Windows Server 2012 CA will not allow Windows XP to autoenroll

I have a Windows Server 2012 Domain Controller with an Enterprise root CA installed.  I have created a client authentication certificate template (2003 compatible).  Domain Computers have Read, Enroll and Autoenroll permissions.  I modified
the Domain Policy to enable Certificate autoenrollment.  I have two clients on the same subnet with the domain controller, one Windows 7 Ent SP1 and one Windows XP SP3.  The problem:  Windows 7 reboots, has client auth cert installed in computer's
personal cert store.  The Windows XP machine cannot acquire the certificate.  Event ID 13, source is AutoEnrollment, 0x80094011,The permissions on this certification authority do not allow the current user to enroll for certificates.  Both machines
belong to the domain.  Running gpudate /force on the XP machine generates an info event stating that the computer security policy has be applied successfully, then the autoenrollment error.  I've setup autoenrollment dozens of times without any
problems.  The only thing different in this environment is that the CA is installed on Server 2012.  I could be something else, but the only real difference is Server 2012.  There are no errors on the server.  It is like the client just
cannot talk to the server at all, but it's getting its policy from that server.
Any ideas? 

http://technet.microsoft.com/en-us/library/hh831373.aspx
What works differently?
Windows XP clients
will not be compatible with this higher security setting enabled by
default on a Windows Server 2012 CA. If necessary, you can lower the
security setting as previously described.
Try run this command:
certutil -setreg CA\InterfaceFlags +IF_ENFORCEENCRYPTICERTREQUEST
Restart the certification authority
net stop certsvc
net start certsvc
INFO FROM LINK:
What value does this change add?
The CA
enforces enhanced security in the requests that are sent to it. This
higher security level requires that the packets requesting a certificate
are encrypted, so they cannot be intercepted and read. Without this
setting enabled, anyone with access to the network can read packets sent
to and from the CA using a network analyzer. This means that
information could be exposed that might be considered a privacy
violation, such as the names of requesting users or machines, the types
of certificates for which they are enrolling, the public keys involved,
and so on. Within a forest or domain, leaking these data may not be a
concern for most organizations. However, if attackers gain access to the
network traffic, internal company structure and activity could be
gleaned, which could be used for more targeted social engineering or
phishing attacks.
The commands to enable the enhanced security
level of RPC_C_AUTHN_LEVEL_PKT on Windows Server®  2003,
Windows Server®  2003 R2, Windows Server®  2008, or Windows
Server 2008 R2 certification authorities are:
certutil -setreg CA\InterfaceFlags +IF_ENFORCEENCRYPTICERTREQUEST
Restart the certification authority
net stop certsvc
net start certsvc
If
you still have Windows XP client computers that need to request
certificates from a CA that has the setting enabled, you have two
options:

Similar Messages

  • Windows Server 2012 R2 will not install when Server 2012 non-R2 installs fine.

    Our company has several Windows Server 2012 servers that installed and work without issues. However, we purchased several Server 2012 R2 licenses to install on the exact same hardware, and at the very beginning of the install process it does not recognize
    any of the hard drives, and cannot continue with the install. I have put the drivers that the non-R2 servers use on a flash drive, and tried to use those drivers during the R2 installs, but none work. This is extremely frustrating, and I want to know what
    my options are? Is it a signed driver issue? Can I disable signed driver checks before installing R2? Thanks for any help.
    P.S. I will even consider downgrading the Server 2012 R2 licenses to standard 2012 if that is even possible? I don't think I can get a refund on the media.

