ADFS 3 (Server 2012 R2) and Chrome

Similar Messages

• Configuring a Certificate for ADFS on Server 2012 R2

  Preparing to install ADFS on Server 2012 R2 for SSO to applications outside of our organization.  For my needs, do I need two certificates? One for SSL and one for Claims?
  We have an internal Microsoft CA that I can get certs from. I have read that Microsoft suggests using a self-signed cert for claims. Can someone corroborate this for me?
  Since ADFS 2012 R2 doesn't use IIS, if I have IIS installed and request a cert from my internal CA, can I still use it for my ADFS installation?
  Orange County District Attorney

  Hi Sandy,
  Based on my research,
  Server authentication certificate (SSL)is used to secure
  Web traffic for communication with Web clients or with federation server proxies, while token signing certificate is an X509 certificate, its associated public/private key pair is used by federation servers to
  digitally sign all security tokens that they produce.
  Self-signed Certificates can be used for a lab, but should not be used in production deployments.
  Here are some related articles below I suggest you refer to:
  Certificate requirements for federation servers
  http://technet.microsoft.com/en-us/library/cc783182(v=WS.10).aspx
  ADFS Certificates - SSL, Token Signing, and Client Authentication Certs
  http://blogs.technet.com/b/adfs/archive/2007/07/23/adfs-certificates-ssl-token-signing-and-client-authentication-certs.aspx
  Setting up an ADFS lab environment - Part 1
  http://blogs.technet.com/b/adfs/archive/2007/02/26/setting-up-an-adfs-lab-environment-part-1.aspx
  I hope this helps.
  Amy Wang

• REMOTE DESKTOP SERVICES CLIENT ACCESS LICENSES FOR MICROSOFT WINDOWS SERVER 2012 STANDARD AND DATACENTER

  I am using a window 7 professional  service pack 1 and I purchase REMOTE DESKTOP SERVICES CLIENT ACCESS LICENSES FOR MICROSOFT WINDOWS SERVER 2012 STANDARD AND DATACENTER. but  the seller did not send me any installation CD or instruction
  on how to use it.
   Please how can I use it on my window 7 professional  service pack 1.
  Thank you.

  Though Bill is absolutely correct for most CALs, Remote Desktop Services does have its own special licensing server.  I haven't installed one on 2012, yet, but here is a step-by-step guide for 2008. 
  http://technet.microsoft.com/en-us/library/dd983943(v=ws.10).aspx
  Here is a lab guide for 2012 -
  http://technet.microsoft.com/en-us/library/jj134160.aspx
  But, the explanation of your environment begs the question - what are you trying to do?  You say you have a desktop OS and you are talking about Windows Server products.  In that light, your question does not make a lot of sense.
  . : | : . : | : . tim

• I have windows server 2012 R2 and install active directory

  My question is I install active directory in windows server 2012 R2 and create Group Policy. ( These set-up is only for test)
  Have not registered domain only install active directory to test. 
  So the problem is when I created Group policy for my user and put software restriction policy but its affected to my administrator accounts too, No when I open VMware (install Virtual Machine windows XP) and start os then its shows you can not user this
  software as you restricted from installing software (Something like that don't know exact Error). I could not start installed Virtual Machine. 
  Please give me a solution for this.
  This is the setup for a test use only so their not big environment connect with my pc.
  Thanks in advance.
  Regards,
  Krunal

  Hi,
  The following article is talking about creating and managing Group Policy on a Windows Server 2012:
  http://www.thomas-krenn.com/en/wiki/Creating_and_managing_a_Group_Policy_on_a_Windows_2012_Server
  As Darren Blanchard mentioned, if you want to apply the GPO, you could link it to an OU that contain the computer or user.
  Group Policy Overview
  http://technet.microsoft.com/en-us/library/hh831791.aspx
  Please feel free to let us know if you need further assistance.
  Regards.
  Vivian Wang

