Terminal Services had the ability to shadow a user’s session; however, this was removed in Windows Server 2012. Now Windows Server 2012 R2 brings this capability back. It can be initiated using Server Manager as shown below, but many people also want to initiate from the command line.
The old shadow.exe command is removed in Windows Server 2012 R2, so the trick is to use mstsc with new /shadow:<session id> switch. To find the list of sessions use the qwinsta.exe command, for example:
C:>qwinsta
SESSIONNAME USERNAME ID STATE TYPE DEVICE
services 0 Disc
console 1 Conn
rdp-tcp#37 bruce 2 Active
>rdp-tcp#38 administrator 3 Active
31c5ce94259d4… 65536 Listen
rdp-tcp 65537 Listen
This shows the session ID that I can then use (e.g., mstsc /shadow:2) for the user bruce session.
Exchange Server 2010 with the Client Access Server (standalone):
Location
Authentication
SSL Setting
Management
Default Web Site
Anonymous
Required
IIS Management Console
aspnet_client
Anonymous
Required
IIS Management Console
Autodiscover
Anonymous / Basic / Windows Authentication
Required
Exchange Management Shell
ECP
Anonymous / Basic
Required
Exchange Management Console or Shell
EWS
Anonymous / Windows Authentication
Required
Exchange Management Shell
Microsoft-Server-ActiveSync
Basic
Required
Exchange Management Console or Shell
OWA
Basic
Required
Exchange Management Console or Shell
Powershell
Anonymous
Not Required
Exchange Management Shell
RPC
Basic / Windows Authentication
Required
Exchange Management Shell
RpcWithCert
all options Disabled
Required (128 bit not checked)
N/A
OAB
Windows Authentication
Not Required
Exchange Management Console or Shell
Exchange Server 2010 Mailbox role (standalone):
Location
Authentication
SSL Setting
Management
Default Web Site
Anonymous
Required
IIS Management Console
PowerShell
Anonymous
Not Required
Exchange Management Shell
CMDlet list for those that can only be modified in the Management Shell:
Set-AutoDiscoverVirtualDirectory
Set-WebServicesVirtualDirectory
Set-PowershellVirtualDirectory
Set-OutlookAnywhere (for the RPC virtual directory)
Set-AutodiscoverVirtualDirectory
This example sets the authentication method to Digest authentication for the Autodiscover virtual directory.
Set-AutodiscoverVirtualDirectory -Identity 'autodiscover(default Web Site)' -WindowsAuthentication $false -BasicAuthentication $false -DigestAuthentication $true
This example sets Integrated Windows authentication for the Autodiscover virtual directory.
Set-AutodiscoverVirtualDirectory -Identity 'autodiscover (default Web Site)' -WindowsAuthentication $true
Set-WebServicesVirtualDirectory
This example sets the authentication method to Basic authentication for the virtual directory EWS on the server Contoso. This example als sets the external and internal URLs for this virtual directory.
Set-WebServicesVirtualDirectory -Identity Contoso\EWS(Default Web Site)-ExternalUrl https://www.contoso.com/EWS/exchange.asmx -BasicAuthentication $true -InternalUrl https://contoso.internal.com/EWS/exchange.asmx
This example uses a wildcard character instead of "Default Web site" as was used in Example 1.
Set-WebServicesVirtualDirectory -Identity Contoso\EWS* -ExternalUrl https://www.contoso.com/EWS/exchange.asmx
This example enables MRSProxy on the EWS default website. MRSProxy is the service responsible for assisting in remote mailbox moves.
Set-WebServicesVirtualDirectory -Identity "EWS (Default Web Site)" -MRSProxyEnabled $true
Set-PowerShellVirtualDirectory
This example modifies the external URL of the Contoso Windows PowerShell virtual directory.
Set-PowerShellVirtualDirectory "Contoso (default Web site)" -ExternalUrl "http://www.contoso.com/powershell"
Set-OutlookAnywhereThis example sets the client authentication method to NTLM for the /rpc virtual directory on the Client Access server CAS01.
Set-OutlookAnywhere -Identity: "CAS01\rpc (Default Web Site)" -ExternalClientAuthenticationMethod NTLM
This example sets SSL offloading for the /rpc virtual directory to false, which means that SSL isn't used for securing client connections to the Client Access server EXCH1.
Set-OutlookAnywhere -Identity "EXCH1\rpc (Default Web Site)" -SSLOffloading $false
This example sets the authentication method for the /rpc virtual directory setting in IIS to NTLM.
Set-OutlookAnywhere -Identity "EXCH1\rpc (Default Web Site)" -IISAuthenticationMethods NTLM
This example sets the available authentication methods for the /rpc virtual directory setting in IIS to use both Basic and NTLM authentication. After you set this value, you can use the IIS virtual directory to handle authentication for multiple applications that require different authentication methods.
