Relay Agent Information(option82) :windows server 2012

Similar Messages

• Windows Server 2012 Pooled Virtual Desktop collection GetVMstate issue

  I am trying to create a Pooled Desktop collection with my Powered off VM and it errors out The
  virtual desktop must be in a stopped state:  Could not identify the state of the virtual desktop.  Ensure that the RD virtualisation host server is available on the network and the virtual desktop is shut down
  In the debug logs it shows.
  Component RdmsModel: GetVMstate for Vm Win7_BaseVM failed with error 16386
  Component RDExceptionHandler: Could not identify the state of the virtual desktop. Ensure that the RD Virtualization Host server sunflower-1.HYPERQA.NUTANIX.COM is available on the network and that the virtual
  desktop Win7VMSF is shut down.
  Please help on resolving this GetVMState issue.

  Hi Krishna,
  Thank you for posting in Windows Server Forum.
  When you are configuring RDVH initially, please see that you have meet prerequisites. Remember that you need these pre-requirements:
  • Database based on SQL Server 2008 R2
  • Static IP Address for all Broker
  • Round Robin DNS
  • All RD Broker must be members of AD Windows Group (es. RDCB Server Group)
  • The group must be insert into SQL Server as sysadmin ONLY for the DB creation. After that DB will be created give the db_owner permission only for their DB
  More information.
  Windows Server 2012 R2: Unable Add New VDI Template
  In addition, we need all RD Broker must have the same SQL Native Client as main SQL Server (es. SQL Server 2012 SP1). The Connection Broker server's computer account MUST be a member of the local administrators group on the Virtual Host (RDS Host) machine and
  then reboot the server. Finally check the result.
  Windows Server 2012 Virtual Desktop Template Issue
  Hope it helps!
  Thanks.
  Dharmesh Solanki

• VMM Agent install fails on Windows Server 2012 R2 Hyper-V

  Hi,
  We are unable to install VMM 2012 R2 agent on Windows Server 2012 R2 server either from VMM console or manually on the hyper-v server.
  Error on VMM Console:
  Error (410)
  Agent installation failed on chsicoecdh03.casper.com.
  Fatal error during installation (0x80070643)
  Recommended Action
  Try the operation again. If the problem persists, install the agent locally and then add the managed computer.
  ==================================================================
  Error on Hyper-v server:
  MSI (c) (E8:D0) [16:53:24:726]: Windows Installer installed the product. Product Name: Microsoft System Center Virtual Machine Manager Agent (x64). Product Version: 3.2.7510.0. Product Language: 1033. Manufacturer: Microsoft Corporation. Installation success
  or error status: 1603.
  Also, I suspect may be issue with WMI then checked WMI repository and it is in consistent state. winmgmt /verifyrepository.
  Please help on this issue.
  Any help would be appreciated.
  Thanks
  Kumaresan Lakshmanan

  So, I've managed to research this some more since Thursday and I've come to the conclusion that Hyper-V does a horrible job of supporting Qualcomm NIC cards. That's the only thing I can conclude as far as where the issue is originating. I've read many
  post and walkthroughs but nothing that has helped. The issue wasn't with any settings in the domain controller. The issue was that there really is a slow connection originating at the domain controller that is a VM and has network connectivity through the
  virtual switch from Hyper-V. So, next question is, how do I get the DC to have better connectivity through the NIC that Hyper-V won't give it? If hyper-v would allow passthrough, this would be so much simpler. VM-ware is looking really good at this point.
  Im disappointed in MS right now.

• Cannot get db mail to work via SMTP Relay for Office 365 in SQL Server 2014 on Windows Server 2012 R2

  Our company recently moved to Office 365 which mean our on premise exchange server went away as well with the move.  I am trying to configure my new sql server (OS-Windows Server 2012 R2, DBMS- SQL 2014 Std Edtion).  After some searching I found
  this article (http://blogs.technet.com/b/meamcs/archive/2013/02/25/how-to-configure-sql-database-mail-so-send-emails-using-office-365-exchange-online-a-walkthrough.aspx) and have followed these steps exactly, but to no avail.  I did some further research
  on the SMTP relay I setup and found a way to test it (listed here http://technet.microsoft.com/en-us/library/dn592151(v=exchg.150).aspx at the bottom of the article).  If I drop the email.txt file in the pickup folder, it gets sent out no problem.
   I have configured my db email exactly as describe here(http://blogs.technet.com/b/meamcs/archive/2013/02/25/how-to-configure-sql-database-mail-so-send-emails-using-office-365-exchange-online-a-walkthrough.aspx).  But keep getting an unable to connect
  to SMTP server error.  I have even tried completely shutting down firewall to see if that is the issue and multiple restarts.  Any ideas how to get this to work on Office 365?
  DB Mail error log:
  Date 6/10/2014 10:28:41 PM
  Log Database Mail (Database Mail Log)
  Log ID 46
  Process ID 2196
  Mail Item ID 19
  Last Modified 6/10/2014 10:28:41 PM
  Last Modified By xx
  Message
  The mail could not be sent to the recipients because of the mail server failure. (Sending Mail using Account 2 (2014-06-10T22:28:41). Exception Message: Cannot send mails to mail server. (Failure sending mail.).

  Hi,
  I followed this blog and got the below error message in the Database Mail Log.
  “The mail could not be sent to the recipients because of the mail server failure. (Sending Mail using Account 2 (2014-06-11T19:34:00). Exception Message: Cannot send mails to mail server. (Mailbox unavailable. The server response was: 5.7.1 Unable to relay
  for [email protected]).”
  If you are getting the same error message, you can try the below steps to resolve the issue.
  1. Open the IIS 6.0 management console. Right click on the SMTP server and open the properties window.
  2. Click on the Access tab, click Relay button under Relay restrictions. loopback IP address (i.e 127.0.0.1).
  Then the email should be sent out from Database Mail without problem.
  Thanks.
  Tracy Cai
  TechNet Community Support

• Windows Server 2012 - Hyper-V - Cluster Sharded Storage - VHDX unexpectedly gets copied to System Volume Information by "System", Virtual Machines stops respondig

  We have a problem with one of our deployments of Windows Server 2012 Hyper-V with a 2 node cluster connected to a iSCSI SAN.
  Our setup:
  Hosts - Both run Windows Server 2012 Standard and are clustered.
  HP ProLiant G7, 24 GB RAM. This is the primary host and normaly all VMs run on this host.
  HP ProLiant G5, 20 GB RAM. This is the secondary host that and is intended to be used in case of failure of the primary host.
  We have no antivirus on the hosts and the scheduled ShadowCopy (previous version of files) is switched off.
  iSCSI SAN:
  QNAP NAS TS-869 Pro, 8 INTEL SSDSA2CW160G3 160 GB i a RAID 5 with a Host Spare. 2 Teamed NIC.
  Switch:
  DLINK DGS-1210-16 - Both the network cards of the Hosts that are dedicated to the Storage and the Storage itself are connected to the same switch and nothing else is connected to this switch.
  Virtual Machines:
  3 Windows Server 2012 Standard - 1 DC, 1 FileServer, 1 Application Server.
  1 Windows Server 2008 Standard Exchange Server.
  All VMs are using dynamic disks (as recommended by Microsoft).
  Updates
  We have applied the most resent updates to the Hosts, VMs and iSCSI SAN about 3 weeks ago with no change in our problem and we continually update the setup.
  Normal operation:
  Normally this setup works just fine and we see no real difference in speed in startup, file copy and processing speed in LoB applications of this setup compared to a single host with two 10000 RPM Disks. Normal network speed is 10-200 Mbit, but occasionally
  we see speeds up to 400 Mbit/s of combined read/write for instance during file repair.
  Our Problem:
  Our problem is that for some reason a random VHDX gets copied to System Volume Information by "System" of the Clusterd Shared Storage (i.e. C:\ClusterStorage\Volume1\System Volume Information).
  All VMs stops responding or responds very slowly during this copy process and you can for instance not send CTRL-ALT-DEL to a VM in the Hyper-V console, or for instance start task manager when already logged in.
  This happens at random and not every day and different VHDX files from different VMs gets copied each time. Some time it happens during daytime wich causes a lot of problems, especially when a 200 GB file gets copied (which take a lot of time).
  What it is not:
  We thought that this was connected to the backup, but the backup had finished 3 hours before the last time this happended and the backup never uses any of the files in System Volume Information so it is not the backup.
  An observation:
  When this happend today I switched on ShadowCopy (previous files) and set it to only to use 320 MB of storage and then the Copy Process stopped and the virtual Machines started responding again. This could be unrelated since there is no way to see
  how much of the VHDX that is left to be copied, so it might have been finished at the same time as I enabled  ShadowCopy (previos files).
  Our question:
  Why is a VHDX copied to System Volume Information when scheduled ShadowCopy (previous version of files) is switched off? As far as I know, nothing should be copied to this folder when this functionis switched off?
  List of VSS Writers:
  vssadmin 1.1 - Volume Shadow Copy Service administrative command-line tool
  (C) Copyright 2001-2012 Microsoft Corp.
  Writer name: 'Task Scheduler Writer'
     Writer Id: {d61d61c8-d73a-4eee-8cdd-f6f9786b7124}
     Writer Instance Id: {1bddd48e-5052-49db-9b07-b96f96727e6b}
     State: [1] Stable
     Last error: No error
  Writer name: 'VSS Metadata Store Writer'
     Writer Id: {75dfb225-e2e4-4d39-9ac9-ffaff65ddf06}
     Writer Instance Id: {088e7a7d-09a8-4cc6-a609-ad90e75ddc93}
     State: [1] Stable
     Last error: No error
  Writer name: 'Performance Counters Writer'
     Writer Id: {0bada1de-01a9-4625-8278-69e735f39dd2}
     Writer Instance Id: {f0086dda-9efc-47c5-8eb6-a944c3d09381}
     State: [1] Stable
     Last error: No error
  Writer name: 'System Writer'
     Writer Id: {e8132975-6f93-4464-a53e-1050253ae220}
     Writer Instance Id: {7848396d-00b1-47cd-8ba9-769b7ce402d2}
     State: [1] Stable
     Last error: No error
  Writer name: 'Microsoft Hyper-V VSS Writer'
     Writer Id: {66841cd4-6ded-4f4b-8f17-fd23f8ddc3de}
     Writer Instance Id: {8b6c534a-18dd-4fff-b14e-1d4aebd1db74}
     State: [5] Waiting for completion
     Last error: No error
  Writer name: 'Cluster Shared Volume VSS Writer'
     Writer Id: {1072ae1c-e5a7-4ea1-9e4a-6f7964656570}
     Writer Instance Id: {d46c6a69-8b4a-4307-afcf-ca3611c7f680}
     State: [1] Stable
     Last error: No error
  Writer name: 'ASR Writer'
     Writer Id: {be000cbe-11fe-4426-9c58-531aa6355fc4}
     Writer Instance Id: {fc530484-71db-48c3-af5f-ef398070373e}
     State: [1] Stable
     Last error: No error
  Writer name: 'WMI Writer'
     Writer Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
     Writer Instance Id: {3792e26e-c0d0-4901-b799-2e8d9ffe2085}
     State: [1] Stable
     Last error: No error
  Writer name: 'Registry Writer'
     Writer Id: {afbab4a2-367d-4d15-a586-71dbb18f8485}
     Writer Instance Id: {6ea65f92-e3fd-4a23-9e5f-b23de43bc756}
     State: [1] Stable
     Last error: No error
  Writer name: 'BITS Writer'
     Writer Id: {4969d978-be47-48b0-b100-f328f07ac1e0}
     Writer Instance Id: {71dc7876-2089-472c-8fed-4b8862037528}
     State: [1] Stable
     Last error: No error
  Writer name: 'Shadow Copy Optimization Writer'
     Writer Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
     Writer Instance Id: {cb0c7fd8-1f5c-41bb-b2cc-82fabbdc466e}
     State: [1] Stable
     Last error: No error
  Writer name: 'Cluster Database'
     Writer Id: {41e12264-35d8-479b-8e5c-9b23d1dad37e}
     Writer Instance Id: {23320f7e-f165-409d-8456-5d7d8fbaefed}
     State: [1] Stable
     Last error: No error
  Writer name: 'COM+ REGDB Writer'
     Writer Id: {542da469-d3e1-473c-9f4f-7847f01fc64f}
     Writer Instance Id: {f23d0208-e569-48b0-ad30-1addb1a044af}
     State: [1] Stable
     Last error: No error
  Please note:
  Please only answer our question and do not offer any general optimization tips that do not directly adress the issue! We want the problem to go away, not to finish a bit faster!

