Harden Server 2008 R2 Terminal Services

Similar Messages

• Does Safari run in Windows Server 2008 R2 (Terminal Services)?

  does Safari run in Windows Server 2008 R2 (Terminal Services)?

  Hi Jess,
  Here are two things I suggest you check:
  The Monitoring interval is set to 900 minutes, would the profile size get reduced after 15 hours and run
  gpupdate/force?
  Since the Sessenv.dll version is higher than the ones described in KB 2575946, the issue is supposed to be fixed. I suggest you run System File Checker to scan all protected system files.
  In addition, you can also collect Gpsvc.log to determine if policies are applied successfully.
  More information for you:
  System File Checker (sfc)
  http://technet.microsoft.com/en-us/library/bb491008.aspx
  Group Policy not being applied
  http://social.technet.microsoft.com/Forums/windowsserver/en-US/9884d06d-b5f8-44c9-a703-7b5211f1e0ba/group-policy-not-being-applied?forum=winserverGP
  Best Regards,
  Amy

• Windows Search Service failing to install on Windows Server 2008 R2 Terminal Server

  Hi,
  I am unable to install the Windows Search Service on a Server 2008 R2 Terminal Server. I want to install this to enable indexing options within Outlook 2013 for all users.
  Server Manager > Add Roles > File Services > Select only Windows Search Service > Install.
  The error I receive: "Attempt to configure Windows Search Service failed with error code 0x80070057. The parameter is incorrect."
  Thanks,
  Bjorn

  Hi,
  I did the test and could install the Windows Search Service without problem.
  Which role did you installed on the terminal server?
  Did you try to install it on another windows server?
  Regards.
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Windows 2008 R2 Terminal Services, ODBC and Oracle 10.2.0.5 32-bit client

  Hi All,
  I am setting up an application to work under windows 2008 R2 terminal services/Citrix XenApp which is 32bit. This application uses ODBC connections and not relying directly on TNSName for connection resolution.
  I installed 10.2.0.3 and patched to 10.2.0.5, and when trying to create an ODBC connection I only see "junk" in the connections list for TNS Server Name without regard to what exists in the TNSNAME.ORA file.
  We have JDE on the same server which uses TNSNAMES and work fine, so I don't think it is Oracle client related directly, but I've not seen this before.
  Has anyone seen this before and know how to resolve?
  Geoff

  Patches are only available to Oracle customers with valid support contracts. If you do have such a contract, pl contact the person in your team who has access to My Oracle Support to download the needed patch. Patches cannot be posted on public servers as this violates ones support contract
  Srini

• How do I enable users to attend on Lync 2013 meeting on Windows 2008 R2 Terminal Services/XenApp 6?

  Hi,
  We are not using Lync internally. But some of my users need to attend Lync 2013 meetings. We run a Windows 2008 R2 Terminal Services/XenApp environment. Users are not allowed to install applications.
  In the past, I was able to install administratively a Lync 2010 attendee client.
  How do I enable my users to attend a Lync 2013 meeting?
  Thanks.

  This is not viable. I don't know which user is going to be attending Lync meetings from suppliers or customers ahead of time and have no contacts to request a test meeting. This is a loop. How does Microsoft expect sysadmins to support their products if
  the client software is not easily available.
  At this point if I have a user who needs this, I will only know about it after the meeting has failed. At that point the user is not very receptive to the idea of involving his contact in troubleshooting and setting up test meetings. It's even worse if it's
  an executive.
  Is there any way of pre-installing the pre-requisites for attending Lync 2013 meetings?
  My only choice is to inform my user community that we have no way of supporting Lync and request that they use GotoMeeting or WebEx with their contacts who try to do a Lync meeting.
  I am very disappointed in Microsoft's approach with Lync 2013.
  Thanks for your time.