• Hyper-v Role in Windows Server 2012 foundation and Essentials

  Hello,
  I have seen that the two low cost version of Windows Server 2012 essential and Foundation) will not support hyper-v. Can you please tell me what it means exactly :
  Can you please tell me what is possible :
  -The server can not be installed as a hyper-v  guest (probably yes)
  -The hyper-v role can not be installed on the server (so I have to rely on vmware)?
  - Hyper-v role can be installed but there is no free license included with the server.
  Thank you
  Marc

  I suppose then, you would have to install Windows 8 and Hyper-V as your guest or core.
  Then run your Server 2012 Foundation under Win8.  which has 512GB Memory Limit.
  It seems asinine that you cannot install this role on Foundation, but seemingly you could work around it with Win8.  (Or Sun Virtual Box (free) (or VmWare(Free).
  So load up a dozen Win8Pro virutal sessions on that Win8 VirtualBox with up to 512GB Memory and Create your own Ghetto Remote Desktop Server with Foundation and Windows 8.   ;)
  What good is it if your can't run Hyper-V and Remote desktop services?  Those are the two apps small business need most.  But Microsoft strips it out, calls it a DEAL  (Essentials and Foundation) , yet if you want the good stuff, you're gonna
  have to buy Server 2012 Standard anyhow, + the CALs.
  So you are hooked into this "deal" by Microsoft Special Offer.   Its special alright, because you get to buy it twice.  The stripped down version that come with your server, then the full version when you discover Foundatoin and Essentials gives
  you AD, and thats it.  Nothing Else.  No "deal"
  Remember:
  All you get with Foundation or Essentials is AD and Group Policy.
  You cannot load RDP on Foundation or Essentials
  You cannot load Exchange on a DC, or Foundation or Essentials
  You cannot load Exchange and RDP on the same box.
  You cannot have Remote Web Apps if you load RDP on your DC.
  You cannot win with Microsoft.  No worthwhile "deal" has ever come out of the city of Redmond.
  The internet is a one-way money pipeline to Microsoft.
  Its three times the work, three times the cost and requires three servers licenses to do with 2012, what you could do with one 2008R2 license.  
  Might as well purchase 2 Server 2013 Standard Editions if you want:
  1.) Active Directory
  2.) Remote Desktop and Remote Apps
  3.) Your own Exchange Server
  You are better off installing a NAS if all you need is a file server. 
  Why bother with Foundation or Essentials?  Its a "Gimmick-ware"

• Windows Server 2012 Standard and Essentials User CAL's

  I've been running Windows Server 2012 Essentials in an organization that until recently stayed within the 25 user 50 network device limit specified by the license. Eventually we've grown beyond that. Since the Server 2012 Essentials machine had a non-transferable
  OEM license I decided not to waste it by doing an in-place migration to Server 2012 Standard, and instead set up a new server with freshly purchased Server 2012 R2 Standard and migrated Active Domain roles to it, leaving the original server as a part of a
  fail-over cluster.
  We purchased 30 User CAL's for the 2012 R2, as required for 25+ staff members.
  Now I am curious. The 2 servers that we have right now (2012 R2 Standard and 2012 Essentials) both maintain the same Active Directory and manage the same pool of users and workstations. Does that mean that the primary server with 30 User CAL's takes dominance
  and sets the limit as to how many people are allowed to access the network. Or does it become a combination of purchased 30 CAL's + 25 Users hard-wired into the 2012 Essential edition?
  Do these servers have to run separate domains with segregated pools of users in order to be license compliant for 30+ users or can they exist within the same same domain preserving individual user limits? What if the 2012 Essentials server maintains
  one office location with fewer than 25 staff and the Standard R2 2012 server runs another office with fewer than 30 staff, while both offices are linked via a VPN for the purpose of sharing 3rd party licenses? Do individual user limits apply, or is it still
  30 users max?
  To sum up the question, I'd like to know whether I'd need to buy more user CAL's when we reach more than 30 staff at 1 or possibly 2 office locations.
  Oh, and the device limit! 2012 R2 Standard under user CAL licensing scheme has no machine limits. Essentials is always capped at 50. When running one active directory, what's the legally allowed number of devices on the network? I assume it's unlimited.
  Thanks.