    Contact your server vendor to see if they support 2012 R2 on the platform you are working with.  They are the ones who determine what firmware/drivers get released for what versions of the operating system.
    "R2 2012 and using them for R2 does not work as it just rejects them or says no new device drivers were found."
    Are you trying to load them during the installation process when it gives you the option to load drivers?  I've never seen a 'no new device drivers were found' message at that point because you are specifically telling it which driver to use.
    Yes, the license for a retail copy of the operating system contains downgrade rights.  However, activation keys are different.  You may have to contact Microsoft or the vendor from whom you purchased your copy to obtain a 2012 activation key.
    . : | : . : | : . tim

  • Airport Extreme unit will not allow Windows devices to access WiFi

    For the last 10 or so days, my Airport Extreme unit will not allow Windows based devices to access WiFi (ASUS laptop and Nokia Windows Phone). Our Apple devices have no issues (MacBook Pro, iPad, iPhone, iPod). Settings were not changed but there may have been a program update? Have tried resetting without success. Today I tried to bypass the problem by creating guest network access - my MacBook Pro can access the guest network, but again, the Windows-based devices can't log in.
    Airport packaging stipulates that this product will service both Apple and PC products. I'm stumped and this is a bit of an issue as my wife's PC has been cut off from the Web as well as my Windows phone. This Airport unit is fairly recent having been bought August or September of last year - so a recent purchase, but to get Apple assistance it appears I'd need to purchase service ticket... (Am using Mountain Lion 10.8.4 and Extreme 5th Gen.)
    Is there an easy solution?

    No software updates available.
    Found a Network Options checkbox which blocked IPv6 connections in Airport Utility. Unchecked it, that didn't change anything, so I've returned it to its original setting. But under Internet Options, Airport is set to allow IPv6 connections. Strange that this unit would have settings that appear to contradict each other.
    There was an access control panel - but to grant control here, I'd need an Apple address which my Mac would have but which the Windows devices would not, so that setting couldn't be used to address this problem.
    So, no solution to the issue that I can see.

  • Windows 7 internet security will not allow the installation of Flash Player 17 Update

    Windows 7 internet security will not allow the installation of the Flash Player 17 update.  I have tried the direct install using the IE_AX update without success.

    Hi,
    Thanks for the screenshot.  It's very helpful. Essentially, this is an issue with the internet security settings on your machine (Internet Explorer > Internet Options > Security), and not a Flash Player issue.  I Googled "internet security settings prevented one or more files from opening' and it returned numerous hits.  I'm posting a few for you, however, I'm not endorsing any of them.  I recommend you search your self and select one you feel comfortable with.
    https://support.microsoft.com/en-us/kb/2588679
    https://social.technet.microsoft.com/Forums/windows/en-US/6bd973a1-38b5-4ad2-bcf5-e90be18c c64b/your-internet-security-settings-prevented-one-or-more-files-from-being-opened?forum=w 7itproinstall
    How to fix: These files can’t be opened. Your Internet security settings prevented one or more files from being opened. …
    and there are many more.
    Maria

  • Can I download the trial version of windows server 2012 onto a laptop running windows 8.1?

    Can I download the trial version of windows server 2012 onto a laptop running windows 8.1 and create a dual boot?

    Have a look:
    http://blogs.technet.com/b/blainbar/archive/2012/09/25/step-by-step-4-ways-to-dual-boot-microsoft-windows-8-and-windows-server-2012-with-or-without-windows-7.aspx
    http://www.msdonkey.com/server/dual-booting-windows-8-1-and-windows-server-2012-r2-from-vhd/
    Regards,
    Rafic
    If you found this post helpful, please give it a "Helpful" vote.
    If it answered your question, remember to mark it as an "Answer".
    This posting is provided "AS IS" with no warranties and confers no rights! Always test ANY suggestion in a test environment before implementing!

  • Why does my Cisco router firewall block Windows Server 2012 traffic, but not Windows Server 2008 traffic?