• SQL SERVER 2008 R2 Analysis Services

  Hi 
  We have a SQL Server 2008 R2 Analysis Services and it was running fine but suddenly its not processing the cube. I have checked log the file msmdsrv.log and there its continuously logging the following error message.
  Message: The file '\\?\C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\Data\TRCOLAP.0.db\Fact SL Financial Transaction.0.dim\466.SL Journal Type.kstore' could not be opened. Please check the file for permissions or see if other applications
  locked it. (Source: \\?\C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\Log\msmdsrv.log, Type: 3, Category: 289, Event ID: 0xC1210023) 
  Would really appreciate help in this regard. It our production box
  Thanks
  inazakat

  Hi Inazakat,
  According to your description, your SQL Server Analysis Services database cannot be processed that can be processed without any problems before, right?
  Based on the message, file could not be opened. Please check the file for permissions or see if other applications locked it. It seems that the file is corrupt. This issue can be caused by that the file was deleted by antivirus. You can go to the corresponding
  folder and check if this file exist or not. If this file was deleted or corrupt, you can open the original project on BIDS, and redeploy it to your server. And then process this database.
  Regards,
  Charlie Liao
  TechNet Community Support

• Firefox 22 update crashes on startup in server 2008 R2 terminal environment. Downgrading back to 21 works fine though.

  Firefox updated to version 22 and immediately started crashing on startup. Doing a completely clean reinstall does not solve the problem, as soon as the install finishes it immediately crashes. I have since installed version 21 from an old install file and it is working fine, so something with version 22 apparently does not like our Server 2008 R2 terminal environment. The server has the latest OS updates and AV/malware scans are performed routinely.

  We're sorry to hear that your Firefox seems to be crashing when you open it. Please perform the following steps to give us a crash report ID that helps us find out more about the cause of the crash.
  #Press the following shortcut to get a Run window: [Windows] + [R]. This should bring up a window that contains a text field.
  #In that text field, enter %APPDATA% and press Enter. An explorer window should open.
  #From that explorer window, double-click on the ''Mozilla'' folder, then double-click on ''Firefox'' and then on ''Crash reports''. Double-click on ''submitted''.
  #Now, you should see a list of files that contain reports. Go to ''View'' > ''Arrange Icons by'' > ''Modified'' to get the most recent files at the top of the window.
  #Open the most recent 5 files with a text editor and copy the IDs.
  #Paste each ID with '''bp-''' into the reply window on the forums.
  Thanks in advance!
  You can find more information and troubleshooting steps in the [[Firefox crashes]] article.

• Word 2010 - "Connecting to printer" message when opening documents at Server 2008 R2 Terminal server

  Our users experience sometimes the message "connecting to printer" while they open a document in Word 2010 (32-bit) on our Server 2008 R2 Terminal Server. This is behavior
  isn't consequent but random. The default printer in this environment is a Net2Printer-printerdriver (1.16) which redirects the print jobs (in PDF-format) to the local client's default printer. This feature works well. We don't want to change the default printer
  because this is the right one to use by our users.
  After a long seeking trip on the internet I've found the Microsoft hotfix KB974991 which can fix this issue for Word 2007. My question is, is this also usable for Word
  2010 (32-bit) and if not, is there maybe another fix for the 2010 version available?
  Any other suggestions or workarounds are welcome!

  Hi,
  Please change following options test if it works:
  Ÿ  
  Print proofs quickly
  Enable the Draft output option. When you use this option, the document prints with minimal formatting. Therefore, the document
  may print faster. This option is ideal for printing proofs.
  To enable the Draft output option, follow these steps. 
  Note Some printers may not support this option.
  Start Word.
  Click File, and then click
  Word Options.
  In the Word Options dialog box, click Advanced, and then scroll down to the Printing
  section.
  Click to select the Use draft quality check box, and then click OK.
  Ÿ  
  Use the background printing option that best fits your requirements
  When background printing is enabled, you can continue to work in Word while your document prints in the background. Background printing uses additional
  memory, and your document may print more slowly. 
  When background printing is disabled, your document prints faster. However you cannot work in Word until the print job is completed. If you do not have
  to continue to work in Word while your document prints, disable background printing to speed up printing. 
  To do this, follow these steps:
  Start Word.
  Click File, and then click
  Word Options.
  In the Word Options dialog box, click Advanced, and then scroll down to the Printing
  section.
  Click to clear the Print in background check box, and then click OK.
  Best regards
  William Zhou
  TechNet Community Support