  Thank you for the reply.
  My question then is how to transition while preferably keeping both physical servers.
  Should a 2012 Standard key be purchased additionally for an in-place transition of 2012 Essentials machine to 2012 Standard (which at this point is as good as a fresh install)? Until then, should the Essentials 2012 server be taken offline entirely?
  What about the situation where I described both servers running segregated networks with their own pools of users, only connected via a VPN for 3rd party license sharing? Is that configuration supported?
  Also, if the configurations is unsupported, why are the servers able to share roles in first place? Why isn't there a software mechanism preventing interaction? What configuration do the servers themselves assume is in place?
  Thanks again.

• Is it possible to uninstall IE 11 from Windows Server 2012 R2 and replace it with the latest version of IE 10?

  Is it possible to uninstall IE 11 from Windows Server 2012 R2 and replace it with the latest version of IE 10? We have a remote desktop farm setup with 2012 R2 servers and we are publishing some web links that only work with IE10. As a result, we need to
  downgrade the remote desktop servers to IE10. I have a feeling that this isn't possible, but if I could get a definitive answer, I would greatly appreciate it, thank you!

  Hi,
  Agreed with DonPick.
  Internet Explorer 11 is preinstalled with Windows 8.1 and Windows Server 2012 R2.
  More information regarding Internet Explorer 11, please check:
  Internet Explorer 11 - FAQ for IT Pros
  http://msdn.microsoft.com/en-us/library/dn268945.aspx
  Best regards
  Michael Shao
  TechNet Community Support

• Just FYI, Windows Server 2012 R2 and Windows Server 2012 BranchCache Deployment Guide in Word format in the TechNet Gallery

  The Windows Server 2012 R2 and Windows Server 2012 BranchCache Deployment Guide is now available for download in Word format in the TechNet Gallery at
  http://bit.ly/1pYZT3F
  Thanks -
  James McIllece

  hello again,
  meanwhile I was lucky to find this article about Idenity Mapping in TechNet in the Storage Team Blog:
  http://blogs.technet.com/b/filecab/archive/2012/10/09/nfs-identity-mapping-in-windows-server-2012.aspx
  Likely to be overseen at the end of one paragraph it says:
  "Client for NFS does not support NFS V4.1 in Windows 8 or Windows Server 2012"
  Question : Is this an official statement and is it still valid with most recent
  Windows Server 2012 R2 that NFS client does NOT support NFSv4.x  ??
  thanks - Rainer

• Server 2012 R2 and DPM 2012 (ocsetup not recognized)

  I am trying to install DPM 2012 on Server 2012 R2 and unalbe to get past prerequisties check.  When I try the command "OCSetup.exe SIS-Limited"  it comes up that OCSetup is not recognized.  How do I install (SIS) on Server 2012 R2?

  Hi.
  DPM 2012 SP1 is not supported running on Windows 2012 R2.  Please decide on one of the following.
  A) Install DPM 2012 R2 on the Windows Server 2012 R2 or other
  supported operating systems.
  B) Install DPM 2012 SP1 on Windows Server 2012 or other
  supported operating systems.
  FYI for Windows server 2012 R2 the new command is:
  dism /online /enable-feature:SIS-Limited
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Regards, Mike J. [MSFT] This
  posting is provided "AS IS" with no warranties, and confers no rights.

• DirectAccess Client not connecting without error code on Windows Server 2012 R2 and Windows 8.1