    Hello,
       I run a small business network with five physical servers: three Dell servers running Windows Server 2008 R2, one custom build running 2008, and another custom build running 2012 with Domain Controller Role (same hardware for both custom builds). 
    The Dell servers are all running the Hyper-V role and each has a number of 2008 VMs.  I also have a 2012 VM with the Domain Controller Role on one of the Hyper-V servers and another VM with a completely base install of 2012.
       All servers are plugged into a Cisco SG300-52 switch which is uplinked to a Cisco 881 router which is connected to a cable TWC provided Ubee cable modem.  I have no VLANs setup.  I do have the Firewall on the router configured
    to inspect most traffic.
       Here is my problem:  I cannot connect to most of the internet on ANY 2012 server (and all exhibit the exact same behavior), but I have NO problems connecting to the internet from 2008 servers.  Here is what I already know:
       1.) I can ping the outside world just fine so ICMP is passing to any external host.
       2.) Two of the 2012 servers are DCs running DNS services and they can connect to the internet just fine for DNS requests because they are doing a perfectly good job of providing DNS services to my network.
       3.) Here's where it gets really weird: I can browse in internet explorer to Bing.com and it works.  I can also go to a couple other Microsoft websites (though they are very slow).  If I click on any link in Bing, however, it doesn't
    work and gives me a page not available error.  If I connect to a non-MS website like Google or my company website, I get page not available.
        4.) I have tried to telnet to port 80 at Bing and it works.  I have tried to telnet to port 80 at google.com and it won't connect.  The 2008 servers have no issue telneting to either bing or google on port 80 and none of my client
    PCs on the network do either.
        5.) Windows Update will not connect and neither will any other update service such as AVG (I have AVG Antivirus installed WITHOUT firewall on two of the three servers. The base 2012 VM has no software installed and no roles...I built it
    just to see if it could connect after a fresh install and it still cannot.)
        6.) The network connection does not indicate limited connectivity (probably because ICMP appears to be passing successfully)
         7.) If I connect the server directly to the modem it has full internet access.
         8.) All internal LAN connectivity is perfectly fine and runs at full speed.
         9.) I have scoured the internet trying to find other examples of this particular kind of connectivity issue on 2012 and I have found two TechNet articles that are similar, but they both had the same resolution: changing the router
    worked, but no one knows why. (I would have included the links, but apparently I cannot do that yet)
    My question is this: What is different about Windows Server 2012 networking that would render it unable to communicate through a router that Windows Server 2008 has no problems with?  I ask because, unlike in these two articles where they were
    running personal networking equipment they could easily upgrade, I'm running a Cisco 881 with what should be virtually limitless configuration options and I have no desire to replace it.  I have to assume the issue is somehow related to the firewall configuration,
    which I could fix easily, but I don't know what to change.  If anyone knows what changed in 2012 and why I would be able to browse to bing and other MS sites but no where else, please pass them along.  Thanks.

    This is the IP Config for the 2012 DC:
    Windows IP Configuration
       Host Name . . . . . . . . . . . . : COMPANYDC02
       Primary Dns Suffix  . . . . . . . : company.local
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
       DNS Suffix Search List. . . . . . : company.local
    Ethernet adapter Ethernet:
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Intel(R) 82574L Gigabit Network Connection
       Physical Address. . . . . . . . . : 00-25-90-DC-EF-D5
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::81d5:53cf:bd07:14ed%12(Preferred)
       IPv4 Address. . . . . . . . . . . : 10.10.10.202(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Default Gateway . . . . . . . . . : 10.10.10.1
       DHCPv6 IAID . . . . . . . . . . . : 301999504
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-96-D5-C3-00-25-90-DC-EF-D5
       DNS Servers . . . . . . . . . . . : 10.10.10.202
                                           10.10.10.221
       NetBIOS over Tcpip. . . . . . . . : Enabled
    Tunnel adapter isatap.{9929D989-8E88-4096-A1CB-61F1DB173FA3}:
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Microsoft ISATAP Adapter
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
    Tunnel adapter Teredo Tunneling Pseudo-Interface:
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
    This is the IP Config for the fresh install 2012 VM:
    Windows IP Configuration
       Host Name . . . . . . . . . . . . : WIN-800299O7ES6
       Primary Dns Suffix  . . . . . . . :
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
       DNS Suffix Search List. . . . . . : company.local
    Ethernet adapter Ethernet:
       Connection-specific DNS Suffix  . : company.local
       Description . . . . . . . . . . . : Microsoft Hyper-V Network Adapter
       Physical Address. . . . . . . . . : 00-15-5D-0A-5C-02
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       IPv4 Address. . . . . . . . . . . : 10.10.10.49(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Lease Obtained. . . . . . . . . . : Saturday, August 23, 2014 10:23:01 PM
       Lease Expires . . . . . . . . . . : Wednesday, August 27, 2014 10:23:01 PM
       Default Gateway . . . . . . . . . : 10.10.10.1
       DHCP Server . . . . . . . . . . . : 10.10.10.1
       DNS Servers . . . . . . . . . . . : 10.10.10.220
                                           10.10.10.221
       NetBIOS over Tcpip. . . . . . . . : Enabled
    Tunnel adapter isatap.company.local:
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : company.local
       Description . . . . . . . . . . . : Microsoft ISATAP Adapter
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
    NOTE: 10.10.10.220 and 10.10.10.221 are the other domain controllers on my network.  One of them is 2012 and one of them is 2008.  They are both functioning correctly for providing DNS services.  The 2012 Virtual DC, however, still has
    the internet connectivity issue that this whole post was about in the first place.
    NOTE2: When I logged on to COMPANYDC02 this morning, it told me that I had new Windows Updates that needed to be downloaded.   Confused, I checked the most recent time WU had checked for updates at it had successfully checked for updates last night
    at 10pm.  Of course, it failed when trying to download them, but it appears that once in a while, a connection gets through successfully...