• Windows Server 2008 R2 Terminal Server and Outlook 2013 Profile

  Really hoping someone can offer some advice on this one as I have wasted far to many cycles trying to figure this out.
   Company I work for recent purchased another company and we are in the process of bringing them into our network.  They currently run a a 2008 R2 terminal server where all users connect to for there day to day work.  A number of applications
  are installed including Office 2013.
  All users have Outlook 2013 configured to access their exchange server for email and this works fine.
  The first step in bringing them into our fold is to add an email account for Our Exchange  server without removing their existing exchange configuration or Outlook Profile.  So the one profile will have both exchange accounts listed and they can
  continue to get email from their server but as well email from our domain.
  I created a MSP file and tested pushing this out using PDQ Deploy to a few workstations here in our office and it works fine.  I then started to work on deploying in their environment.  PDQ Deploy will not work as they are all terminal Services
  Clients.  So I tried to push out via GPO.  I created the GPO Initially wanting to use a package and apply that GPO to an AD group.  However it will not let me deploy a MST as a package.  So I then tried moving it to a script that would
  run at logon.  That too is not working.
  I know I could enter install mode then run the MSIEXEC.EXE \config.MSP but that takes away the ability to control the role out.
  Any other ideas on how to get this done.

  Hi,
  Your issue seems to be out of the scope of this forum. We only focus on issue about RDS/VDI deployment, management and operations. For Oultook related issue you can ask to our MS Office Forum:
  https://social.technet.microsoft.com/Forums/office/en-US/home?category=officeitpro
  Thanks.
  Dharmesh Solanki
  TechNet Community Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Outlook & Exchange 2010 AutoDiscover and 2008 R2 Terminal Services

  Hi,
  I have a strange issue with Outlook 2010 in Terminal Server 2008 R2 which we don't have on the standard user desktops.
  When setting up a new outlook profile it does not populate the user and server details. The setup has to be done manually. Once the profile is set up it works fine (except that Out of office does not work and Calendars do not show Free/Busy correctly). I
  understand this is a AutoDiscover issue (and I can fix this with putting a DNS entry in, but even without the cname entry in DNS it works fine on the user desktops), and looking at the two environments there is nothing that should be blocking the terminal
  servers in getting this information. 
  On the Terminal Servers if I run the Test E-mail AutoConfiguration the first thing it comes up with in the log tab is :
  Start AD lookup for e-mail address
  AD Lookup for e-mail address Failed (0x80070035)
  This does not happen at all on the user desktops. It finds the email address without issue and populates the E-mail Address field.
  Why is this happening ? What is there on the terminal server that is preventing outlook from correctly retrieving this information ? Is there and LDAP issue from the terminal server to the DC ? What can be done to fix it ?
  Thanks

  OK. I think i sorted it out. There is clearly an issue with LDAP services and IP virtualization on Terminal Servers.
  I found this quote on a page :
  "The Directory Connector works by mapping IP addresses to usernames; any IP address sharing will mean the Directory Connector will not be able to tell theses users apart"
  So I changed the IP Virtualization from per session to per application and specified the application to use that I have done all of this for, and voila.... Outlook stated working and ldp also connected without an
  issue.

• Windows 2008 R2 Terminal Services.

  Hi,
  I am implementing Terminal services in Windows 2008 R2. I have following setup
  1. tsgwserver.test.com as TS Gateway+Web Access server (will be accessed using internet). This server is in DMZ zone.
  2. tssessionbroker.test.com as TS Session Broker server.
  3. tsappserver1.test.com, tsappserver2.test.com, tsappserver3.test.com as TS SH & RemoteApp servers (Application which will be accessed remotly are installed in these servers). Farm01.test.com is created and configured on these servers.
  4. Client1 will access the RemoteApp using TS Gateway server using internet. however client2 will access the RemoteApp using local network. These users will be authenticated by AD.
  I have installed the above setup but unable to View the applications on remote desktop using web access (client1 and client2). I am missing somewhere in installation/configuration/setup. License server is not installed yet. I am not using certificates
  Please correct me if I am wrong with above setup. Please help me to create this setup
  Regards,
  Rajiv

  RD CAP & RD RAP policy are configured and configured  RD Gateway setting in RemoteApp manager. Port 443 for ext firewall and 3389 in int firewall are configured. I have checked WMI using MMC and found TS Web Access Computers is listed
  for each SH in security setting.
  When I select Source Name : localhost in RD Web Access portal, it gives blank in RemoteApp programs and if I use session broker or server farm name, then it gives following messages
  RD Web Access was not able to contact the RD Connection Broker server specified. Ensure that the RD Connection Broker server name was entered correctly, and that the server is running and available on the network.
  RD Web Access was not able to access server_farm.  Verify that the RD Session Host server name was entered correctly, that the server is running and connected to the network, and then try again.
   Please let me know which ports I need to configure in firewall to allow Windows Management Instrumentation (WMI) traffic from the RD Web Access server to the RD Session Host server and what  authentication settings I need to configure?