  Hello,
  we are currently migrating from Windows Server 2012 to 2012 R2 and are not able to get the new Direct Access Service up and running. Our goal is to establish DirectAccess connection for a handful of clients using the IPHTTPS-adapter on the default port 443.
  Errors:
  There is actually no error showing up. It seems the infrastructure tunnel cannot be created but none of the IPv6-transition adapters is connecting (teredo and 6-to-4 are down) and the IPHTTPs adapter gives no informations about a problem:
  >Get-DAConnectionStatus
  Status    : Error
  Substatus : CouldNotContactDirectAccessServer
  >Get-NetIPHttpsState
  LastErrorCode   : 0x0
  InterfaceStatus : Failed to connect to the IPHTTPS server; waiting to reconnect
  Setup:
  Our setup is a virtualized Windows Server 2012 R2 Standard running on Hyper-V. It is located behind a NAT having the Port 443 mapped to the server. The only role installed after the basic install is RRAS including DirectAccess and VPN. The assistants completed
  successfully (running the configuration for DirectAccess and VPN). Operation Status says everything is green und working (for multiple days in the meanwhile). A previous direct access installation (on a different machine running Windows Server 2012) has
  been removed before installing the new server. The new installation is using a different router, so this might also be the cause of a problem.
  The client is a Windows 8.1 notebook located outside the company network accessing the internet through another NAT-device. The client has been able to connect to the previous DirectAccess setup but has never been able to establish a connection after the
  setup of the new Direct Access server. The device has no outbound constraints concerning the NAT-device and is only running the integrated Windows Firewall.
  Diagnosis:
  So far I've done some basic DNS and connectivity checks. The DNS-name can be resolved correctly and the router even responds to pings. The port forward is working and HTTPs connections are generally possible (temporarily routed the port to
  access the NLS-Website located on the server, which worked fine).
  Network monitor shows that both computers are communicating, traffic on the expected Port 443 is incoming on the server and responses from the server reach the client.
  Opening the IPHTTPs-url and in an endless page load. Sometime the browser page closes but I've never seen any result. Using telnet on the port shows that the server is accepting connections. I've even build a small test application that does a GET-Request
  on the URL returning HTTP-200 and no content.
  I'm currently running out of ideas what to do and since no error occurs this is kind of a bit frustrating. Any help appreciated.
  Regards
  Matthias

  Hi,
  In addition, have you disabled the DA client components on the DA client? If no, please also check
  the settings on the Name Resolution Policy Table.
  More information:
  DirectAccess
  Client Location Awareness – NRPT Name Resolution
  In addition, error 0x4C9 means the remote computer refused the network connection. It may be due to the invalid
  registry or corrupt drivers. For more detailed information, please refer to the link below:
  Error 1225 - Error Code 0x4C9
  Note:
  Microsoft is providing this information as a convenience to you. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.
  Best regards,
  Susie