  Hallo Lawrence!
  Thankyou for youre reply, some comments to help you and others who read this thread:
  First of all, we use Windows Server 2012 and the VHDX as I wrote in the headline and in the text in my post. We have not had this problem in similar setups with Windows Server 2008 R2, so the problem seem to be introduced in Windows Server 2012.
  These posts that you refer to seem to be outdated and/or do not apply to our configuration:
  The post about Dynamic Disks:
  http://technet.microsoft.com/en-us/library/ee941151(v=WS.10).aspx is only a recommendation for Windows Server 2008 R2 and the VHD format. Dynamic VHDX is indeed recommended by Microsoft when using Windows Server 2012 (please look in the optimization guide
  for Windows Server 2012).
  Infact, if we use fixed VHDX then we would have a bigger problem since fixed VHDX are generaly larger then Dynamic Disks, i.e. more data would be copied and that would take longer time = the VMs would be unresponsive for a longer time.
  The post "What's the deal with the System Volume Information folder"
  http://blogs.msdn.com/b/oldnewthing/archive/2003/11/20/55764.aspx is for Windows XP / Windows Server 2003 and some things has changed since then. for instance In Windows Server 2012, Shadow Copies cannot be controlled by going to Control panel -> System.
  Instead you right-click on a Drive (i.e. a Volume, for instance the C drive/Volume) in Computer and then click "Configure Shadow Copies".
  Windows Server 2008 R2 Backup problem
  http://social.technet.microsoft.com/Forums/en/windowsbackup/thread/0fc53adb-477d-425b-8c99-ad006e132336 - This post is about the Antivirus software trying to scan files used during backup that exists in the System Volume Information folder and we do not
  have any antivirus software installed on our hosts as I stated in my post.
  Comment that might help us:
  So according to “System Volume Information” definition, the operation you mentioned is Volume Shadow Copy. Check event viewer to find Volume Shadow Copy related event logs and post them.
  Why?
  Furhter investigation suggests that a volume shadow copy is somehow created even though the Schedule for Shadows Copies is turned off for all drives. This happens at random and we have not found any pattern. Yesterday this operation took almost all available
  disk space (over 200 GB), but all the disk space was released when I turned on scheduled Shadow Copies for the CSV.
  I therefore draw these conclusions:
  The CSV Volume has about 600 GB of disk space and since Volume Shadows Copy used 200 GB, or about 33% of the disk space, and the default limit is 10% then I conclude that for some reason the unscheduled Volume Shadow Copy did not have any limit (or ignored
  the limit).
  When I turned on the Schedule I also change the limit to the minimum amount which is 320 MB and this is probably what released the disk space. That is, the unscheduled Volume Shadow Copy operation was aborted and it adhered to the limit and deleted the
  Volume Shadow Copy it had taken.
  I have also set the limit for Volume Shadow Copies for all other volumes to 320 MB by using the "Configure Shadow Copies" Window that you open by right clicking on a drive (volume) in Computer and then selecting "Configure Shadow Copies...".
  It is important to note that setting a limit for Shadow Copy Storage, and disabaling the Schedule are two different things! It is possible to have unlimited storage for Shadow Copies when the Schedule is disabled, however I do not know if this was the case
  Before I enabled Shadow Copies on the CSV since I did not look for this.
  I now have defined a limit for Shadow Copy Storage to 320 MB on all drives and then no VHDX should be copied to System Volume Information since they are all larger than 320 MB.
  Does this sound about right or am I drawing the wrong conclusions?
  Limits for Shadow Copies:
  Below we list the limits for our two hosts:
  "Primary Host":
  C:\>vssadmin list shadowstorage
  vssadmin 1.1 - Volume Shadow Copy Service administrative command-line tool
  (C) Copyright 2001-2012 Microsoft Corp.
  Shadow Copy Storage association
     For volume: (\\?\Volume{e3ad7feb-178b-11e2-93e8-806e6f6e6963}\)\\?\Volume{e3ad7feb-178b-11e2-93e8-806e6f6e6963}\
     Shadow Copy Storage volume: (\\?\Volume{e3ad7feb-178b-11e2-93e8-806e6f6e6963}\)\\?\Volume{e3ad7feb-178b-11e2-93e8-806e6f6e6963}\
     Used Shadow Copy Storage space: 0 bytes (0%)
     Allocated Shadow Copy Storage space: 0 bytes (0%)
     Maximum Shadow Copy Storage space: 320 MB (91%)
  Shadow Copy Storage association
     For volume: (E:)\\?\Volume{dc0a177b-ab03-44c2-8ff6-499b29c3d5cc}\
     Shadow Copy Storage volume: (E:)\\?\Volume{dc0a177b-ab03-44c2-8ff6-499b29c3d5cc}\
     Used Shadow Copy Storage space: 0 bytes (0%)
     Allocated Shadow Copy Storage space: 0 bytes (0%)
     Maximum Shadow Copy Storage space: 320 MB (0%)
  Shadow Copy Storage association
     For volume: (G:)\\?\Volume{f58dc334-17be-11e2-93ee-9c8e991b7c20}\
     Shadow Copy Storage volume: (G:)\\?\Volume{f58dc334-17be-11e2-93ee-9c8e991b7c20}\
     Used Shadow Copy Storage space: 0 bytes (0%)
     Allocated Shadow Copy Storage space: 0 bytes (0%)
     Maximum Shadow Copy Storage space: 320 MB (3%)
  Shadow Copy Storage association
     For volume: (C:)\\?\Volume{e3ad7fec-178b-11e2-93e8-806e6f6e6963}\
     Shadow Copy Storage volume: (C:)\\?\Volume{e3ad7fec-178b-11e2-93e8-806e6f6e6963}\
     Used Shadow Copy Storage space: 0 bytes (0%)
     Allocated Shadow Copy Storage space: 0 bytes (0%)
     Maximum Shadow Copy Storage space: 320 MB (0%)
  C:\>cd \ClusterStorage\Volume1
  Secondary host:
  C:\>vssadmin list shadowstorage
  vssadmin 1.1 - Volume Shadow Copy Service administrative command-line tool
  (C) Copyright 2001-2012 Microsoft Corp.
  Shadow Copy Storage association
     For volume: (\\?\Volume{b2951138-f01e-11e1-93e8-806e6f6e6963}\)\\?\Volume{b2951138-f01e-11e1-93e8-806e6f6e6963}\
     Shadow Copy Storage volume: (\\?\Volume{b2951138-f01e-11e1-93e8-806e6f6e6963}\)\\?\Volume{b2951138-f01e-11e1-93e8-806e6f6e6963}\
     Used Shadow Copy Storage space: 0 bytes (0%)
     Allocated Shadow Copy Storage space: 0 bytes (0%)
     Maximum Shadow Copy Storage space: 35,0 MB (10%)
  Shadow Copy Storage association
     For volume: (D:)\\?\Volume{5228437e-9a01-4690-bc40-1df85a0e6736}\
     Shadow Copy Storage volume: (D:)\\?\Volume{5228437e-9a01-4690-bc40-1df85a0e6736}\
     Used Shadow Copy Storage space: 0 bytes (0%)
     Allocated Shadow Copy Storage space: 0 bytes (0%)
     Maximum Shadow Copy Storage space: 27,3 GB (10%)
  Shadow Copy Storage association
     For volume: (C:)\\?\Volume{b2951139-f01e-11e1-93e8-806e6f6e6963}\
     Shadow Copy Storage volume: (C:)\\?\Volume{b2951139-f01e-11e1-93e8-806e6f6e6963}\
     Used Shadow Copy Storage space: 0 bytes (0%)
     Allocated Shadow Copy Storage space: 0 bytes (0%)
     Maximum Shadow Copy Storage space: 6,80 GB (10%)
  C:\>
  There is something strange about the limits on the Secondary host!
  I have not in any way changed the settings on the Secondary host and as you can see, the Secondary host has a maximum limit of only 35 MB storage on the CSV, but it also shows that this is 10% of the Volume. This is clearly not the case since 10% if 600
  GB = 60 GB!
  The question is, why does it by default set a too small limit (i.e. < 320 MB) on the CSV and is this the cause of the problem? I.e. is the limit ignored since it is smaller than the smallest amount you can provide using the GUI?
  Is the default 35 MB maximum Shadow Copy limit a bug, or is there any logical reason for setting a limit that according to the GUI is too small?

• If DPM 2012 agent installation support to windows server 2012 ?

  i have DPM 2012 and i need to install agent on windows server 2012 

  Yes, you need.
  You can refer to these links :
  DPM 2010
  http://technet.microsoft.com/en-us/library/ff399140.aspx
  DPM 2012
  http://technet.microsoft.com/en-us/library/jj860400.aspx
  Hope this helps.
  Note: This posting is provided 'AS IS' with no warranties or guarantees, and confers no rights. Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable. This helps the community, keeps the forums tidy, and
  recognises useful contributions.

• Is there a way to change the Windows Update service startup type on Windows Server 2012 R2?

  We have a number of newly built 2012 R2 servers that we have HP Operations Manager agent running on that monitors the status of several services and reports if they are "stopped". One of these services is Windows Update. Every day we
  get at least one alert saying:
  "Service "Windows Update" is not started. Current state is stopped"
  Checking the event logs shows that the Windows Update service stops, then a while later it just starts again. Not an error, just an information event.
  In Windows 2012 R2 the Windows Update service is set to "Automatic (Trigger Start)", where in previous versions we run (2012/2008R2) it would be set to just "Automatic" or "Automatic (Delayed Start)"
  I have come to understand that this behaviour is normal for Windows 2012 R2, and that Trigger Start services by design stop themselves after a period of inactivity. I was unable to find any info on how this works. Our client would like this to
  be changed and the Windows Update service stay running all the time, understanding that this impacts performance.
  Is there a way to change the Windows Update service in Server 2012 R2 to the old Automatic startup behaviour so that it stays running all the time instead of stopping and starting periodicall? There is no option to do this via the services mmc
  gui.
  So far I have tried:
  Removing the Triggers using the command: sc triggerinfo wuauserv delete
  This works temporarily, the service then shows as just Automatic in the services console, however if you restart the server or restart the service it goes right back to being Automatic (Trigger Start).
  Any kind of help would be appreciated.