Set-OutlookAnywhere -Identity "EXCH1\rpc (Default Web Site)" -IISAuthenticationMethods Basic,NTLM
A solution that resolved Outlook from requesting you re-enter the password for the email accounts following a period when the computer is asleep.
Mac Outlook continuously asks for credentials.
After checking the server above IIS settings I have managed to resolved the issue. Also sometime I have noticed another fix below worked.
With Outlook open, use Finder to select the Applications folder, then the MSOffice folder, then holding the Control key down select the Outlook “O” icon, and select “Get Info” from the list.
Within the Get Info screen presented, check the “Prevent Nap App” box. Then close Finder, close Oulook and then re-open Outlook and your problem will be solved. This action prevents the Outlook app from sleeping under Mavericks control which was designed to save power consumption, however Microsoft did not modify Outlook to conform to this feature so you must check and activate the “Prevent App Nap”.
One of the great benefits of the Debian Installer is the ability to boot an ISO image, set up networking and complete an installation remotely via SSH (Secure Shell). You can use the following steps to get the installer launched.
Boot from the CD and in the Installer boot menu select “Advanced options >”
Select “Expert install”
The installer will load up and you will be presented with the Debian installer main menu.
If necessary set the default language and keyboard (you can reconfigure them later once you get this going over SSH if needed), and then select “Detect and mount CD-ROM”.
It then prompts you to load modules from USB storage, if you have drivers to load from USB you’ll want to accept. It then asks about PCMCIA resource range options, since our hardware didn’t require this we left it blank. Finally, if all goes well, you receive a confirmation screen saying that the CD-ROM detection was successful and that it contained the expected installation media.
The next option on the menu is “Load installer components from CD”, which you want to select. Browse the list, but for basic needs the only thing you need to load up is “network-console: Continue installation remotely using SSH”
Now you’ll need to get networking going. Select “Detect network hardware” and then “Configure the network”. In this step, in addition to basic networking, it will ask you to set a hostname and domain name.
Next you want to “Continue installation remotely using SSH” which will generate SSH host keys and have you set a remote installation password. Once it has these set up you will be presented with a screen giving you an installer@ipaddress location for the install and an SSH fingerprint. You or your remote technician will use these to SSH into the installer.
Finally, log in from your remote PC and complete the installation.
Note: It’s important to keep a solid connection established during the installation as the installer can behave poorly if you lose your connection and have to connect again. Also, try to avoid resizing the window while doing the install as redraws of the window to the new size can sometimes cause problems.
You try to install the Hyper-V Integration Services (Drivers) in a VM with Windows 2003 and you get the following error:
“An error has occurred: Internal Error“
No errors in the event log we decided to start by installing the latest updates for that VM. Unfortunately not all updates were able to install properly, in fact most of the updates were failing to install as well…
Ok, Back to the Integration Components setup, it was time to check the log. Under %Windir% directory we check the installation log “vmguest.log”:
Hyper-V Integration Services Installer version 6.1.7600.16385
MUI file loaded
Parsing command line…
Command line parsing complete
Application Directory = D:supportx86
ServicingMode = 0
##### START: VERIFY SYSTEM ENVIRONMENT
OS Version = 5.2
OS SP Level = 2
OS Platform ID = 2
OS Product Type = 3
Edition ID = 0x0
Processor Arch = 0
Processor Count = 2
System Language = en-us (ENU)
Windows Dir = C:WINDOWS
System Dir = C:WINDOWSsystem32
Drivers Dir = C:WINDOWSsystem32drivers
System MUI Dir = C:WINDOWSsystem32en-us
Drivers MUI Dir = C:WINDOWSsystem32driversen-us
##### END: VERIFY SYSTEM ENVIRONMENT – Exit code = 0x0
Starting the restart dialog killer thread
RestartDialogCaption = System Settings Change
Restart dialog handler ready
Creating progress dialog
Dialog created
ProgressMessage = 49305
Creating worker thread
Worker thread created
Waiting for worker thread
##### START: UPDATE HAL
HAL found at C:WINDOWSinfhal.inf
##### END: UPDATE HAL – Error code = 0x0 ##### START: INSTALL KMDF
About to load DLL D:supportx86WdfCoInstaller01007.dll
About to call preinstall
Preinstall failed with error 0000F00D
##### END: INSTALL KMDF – Error code = 0xF00D Detected worker thread exit
Worker thread error code = 0000F00D
Exit code = 0xEA60
After identifying which component fail, we proceed to the respective log “Wdf01007Inst.log” under the same directory “%WinDir%”. Inside this log, between other errors, we found this one:
“Failed to copy spupdsvc.exe“
So we decided to analyze the “%Windir%System32 spupdsvc.exe“. After checking the ” spupdsvc.exe” we discover that “spupdsvc.exe” did not appear to be a original Microsoft exe file, we were able to confirm this checking the “spupdsvc.exe” properties and its digital signature which didn’t exist at all.
