server, when I search for "remote assistance" I only get one result, as shown
  in the first screen shot here, which if I click it takes me to the 2nd screen shot, which is of course not what I want. (That's the settings for the server itself to allow remote connection into the server from outside.  I'm trying to go from the server
  out to workstations.)
  Then i had to go to 'get help' which may be a change from before.
  Chose to help from an invite.
  Go to advanced options.
  Not sure if this is what you want, or need?
  Yeah, I knew how to get to the Advanced settings within the basic Remote Assistance tool.  The "Invite someone..." option is not showing up in my search results when I search for "remote assistance" as you can see in the above screen
  shot.
  If I remember correctly, the feature had already to be installed manually in Windows Server 2008 R2, so this is not a new behavior...
  Correct, yes, on my SBS 2011 Essentials servers I did have to manually install the Remote Assistance "Feature".  But as mentioned above, once I did install the feature, then the "Windows Remote Assistance" shortcut still showed up
  under Start/All Programs/Maintenance.  At the very least I would have expected it to show up in the search results, which you can see by the above screen shot, it doesn't.
  SO HOW DID I SOLVE IT?
  I found that if I actually search for "invite someone" then that option shows up in my search results and I can click on it and it launches the remote assistance tool as in Robert's message and screen shots above.  I don't know why this
  option doesn't show up when I search for just "remote assistance" as in Robert's screen shot above, but it doesn't.
  In the end, creating the desktop shortcut for msra.exe /offerra seems to be the most efficient.

• Can't download files on Android from Server 2012 Essentials Remote Web Access

  I have two servers, one with Windows Server 2012 Essentials, and the other SBS 2011.  Employees like using Remote Web Access to log in from anywhere and have access to shared folders.  It works perfect on a Desktop computer, but when they try to
  use their Android tablets or phones, and want to download a file (e.g. a PDF) from one of the shared folders on the server, the download fails.   When Microsoft was pushing 2012 they said RWA worked great on mobile devices, do I have to set up something
  separately to make this happen?
  I've completely disabled the firewall, and have ports 80,443,987, and 1723(just to be safe) all forwarded to the server.
  I can log into the RWA site on the android, browse files and folders, but when I select a PDF to download, the download shows as if it's starting, shows in my android notification as if its going to start downloading (Shows MobileDownload www.mydomain.com)
  but eventually after a few minutes, will time out and show "Download Unsuccessful".
  Network connectivity is fine as I can do this on a Windows Desktop PC using any browser (Chrome, Firefox, IE) and successfully download anything I want.
  UPDATE:  I found this in the event handler when I tried to download something from a mobile device...
  - System
  - Provider
  [ Name] ASP.NET 4.0.30319.0
  - EventID 1309
  [ Qualifiers] 32768
  Level 3
  Task 3
  Keywords 0x80000000000000
  - TimeCreated
  [ SystemTime] 2014-01-12T16:49:12.000000000Z
  EventRecordID 72818
  Channel Application
  Computer MYSERVER.MYDOMAIN.local
  Security
  - EventData
  3005
  An unhandled exception has occurred.
  1/12/2014 11:49:12 AM
  1/12/2014 4:49:12 PM
  953eedf1ad414391a193e5f98a281da5
  263
  3
  0
  /LM/W3SVC/1/ROOT/Remote-1-130340167702975633
  Full
  /Remote
  C:\Program Files\Windows Server\Bin\WebApps\RemoteAccess\
  MYSERVER
  2592
  w3wp.exe
  NT AUTHORITY\NETWORK SERVICE
  HttpException
  Server cannot set content type after HTTP headers have been sent. at System.Web.HttpResponse.set_ContentType(String value) at System.Web.UI.Page.SetIntrinsics(HttpContext context, Boolean allowAsync) at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) at System.Web.UI.Page.ProcessRequest(HttpContext context) at Microsoft.WindowsServerSolutions.Web.RemoteAccessSite.RealPageHandler.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
  https://remote.MYDOMAIN.com:443/Remote/fs/MobileDownload.aspx?path=\\MYSERVER\PICTURES\2013603.jpg
  /Remote/fs/MobileDownload.aspx
  MY.IP.ADDRESS.141
  MYDOMAIN\user
  True
  Forms
  NT AUTHORITY\NETWORK SERVICE
  31
  NT AUTHORITY\NETWORK SERVICE
  False
  at System.Web.HttpResponse.set_ContentType(String value) at System.Web.UI.Page.SetIntrinsics(HttpContext context, Boolean allowAsync) at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) at System.Web.UI.Page.ProcessRequest(HttpContext context) at Microsoft.WindowsServerSolutions.Web.RemoteAccessSite.RealPageHandler.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