  This one might help.
  Allow configuration of Automatic Updates in Windows 8 and Windows Server 2012
  Regards, Dave Patrick ....
  Microsoft Certified Professional
  Microsoft MVP [Windows]
  Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

• Overlapped I/O error 997 installing SQL Server 2014 Express on Windows Server 2012 R2

  I'm attempting to install SQL Server 2014 Express on a Windows Server 2012 R2 system. When I do the install, it fails (several times) with an "Error: 997. Overlapped I/O operation is in progress.". From searching the web, I can see many people
  have had this problem with this installer and other non-SQL server installers.
  I've tried every solution I can find discussed, but none help with my problems The system is fully updated, with the exception of the KB2538243 (VC 2008 SP1 redist), which is probably failing for the same reason.
  I've tried removing several updates mentioned in other articles (KB2918614). I've confirmed that I'm not using a temporary profile.
  Does anyone have an idea of how I can solve this issue?
  Thanks,
  Zack
  Partial detail from install log file:
  Detailed results:
    Feature:                       Management Tools - Complete
    Status:                        Failed: see logs for details
    Reason for failure:            An error occurred for a dependency of the feature causing the setup process for the feature to fail.
    Next Step:                     Use the following information to resolve the error, and then try the setup process again.
    Component name:                Microsoft Visual Studio 2010 Redistributables
    Component error code:          997
    Component log file:            C:\Program Files\Microsoft SQL Server\120\Setup Bootstrap\Log\20150205_151618\VC10Redist_Cpu64_1.log
    Error description:             Error 997.Overlapped I/O operation is in progress.
    Error help link:               http://go.microsoft.com/fwlink?LinkId=20476&ProdName=Microsoft+SQL+Server&EvtSrc=setup.rll&EvtID=50000&ProdVer=12.0.2000.8&EvtType=vc_red.msi%40ProcessComponents%40997
    Feature:                       Client Tools Connectivity
    Status:                        Failed: see logs for details
    Reason for failure:            An error occurred for a dependency of the feature causing the setup process for the feature to fail.
    Next Step:                     Use the following information to resolve the error, and then try the setup process again.
    Component name:                Microsoft Visual Studio 2010 Redistributables
    Component error code:          997
    Component log file:            C:\Program Files\Microsoft SQL Server\120\Setup Bootstrap\Log\20150205_151618\VC10Redist_Cpu64_1.log
    Error description:             Error 997.Overlapped I/O operation is in progress.
    Error help link:               http://go.microsoft.com/fwlink?LinkId=20476&ProdName=Microsoft+SQL+Server&EvtSrc=setup.rll&EvtID=50000&ProdVer=12.0.2000.8&EvtType=vc_red.msi%40ProcessComponents%40997
  Partial detail from component log file:
  MSI (s) (D8:3C) [15:18:29:173]: Resolving source.
  MSI (s) (D8:3C) [15:18:29:173]: Resolving source to launched-from source.
  MSI (s) (D8:3C) [15:18:29:173]: Setting launched-from source as last-used.
  MSI (s) (D8:3C) [15:18:29:188]: PROPERTY CHANGE: Adding SourceDir property. Its value is 'C:\Users\zerhart\Downloads\SQLEXPRWT_x64_ENU\redist\VisualStudioShell\VC10SP1\x64\'.
  MSI (s) (D8:3C) [15:18:29:188]: PROPERTY CHANGE: Adding SOURCEDIR property. Its value is 'C:\Users\zerhart\Downloads\SQLEXPRWT_x64_ENU\redist\VisualStudioShell\VC10SP1\x64\'.
  MSI (s) (D8:3C) [15:18:29:188]: PROPERTY CHANGE: Adding SourcedirProduct property. Its value is '{1D8E6291-B0D5-35EC-8441-6616F567A0F7}'.
  MSI (s) (D8:3C) [15:18:29:188]: SOURCEDIR ==> C:\Users\zerhart\Downloads\SQLEXPRWT_x64_ENU\redist\VisualStudioShell\VC10SP1\x64\
  MSI (s) (D8:3C) [15:18:29:188]: SOURCEDIR product ==> {1D8E6291-B0D5-35EC-8441-6616F567A0F7}
  MSI (s) (D8:3C) [15:18:29:188]: SECREPAIR: A general error running CryptAcquireContext
  MSI (s) (D8:3C) [15:18:29:188]: Determining source type
  MSI (s) (D8:3C) [15:18:29:188]: Source type from package 'VC_RED.MSI': 2
  MSI (s) (D8:3C) [15:18:29:188]: SECREPAIR: Hash Database: C:\Windows\Installer\SourceHash{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
  MSI (s) (D8:3C) [15:18:29:188]: SECREPAIR: SourceHash database file already exists. Deleting it.
  MSI (s) (D8:3C) [15:18:29:204]: Note: 1: 2262 2: SourceHash 3: -2147287038 
  MSI (s) (D8:3C) [15:18:29:235]: SECREPAIR: New Hash Database creation complete.
  MSI (s) (D8:3C) [15:18:29:235]: SECREPAIR: Crypt Provider not initialized. Error:0
  MSI (s) (D8:3C) [15:18:29:235]: SECREPAIR: Crypt Provider not initialized. Error:0
  MSI (s) (D8:3C) [15:18:29:235]: SECREPAIR: Crypt Provider not initialized. Error:0
  MSI (s) (D8:3C) [15:18:29:235]: SECREPAIR: Crypt Provider not initialized. Error:0
  MSI (s) (D8:3C) [15:18:29:235]: SECREPAIR: Crypt Provider not initialized. Error:0
  MSI (s) (D8:3C) [15:18:29:235]: SECREPAIR: Crypt Provider not initialized. Error:0
  MSI (s) (D8:3C) [15:18:29:235]: SECREPAIR: Crypt Provider not initialized. Error:997
  MSI (s) (D8:3C) [15:18:29:235]: SECUREREPAIR: Failed to CreateContentHash of the file: install.res.1040.dll: for computing its hash. Error: 997
  MSI (s) (D8:3C) [15:18:29:235]: SECREPAIR: Failed to create hash for the install source files
  MSI (s) (D8:3C) [15:18:29:235]: SECUREREPAIR: SecureRepair Failed. Error code: 3e561F257D8
  Action start 15:18:29: ProcessComponents.
  MSI (s) (D8:3C) [15:19:28:843]: 
  Error 997.Overlapped I/O operation is in progress.