  • Windows Server 2012 R2 robocopy not copying inherited directory permission from source file server to destination ?

    Can anyone here please help me with Robocopy on Windows Server 2012 R2 to copy the file server content from \\OldFileServer\Data share into the local S:\Data drive ?
    here's my script that I use to copy 11 TB of file server contents:
    robocopy.exe "\\OLDFILESERVER\Data" S:\Data *.* /E /SECFIX /SEC /XO /ZB /COPYALL /MIR /DCOPY:DAT /R:0 /W:0 /NP /NFL /NDL /TEE /LOG:"G:\robocopy.log"
    Any kind of help and assistance would be greatly appreciated.
    Thanks
    /* Server Support Specialist */

    Hi,
    Based on my tests, inherited permissions will not be copied using robocopy.exe.
    That’s because that after we copy or move an objects to another volume, the object inherits the permissions of its new parent folder.
    My suggestion for you is to disable the inheritance on corresponding subfolders, and Convert inherited permissions into explicit permissions on this object. After that, those permissions can be copied.
    Here are some references below for you:
    Robocopy not copying NTFS permissions
    http://social.technet.microsoft.com/Forums/windowsserver/en-US/b36748cd-14d1-47a5-9fb6-878ca93ad6fc/robocopy-not-copying-ntfs-permissions
    How permissions are handled when you copy and move files and folders
    http://support.microsoft.com/kb/310316
    Powershell ACL commands? NTFS Permissions - Turn inherited permissions into explicit permissions and remove inheritance
    http://social.technet.microsoft.com/Forums/scriptcenter/en-US/884e2837-ec1d-4937-83a5-722cd00d7d16/powershell-acl-commands-ntfs-permissions-turn-inherited-permissions-into-explicit-permissions-and?forum=ITCG
    Best Regards,
    Amy

  • Server 2008 SP2 will not install Windows Updates

    I receive this error:
    Installation Failure: Windows failed to install the following update with error 0x8000ffff: Security Update for Windows Server 2008 (KB2653956).
    Installation Failure: Windows failed to install the following update with error 0x8000ffff: Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 (KB2675157).
    These are two separate attempts to install the two updates listed.  The first time it failed on the IE9 update so I unselected it and tried the other with the error above.  This has been going on for quite some time.  At first it would install
    some updates and not others and now it won't install anything.
    I have Symantec Endpoint Protection installed, version 11, and the definition files are up to date.  I ran Malwarebytes and it found nothing.
    I read a post about a hotfix called System Updates Readiness Tool but my error (0x8000ffff) was not listed as one of the errors and I hesitate to install it.
    I am way behind on updates and really need to get this fixed, obviously.  If anyone has ideas, I would like to hear them.  I have not found anything online that is specific to my situation.
    thanks