• Explorer folder update issues Server 2008 R2 Terminal Server

  Hi Folks, 
  We are having a few issues here. We have a cluster of 5 Server 2008 X64 R2 SP1 Terminal Servers running Citrix Xenapp 6. Our file server is a Server 2008 R2 SP1 server also. All servers are virtualised on ESX vSphere 4.0 and are connected to an EMC
  FC SAN.
  The users have an application which references a mapped drive (K in this example). This mapped drive is populated with contents from a network scanner. The file extensions change from PDF, JPEG, JPG and GIF. The files are stored on the 2K8 X64 R2 file server. 
  This all works fine, however the users are getting intermittent 'refresh' problems if you will. Sometimes after the user scans to the folder they will not see the item which was scanned however another user on the _same_ server will be able to see the item
  that has just been scanned to file. If I login to the server via remote desktop I can also see the files also. It can take from 2minutes to 30minutes before the users explorer will actually refresh and be able to see the files. During this time if the user
  creates a folder in the my documents which is also redirected/hosted on the 2K8 R2 file server they see the changes immediately. If the user logs in and logs out of the Terminal Server the file which was scanned is immediately available to the user.
  **NOTE** this problem does not occur every time
  Below is a list of the things that I have tried
  Changing the Icon size and layout under explorer
  Changing the layout from thumbnails to list etc
  Disabled SMB 2.0
  Completed SMB tuning for Xenapp and Explorer on the limit of concurrent connections etc
  Disabled Windows Search
  Disabled Indexing
  Changed the folder to be both offline and online
  Index offline and online folders
  Disabled "Client for Microsoft Networks" on the network card
  Disabled IPV6 on both Terminal Servers and File server
  Ran filemon in compatibility mode on the file server (I can see the file being created)
  I have changed the scanning location on the 2K8 R2 file server to no avail
  I have checked the file share and it is indeed set to Maximum allow concurrent connections
  Checked Perfmon and the disk queue is running about 0.4 
  I'm now at a loss.. any advise would be great! thanks folks.

  Hi,
  Does this issue happen on a Windows client? Like the Windows 7 and Windows XP.
  Meanwhile, I would give you the following suggestions for your reference:
  1.      
  By default, Windows Explorer generates a lot of SMB traffic - which can result in poor file server performance in some circumstances. 
  However, some of this traffic is superfluous and can be reduced - for example:
  •Searches for Desktop.ini files used for folder customization
  •Periodic refreshes of folder contents
  •Searches for supporting library (.dll) files
  •Individual file details and attributes pulled for each file
  •Thumbnail extraction
  There are some registry changes you can implement to optimize the SMB traffic being generated. 
  Import the settings below on client machines. 
  Terminal Servers running in Application Mode should be considered client machines in this scenario.
  Windows Registry Editor Version 5.00
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
  "UseDesktopIniCache"=dword:00000001
  "NoRemoteRecursiveEvents"=dword:00000001
  "NoRemoteChangeNotify"=dword:00000001
  "StartRunNoHOMEPATH"=dword:00000001
  "NoRecentDocsNetHood"=dword:00000001
  "NoDetailsThumbnailOnNetwork"=dword:00000001
  [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MRXSmb\Parameters]
  "InfoCacheLevel"=dword:00000010
  [HKEY_CLASSES_ROOT\*\shellex\PropertySheetHandlers\CryptoSignMenu]
  "SuppressionPolicy"=dword:00100000
  [HKEY_CLASSES_ROOT\*\shellex\PropertySheetHandlers\{3EA48300-8CF6-101B-84FB-666CCB9BCD32}]
  "SuppressionPolicy"=dword:00100000
  [HKEY_CLASSES_ROOT\*\shellex\PropertySheetHandlers\{883373C3-BF89-11D1-BE35-080036B11A03}]
  "SuppressionPolicy"=dword:00100000
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SCAPI]
  "Flags"=dword:00100c02
  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager]
  "SafeDllSearchMode"=dword:00000001
  "SafeProcessSearchMode"=dword:00000001
  For more information:
  Windows Explorer and SMB Traffic
  http://blogs.technet.com/b/askperf/archive/2007/09/21/windows-explorer-and-smb-traffic.aspx
  2.      
  Please try to temporarily disable all firewall and anti-virus software to check whether this issue can be fixed.
  3.      
  Please check if the problematic user is still on one switch. If so, I would guess there is an issue on switch.
  In this case, you’re using Citrix when this issue happens. I suggest you contact Citrix engineer to particularly ask whether they saw the
  similar issue running on Citrix and how to fix it.
  Thanks.