  Hi,
  Before going further, would you please let me confirm something firstly?
  Would you please let me know if all Android devices
  encounter this same issue? If you download different type files, will still this issue persists? You can upload a small file (such as a text file) to the share folder, then check if Android device can’t download it.
  Based on your description, when logon a desktop computer, you will download files via RWA successfully. Please use the user account which logon computer to logon
  the Android device, will still fail to download?
  Please check if there has enough free space in Android devices that be used to save download.
  When this issue occurred, please check the state of Android device in Dashboard. Besides, I suggest you should run the Best Practices Analyzer (BPA) and fix all
  it can find. Then monitor the result.
  Run the Windows Server 2012 Essentials Best Practices Analyzer
  http://technet.microsoft.com/en-us/library/jj200181.aspx
  In addition, regarding to the Event ID 1309, please refer to the following articles.
  Event ID: 1309 Source: ASP.NET 4.0.30319.0
  http://www.eventid.net/display-eventid-1309-source-ASP.NET%204.0.30319.0-eventno-11022-phase-1.htm
  Hope this helps.
  Best regards,
  Justin Gu

• Active Directory Integrated DNS Zones, replicate only to specific domain controllers

  I have a customer with a fairly large Active Directory forest with many domains that they are trying to consolidate into a single domain which likely take 18 to 24 months according to their timeline.  During this time, they would like all DNS zones
  to be serviced directly from the new domain controllers, meaning, domain A would have replicas of domain B, C, D, E, etc.  Because the environment is complex and some domain controllers in domains other than A are in a very sad state and replication problems
  abound, they would like to avoid replicating all zones forest wide.  
  I've never done this before, or even considered it necessary, is it even possible?  I don't have a ton of time for trial and error, but based on this there seems to be some hope:
  https://technet.microsoft.com/en-us/library/cc753801.aspx?f=255&MSPPError=-2147217396
  Is this telling me how to do what I want to do?
  Thanks
  J
  Joseph M. Durnal MCM: Exchange 2010 MCITP: Enterprise Messaging Administrator, Exchange 2010 MCITP: Enterprise Messaging Administrator, MCITP: Enterprise Administrator

  He actually didn't specify much about dynamic updates requirements for old domains, if they don't need secure dynamic updates then a primary zone would work:
  The DNS Server service allows dynamic update to be enabled or disabled on a per-zone basis at each server that is configured to load
  either a standard primary or directory-integrated zone.
  REF: Understanding Dynamic updates
  This post is provided AS IS with no warranties or guarantees, and confers no rights.
  ~~~
  Questo post non fornisce garanzie e non conferisce diritti

• Windows Server 2012 Essentials upgrade to Windows Server 2012 Standard

  I've just upgraded a Windows Server 2012 Essentials to Standard via the Powershell command. The server restarted and is now Standard version. However I've noticed in the services that one particular service fails. 
  silsvc <Failed to Read Description. Error Code: 2 > 
  C:\Windows\system32\silsvc.exe
  It is set to automatic.
  I guess this is part of the essentials license and hasn't been removed. I would like to keep the Essentials Features however on a VM I replicated the same problem but when I removed Essentials features this service also got removed.
  Is it ok to just disable this service? because I want to keep the Essentials features. Is it going to cause any issues?

  Hello,
  What is the procedure to migrate to standard essentials without losing programs?
  Can you help me?
  actually I have windows server 2012 essentials and I want to upgrade to standard

• Connect two domain controllers to SAN storage

  Hi everyone
  I have primary and secondary domain controllers, I want to connect them to SAN storage as a cluster, I tried to configure Failover Clustering on them, but when adding them both to the Create A Cluster Wizard, I receive the following error (see the link)
  http://s14.postimg.org/lssjm2vu9/Screenshot_1.png
  so, is there any solution for this error, or may be there is another way to connect both DCs to the storage as cluster.
  any help will be appreciated,

  Hi,
  as I know this configuration is not supported.
  http://support.microsoft.com/kb/2795523/en-us
  Regards
  Guido

• Adding a Network Printer - 2012 Essentials

  I am using small business server 2012 essentials and looking to purchase a network printer. The issue I see is that many of the printers I have researched do not have drivers for essentials. Some will list out R2, but I do not have that, only Essentials.
  Is there a workaround to installing a printer or do the windows server 2012 drivers that most manufactures use work for the Essentials operating system. I already tried to install a Ricoh printer and used the windows server 2012 and R2 drivers, tried to manually
  install the drivers, but did not work. Thanks

  Hi ChrisCJK,
  I agree with Cliff Galiher’s viewpoint.
  Please browse the web site of printer manufacturer, and check if you can get a latest version of the driver. Then monitor if it can help you to add the printer for
  Windows Server 2012 Essentials.
  Meanwhile, please refer to the following article. It provided the details of installing Network Printer to Windows Server 2012 Essentials. The printer is different
  with yours. However, may give some thoughts.
  Windows Server 2012 Essentials : Add a Network Printer
  http://titlerequired.com/2012/10/24/windows-server-2012-essentials-add-a-network-printer/
  Hope this helps.
  Best regards,
  Justin Gu