  Alberto,
  Thanks for your help. Unfortunately, I've already tried that. I did try it again and I get an "This update is not applicable to your computer."
  I tried to post the Windows Update log, but it was too large. I've posted some of it below.
  Here is the WU log:
  2015-02-06 11:24:25:793
  5048 50
  Misc ===========  Logging initialized (build: 7.9.9600.17489, tz: -0500)  ===========
  2015-02-06 11:24:25:793
  5048 50
  Misc  = Process: C:\Windows\system32\wusa.exe
  2015-02-06 11:24:25:793
  5048 50
  Misc  = Module: C:\Windows\System32\wuapi.dll
  2015-02-06 11:24:25:793
  5048 50
  COMAPI -----------  COMAPI: IUpdateServiceManager::AddScanPackageService  -----------
  2015-02-06 11:24:25:793
  5048 50
  COMAPI  - ServiceName = Windows Update Standalone Installer
  2015-02-06 11:24:25:793
  5048 50
  COMAPI  - ScanFileLocation = C:\c5f288db3c43a7e4613232ca1a3c\wsusscan.cab
  2015-02-06 11:24:25:808
  920 111c
  Misc ===========  Logging initialized (build: 7.9.9600.17489, tz: -0500)  ===========
  2015-02-06 11:24:25:808
  920 111c
  Misc  = Process: C:\Windows\system32\svchost.exe
  2015-02-06 11:24:25:808
  920 111c
  Misc  = Module: c:\windows\system32\wuaueng.dll
  2015-02-06 11:24:25:808
  920 111c
  Service *************
  2015-02-06 11:24:25:808
  920 111c
  Service ** START **  Service: Service startup
  2015-02-06 11:24:25:808
  920 111c
  Service *********
  2015-02-06 11:24:25:824
  920 111c
  IdleTmr Non-AoAc machine.  Aoac operations will be ignored.
  2015-02-06 11:24:25:824
  920 111c
  Agent  * WU client version 7.9.9600.17489
  2015-02-06 11:24:25:824
  920 111c
  Agent WARNING: SleepStudyTracker: Machine is non-AOAC. Sleep study tracker disabled.
  2015-02-06 11:24:25:824
  920 111c
  Agent  * Base directory: C:\Windows\SoftwareDistribution
  2015-02-06 11:24:25:824
  920 111c
  Agent  * Access type: No proxy
  2015-02-06 11:24:25:824
  920 111c
  Service UpdateNetworkState Ipv6, cNetworkInterfaces = 12.
  2015-02-06 11:24:25:824
  920 111c
  Service UpdateNetworkState Ipv4, cNetworkInterfaces = 4.
  2015-02-06 11:24:25:824
  920 111c
  Agent  * Network state: Connected
  2015-02-06 11:24:25:824
  920 111c
  Service UpdateNetworkState Ipv6, cNetworkInterfaces = 12.
  2015-02-06 11:24:25:824
  920 111c
  Service UpdateNetworkState Ipv4, cNetworkInterfaces = 4.
  2015-02-06 11:24:25:855
  920 b64
  Misc WARNING: Network Cost is assumed to be not supported as something failed with trying to get handles to wcmapi.dll
  2015-02-06 11:24:25:855
  920 111c
  Agent ***********  Agent: Initializing global settings cache  ***********
  2015-02-06 11:24:25:887
  920 111c
  Agent  * Endpoint Provider: 00000000-0000-0000-0000-000000000000
  2015-02-06 11:24:25:887
  920 111c
  Agent  * WSUS server: <NULL>
  2015-02-06 11:24:25:887
  920 111c
  Agent  * WSUS status server: <NULL>
  2015-02-06 11:24:25:887
  920 111c
  Agent  * Target group: (Unassigned Computers)
  2015-02-06 11:24:25:887
  920 111c
  Agent  * Windows Update access disabled: No
  2015-02-06 11:24:25:902
  920 b64
  WuTask WuTaskManager delay initialize completed successfully..
  2015-02-06 11:24:25:902
  920 b64
  AU    Timer: 31DA7559-FE27-4810-8FF6-987195B1FD98, Expires 2015-02-07 08:14:01, not idle-only, not network-only
  2015-02-06 11:24:25:902
  920 b64
  AU    Timer: CF1ABEC6-7887-4964-BB93-B2E21B31CEC1, Expires 2015-02-06 19:30:54, not idle-only, not network-only
  2015-02-06 11:24:25:902
  920 b64
  AU    Timer: 29A863E7-8609-4D1E-B7CD-5668F857F1DB, Expires 2015-02-06 19:30:54, not idle-only, not network-only
  2015-02-06 11:24:25:902
  920 b64
  Report WARNING: CSerializationHelper:: InitSerialize failed : 0x80070002
  2015-02-06 11:24:25:902
  920 b64
  Report CWERReporter::Init succeeded
  2015-02-06 11:24:25:902
  920 b64
  Agent ***********  Agent: Initializing Windows Update Agent  ***********
  2015-02-06 11:24:25:902
  920 b64
  DnldMgr Download manager restoring 0 downloads
  2015-02-06 11:24:25:902
  920 111c
  AU ###########  AU: Initializing Automatic Updates  ###########
  2015-02-06 11:24:25:902
  920 111c
  AU AIR Mode is disabled
  2015-02-06 11:24:25:902
  920 111c
  AU  # Approval type: Scheduled (User preference)
  2015-02-06 11:24:25:902
  920 111c
  AU  # Auto-install minor updates: Yes (User preference)
  2015-02-06 11:24:25:902
  920 111c
  AU  # Will interact with non-admins (Non-admins are elevated (User preference))
  2015-02-06 11:24:25:902
  920 111c
  Misc WARNING:     IsSessionRemote: WinStationQueryInformationW(WTSIsRemoteSession) failed for session 2, GetLastError=2250
  2015-02-06 11:24:25:918
  920 111c
  AU WARNING: Failed to get Wu Exemption info from NLM, assuming not exempt, error = 0x80240037
  2015-02-06 11:24:25:918
  920 111c
  AU WARNING: Failed to get Network Cost info from NLM, assuming network is NOT metered, error = 0x80240037
  2015-02-06 11:24:25:918
  920 111c
  AU AU finished delayed initialization
  2015-02-06 11:24:25:933
  920 111c
  AU WARNING: Failed to get Network Cost info from NLM, assuming network is NOT metered, error = 0x80240037
  2015-02-06 11:24:25:933
  920 111c
  AU WARNING: Failed to get Network Cost info from NLM, assuming network is NOT metered, error = 0x80240037
  2015-02-06 11:24:25:933
  920 b64
  Misc Validating signature for C:\Windows\SoftwareDistribution\ScanFile\a487aa0f-3e53-4fee-a784-6171b00254e4\Source.cab with dwProvFlags 0x00000080:
  2015-02-06 11:24:25:933
  920 111c
  AU Adding timer: 
  2015-02-06 11:24:25:933
  920 111c
  AU    Timer: 31DA7559-FE27-4810-8FF6-987195B1FD98, Expires 2015-02-07 08:14:01, not idle-only, not network-only
  2015-02-06 11:24:25:949
  920 af0
  DnldMgr Asking handlers to reconcile their sandboxes
  2015-02-06 11:24:25:949
  920 b64
  Misc Microsoft signed: Yes
  2015-02-06 11:24:26:154
  920 b64
  DtaStor Default service for AU is {7971F918-A847-4430-9279-4A52D1EFE18D}
  2015-02-06 11:24:26:154
  920 b64
  IdleTmr Incremented idle timer priority operation counter to 1
  2015-02-06 11:24:26:154
  5048 50
  COMAPI  - Added scan package service, ServiceID = {A487AA0F-3E53-4FEE-A784-6171B00254E4} Third party service
  2015-02-06 11:24:26:154
  5048 50
  COMAPI -------------
  2015-02-06 11:24:26:154
  5048 50
  COMAPI -- START --  COMAPI: Init Search [ClientId = wusa]
  2015-02-06 11:24:26:154
  5048 50
  COMAPI ---------
  2015-02-06 11:24:26:154
  5048 50
  COMAPI -------------
  2015-02-06 11:24:26:154
  5048 50
  COMAPI -- START --  COMAPI: Search [ClientId = wusa]
  2015-02-06 11:24:26:154
  5048 50
  COMAPI ---------
  2015-02-06 11:24:26:169
  920 b64
  IdleTmr WU operation (CSearchCall::Init ID 1) started; operation # 17; does use network; is not at background priority
  2015-02-06 11:24:26:169
  920 b64
  IdleTmr Incremented idle timer priority operation counter to 2
  2015-02-06 11:24:26:341
  920 b64
  Report ***********  Report: Initializing static reporting data  ***********
  2015-02-06 11:24:26:341
  920 b64
  Report  * OS Version = 6.3.9600.0.0.131344
  2015-02-06 11:24:26:341
  920 b64
  Report  * OS Product Type = 0x00000021
  2015-02-06 11:24:26:357
  920 b64
  Report  * Computer Brand = PowerSpec
  2015-02-06 11:24:26:357
  920 b64
  Report  * Computer Model = S Series
  2015-02-06 11:24:26:357
  920 b64
  Report  * Platform Role = 1
  2015-02-06 11:24:26:357
  920 b64
  Report  * AlwaysOn/AlwaysConnected (AOAC) = 0
  2015-02-06 11:24:26:357
  920 b64
  Report  * Bios Revision = 1.1a
  2015-02-06 11:24:26:357
  920 b64
  Report  * Bios Name = 1.1a
  2015-02-06 11:24:26:357
  920 b64
  Report  * Bios Release Date = 2013-08-20T00:00:00
  2015-02-06 11:24:26:357
  920 b64
  Report  * Bios Sku Number = S Series
  2015-02-06 11:24:26:357
  920 b64
  Report  * Bios Vendor = American Megatrends Inc.
  2015-02-06 11:24:26:357
  920 b64
  Report  * Bios Family = Server
  2015-02-06 11:24:26:357
  920 b64
  Report  * Bios Major Release = 4
  2015-02-06 11:24:26:357
  920 b64
  Report  * Bios Minor Release = 6
  2015-02-06 11:24:26:357
  920 b64
  Report  * Locale ID = 1033
  2015-02-06 11:24:26:357
  920 b64
  Handler Calculating current update level for this session
  [ Omitted data ]
  http://support.microsoft.com/?kbid=3000850, timestamp 01d039c57a22c0be
  2015-02-06 11:24:28:388
  920 b64
  Handler Done calculating current update level for this session
  2015-02-06 11:24:28:982
  920 b64
  Agent *** START ***  Queueing Finding updates [CallerId = wusa  Id = 1]
  2015-02-06 11:24:28:982
  5048 50
  COMAPI <<-- SUBMITTED -- COMAPI: Search [ClientId = wusa]
  2015-02-06 11:24:28:982
  920 11f4
  Agent ***  END  ***  Queueing Finding updates [CallerId = wusa  Id = 1]
  2015-02-06 11:24:28:982
  920 11f4
  Agent *************
  2015-02-06 11:24:28:982
  920 11f4
  Agent ** START **  Agent: Finding updates [CallerId = wusa  Id = 1]
  2015-02-06 11:24:28:982
  920 11f4
  Agent *********
  2015-02-06 11:24:28:982
  920 11f4
  Agent  * Online = Yes; Ignore download priority = No
  2015-02-06 11:24:28:982
  920 11f4
  Agent  * Criteria = "DeploymentAction='Installation'"
  2015-02-06 11:24:28:982
  920 11f4
  Agent  * ServiceID = {A487AA0F-3E53-4FEE-A784-6171B00254E4} Third party service
  2015-02-06 11:24:28:982
  920 11f4
  Agent  * Search Scope = {Machine}
  2015-02-06 11:24:28:982
  920 11f4
  Agent  * Caller SID for Applicability: S-1-5-21-3157695610-3447843402-2534478823-500
  2015-02-06 11:24:28:982
  920 11f4
  Agent  * RegisterService is set
  2015-02-06 11:24:29:185
  920 11f4
  PT +++++++++++  PT: Synchronizing server updates  +++++++++++
  2015-02-06 11:24:29:185
  920 11f4
  PT  + Offline serviceId = {A487AA0F-3E53-4FEE-A784-6171B00254E4}
  2015-02-06 11:24:29:185
  920 11f4
  PT WARNING: Cached cookie has expired or new PID is available
  2015-02-06 11:24:29:185
  920 11f4
  Agent Reading cached app categories using lifetime 604800 seconds
  2015-02-06 11:24:29:185
  920 11f4
  Agent Read 0 cached app categories
  2015-02-06 11:24:29:185
  920 11f4
  Agent SyncUpdates adding 0 visited app categories
  2015-02-06 11:24:29:294
  920 11f4
  Agent Reading cached app categories using lifetime 604800 seconds
  2015-02-06 11:24:29:294
  920 11f4
  Agent Read 0 cached app categories
  2015-02-06 11:24:29:294
  920 11f4
  Agent SyncUpdates adding 0 visited app categories
  2015-02-06 11:24:29:357
  920 11f4
  Agent Reading cached app categories using lifetime 604800 seconds
  2015-02-06 11:24:29:357
  920 11f4
  Agent Read 0 cached app categories
  2015-02-06 11:24:29:357
  920 11f4
  Agent SyncUpdates adding 0 visited app categories
  2015-02-06 11:24:29:638
  920 11f4
  Agent Reading cached app categories using lifetime 604800 seconds
  2015-02-06 11:24:29:638
  920 11f4
  Agent Read 0 cached app categories
  2015-02-06 11:24:29:638
  920 11f4
  Agent SyncUpdates adding 0 visited app categories
  2015-02-06 11:24:30:013
  920 11f4
  Agent Reading cached app categories using lifetime 604800 seconds
  2015-02-06 11:24:30:013
  920 11f4
  Agent Read 0 cached app categories
  2015-02-06 11:24:30:013
  920 11f4
  Agent SyncUpdates adding 0 visited app categories
  2015-02-06 11:24:30:044
  920 11f4
  Agent Reading cached app categories using lifetime 604800 seconds
  2015-02-06 11:24:30:044
  920 11f4
  Agent Read 0 cached app categories
  2015-02-06 11:24:30:044
  920 11f4
  Agent SyncUpdates adding 0 visited app categories
  2015-02-06 11:24:30:044
  920 11f4
  PT  + SyncUpdates round trips: 5
  2015-02-06 11:24:30:076
  920 11f4
  PT +++++++++++  PT: Synchronizing extended update info  +++++++++++
  2015-02-06 11:24:30:076
  920 11f4
  PT  + Offline serviceId = {A487AA0F-3E53-4FEE-A784-6171B00254E4}
  2015-02-06 11:24:30:138
  920 11f4
  Agent  * Found 0 updates and 54 categories in search; evaluated appl. rules of 126 out of 284 deployed entities
  2015-02-06 11:24:30:138
  920 11f4
  Agent *********
  2015-02-06 11:24:30:138
  920 11f4
  Agent **  END  **  Agent: Finding updates [CallerId = wusa  Id = 1]
  2015-02-06 11:24:30:138
  920 11f4
  Agent *************
  2015-02-06 11:24:30:138
  920 11f4
  IdleTmr WU operation (CSearchCall::Init ID 1, operation # 17) stopped; does use network; is not at background priority
  2015-02-06 11:24:30:138
  920 11f4
  IdleTmr Decremented idle timer priority operation counter to 1
  2015-02-06 11:24:30:154
  5048 1428
  COMAPI >>--  RESUMED  -- COMAPI: Search [ClientId = wusa]
  2015-02-06 11:24:30:154
  5048 1428
  COMAPI  - Updates found = 0
  2015-02-06 11:24:30:154
  5048 1428
  COMAPI ---------
  2015-02-06 11:24:30:154
  5048 1428
  COMAPI --  END  --  COMAPI: Search [ClientId = wusa]
  2015-02-06 11:24:30:154
  5048 1428
  COMAPI -------------

• [Forum FAQ] Introduce Backup in Windows Server 2012 R2 Essentials

  Windows Server 2012 R2 Essentials provides reliable ways to perform regular backups of your server and backups of your network computers.
  1. Server Backup
  Description:
  Backs up your server running Windows Server Essentials. The data is backed up to an external USB drive. You can also perform full system restore of server.
  Operations:
  On Dashboard, please select DEVICES and then navigate to the server which you need to backup. Right click the server and select Set up backup. When set up complete, you will be able to
  Start a backup for the server. (Figure 1)
  Figure 1
  More information:
  Manage server backup in Windows Server Essentials
  Restore or repair your server running Windows Server Essentials

  3. Microsoft Azure Backup
  Descriptions:
  Performs an online backup of files or folders on your server. When you use Azure Backup to back up server data, the information is encrypted by using your passphrase before it is uploaded to a secure datacenter on the Internet.
  Operations:
  1) Open Dashboard and follow the path: HOME-> Get Started-> ADD-INS-> Integrate with Windows Azure Backup. Then as Figure 3 shows, you need to “Click to sign up for Windows Azure Backup” and “Click to download Windows Azure
  Backup integration module”.
  Figure 3
  Please note: when you click to download, you may encounter the issue as Figure 4 shows. If so, please follow the path:
  Tools-> Internet Options-> Security->
  Trusted sites-> Add this website to the zone and add
  http://downlaod.microsoft.com,
  https://activedirectory.windowsazure.com in Trusted sites in IE. (Please uncheck
  Require server verification (https:) for all sites in this zone). Then please check if you can download as normal.
  Figure 4
  2) After you download the OnlineBackupAddin, please run it. Then begin to install the add-in. (if any issue occurs in your installation of add-in, please navigate to C:\PrgramData\Microsoft\Windows Server\Logs folder and check
  InstallAddin log file if you can find some clues.)
  3) During your installation, KB 2873390 may be required. Please download the update package and run it. Then Windows Azure Backup Agent Upgrade Wizard appeared. Please follow it and complete as Figure 5
  and Figure 6 show.
  Figure 5
  Figure 6
  4) Then please re-open Dashboard, you will find ONLINE BACKUP option. (Figure 7) There will be three steps that you need to do: (i)
  Upload a certificate. (ii) Register your server.
  (iii) Configure backup settings.
  Figure 7
  (i). Upload a certificate. (In this example, we use the second option: Upload certificate to Windows Azure Backup vault)
  Please logon Windows Azure, select RECOVERY SERVICES and click
  NEW. Follow the path: RECOVERY SERVICES-> BACKUP VAULT->
  QUICK CREATE. Please type NAME and select
  REGION, then click CREATE VAULT. When create completes, please click the name of this new recovery service that you create. As Figure 8 shows. Then select Manage Certificate to add or update the certificate file (.cer) that contains
  a public key for the vault. The certificate is used to register servers with the vault.
  Figure 8
  (ii). Register your server
  On Dashboard, navigate to Online Backup and click Register. (Figure 9)
  Figure 9
  Then it will check the certificate. And then you need to set a passphrase to secure your data. (Figure 10)
  Figure 10
  When you set passphrase complete, please click Next to continue. When register successfully. You will see Figure 11.
  Figure 11
  (iii). Configure backup settings
  When register completes, please click Configure Online Backup. Then you can follow the Configure Online Backup wizard to configure online backup (add folders), specify the backup schedule, specify the backup retention policy and choose bandwidth usage. The
  all process will be shown in Figure 12-16.
  Figure 12
  Figure 13
  Figure 14
  Figure 15
  Figure 16
  After all configurations complete, you will be able to see that the server integrates with Windows Azure Backup. (Figure 17)
  Figure 17
  On the Dashboard in server essentials, you will be able to start backup online. (Figure 18)
  Figure 18
  After backup online, you will see the protected data as Figure 19 and Figure 20 show in Dashboard and Windows Azure.
  Figure 19
  Figure 20
  More information:
  Manage Online Backup in Windows Server Essentials