• Installation issues with JRE, Auto Update, win 2008 and terminal services

  Hello,
  We have seven Windows 2008 servers running Terminal Services in one TS farm. I have approximately 600 users accessing these servers. We have a need for the Java JRE. The JRE is to be installed on each of the seven servers since the user has no input into which server they log on to (round robin / load balancing)
  There are several issues that have occurred with this installation. I install the JRE on each of the servers when there is no one logged on. I turn off both of the update features while installing as administrator. When the users log on, however they are at some point prompted for an admin password to update Java. The users have no need to update java as all updates will be performed by the system admin. Additionally, when the user runs any app that uses the Java plug-in, they get a folder put on their desktop labeled Sun.
  Are there special instructions for installing Java when using Terminal Services and Windows 2008? As you can well see, 600 calls to the help desk asking about this update popup is not productive and accessing 600 users accounts and turning off the auto update on an individual basis is not practical. The user cannot disable this update anyway. They options are grayed out at the user level.
  If this is not the proper forum to ask these question, please forward this message to the proper department or let me know who I should/could contact to resolve these issues.
  Best regards,
  Bob

  thomashmaine wrote:
  I mean to only explain 1 enviornment. We have a windows 2008 terminal server. It has JRE 1.6.0_07 (32bit) install on it. The users use this server for Office Apps and to Access our software which is web based and requires a JRE to be able to work.
  When the users login the terminal server picks up there local timezone from the machine they are logging in from and apply's it to there terminal server session. The problem is when the jre is launched it is picking up the server timezone, not the timezone from the users session(which is different).
  Does this clarify it?Nope.
  Either the user is running the jre or the server is. Or maybe both. Seems like all of those are possible from your explanation.
  It doesn't matter what the jre is running. What matters is who runs the jre.
  Best I can suppose your situation is as follows.
  - The server, not a user, is running a jre with one or more applications.
  - The users use something, probably a browser, to access that server app (it doesn't even matter that it is java in terms of what the users are doing.)
  If and only if that is your situation then you MUST pass information from the browser session to the server (java or anything else for that matter) and you MUST use that information in the server code to display time information.

• Windows Server 2008 R2 DNS service issue with BitLocker

  I recently installed BitLocker on a Windows Server 2008 Platform. I did not encrypt the boot partition because the server hardware BIOS did not have the necessary requirements to encrypt the system drive.
  The Server roles are ADSM, DC and File Server. For DC operation I am also running the DNS service.
  When I installed the DNS role I was prompted to install the Log files on a different volume than the OS. I did this, but unfortunately, it was the same volume that was encrypted.
  Since I could not encrypt the system disk, the encrypted volume must be unlocked via password in order to mount. Here in lise my problem.
  When I do a full reboot of the server, I get to the point in the boot process where my mouse is visible and operational (this would be just before the Windows OS logo displays, I believe), then the server reboots. On the next boot up I am given the diagonstics
  and recovery dialog because the OS failed to boot.
  I believe the failure is the DNS service trying to launch, but because the log files are on the encrypted drive and it has not been unlocked, the system sees this as a security problem and reboots
  Does this make sense? If it does, is there a way to boot 2008 R2 with the DNS service disabled, say with the original install disk in recovery mode?
  Any help would be greatly appreciated as this system cannot be booted in its current state.
  Peter C. Hesse Network/Systems Administrator