• Remote Desktop Gateway on Windows Server 2012 R2 and IPAD

  Hi guys,
  Would love some help with an issue I been struggling for a couple of days now.
  I have a RDS 2012 R2 Gateway configured and it works great with all Windows clients both internal and external communication. The problems comes now when my I want to use  IPAD
  from APPLE. I installed latest RD Client from Microsoft and it works great from the internal network but as soon the device is moved to an external network the client get an error while connecting. Gateway is located in the domain network.
  The error is “Failed to parse authorization Challenge”,
  This is what I see in the log file from the RD Client.
  [2014-Mar-06 16:53:49] RDP (0): --- BEGIN INTERFACE LIST ---
  [2014-Mar-06 16:53:49] RDP (0): lo0 af=18  addr= netmask=
  [2014-Mar-06 16:53:49] RDP (0): lo0 af=30 (AF_INET6)  addr=::1 netmask=ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
  [2014-Mar-06 16:53:49] RDP (0): lo0 af=2 (AF_INET)  addr=127.0.0.1 netmask=255.0.0.0
  [2014-Mar-06 16:53:49] RDP (0): lo0 af=30 (AF_INET6)  addr=fe80::1%lo0 netmask=ffff:ffff:ffff:ffff::
  [2014-Mar-06 16:53:49] RDP (0): pdp_ip0 af=18  addr= netmask=
  [2014-Mar-06 16:53:49] RDP (0): pdp_ip0 af=2 (AF_INET)  addr=10.25.216.171 netmask=255.255.255.255
  [2014-Mar-06 16:53:49] RDP (0): pdp_ip1 af=18  addr= netmask=
  [2014-Mar-06 16:53:49] RDP (0): pdp_ip2 af=18  addr= netmask=
  [2014-Mar-06 16:53:49] RDP (0): pdp_ip3 af=18  addr= netmask=
  [2014-Mar-06 16:53:49] RDP (0): pdp_ip4 af=18  addr= netmask=
  [2014-Mar-06 16:53:49] RDP (0): en1 af=18  addr= netmask=
  [2014-Mar-06 16:53:49] RDP (0): ap1 af=18  addr= netmask=
  [2014-Mar-06 16:53:49] RDP (0): en0 af=18  addr= netmask=
  [2014-Mar-06 16:53:49] RDP (0): awdl0 af=18  addr= netmask=
  [2014-Mar-06 16:53:49] RDP (0): --- END INTERFACE LIST ---
  [2014-Mar-06 16:53:49] RDP (0): Not using any proxy
  [2014-Mar-06 16:53:49] RDP (0): Protocol state changed to: ProtocolConnectingNetwork(1)
  [2014-Mar-06 16:53:54] RDP (0): Resolved 'MB-RDS-01.contoso.LOCAL' to 'ERROR: Unable to connect to remote PC. Please provide the fully-qualified name or the IP address of the remote PC, and then try again.' using NameResolveMethod_Unknown(0)
  [2014-Mar-06 16:53:54] RDP (0): Error message: Unable to connect to remote PC. Please provide the fully-qualified name or the IP address of the remote PC, and then try again.(phase: 0, type: 0, reason: 0, systemCode: 0, systemMessage: )
  [2014-Mar-06 16:53:54] RDP (0): Protocol state changed to: ProtocolDisconnected(8)
  [2014-Mar-06 16:53:54] RDP (0): Final rdp configuration used: {
      activeUsername = " Contoso\\User01";
      arcTimeout = 1800;
      cacheId = 12BF328DD1C8B841;
      certificatesUseRedirectName = 1;
      configurationVersion = 8;
      font = 1;
      gatewayId = F2EE288CD1C8B841;
      gatewayMode = 2;
      gwAutodetectState = kConnectionGwAutodectedForceGW;
      host = "MB-RDS-01.CONTOSO.LOCAL";
      label = "Murbiten - Terminal Server";
      loadBalanceInfo = "tsv://MS Terminal Services Plugin.1.Contoso_-_Termi";
      mouseMode = "-1";
      port = 3389;
      temporary = 1;
      type = rdp;
      useAlt = 0;
      utilityBar = "-1";
      webFeedVersion = "Windows 2008 R2 or newer";
      connections =     (
          F4BF288CD1C8B841,
          12BF328DD1C8B841
      host = "remote.customer.com";
      id = F2EE288CD1C8B841;
      port = 443;
      temporary = 1;
      type = rdp;
      kCFProxyTypeKey = kCFProxyTypeNone;
  [2014-Mar-06 16:53:54] RDP (0): --- BEGIN INTERFACE LIST ---
  [2014-Mar-06 16:53:54] RDP (0): lo0 af=18  addr= netmask=
  [2014-Mar-06 16:53:54] RDP (0): lo0 af=30 (AF_INET6)  addr=::1 netmask=ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
  [2014-Mar-06 16:53:54] RDP (0): lo0 af=2 (AF_INET)  addr=127.0.0.1 netmask=255.0.0.0
  [2014-Mar-06 16:53:54] RDP (0): lo0 af=30 (AF_INET6)  addr=fe80::1%lo0 netmask=ffff:ffff:ffff:ffff::
  [2014-Mar-06 16:53:54] RDP (0): pdp_ip0 af=18  addr= netmask=
  [2014-Mar-06 16:53:54] RDP (0): pdp_ip0 af=2 (AF_INET)  addr=10.25.216.171 netmask=255.255.255.255
  [2014-Mar-06 16:53:54] RDP (0): pdp_ip1 af=18  addr= netmask=
  [2014-Mar-06 16:53:54] RDP (0): pdp_ip2 af=18  addr= netmask=
  [2014-Mar-06 16:53:54] RDP (0): pdp_ip3 af=18  addr= netmask=
  [2014-Mar-06 16:53:54] RDP (0): pdp_ip4 af=18  addr= netmask=
  [2014-Mar-06 16:53:54] RDP (0): en1 af=18  addr= netmask=
  [2014-Mar-06 16:53:54] RDP (0): ap1 af=18  addr= netmask=
  [2014-Mar-06 16:53:54] RDP (0): en0 af=18  addr= netmask=
  [2014-Mar-06 16:53:54] RDP (0): awdl0 af=18  addr= netmask=
  [2014-Mar-06 16:53:54] RDP (0): --- END INTERFACE LIST ---
  [2014-Mar-06 16:53:54] RDP (0): Not using any proxy
  [2014-Mar-06 16:53:54] RDP (0): Protocol state changed to: ProtocolConnectingNetwork(1)
  [2014-Mar-06 16:53:54] RDP (0): Resolved 'remote.customer.com' to '194.71.11.69' using NameResolveMethod_Unknown(0)
  [2014-Mar-06 16:53:54] RDP (0): Resolved 'remote.customer.com' to '194.71.11.69' using NameResolveMethod_Unknown(0)
  [2014-Mar-06 16:53:54] RDP (0): Exception caught: Exception in file '/Users/build/jenkins/workspace/rc-ios-develop/protocols/RDP/librdp/librdp/private/httpendpoint.cpp' at line 346
      User Message : Failed to parse authorization Challenge
  [2014-Mar-06 16:53:54] RDP (0): Exception caught: Exception in file '/Users/build/jenkins/workspace/rc-ios-develop/protocols/RDP/librdp/librdp/private/httpendpoint.cpp' at line 346
      User Message : Failed to parse authorization Challenge
  [2014-Mar-06 16:53:54] RDP (0): Error message: Failed to parse authorization Challenge(phase: 0, type: 0, reason: 0, systemCode: -1, systemMessage: )
  [2014-Mar-06 16:53:54] RDP (0): Protocol state changed to: ProtocolDisconnecting(7)
  [2014-Mar-06 16:53:54] RDP (0): Protocol state changed to: ProtocolDisconnected(8)
  [2014-Mar-06 16:53:54] RDP (0): ------ END ACTIVE CONNECTION ------
  en → en
  authorization
  Adam Bokiniec