• How to apply hotfix 3000847 to Windows Server 2012 & BizTalk Server 2013 R2

  Hi
  I have a environment get the same issue as:
  http://support.microsoft.com/en-us/kb/3000847. But this hotfix can't be used in my environment.
  The environment information:
  We are using Windows Server 2012 Standard, BizTalk Server 2013 R2 Enterprise Edition. And the Version of Microsoft Enterprise Single Sign-On is 9.0.2096. It's the same as the article.
  Here is the article content:
  Prerequisites
  To apply this hotfix, you must have Enterprise Single Sign-On V5 (9.0.2096) installed.
  Best regards,
  Glen Qu (Fareast\v-zuqu)

  Have you tried installing it? Are you getting any error?
  Ideally you should not face any issue while installing this hotfix.
  Pre-requisites-
  1) User account should be member BizTalk Server Administrators Group and have SydAdmin privileges on SQL Server
  2) Stop all the host instances
  3) Stop SQL Agent
  4)  Stop App Pools if any webservices is posting messages in BizTalk
  Please refer the below article Information about BizTalk hotfixes and Cumulative Update support(Uninstall and rollback if required).
  http://support.microsoft.com/kb/2003907
  Thanks,
  Prashant
  Please mark this post accordingly if it answers your query or is helpful.

• Windows deployment services in windows server 2012 : operating system not found

  Hello,
  In order of learning WDS in Windows Server 2012, I created a simple test environment composed of :
  A Domain controler running WS 2K12 and hosting both DHCP and WDS services. (with the option of not listening port 67 checked while installing WDS)
  A test computer, with no operating system
  I also added a Windows Server 2012 Standard WIM file and added also (located in [DVD]\sources\install.wim), boot file image (located in [DVD]\sources\boot.wim)
  But now, when i start the client, it gives the following error:
  While i don't find any reliable solution on Internet, Im looking for your help if ever, anyone faced this problem and found a solution for it or not
  Thanks in advance!
  Lotfi BOUCHERIT

  I find it strange that client and server IP are the same. Is there any sort of DHCP relay agent running on your WDS server ?

• Learning Windows server 2012 R2 & 2012 core

  Hi,
  How do i configure a fast and standard solution with 1domain (Windows
  Server 2012 R2) and 1subdomain(Windows Server 2012 Core) implemented with a webserver and security for dns?
  Thx