    KB2675157 (MS12-023) is a superseded and EXPIRED update and isn't going to install anywhere at anytime. It's been superseded -18- times since it's original release. You should have KB2809289 (MS14-012 -- released this month) approved/installed for IE9
    on WS2008 systems.
    KB2653956 (MS12-024) is from April, 2012, and should have been installed EONS ago (but it has been revised a couple of times, so make sure that you have Revision 103 approved and not an earlier revision).
    If the CURRENT updates are failing, then YES, you should download and run the current version of the System Update Readiness Tool from the Microsoft Download Center and implement any remediations recommended by that tool.
    Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
    SolarWinds Head Geek
    Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
    My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
    http://www.solarwinds.com/gotmicrosoft
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

  • Windows deployment services in windows server 2012 : operating system not found

    Hello,
    In order of learning WDS in Windows Server 2012, I created a simple test environment composed of :
    A Domain controler running WS 2K12 and hosting both DHCP and WDS services. (with the option of not listening port 67 checked while installing WDS)
    A test computer, with no operating system
    I also added a Windows Server 2012 Standard WIM file and added also (located in [DVD]\sources\install.wim), boot file image (located in [DVD]\sources\boot.wim)
    But now, when i start the client, it gives the following error:
    While i don't find any reliable solution on Internet, Im looking for your help if ever, anyone faced this problem and found a solution for it or not
    Thanks in advance!
    Lotfi BOUCHERIT

    I find it strange that client and server IP are the same. Is there any sort of DHCP relay agent running on your WDS server ?

  • Windows Server 2012 R2 Will Support for UEFI boot in WDS.

    Hi
    Currently we had issue in WDS while deploying the image via UEFI boot in the DELL Optiplex 3010. We already deployed the Windows 8 install image and boot image in the Windows Server 2012 R2. After selecting the Network boot its show Start PXE IPV4 and it
    will immediately flicker and get back to Network Boot option. Any one please help me out of this.....
    But the same is working in Legacy boot and it doesn't activate the Windows 8.

    Hi,
    As I cannot confirm the exact settings on your side, please see the suggestions provided in following thread:
    WDS: EFI BIOS won't PXE boot into EFI mode
    http://social.technet.microsoft.com/Forums/windowsserver/en-US/ceca6149-bedd-4860-8a7f-a1c83bf99aa4/wds-efi-bios-wont-pxe-boot-into-efi-mode?forum=winserversetup
    The same issue is discussed a lot in this thread and several possible suggestions are provided. See if it is helpful. If there is anything unclear please just let us know. 
    If you have any feedback on our support, please send to [email protected]

  • Windows Server 2012 Used: Error Message from Windows 7 PC: Remote session was disconnected because there are no remote desktop license servers available to provide a license. Please contact the server administrator.