  Hi Jeremy,
  I found a solution, thanks for you effort. The solutions is the following.
  First thing that needs to be done is either solution from options below, I did the Solution 1 in my case and added a NPS server to AD. (https://blogs.technet.com/b/networking/archive/2010/01/14/remote-desktop-gateway-client-fails-authentication-with-your-user-account-is-not-authorized-to-access-the-rd-gateway.aspx)
  Solution 1
  Register the NPS server in Active Directory:
  In Server Manager, browse to the following location: Roles\Network Policy and Access Services\NPS (Local).
  Right click on the NPS (Local) node and choose Register server in Active Directory.
  Click OK to authorize the server when prompted.
  Solution 2
  Open Active Directory Users and Computers on any Domain Controller of the same domain as the Remote Desktop Gateway.
  Add the Computer Name of the Remote Desktop Gateway to the RAS and IAS Servers group.
  Situation B
  Restart the RDS host and Gateway server.
  Secondly and the most important is to configure an alternate address that match your public certificate. My public certificate CNAME is “remote.domain.se”.
  All commands need to be run as administrator in PowerShell
  To show you current configuration run the following commands:
  CollectionName is the Collection Name you created for the RDS deployment.
  To get your collection name type
  Get-RDSessionCollection
  When you got the collection name type
  Get-RDSessionCollectionConfiguration -CollectionName "RDS - Terminal Server" | FL *
  The default configuration will look like this:
  CustomRdpProperty     : use redirection server name:i:1
  No to add you public domain name that match the certificate run the following command
  Set-RDSessionCollectionConfiguration –CollectionName " RDS - Terminal Server " -CustomRdpProperty "use redirection server name:i:1 `n alternate full address:s:remote.domain.se
  Run again to verify your settings
  Get-RDSessionCollectionConfiguration -CollectionName "RDS - Terminal Server" | FL *
  Now it show look something like this
  CustomRdpProperty     : use redirection server name:i:1
                           alternate full address:s:remote.domain.se
  IPADs and iPhones can now connect to your environment.
  Adam Bokiniec

• Direct Access on Windows Server 2012 R2 and IPV6

  I have a question about IPV6 and Direct Access in Server 2012 R2. Without using UAG is it still mandatory to have IPV6 enabled in the intranet?
  Kristopher Turner | Not the brightest bulb but by far not the dimmest bulb.