  Hi
  Maybe this can help,
  Nslookup test:
  cmd => nslookup => set type=mx => host.net.
  Organizational unit:.be
  Active directory users and computers openen => rmb op domeinnaam => new => organtizational unit aanmaken => Protection uitvinken
  Computer Manueel toevoegen aan domein:
  1)DNS veranderen naar 192.168.1.1 van het domein zelf
  2)Add-Computer -domainname host -cred administrator@host -passthru -verbose
  GPO voor chrome installeren:
  1)Group policy management => in OU PC's => new policy aanmaken
  2)rmb policy en klik edit
  3)onder computer => software => new package => pad ingeven waar je msi bestand hebt gezet van chrome => \\S1\netlogon\msi\chrome.msi
  4)client heropstarten en aanmelden met domeingebruiker => powershell => Restart-Computer
  5)mapje waar MSI in zit => security => domain controller (user) toevoegen met volledig beheer
  GPO voor browser block chrome:
  3)block listed urls..
  4)op client gpupdate
  Failed login events:
  1)Group policy instellen op OU Servers: Computer Configuration\Windows Settings\Security Settings\Local Policies\Audit Policy\ ==> Failed logins aanzetten
  2)gpupdate /force
  1)powershell
  2)get-windowsfeature => install-windowsfeature SMTP-Server
  3)Internet information services => S1 => Domain RMB => properties => Acces tab => Relay => Add => Group computers => IP: 192.168.1.1 subnet 255.255.255.0 => Ok => ok
  3b)Eens afmelden en aanmelden met fout wachtwoord zodat er een log geschreven wordt met audit failure in de security log van event viewer
  4)Eventviewer security log => op failed audit log RMB => attach => Geef andere naam => next => next start program => program: powershell.exe =>
  open the propery dialog aanvinken
  5)Run wheter user is logged in or not aanvinken => tabke conditions: start the task only if AC power afvinken! => ok => paswoord administrator ingeven
  6)powershell: get-executionpolicy => resultaat moet remotesigned zijn => view tabke => script pane aanzetten =>
  Script geven: $smtpServer = ìsmtp2.school.beî
  $msg = New-Object Net.Mail.MailMessage
  $smtp = New-Object Net.Mail.SmtpClient($smtpServer)
  $msg.From = ì[email protected]î
  $msg.ReplyTo = [email protected]î
  $msg.To.Add([email protected]î)
  $msg.subject = ìhacking attempt?î
  $msg.body = ìlogin/pwd failure on S1.î
  $smtp.Send($msg)
  7)Script opslaan in mapje op C schijf => powershell cd naar mapje met script => ls commandoTo configure the time source for the forest
  8)Task scheduler openen => naar event viewer tasks => login => rmb properties => actions => powershell.exe edit => add arguments: -command "C:\Script\login.ps1" => ok => password admin ingeven
  9)Testen
  *Op welke manier kan je je MX records controleren met NSLOOKUP
  cmd => nslookup => set type=mx => host.net.
  *Commando powershell om Client toe te voegen aan het domein:
  Add-Computer -domainname host -cred administrator@host -passthru -verbose
  Best practice analyzer:
  1)Server manager => klik op dns en op ADDS => Scroll naar onder tot bij BPA => Task start scan => bekijk resultaten:
  Vraagje: Welke suggesties zou je kunnen oplossen:
  DNS server should have scavenging enabled
  De PDC emulator master moet geconfigureerd worden
  1)To configure a domain controller in the parent domain as a reliable time source
  *W32tm /config /reliable:yes /update
  2)To configure the time source for the forest
  *w32tm /config /computer:s1.host.net /manualpeerlist:ntp.belnet.be /syncfromflags:manual /update
  Tijd moet gelijk zijn van S1 en S2!!
  Corefig opstarten in powershell:
  1)cd C:\corefig
  2)execution policy aanpassen: Set-ExecutionPolicy bypass
  3).\corefig.ps1
  4)naam veranderen in corefig
  Commando om S2 toe te voegen aan het domein in de OU servers:
  1)DNS instellen
  Set-DnsClientServerAddress -InterfaceAlias "Ethernet" -ServerAddresses 192.168.1.1
  2)Toevoegen aan OU servers
  Add-Computer -domainname sdhost -cred administrator@host -OUPath "OU=Servers,OU=OU,DC=Host,DC=net"
  Herstarten
  OPPASSEN HIERMEE ALS S2 ZELF DC MOET WORDEN!
  Voorzie je server van de DNS-rol via windows powershell:
  1)Import-Module Servermanager
  2)Get-WindowsFeature
  2)Add-WindowsFeature "DNS" -restart
  Remoteaccess:
  S1 remote access geven voor administrators bij active directory
  view => advanced features enablen
  => Remote management users => HOST\Administrator toevoegen met full rechten
  => Remote Desktop users => HOST\Administrator toevoegen met full rechten
  Bekijk welke firewall regel op dit moment Remote Management nog blokkeert en laat
  die communicatie toe:
  1)Op S2 in powershell: Configure-SMRemoting.exe -enable
  2)op S1 => Server manager => manage => add servers => S2 ingeven => ok
  3)Active directory installeren op s2 via add roles (via S1)
  4)S2 promoveren to domain controller
  5)credentials van s1 gebruiken => naam subdomain 'premium'
  6)DSRM passwoord: P0wnerken
  7)PREMIUM
  DNS instellen van s2 zelf
  Set-DnsClientServerAddress -InterfaceAlias "Ethernet" -ServerAddresses 192.168.1.2
  C2)DNS server instellen op S2 : 192.168.1.2
  Toevoegen aan domein premium.host.net => inloggen met admin account van s2 domein
  herstarten van C2
  Maak†van†deze†tweede†server†nu†een†domeincontroller†voor†het†nieuwe†domein
  ìpremiumî.†Daar†zijn†twee†werkwijzen†voor.†Zoek†deze†methodes†op†en†noteer†deze
  summier†hieronder:
  - Werken met DCPROMO.exe
  - Werken met GUI vanop S1
  Je†mag†zelf†kiezen†welke†methode†je†toepast.†Noteer†hier†wel†de†commandoís†die†je
  toepast:
  Werken met GUI: new existing domain to current forest => naam PREMIUM
  Netwerkkaarten toevoegen:
  VCLOUD => Niet customizen!!!
  Firewall disablen S2:
  netsh firewall set opmode disable
  Op S1 => chrome => ip in url : https://192.168.1.150:446 => proceed => logingegevens:
  naam: openfiler
  pass: password
  Services => CIFS / NFS => Enable => Start
  manage volumes => 1GB volume => start cyl = 1, end cyl = 128 => ongeveer 1GB
  Add volume group => NFS als naam en 1GB volume toevoegen => Add volume => naar onder scrollen:
  Naam: NFS
  Bestandssysteem: EXT4 kiezen
  *Add new physical volume 10GB: MINSTENS 35 CYLINDERS TUSSENLATEN!!!!
  Start cyl = 164, end cyl = 1469, is ongeveer 10GB
  Volume groups => Nieuwe aanmaken met SMB als naam => Add volume => volume selecteren en toevoegen => naar uw smb volume group gaan
  => SMB volume kiezen => naam: SMB => MAX Geheugen => EXT4 bestandssysteem
  1)Clocksettings zetten via ntp server: ntp.belnet.be (Moet gelijk zijn met domaincontroller waarin je hem toevoegd)
  2)DNS zetten van S2
  Hostname: of
  Primary DNS: 192.168.1.2
  Secondary DNS: 192.168.1.1
  Gateway: 192.168.1.254
  3)Accounts:
  Expert view!
  *Use windows domain controller and authentication aanvinken
  Security Mode: Active directory
  Domain / workgroup: PREMIUM
  Domain controllers: s2.premium.VAhost.net
  ADS realm: PREMIUM.HOST.NET
  Join domain: aanvinken
  Administrator username: Administrator
  Administrator password: Azerty123
  *Naar onder scrollen tot kerberos 5: Aanvinken
  Realm: premium.host.net
  KDC: s2.premium.host.net
  Admin server: s2.premium.VAhost.net
  Share aanmaken:
  1)Shares => klikken op SMB / NFS => Nieuwe subfolder aanmaken: SMBshare / NFSshare
  2)subfolder klikken => maak share => bij rechten naar beneden scrollen => Domain admins: PG & RW, Domain users: RO
  3)Update
  Systeem beveiliging:
  1)system => Network access configuration => Nieuw netwerk toevoegen
  Name: Sharenetwork
  Network/host: 192.168.1.0
  Netmask: 255.255.255.0
  Type: Share
  2)Update
  Protocol aanzetten:
  Shares => subfolder smbshared => Volledig vanonder scrollen => SMB/CIFS protocol op rw zetten
  Connect to share met:
  root
  Azerty123
  Connect Z-schijf met SMB share:
  1)RMB op SMB share
  2)Map network drive
  3)Pad SMB share intypen
  4)connecten met share account of finish 1)Private storage en manueel ip adres ingeven
  Beveiliging backup:
  1)Active directory van S1
  2)OP s1 zelf volledig nieuwe OU: "TEMP Accounts" aanmaken => accidentally delete afzetten!!
  3)2USers aanmaken die lid zijn van de groep ("member of") Guest
  4)Op S1 => C schijf => nieuwe map map aanmaken en delen
  5)Op advanced sharing van gedeelde map => Guest 1 Full control => Everyone alleen read rechten
  6)Testen op client of je op Guest1 tekstbestand kan aanmaken en via Guest2 op die share map niet.
  7)Als het werkt Guest1 verwijderen en bekijk sharing permissions op Guest1 map
  *Wat stel je vast bij verwijderen Guest1 via active directory:
  De guest account wordt vervangen door een ander account met een lange naam
  die full control heeft over de map
  8)Guest1 terug opnieuw aanmaken, wat stel je vast?
  Guest1 heeft geen rechten meer over de map en de aangemaakte account blijft staan
  Recycle BIN:
  1)Open Active directory administrative center
  2)Klik op uw domein links
  3)Rechts => enable Recycle Bin
  4)Verwijder Guest1 op AD
  5)Guest1 komt te staan bij deleted users/objects op Recycle Bin
  6)Mogelijkheid om te restoren
  7)Delete OU Temp accounts => Lukt niet onmiddellijk => Omdat er nog objecten in zitten
  *Zoek op welke technieken je kan toepassen om een backup te nemen van je Active Directory. Bekijk uiteraard ook welke 2 manieren
  er zijn om een backup van je AD terug te plaatsen (Authoritative en non-authoritative):
  -13.1.1 Authoritative Restore
  Dit proces herstelt de AD na bc een wijziging die ongedaan gemaakt moet worden.
  AD wordt hersteld vanaf de backup, de backup overschrijft dan alle andere DC's met eventuele nieuwere informatie.
  -13.1.2 Non-Authoritative Restore
  Terugzetten van gegevens van de backup. Nadien ontvangt de DC updates van andere DC's die gemaakt zijn sinds de backup.
  Backup S1:
  Eerst probleem openfiler oplossen:
  1)openfiler opstarten vanuit vmcloud
  2)cd /etc/samba
  3)vim smb.conf (toevoegen: strict allocate = yes) => eerst i voor insert => opt einde escape => :wq voor opslaan
  4)/etc/init.d/smb restart
  Backup zelf
  1)Install windows backup in server manager => add roles => features
  2)Open windows backup
  3)Action => backup once
  4)Different options => Custom kiezen => System State backuppen
  5)Remote disk kiezen
  6)pad share: \\of\smb.smb.SMBshare
  7)Als backup mislukt, de aangemaakte files door de backup manueel verwijderen en backup terug opnieuw proberen
  !!!Als openfiler ineens verdwijnd van domein, moet je de tijd nakijken van beiden systemen (moeten gelijk zijn met max 5min verschil)
  Restore backup (authoritatief ingesteld)
  http://technet.microsoft.com/ru-ru/library/cc816878(v=ws.10).aspx
  1)Herstart de domeincontroller in Directory Services Restore Mode Remotely
  => run => Msconfig.msc => stapkes staan in url: http://technet.microsoft.com/ru-ru/library/cc794729(v=ws.10).aspx
  2)Restore uw ADDS van je backup a.d.h.v. een non-authoritatieve restore.
  Dit zorgt ervoor dat de domeincontroller terug in de staat komt waarop de objecten die verwijderd zijn
  er terug bijstaan.
  http://technet.microsoft.com/ru-ru/library/cc794755(v=ws.10).aspx
  in cmd:
  =>wbadmin get versions -backuptarget:\\of\smb.smb.SMBshare
  =>wbadmin start systemstaterecovery -version:12/03/2013-12:37 -backuptarget:\\of\smb.smb.SMBshare -quiet
  3)Markeer objecten als authoritatief zodat ze niet worden overschreven bij het restoren door synchronisatiefouten
  tussen de verschillende domeinen.
  http://technet.microsoft.com/ru-ru/library/cc816813(v=ws.10).aspx <== hieraan beginnen
  => open run => ntdsutil
  => activate instance ntds => enter
  => authoritative restore => enter
  => restore subtree "OU=Stagiairs,DC=Host,DC=net" => enter
  => quit => enter
  => Start terug op met de domaincontroller in normale modus dus dsrm opstartmode uitschakelen: Safe boot uitvinken
  Nakijken of beide OU's Stagiairs en Guests er nog staan
  (In dit geval is OU guests wel verwijderd doordat we maar 1 DC hebben dus de informatie
  wordt niet gesynchroniseerd met een 2de DC)
  - Debian Machine toevoegen:
  Netwerkgegevens: NIC0 / Private management network / static - manual / IP = 192.168.1.3
  Als Machine aangemaakt is, nieuwe netwerkkaart toevoegen:
  NIC1 / Private storage network / static - manual / IP = 172.16.0.13
  op Debian machine:
  1)su - => enter => pass: Azerty123 => enter
  2)commando: pico /etc/network/interfaces
  Voeg volgende lijntjes toe aan het bestand
  iface eth0 inet static
  address 192.168.1.3
  netmask 255.255.255.0
  gateway 192.168.1.254
  iface eth1 inet static
  address 172.16.0.13
  netmask 255.255.255.0
  CTRL + O (opslaan) => CTRL + X (afsluiten)
  3)pico /etc/resolv.conf
  veranderd de bestaande lijntjes naar deze:
  domain host.net
  search host.net
  nameserver 192.168.1.1
  4)ifdown / ifup van eth0/eth1
  IPV6 instellen:
  Zelf gekozen ULA subnet:
  fdac:1fff:b0b0 (tot dit gedeelte mag random gegenereerd worden vanaf 'fd')
  Subnet 1: fdac:1fff:b0b0:4bd0:: /64
  Subnet 2: fdac:1fff:b0b0:4bd1:: /64
  /sbin/ip
  Remote settings toewijzen voor domain users aan clients (en eventueel toevoegen aan domein als dit nog niet gebeurt is)
  IPV6 instellen via Netwerkinstellingen (Default gateway openlaten)
          NIC0                    NIC1
  S1: fdac:1fff:b0b0:4bd0::1 /64            fdac:1fff:b0b0:4bd1::11 /64
  dns: ::1                    dns: fdac:1fff:b0b0:4bd1::11
  S2: fdac:1fff:b0b0:4bd0::2 /64            fdac:1fff:b0b0:4bd1::12 /64
  (dns: ::1)                (dns: fdac:1fff:b0b0:4bd1::12)
  Openfiler: fdac:1fff:b0b0:4bd0::150 /64        fdac:1fff:b0b0:4bd1::1 /64    
  S3: fdac:1fff:b0b0:4bd0::3 /64            fdac:1fff:b0b0:4bd1::13 /64
  C1: fdac:1fff:b0b0:4bd0::101 /64
  dns: S1
  C2: fdac:1fff:b0b0:4bd0::102 /64
  dns: S2
  Voor windows server core:
  *powershell
      netsh interface ipv6 add address "Ethernet" fdac:1fff:b0b0:4bd0::2
      netsh interface ipv6 add address "Ethernet 2" fdac:1fff:b0b0:4bd1::12
  Voor linux: (zowel openfiler als debian)
  VOOR DEBIAN 7 (alleen ifup commando gebruiken niet ifdown):
  /sbin/ip -6 addr add fdac:1fff:b0b0:4bd0::3/64 dev eth0 (voor debian)
  /sbin/ip -6 addr add fdac:1fff:b0b0:4bd1::13/64 dev eth1 (voor debian)
  of statisch in /etc/network/interfaces:
  iface eth0 inet6 static
  address fdac:1fff:b0b0:4bd0::3
  netmask 64
  iface eth1 inet6 static
  address fdac:1fff:b0b0:4bd1::13
  netmask 64
  pico /etc/resolv.conf => lijntjes toevoegen
  => domain host.net
  => search host.net
  => nameserver 192.168.1.1
  => nameserver fdac:1fff:b0b0:4bd0::1
  VOOR OPENFILER eth0: vim /etc/sysconfig/network-scripts/ifcfg-eth0
  => IPV6_AUTOCONF=no
  => IPV6INIT=yes
  => Toevoegen: fdac:1fff:b0b0:4bd0::150/64
  VOOR OPENFILER eth1: vim /etc/sysconfig/network-scripts/ifcfg-eth1
  => IPV6_AUTOCONF=no
  => IPV6INIT=yes
  => Toevoegen: fdac:1fff:b0b0:4bd1::1/64
  ~~ /sbin/ip -6 addr add fdac:1fff:b0b0:4bd0::150/64 dev eth0 (voor openfiler)
  ~~ /sbin/ip -6 addr add fdac:1fff:b0b0:4bd1::1/64 dev eth1 (voor openfiler)
  Risico's gedeelde application pool:
      -1 proces per application pool (=>zwaar proces dat veel resources nodig heeft)
          (als dit proces vastloopt alle websites geimpacteerd)
      -gebruikers kunnen in principe aan elkaars bestanden
  1)IIS installeren op S2 via server manager op S1
  2)Role services in setup, volledig vanonder => management service aanvinken (dit staat remote management toe)
  3)Op S1 Web server zoeken en enkel van IIS de management console installeren zodat IIS van S2 beheerbaar is
  4)Powershell op S2:
  Invoke-command -ScriptBlock{Set-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\WebManagement\Server -Name EnableRemoteManagement -Value 1}
  Invoke-command -ScriptBlock {Set-Service -name WMSVC -StartupType Automatic}
  Invoke-command -ScriptBlock {Start-service WMSVC}
  In IIS manager op S1 => Add connection => S2.premium.sdhost.net => account: administrator van S2
  In IIS Manager => Sites => new Website, 2 website aanmaken
      -'klant1.sdhost.net' Physical path => C:\inetpub\wwwroot\Klant1 => hostname = Klant1.host.net
      -'klant2.sdhost.net' Physical path => C:\inetpub\wwwroot\Klant2 => hostname = Klant2.host.net
  In DNS A-record toevoegen:
      -hostname: www
      -IP: 192.168.1.2
  Voor toegang via IPv6 ook een AAAA-record toevoegen:
      -hostname: www
      -IP: fdac:1fff:b0b0:4bd0::2
  Voor elke site ook een een CNAME-record aanmaken:
      -Alias name: klant1, FQDN: www.host.net
      -Alias name: klant2, FQDN: www.host.net
  In deze standaardopstelling schuilen enkele risicoís. Geef twee risicoís die de huidige
  configuratie (gedeelde application pool) met zich mee kan brengen:
  - Als je een website hebt die zwaar CPU belastend is (zoals foto's herschalen) heeft dit ook effect op je andere websites
  - Omdat je websites binnen dezelfde apppool zitten hebben ze eenzelfde identiteit en kun je geen aparte permissies opzetten.
  GROUP MANAGEMENT SERVICE ACCOUNT:
  New-ADServiceAccount IISPool1 -DNSHostName s1.amhost.net -PrincipalsAllowedToRetrieveManagedPassword Administrator -KerberosEncryptionType RC4, AES128, AES256
  Install-ADServiceAccount IISPool1
  Maybe you can do this tutorial to, it is a tuto for learning DFS & DNSSEC..
  Wat betekent de optie “dnssecok”
      -> Deze optie stelt de dnssecOK bit in voor deze query
      -> Dit verteld de server that de client dnssec verstaat en dat deze server hiervan gebruik kan maken met deze client
  Krijg je een bevestiging dat dit een secure antwoord is? (RRSIG)
      -> Neen want de zone is nog niet gesigneerd
  Controleer of de client C1 ingesteld is om secure responses af te dwingen bij zijn DNS
  caching server: get-dnsclientnrptpolicy. Resultaat?
      -> Het resultaat is niks, vermoedelijk omdat er geen instellingen zijn hiervoor
  Probeer opnieuw een request op C1 voor S1 met Resolve­DNSName. Is het signeren
  van de zone voldoende om secure antwoorden te krijgen op de client?
      -> Er komt opnieuw geen RSIG record dus dit is niet voldoende
  Om secure DNS responses op de client voor het domein securezone.lab af te dwingen
  wordt in het domein Host.net een GPO ingesteld. (nieuwe GPO voor hele domein).
  zoek op en stel deze GPO in voor responses van securezone.lab.
      -> default domain policy -> Edit =>    -> Computer Configuration > Policies > Windows Settings > Name Resolution Policy.
      "In the details pane, under Create Rules and To which part of the namespace does this rule apply, choose Suffix from the drop-down list and type sec.contoso.com next to Suffix."
      "On the DNSSEC tab, select the Enable DNSSEC in this rule checkbox and then under Validation select the Require DNS clients to check that name and address data has been validated by the DNS server checkbox."
      "In the bottom right corner, click Create and then verify that a rule for sec.contoso.com was added under Name Resolution Policy Table."
      => GPupdate /force uitvoeren
      => Dan kan de policy bekeken worden
  Je zorgt er uiteraard ook voor dat deze policy toegepast werd op de client (C1) en controleer dit opnieuw met get-dnsclientnrptpolicy.
      => GPupdate /force
      => get-dnsclientnrptpolicy => levert hetzelfde resultaat als op de server
  Opnieuw: Resolve­DnsName s1.securezone.lab ­server S1 ­dnssecok Wat krijg je als antwoord te zien? Wat is de oorzaak?
  (Distribueer) Kopieer de trust achor data van de secure.lab zone op S2 naar S1 en importeer die op de DNS van S1 als trusted anchor. (keyset­securezone.lab)
      http://technet.microsoft.com/en-us/library/hh831411.aspx
  opnieuw: Resolve­DnsName s1.securezone.lab ­server S1 ­dnssecok Krijg je nu een (beveiligd antwoord)?
      ->Ik krijg nu een beveiligd antwoord van de DNS server gesigneerd door securezone.lab met geldigheidstermijn
  p23 Distributed File System
  Installeer op beide server de “file services role”.
      -> Add roles and features
      -> File services
          -> DFS
  Maak een namespace aan (DOCUMENTATION) in je domein hOst.net. Stel de share­permissions zo in dat de groep ‘auteurs’ schrijfrechten heeft. gewone gebruikers
  mogen enkel leesrechten hebben.
      -> DFS manager
      -> Namespaces => Add namespace
  maak een folder aan in de namespace DOCUMENTATION met als naam PDF
      -> Add folder
  maak een tweede target aan voor de PDF folder
      -> Add target to folder
  stel replicatie in tussen de twee folder targets. De inhoud wordt vanaf nu dus gesynct.
      -> Automatisch bij 2de target volg de wizard
  Welke andere stappen zijn nodig om een volledig redundant DFS systeem op te zetten?
      -> De folder moeten via DFS geschared staan
      -> De replicatie moet ingesteld worden
  maak een diagnostisch raport aan over hoe replicatie gebeurt, en corrigeer eventue vastgestelde problemen.
      -> Rechtermuisknop op de replication object
      -> Create diagnostic report
      -> kies de reports
  stel quota’s in. In de map PDF maak je een subfolder CATALOGS aan, maar zorg dat die niet groter dan 10MB kan worden. Stel hiervoor een harde limiet in.
      -> install FSRM bij file services
      -> klik quotas => add quota => kies het bestand
      -> nieuwe quota => 10mb hard aanvinken
      -> save
      http://technet.microsoft.com/en-us/library/cc875787(v=ws.10).aspx
  omdat we willen vermijden dat de volledige bandbreedte ingenomen wordt door DFS,beperken we de replication speed tot 2MBps.
      -> Klik op de replication -> rechterkolom kies vor edit replication group
      -> Stel de 2MBps in