    We are using Windows Server 2012 Standard installed in VMWare / Virtual machine and to access this we use vSphere client and Remote Desktop Connection / service was already enabled and was working fine with User PCs / laptops remote desktop into the server
    2012, until it gave an error message of: Remote session was disconnected because there are no remote desktop license servers available to provide a license.  Please contact the server administrator. whilst logging into the server. 
    We DON'T use Active Directory nor and we don't use domain and not looking to use it any-time soon. 
    I checked the RD Licensing Diagnoser and it says the grace period has expired and the licensing mode for the remote desktop session host server is not configured.  I have checked the Remote Desktop Gateway has been stopped and I tried to start it and it
    resumed to stop, here I assume its where the licensing part comes in to re-enabled this. 
    I have been trying to follow these articles online: http://ryanmangansitblog.com/2013/03/27/deploying-remote-desktop-gateway-rds-2012/ and http://www.concurrency.com/blog/rds8-add-a-licensing-server-2/#Install  the overview part that I cannot get into,
    because I think we have to be is AD DS for this which we don't.  Is there a way around this for non domain / just standalone set-up?  Is it a must / requirement we need to be in a domain in order for Remote Desktop Connection to work? 
    Also, we have a Windows Server 2012 RDS CALs - 10 (software and licence key), will the licence key work for the Windows 2012 Server Standard?  We do not want to install the other Server mentioned which comes with CAL / licence key as its time consuming
    to reinstall other programs.  I have installed  Server role service of Remote Desktop Licencing and automatically installed other associated services needed.  in the RD Licencing Manager, the Server had a red cross and I "Activate Server"
    where I followed: http://www.concurrency.com/blog/rds8-add-a-licensing-server-2/#Install in Install Licences section and I have used the licence key of CAL - 10 mentioned above; it stated I have successfully completed the install licences wizard and displayed:
    10 Windows Server 2012 - RDS Per User CAL installed, and in the RD Licensing Manager the server turned into a green tick and added the licence.  
    I then tested the Remote desktop connection from my PC and the same error message was there and checked the RD Licensing Diagnoser and the same error messages was there.  I haven't restart the services of Remote Gateway / the server itself; do I really
    need to reboot server?  
    Any advice / guidance would be very much appreciated and this is a urgent matter.  
    Thank you for your time.

    Hotfix Released here:
    http://support.microsoft.com/kb/2916846

  • Unable to add network printers from Windows Server 2012 R2 to client running Windows 7 Pro x64

    New Windows Server 2012 R2 Standard in the environment.  Added print services to it and added five HP printers to it and shared them.  Also deployed the printers via group policy.
    Clients are running Windows 7 Pro x64.  The group policy fails to install the printers (error 0x00000002).  We get the same error when trying to manually add the printer from the client side.
    From Event Viewer: Group Policy was unable to add per computer connection <<printer share>>. Error code 0x2. This can occur if the name of the printer connection is incorrect, or if the print spooler cannot contact the print server.
    Any ideas on troubleshooting this?
    Thanks.
    -John

    John,
    You might try playing with the HP universal driver, that might help you.  Try installing a new shared printer on the server using the universal print driver, then try and connect to it to see if it is any better.
    Check these GPO settings to ensure local machines can install the drivers.
    1. Configure the following two Group Policy settings:
    Computer Configuration\Policies\Administrative Templates\System\Driver Installation\Allow non-administrators to install drivers for these devices setup classesEnabled
    2. Device class GUID of printers: {4d36e979-e325-11ce-bfc1-08002be10318}
    Computer Configuration/Policies/Administrative Templates/Printers/Point and Print RestrictionsEnabled
    Security Prompts: When Installing Drivers for a new connection = Do not show warning or elevation prompt
    This article might help you out also:
    http://www.eversity.nl/blog/2012/09/windows-cannot-connect-to-the-printer-operation-failed-with-error-0x00000002/
    Cheers,
    Curt Winter
    Certified Microsoft Professional
    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied. If you found my post helpful, please mark it as the answer.

  • WIndows Server 2012 w/ Hyper V and Windows 7

    I have been able to create every imaginable virtualization in a test environment except for Windows 7. It asks for drivers. I have a driver CD but when I put the CD in the D: drive. It will run but suddenly the command line screen states that a file on
    the F: drive does not exist. Where is this F: drive coming from?

    I might have misstated my situation. I have Windows Server 2012 outfitted with Hyper-V. I'm trying to virtualize a Windows 7 operating system.
    I found a another W7 media disk that seems to bypass this problem.