  Hi,
  DirectAccess uses IPv6 with IPsec to create a secure connection between DirectAccess client computers and the internal corporate network.
  However, DirectAccess does not necessarily require connectivity to the IPv6 Internet or native IPv6 support on internal networks. Instead, it automatically configures and uses IPv6 transition technologies to tunnel IPv6 traffic across the IPv4 Internet (6to4,
  Teredo, IP-HTTPS) and across your IPv4-only intranet (NAT64 or ISATAP).
  For detailed information, please view the link below,
  Plan the DirectAccess Infrastructure
  http://technet.microsoft.com/en-us/library/jj574101.aspx
  Hope this helps.
  Steven Lee
  TechNet Community Support

• DirectAccess Windows Server 2012 R2 and Windows 8.1 - status connecting

  I've successfully deployed DirectAccess on Windows Server 2012 R2 in a 2 node NLB cluster. Everything in the console is green and I can see clients connecting.
  Windows 7 clients can connect and with the DirectAccess connectivity assistant installed show as connected and I can access resources.
  On a Windows 8.1 client I can access resource and run the troubleshooting tool which reports no errors, but if I look at connections it shows as connecting and the status never changes to connected. Clients work correctly when on the internal network.
  I've looked at available hotfixes, but not found anything for when the status is incorrectly shown.
  Any ideas before I raise a support call?
  James Saunders

  Hi,
  You current information hardly determine which part may occur error, I found the similar symptom on the following third party article, may can give you some help.
  The similar issue third party article:
  Windows 8 DirectAccess client keeps saying "Connecting"
  http://tfs.letsblog.it/post/2013/07/10/Windows-8-DirectAccess-client-keeps-saying-Connecting.aspx
  More information:
  The Network Connection Status Icon
  http://blogs.technet.com/b/networking/archive/2012/12/20/the-network-connection-status-icon.aspx
  Hope this helps.
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• Task Sequence Windows Server 2012 format and partition issue when using MDT2012