• ASA and RADUIS on Windows server 2012

  hi i have ASA5505 i want to get the Authentication from Raduis Server using NPS on windows Server 2012 i test the Raduis Server over "Kerio Control VMware Virtual Appliance" its work Perfect for testing my Setting on Raduis  but with the ASA5505 i get this message "Error authentication rejected aaa failure" 
  Running Config
  : Saved
  ASA Version 9.1(3)
  hostname NazcoFW
  domain-name default.domain.invalid
  enable password XgEKS9WizHnI9IUJ encrypted
  xlate per-session deny tcp any4 any4
  xlate per-session deny tcp any4 any6
  xlate per-session deny tcp any6 any4
  xlate per-session deny tcp any6 any6
  xlate per-session deny udp any4 any4 eq domain
  xlate per-session deny udp any4 any6 eq domain
  xlate per-session deny udp any6 any4 eq domain
  xlate per-session deny udp any6 any6 eq domain
  passwd XgEKS9WizHnI9IUJ encrypted
  names
  interface Ethernet0/0
  switchport access vlan 22
  interface Ethernet0/1
  interface Ethernet0/2
  switchport access vlan 12
  interface Ethernet0/3
  interface Ethernet0/4
  shutdown
  interface Ethernet0/5
  shutdown
  interface Ethernet0/6
  shutdown
  interface Ethernet0/7
  switchport access vlan 32
  shutdown
  interface Vlan1
  nameif NAZCO
  security-level 100
  ddns update hostname OSI
  dhcp client update dns server both
  ip address 172.16.200.1 255.255.255.0
  interface Vlan12
  nameif outside4
  security-level 0
  ip address 172.16.4.254 255.255.255.0
  interface Vlan22
  nameif Outside20
  security-level 0
  ip address 172.16.20.254 255.255.255.0
  boot system disk0:/asa913-k8.bin
  ftp mode passive
  dns domain-lookup NAZCO
  dns server-group DefaultDNS
  name-server 10.1.1.1
  name-server 10.1.2.1
  domain-name default.domain.invalid
  same-security-traffic permit inter-interface
  same-security-traffic permit intra-interface
  object network HP5220
  host 10.10.10.105
  object network ak20
  host 10.10.10.110
  object network hp5520
  host 192.168.2.105
  object network HP7000
  host 192.168.2.106
  object network HP5520
  host 192.168.2.105
  object network ak04
  host 10.10.10.110
  object network HP400
  host 192.168.2.107
  object network out04
  range 192.168.2.200 192.168.2.220
  object network AK04
  host 10.10.10.110
  object network oooo
  subnet 10.10.10.0 255.255.255.0
  object network 444
  host 10.10.10.110
  object network OSITOINT
  subnet 10.10.10.0 255.255.255.0
  object-group network OSItoOUT04
  network-object object out04
  access-list outside20_access_in extended permit icmp any4 any4
  pager lines 24
  logging enable
  logging asdm-buffer-size 512
  logging trap informational
  logging asdm informational
  logging host NAZCO 10.10.10.10 17/6161
  logging debug-trace
  logging permit-hostdown
  mtu NAZCO 1500
  mtu Outside20 1500
  mtu outside4 1500
  no failover
  icmp unreachable rate-limit 1 burst-size 1
  asdm image disk0:/asdm-721.bin
  no asdm history enable
  arp timeout 14400
  no arp permit-nonconnected
  nat (NAZCO,outside4) source dynamic any interface dns
  nat (NAZCO,Outside20) source dynamic any interface dns
  route Outside20 0.0.0.0 0.0.0.0 172.16.20.1 1
  route outside4 0.0.0.0 0.0.0.0 172.16.4.1 11
  timeout xlate 3:00:00
  timeout pat-xlate 0:00:30
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  aaa-server Keefa-Raduis protocol radius
  aaa-server Keefa-Raduis (NAZCO) host 172.16.200.10
  key *****
  radius-common-pw *****
  user-identity default-domain LOCAL
  aaa authentication enable console LOCAL
  aaa authentication http console LOCAL
  aaa authentication serial console LOCAL
  aaa authentication ssh console LOCAL
  aaa authentication telnet console LOCAL
  http server enable
  http 0.0.0.0 0.0.0.0 NAZCO
  snmp-server host NAZCO 10.10.10.196 community ***** version 2c
  no snmp-server location
  no snmp-server contact
  snmp-server community *****
  snmp-server enable traps snmp authentication linkup linkdown
  snmp-server enable traps syslog
  snmp-server enable traps ipsec start stop
  snmp-server enable traps entity fru-insert
  snmp-server enable traps remote-access session-threshold-exceeded
  snmp-server enable traps connection-limit-reached
  snmp-server enable traps cpu threshold rising
  snmp-server enable traps ikev2 start stop
  snmp-server enable traps nat packet-discard
  crypto ipsec security-association pmtu-aging infinite
  crypto ca trustpoint _SmartCallHome_ServerCA
  crl configure
  crypto ca trustpool policy
  crypto ca certificate chain _SmartCallHome_ServerCA
  certificate ca 6ecc7aa5a7032009b8cebcf4e952d491
  308205ec 308204d4 a0030201 0202106e cc7aa5a7 032009b8 cebcf4e9 52d49130
  0d06092a 864886f7 0d010105 05003081 ca310b30 09060355 04061302 55533117
  30150603 55040a13 0e566572 69536967 6e2c2049 6e632e31 1f301d06 0355040b
  13165665 72695369 676e2054 72757374 204e6574 776f726b 313a3038 06035504
  0b133128 63292032 30303620 56657269 5369676e 2c20496e 632e202d 20466f72
  20617574 686f7269 7a656420 75736520 6f6e6c79 31453043 06035504 03133c56
  65726953 69676e20 436c6173 73203320 5075626c 69632050 72696d61 72792043
  65727469 66696361 74696f6e 20417574 686f7269 7479202d 20473530 1e170d31
  30303230 38303030 3030305a 170d3230 30323037 32333539 35395a30 81b5310b
  30090603 55040613 02555331 17301506 0355040a 130e5665 72695369 676e2c20
  496e632e 311f301d 06035504 0b131656 65726953 69676e20 54727573 74204e65
  74776f72 6b313b30 39060355 040b1332 5465726d 73206f66 20757365 20617420
  68747470 733a2f2f 7777772e 76657269 7369676e 2e636f6d 2f727061 20286329
  3130312f 302d0603 55040313 26566572 69536967 6e20436c 61737320 33205365
  63757265 20536572 76657220 4341202d 20473330 82012230 0d06092a 864886f7
  0d010101 05000382 010f0030 82010a02 82010100 b187841f c20c45f5 bcab2597
  a7ada23e 9cbaf6c1 39b88bca c2ac56c6 e5bb658e 444f4dce 6fed094a d4af4e10
  9c688b2e 957b899b 13cae234 34c1f35b f3497b62 83488174 d188786c 0253f9bc
  7f432657 5833833b 330a17b0 d04e9124 ad867d64 12dc744a 34a11d0a ea961d0b
  15fca34b 3bce6388 d0f82d0c 948610ca b69a3dca eb379c00 48358629 5078e845
  63cd1941 4ff595ec 7b98d4c4 71b350be 28b38fa0 b9539cf5 ca2c23a9 fd1406e8
  18b49ae8 3c6e81fd e4cd3536 b351d369 ec12ba56 6e6f9b57 c58b14e7 0ec79ced
  4a546ac9 4dc5bf11 b1ae1c67 81cb4455 33997f24 9b3f5345 7f861af3 3cfa6d7f
  81f5b84a d3f58537 1cb5a6d0 09e4187b 384efa0f 02030100 01a38201 df308201
  db303406 082b0601 05050701 01042830 26302406 082b0601 05050730 01861868
  7474703a 2f2f6f63 73702e76 65726973 69676e2e 636f6d30 12060355 1d130101
  ff040830 060101ff 02010030 70060355 1d200469 30673065 060b6086 480186f8
  45010717 03305630 2806082b 06010505 07020116 1c687474 70733a2f 2f777777
  2e766572 69736967 6e2e636f 6d2f6370 73302a06 082b0601 05050702 02301e1a
  1c687474 70733a2f 2f777777 2e766572 69736967 6e2e636f 6d2f7270 61303406
  03551d1f 042d302b 3029a027 a0258623 68747470 3a2f2f63 726c2e76 65726973
  69676e2e 636f6d2f 70636133 2d67352e 63726c30 0e060355 1d0f0101 ff040403
  02010630 6d06082b 06010505 07010c04 61305fa1 5da05b30 59305730 55160969
  6d616765 2f676966 3021301f 30070605 2b0e0302 1a04148f e5d31a86 ac8d8e6b
  c3cf806a d448182c 7b192e30 25162368 7474703a 2f2f6c6f 676f2e76 65726973
  69676e2e 636f6d2f 76736c6f 676f2e67 69663028 0603551d 11042130 1fa41d30
  1b311930 17060355 04031310 56657269 5369676e 4d504b49 2d322d36 301d0603
  551d0e04 1604140d 445c1653 44c1827e 1d20ab25 f40163d8 be79a530 1f060355
  1d230418 30168014 7fd365a7 c2ddecbb f03009f3 4339fa02 af333133 300d0609
  2a864886 f70d0101 05050003 82010100 0c8324ef ddc30cd9 589cfe36 b6eb8a80
  4bd1a3f7 9df3cc53 ef829ea3 a1e697c1 589d756c e01d1b4c fad1c12d 05c0ea6e
  b2227055 d9203340 3307c265 83fa8f43 379bea0e 9a6c70ee f69c803b d937f47a
  6decd018 7d494aca 99c71928 a2bed877 24f78526 866d8705 404167d1 273aeddc
  481d22cd 0b0b8bbc f4b17bfd b499a8e9 762ae11a 2d876e74 d388dd1e 22c6df16
  b62b8214 0a945cf2 50ecafce ff62370d ad65d306 4153ed02 14c8b558 28a1ace0
  5becb37f 954afb03 c8ad26db e6667812 4ad99f42 fbe198e6 42839b8f 8f6724e8
  6119b5dd cdb50b26 058ec36e c4c875b8 46cfe218 065ea9ae a8819a47 16de0c28
  6c2527b9 deb78458 c61f381e a4c4cb66
  quit
  telnet timeout 5
  ssh scopy enable
  ssh 172.16.200.0 255.255.255.0 NAZCO
  ssh timeout 5
  ssh key-exchange group dh-group1-sha1
  console timeout 0
  management-access NAZCO
  dhcp-client update dns server both
  dhcpd dns
  dhcpd update dns both
  dhcpd address 172.16.200.20-172.16.200.89 NAZCO
  dhcpd dns 172.16.20.1 172.16.4.1 interface NAZCO
  dhcpd lease 1048575 interface NAZCO
  dhcpd update dns both interface NAZCO
  dhcpd enable NAZCO
  threat-detection basic-threat
  threat-detection statistics
  threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
  ssl encryption rc4-sha1 aes128-sha1 aes256-sha1 3des-sha1
  username admin password bZmVDHuxUzzxS3yz encrypted privilege 15
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
  message-length maximum client auto
  message-length maximum 512
  policy-map global_policy
  class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny
  inspect sunrpc
  inspect xdmcp
  inspect sip
  inspect netbios
  inspect tftp
  inspect ip-options
  inspect icmp
  inspect icmp error
  class class-default
  user-statistics accounting
  service-policy global_policy global
  prompt hostname context
  service call-home
  no call-home reporting anonymous
  call-home
  profile CiscoTAC-1
  no active
  destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
  destination address email [email protected]
  destination transport-method http
  subscribe-to-alert-group diagnostic
  subscribe-to-alert-group environment
  subscribe-to-alert-group inventory periodic monthly
  subscribe-to-alert-group configuration periodic monthly
  subscribe-to-alert-group telemetry periodic daily
  hpm topN enable
  Cryptochecksum:357b7c6f861e8aa9bb3a3674a789b39b
  : end
  asdm image disk0:/asdm-721.bin
  no asdm history enable