  • Using Windows Server 2012 VL Product key with Windows Server 2012 R2

    Hi all,
    Trying to use a Server 2012 vl product key to active a Server 2012 R2, but running into issues, namely it is not accepting the key. I have read many threads pointing out that different keys are required, but no mention of the process that one needs
    to take in order to obtain/swap product keys? Any ideas appreciated? :)

    The product key I have is for Windows Server 2012 Standard VL, (It's not a DC).
    I have downloaded the evaluation iso for Windows Server 2012 R2 and want to licence it (with a VL), but it is failing with the Windows Server Standard 2012 VL product key.
    My question is - am I doing something wrong, or do I need to ask Microsoft to change the product key / buy a new one? - What steps do I need to take?
    The product key for WS2012 will not work for WS2012R2. (so, yeah, you're doing that wrong)
    WS2012R2 is not a "free" upgrade from WS2012 (it's different to Win8.0 -> Win8.1)
    Your WS2012 pkey will work with WS2012. To use WS2012R2 you need a WS2012R2 pkey.
    If you want to "convert" an evaluation license install, into a full licensed install, you must match the version (2012 vs. 2012R2) and the edition, and must use DISM as well as the correct pkey.
    http://technet.microsoft.com/en-us/library/jj574204.aspx
    If you don't have the correct pkey for WS2012R2 already, and you don't have one waiting for you in the Volume Licensing Service Center website, you'll need to purchase a new license for WS2012R2.
    Don
    (Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
    This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!)

  • Add Windows Server 2012 R2 domain controller to Windows 2008 R2 domain

    Hi,
    Have today 2 x Windows Server 2008 R2 domain controllers, and domain and functional level 2008 R2.
    We now want to replace these DC`s with Windows Server 2012 R2.
    My plan is as follow
    - Install and promote a Windows Server 2012 R2 as a 3 DC`s with a temporary hostname and IP as DC3
    - Install and promote a second Windows Server 2012 R2 as a 4 DC`s with a temporary hostname and IP as DC4
    - Decomiss DC1 and remove this host. Change the IP and hostname of the new DC3 to DC1
    - Move FSMO roles from DC2 to DC1 and decomiss DC2
    - Change the IP and hostname of the new DC4 to DC2
    Will this be a ok progress ? I will offcours to have the DC`s replicate information between them before doing each task.
    /Regards Andreas

    Hi,
    Only error i got running dcdiag was the following
     Starting test: NCSecDesc
        Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
           Replicating Directory Changes In Filtered Set
        access rights for the naming context:
        DC=ForestDnsZones,DC=domain,DC=local
        Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
           Replicating Directory Changes In Filtered Set
        access rights for the naming context:
        DC=DomainDnsZones,DC=domain,DC=local
        ......................... DC1 failed test NCSecDesc
    Is this a problem ?
    I would guess not since im not implementing a RODC ? Ref:
    https://support.microsoft.com/en-us/kb/967482?wa=wsignin1.0
    You can ignore it.
    This posting is provided AS IS with no warranties or guarantees , and confers no rights.
    Ahmed MALEK
    My Website Link
    My Linkedin Profile
    My MVP Profile

Maybe you are looking for

  • Process order change pointers - not getting logged

    Hi, I have defined change pointers for Process order for one custom message type in BD52 (and BD50 as well.). I have included AFKO, AFPO and AUFK tables (e.g. fields like KEY, GAMNG). But no change pointers are getting logged when ever I create or ch

  • Strage problem with outbound connections

    Hi all, I've been unable to connect to my Gmail IMAP since I restored from a time machine backup. I know my IP hasn't been blacklisted, because I can still connect via my iPhone when I'm home and connected to the LAN, and my wife's mail app still wor

  • How can I resequence photos in an album?

    How can I resequence photos in an album?

  • "IN" caluse problem in sql

    Hi All, I have some problem while select values from table . select * from table_name where id in( 1,2,...100,....1001); can you please suggest me, what is the solution for the above if i have more than 1000 id's thanks in advance.

  • Synchronization of EBOM with MBOM- ehp 5 question

    1. We are currently using custom programs to download multi-level Engineering BoMs to Plant BoMs. Will the  ehp 5.0 functionality do this function as a part of EBOM - MBOM synchronization? 2. If MBOMs are modified specific to plants will these change