  Hi all,
  Currently I'm working on a task sequence to deploy a Windows Server 2012 image. We've integrated MDT2012 Update 1 in SCCM2012 SP1 and created a default 'Server Task Sequence'. This task sequence deploys the install.wim to a server which has multiple disks
  attached.
  We've configured multiple format and partition disk steps to create the following partition layout:
  Disk 0: 499MB BDEDrive (do not assign drive letter) + 40GB OSDisk
  Disk 1: 40GB Programs
  Disk 2: 40GB Data
  Disk 3: 25GB User
  When the task sequence is finished I've noticed the drive letters assigned to the disk are not correct. In some cases the BDEdrive gets drive letter D assigned, sometimes drive letters are assigned starting with E, thus skipping drive
  letter D. 
  The smsts.log files show an error when it's re-assigning drive letters after booting into Windows. Looks like an error in the DiskPartScript.txt.
  <![LOG[==============================[ OSDSetupHook.exe ]==============================]LOG]!><time="16:59:40.889-120" date="05-10-2013" component="OSDSetupHook" context="" type="1" thread="776"
  file="osdsetuphook.cpp:186">
  <![LOG[Executing task sequence]LOG]!><time="16:59:40.905-120" date="05-10-2013" component="OSDSetupHook" context="" type="1" thread="776" file="osdsetuphook.cpp:279">
  <![LOG[Loading the Task Sequencing Environment from "C:\_SMSTaskSequence\TSEnv.dat".]LOG]!><time="16:59:40.920-120" date="05-10-2013" component="OSDSetupHook" context="" type="1" thread="776"
  file="basesetuphook.cpp:366">
  <![LOG[Environment scope successfully created: Global\{51A016B6-F0DE-4752-B97C-54E6F386A912}]LOG]!><time="16:59:40.936-120" date="05-10-2013" component="OSDSetupHook" context="" type="1" thread="776"
  file="environmentscope.cpp:659">
  <![LOG[Environment scope successfully created: Global\{BA3A3900-CA6D-4ac1-8C28-5073AFC22B03}]LOG]!><time="16:59:40.936-120" date="05-10-2013" component="OSDSetupHook" context="" type="1" thread="776"
  file="environmentscope.cpp:659">
  <![LOG[Debug shell is enabled]LOG]!><time="16:59:43.806-120" date="05-10-2013" component="OSDSetupHook" context="" type="1" thread="776" file="basesetuphook.cpp:1440">
  <![LOG[Successfully enabled debug command shell support.]LOG]!><time="16:59:43.884-120" date="05-10-2013" component="OSDSetupHook" context="" type="1" thread="776" file="debugwindow.cpp:156">
  <![LOG[Configuring local administrator account]LOG]!><time="16:59:43.884-120" date="05-10-2013" component="OSDSetupHook" context="" type="1" thread="776" file="basesetuphook.cpp:1462">
  <![LOG[Re-assign all drive letters...]LOG]!><time="16:59:43.884-120" date="05-10-2013" component="OSDSetupHook" context="" type="1" thread="776" file="diskutils.cpp:1941">
  <![LOG[Executing command line: "C:\WINDOWS\system32\diskpart.exe" /s "C:\WINDOWS\TEMP\DiskPartScript.txt"]LOG]!><time="16:59:43.900-120" date="05-10-2013" component="OSDSetupHook" context=""
  type="1" thread="776" file="commandline.cpp:827">
  <![LOG[Process completed with exit code 2147942487]LOG]!><time="16:59:50.249-120" date="05-10-2013" component="OSDSetupHook" context="" type="1" thread="776" file="commandline.cpp:1123">
  <![LOG[Diskpart.exe STDOUT:
  Microsoft DiskPart version 6.1.7601
  Copyright (C) 1999-2008 Microsoft Corporation.
  On computer: SRV03
  Volume 1 is the selected volume.
  DiskPart successfully removed the drive letter or mount point.
  The volume you selected is not valid or does not exist.
  There is no volume selected.
  ]LOG]!><time="16:59:50.249-120" date="05-10-2013" component="OSDSetupHook" context="" type="3" thread="776" file="diskutils.cpp:1807">
  When I take a look at the generated diskpart_script.log file the volume D gets selected twice, which fails the second time because of the first remove drive letter command.
  This is the output in the diskpart_script.log file:
  select volume D
  remove letter=D
  select volume D
  remove letter=D
  select volume E
  remove letter=E
  select volume F
  remove letter=F
  select volume H
  remove letter=H
  select disk 0
  select partition 1
  assign
  select disk 1
  select partition 1
  assign
  select disk 2
  select partition 1
  assign
  select disk 3
  select partition 1
  assign
  It seems this error is caused by the first 'Format and Partition Disk' step before the 'Use Toolkit Package' step which is part of the default Server Task sequence. When I disable this Format and Partition step and create the partition manually
  all looks ok showing no errors in the smsts.log file.
  I've solved this by replacing the first 'Format and Partition Disk' step by an Powershell command which formats and partitions the disk. 
  Anyone seen this behavior?

  I have a similar problem when I install windows on some clients. Have you found any explanation for the behavior?

• SQL Server 2012: Import and Export Wizard - Exporting Multiple Result Sets at Once?

  I'm working in SQL Server 2012 trying to export some data from our database into an Excel file. My SQL statement has two separate Select statements. They are not joined by a union. When I Execute them inside of SQL Server Management Studio, with Results
  set to go to a Grid, I get two result sets back. Two full tables of data.
  However, when I use the Import and Export Wizard, the Excel sheet only has the first set of data.
  What do I need to do to have it so both result sets show up in the excel file?

  Why cant use merge them using union/union all if intention is to get them to same sheet? Is it like the metadata is different so that they cant be merged to single sheet?
  If that being the case you need to do it in two steps. 
  Please Mark This As Answer if it solved your issue
  Please Vote This As Helpful if it helps to solve your issue
  Visakh
  My Wiki User Page
  My MSDN Page
  My Personal Blog
  My Facebook Page