  Hi
    Looks like the AAA configuration is set for local
  aaa authentication enable console LOCAL
  aaa authentication http console LOCAL
  aaa authentication serial console LOCAL
  aaa authentication ssh console LOCAL
  aaa authentication telnet console LOCAL
  Change it to Radius
  aaa-server Keefa-Raduis protocol radius
  aaa-server Keefa-Raduis (NAZCO) host 172.16.200.10
  key *****
  radius-common-pw *****
  for example :
  aaa authentication telnet console Keefa-Raduis LOCAL
  Now when you will do telnet to using Radius credentials, Its Should work, If radius goes down you can use LOCAL username and password as fallback method.
  Cheers!
  Minakshi(Do rate the helpful post)

• Server Manager Error, Windows Server 2012 Standed

  Windows
  Server 2012 on my desktop
  and I've been in it then
  open Server Manager "ServerManager.exe - This application could not be started"
  error this time. In it,
  the option is YES and
  NO. YES is open
  to the side of .net.
  Please help me as soon as possible.

  Hi,
  Please check the event viewer to get more detailed error information about this issue.
  You can also remotely access it from another server by adding this server in the server manager of the remote server, and try to access the roles and features from the remote server, and tackle the problem from there.
  I hope this helps.

• Windows Server 2012 - Hyper-V - iSCSI SAN - All Hyper-V Guests stops responding and extensive disk read/write

  We have a problem with one of our deployments of Windows Server 2012 Hyper-V with a 2 node cluster connected to a iSCSI SAN.
  Our setup:
  Hosts - Both run Windows Server 2012 Standard and are clustered.
  HP ProLiant G7, 24 GB RAM, 2 teamed NIC dedicated to Virtual Machines and Management, 2 teamed NIC dedicated to iSCSI storage. - This is the primary host and normaly all VMs run on this host.
  HP ProLiant G5, 20 GB RAM, 1 NIC dedicated to Virtual Machines and Management, 2 teamed NIC dedicated to iSCSI storage. - This is the secondary host that and is intended to be used in case of failure of the primary host.
  We have no antivirus on the hosts and the scheduled ShadowCopy (previous version of files) is switched of.
  iSCSI SAN:
  QNAP NAS TS-869 Pro, 8 INTEL SSDSA2CW160G3 160 GB i a RAID 5 with a Host Spare. 2 Teamed NIC.
  Switch:
  DLINK DGS-1210-16 - Both the network cards of the Hosts that are dedicated to the Storage and the Storage itself are connected to the same switch and nothing else is connected to this switch.
  Virtual Machines:
  3 Windows Server 2012 Standard - 1 DC, 1 FileServer, 1 Application Server.
  1 Windows Server 2008 Standard Exchange Server.
  All VMs are using dynamic disks (as recommended by Microsoft).
  Updates
  We have applied the most resent updates to the Hosts, WMs and iSCSI SAN about 3 weeks ago with no change in our problem and we continually update the setup.
  Normal operation
  Normally this setup works just fine and we see no real difference in speed in startup, file copy and processing speed in LoB applications of this setup compared to a single host with 2 10000 RPM Disks. Normal network speed is 10-200 Mbit, but occasionally
  we see speeds up to 400 Mbit/s of combined read/write for instance during file repair
  Our Problem
  Our problem is that for some reason all of the VMs stops responding or responds very slowly and you can for instance not send CTRL-ALT-DEL to a VM in the Hyper-V console, or for instance start task manager when already logged in.
  Symptoms (i.e. this happens, or does not happen, at the same time)
  I we look at resource monitor on the host then we see that there is often an extensive read from a VHDX of one of the VMs (40-60 Mbyte/s) and a combined write speed to many files in \HarddiskVolume5\System Volume Information\{<someguid and no file extension>}.
  See iamge below.
  The combined network speed to the iSCSI SAN is about 500-600 Mbit/s.
  When this happens it is usually during and after a VSS ShadowCopy backup, but has also happens during hours where no backup should be running (i.e. during daytime when the backup has finished hours ago according to the log files). There is however
  not that extensive writes to the backup file that is created on an external hard drive and this does not seem to happen during all backups (we have manually checked a few times, but it is hard to say since this error does not seem leave any traces in event
  viewer).
  We cannot find any indication that the VMs themself detect any problem and we see no increase of errors (for example storage related errors) in the eventlog inside the VMs.
  The QNAP uses about 50% processing Power on all cores.
  We see no dropped packets on the switch.
  (I have split the image to save horizontal space).
  Unable to recreate the problem / find definitive trigger
  We have not succeeded in recreating the problem manually by, for instance, running chkdsk or defrag in VM and Hosts, copy and remove large files to VMs, running CPU and Disk intensive operations inside a VM (for instance scan and repair a database file).
  Questions
  Why does all VMs stop responding and why is there such intensive Read/Writes to the iSCSI SAN?
  Could it be anything in our setup that cannot handle all the read/write requests? For instance the iSCSI SAN, the hosts, etc?
  What can we do about this? Should we use MultiPath IO instead of NIC teaming to the SAN, limit bandwith to the SAN, etc?

  Hi,
  > All VMs are using dynamic disks (as recommended by Microsoft).
  If this is a testing environment, it’s okay, but if this a production environment, it’s not recommended. Fixed VHDs are recommended for production instead of dynamically expanding or differencing VHDs.
  Hyper-V: Dynamic virtual hard disks are not recommended for virtual machines that run server workloads in a production environment
  http://technet.microsoft.com/en-us/library/ee941151(v=WS.10).aspx
  > This is the primary host and normaly all VMs run on this host.
  According to your posting, we know that you have Cluster Shared Volumes in the Hyper-V cluster, but why not distribute your VMs into two Hyper-V hosts.
  Use Cluster Shared Volumes in a Windows Server 2012 Failover Cluster
  http://technet.microsoft.com/en-us/library/jj612868.aspx
  > 2 teamed NIC dedicated to iSCSI storage.
  Use Microsoft MultiPath IO (MPIO) to manage multiple paths to iSCSI storage. Microsoft does not support teaming on network adapters that are used to connect to iSCSI-based storage devices. (At least it’s not supported until Windows Server 2008 R2. Although
  Windows Server 2012 has built-in network teaming feature, I don’t article which declare that Windows Server 2012 network teaming support iSCSI connection)
  Understanding Requirements for Failover Clusters
  http://technet.microsoft.com/en-us/library/cc771404.aspx
  > I have seen using MPIO suggests using different subnets, is this a requirement for using MPIO
  > or is this just a way to make sure that you do not run out of IP adressess?
  What I found is: if it is possible, isolate the iSCSI and data networks that reside on the same switch infrastructure through the use of VLANs and separate subnets. Redundant network paths from the server to the storage system via MPIO will maximize availability
  and performance. Of course you can set these two NICs in separate subnets, but I don’t think it is necessary.
  > Why should it be better to not have dedicated wireing for iSCSI and Management?
  It is recommended that the iSCSI SAN network be separated (logically or physically) from the data network workloads. This ‘best practice’ network configuration optimizes performance and reliability.
  Check that and modify cluster configuration, monitor it and give us feedback for further troubleshooting.
  For more information please refer to following MS articles:
  Volume Shadow Copy Service
  http://technet.microsoft.com/en-us/library/ee923636(WS.10).aspx
  Support for Multipath I/O (MPIO)
  http://technet.microsoft.com/en-us/library/cc770294.aspx
  Deployments and Tests in an iSCSI SAN
  http://technet.microsoft.com/en-US/library/bb649502(v=SQL.90).aspx
  Hope this helps!
  TechNet Subscriber Support
  If you are
  TechNet Subscription user and have any feedback on our support quality, please send your feedback
  here.
  Lawrence
  TechNet Community Support