  Hi,
  I believe you mean the Active Directory Logs not the DNS logs, because these are necessary to startup a domain controller, because the AD database depends on these logs.
  So if you have AD logs on a different partition and that is encrypted with Bitlocker you could probably automatically unlock it.
  So you did not encrypt OS partition because the server does not have a TPM fully compliant chip ?
  manage-bde /?
  manage-bde -autounlock -enable Driveletter:
  But you have to be able to boot server normal mode I am not sure if the command can be used in DSRM mode.
  Below are some links that might help:
  http://social.technet.microsoft.com/Forums/windowsserver/en-US/c52ffc7d-f822-4b61-b633-46f8e04eac80/bitlocker-for-domain-controller
  Hope this helps.
  Regards,
  Calin

• Server 2008 R2 Terminal Server c0000005 and c0000006 errors with KERNELBASE.dll error in RDP sessions.

  We installed a new Server 2008 R2 server this spring. It is configured as a Terminal Server with 16 Wyse t10 thin clients connecting with RDP. We are a small resort so we run Springer Miller Host and SpaSoft. Ever since moving from PCs to the thin clients
  and TS we have been seeing SpaSoft randomly crash with KERNELBASE.dll errors and also a lot of c0000005 and c0000006 errors. Springer Miller support says its a Microsoft Networking issue so no help there. The company we worked with to install this has no clue
  so I hope to reach out to this community to solve this. I can also open support case with Microsoft Support but I am not sure if they will be of any help. Here are some examples of the errors:
  "Event 1000
  Faulting application name: SpaWin.exe, version: 3.4.0.0, time stamp: 0x2a425e19
  Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86
  Exception code: 0x0eedfade
  Fault offset: 0x0000c42d
  Faulting process id: 0x3718
  Faulting application start time: 0x01cf9ac7922487e9
  Faulting application path: \\spasoft\spaapps\TermServ\SpaWin.exe
  Faulting module path: C:\Windows\syswow64\KERNELBASE.dll
  Report Id: cfdcf9a9-06ba-11e4-a5af-000c298d9aa5"
  Also:
  "Faulting application name: VH.EXE, version: 18.80.430.0, time stamp: 0x3f73b447
  Faulting module name: VFP8R.DLL, version: 8.0.0.3117, time stamp: 0x3f73c232
  Exception code: 0xc0000006
  Fault offset: 0x0001d598
  Faulting process id: 0x2bc8
  Faulting application start time: 0x01cf99297ee1742f
  Faulting application path: J:\HOSTPLUS\fxp32\VH.EXE
  Faulting module path: J:\HOSTPLUS\fxp32\VFP8R.DLL
  Report Id: 5fbc65c4-055c-11e4-a5af-000c298d9aa5"
  And:
  "Faulting application name: SpaWin.exe, version: 3.4.0.0, time stamp: 0x2a425e19
  Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
  Exception code: 0xc0000005
  Fault offset: 0x00000000
  Faulting process id: 0x2aa0
  Faulting application start time: 0x01cf988e6770e619
  Faulting application path: \\spasoft\spaapps\TermServ\SpaWin.exe
  Faulting module path: unknown
  Report Id: 01029179-04b9-11e4-a5af-000c298d9aa5"
  There are no network specific errors in any of the logs. I am thinking that SpaSoft needs to be run as an administrator but I am not sure how to do that in this environment. We have disabled DEP for all but essential Windows processes. All of the firewall
  and AV has been completely disabled, and still getting these errors. Is there a way to run these applications as admin without the user actually being an admin? Should I go ahead and open a Microsoft support case? Thanks

  Hi,
  Thank you for posting in Windows Server Forum.
  Explanation
  The indicated program stopped unexpectedly. The message contains details on which program and module stopped. A matching event with Event ID 1001 might also appear in the event log. This matching event displays information about the specific error that occurred.
  User Action
  If an error report was generated for this error, you might be able to obtain more information about the error by sending the report to Microsoft for analysis.
  Yeah, you can open a support case with Microsoft as they will help and guide you for proper solution. You can go through
  this source article.
  Hope it helps!
  Thanks.
  Dharmesh Solanki