Solution:
The Solution was to delete the “spupdsvc.exe”, run a Malware remover tool in the system (this may be need as the antivirus may not be able to detect the malware or remove it), then copy the “spupdsvc.exe” from a healthy system to the problematic one.
After this the Integration components were successfully installed and the updates that were also ALL installed successfully.
Also what worked for me:
From Device manager removed all unknown device, then run windows update, reboot the run start the intgration install again.
If this server is migrated from VMWare then make sure vmware tool is uninstalled.
There are several reasons you may get get this error. The most common being a corrupt Active Directory database (NTDS.DIT). I know this sounds detrimental, but it’s actually easy to fix this blue screen.
*** This is the Active Directory Database we’re talking about here, so make sure you have a good backup of the server, in case this doesn’t work***
This Stop code is only seen on a system with Active Directory on it. You notice it when the server is booting. You’ll get a blue screen and an error code, like the following:
STOP: c00002e2 Directory Services could not start because of the following error:
A device attached to the system is not functioning.
Error Status: 0xc0000001.
Please shutdown this system and reboot into Directory Services Restore Mode, check the event log for more detailed information.
To begin, do as the message says, and boot into Directory Services Restore Mode. When the server powers on, press F8 before the OS begins to load. You should see a selection screen like this. Choose Directory Services Restore Mode:
Once in Directory Services Restore Mode, you can check if there is a problem with the database by running the following commands:
ntdsutil.exe
activate instance ntds
files
If there is a problem with it, you’ll see something like this returned:
Could not initialize the Jet engine: Jet Error -501. Failed to open DIT for AD DS/LDS instance NTDS. Error -2147418113
To fix, just rename all of the .log files located in C:\windows\ntds to .log.old, or anything else, so they can be recreated.
Now reboot the server. For most people, this fixed the database, and the server booted up. For others, it still blue screened after this. If you continue to get a blue screen, run the following command in Directory Services Restore Mode, and then reboot:
esentutl /p “c:\windows\ntds\ntds.dit”
—– Same instruction above in details —
STOP: c00002e2 Directory Services could not start because of the following error: A device attached to the system is not functioning.
Error Status: 0xc0000001. Please shutdown this system and reboot into Directory Services Restore Mode, check the event log for more detailed information.
Restart the server and press F8 key, select Directory Services restore mode.
Log in with the local administrator username and password
Type: cd \windows\system32
Type: NTDSUTIL
Type: activate instance NTDS
Type: files
If you encounter an error stating that the Jet engine could not be initialized exit out of ntdsutil.
Type: cd\
Type: md backupad
Type: cd \windows\ntds
Type: copy ntds.dit c:\backupad
Type: cd \windows\system32
Type: esentutl /g c:\windows\ntds\ntds.dit
This will perform an integrity check, (the results indicate that the jet database is corrupt)
Type: esentutl /p c:\windows\ntds\ntds.dit
Agree with the prompt
Type: cd \windows\ntds
Type: move *.log c:\backupad (or just delete the log files)
This should complete the repair. To verify that the repair has worked successfully:
Type: cd \windows\system32
Type: ntdsutil
Type: activate instance ntds
Type: files (you should no longer get an error when you do this)
Type: info (file info should now appear correctly)
List which drive are used by server and naa.xx nubmer.
esxcfg-scsidevs --vmfs
Rescan vmhba in my case vmhba37
esxcfg-rescan vmhba37
— To shutdown the VM
vim-cmd vmsvc/getallvms | grep <vm name>
vim-cmd vmsvc/power.getstate <vmid>
vim-cmd vmsvc/power.off <vmid>
—
List all world id
vm-support -x
To Kill that vm
vm-support -X <world id>
--
Masking a LUN from ESX and ESXi using the MASK_PATH plug-in
check Mask
esxcfg-mpath -G
List claimrules esxcli corestorage claimrule list if you sill have problem with dead path, you can mask (–rule number you can have anything from 101 and up)
Now I have installed Windows Server 2003 R2 Standard x64 Edition with SP2 on a new VM. I set up the Network Adapter to use the same virtual switch (“External WiFi”) that I’ve been using for my VM’s. But this time, my Windows Server 2003 VM cannot connect to the network.
According to the many sources I found online, I need to add a Legacy Network Adapter to the Windows Server 2003 VM.
Adding the Legacy Network Adapter Device to the VM
Add a Legacy Network Adapter Hardware to the Windows Server 2003 VM via Hyper-V Manager (Hyper-V Manager > {MyVMhere} > Setting)
Then connect that to the Virtual Switch:
Installing the Adapter to the VM
We need to copy some NIC driver files from an existing x64 machine — files from Windows 8 and Windows Server 2012 Sp1 worked just fine:
2. On the existing VM, copy the files from %windir%System32DriverStoreFileRepositorydc21x4vm.inf_amd64_aaa5f1eb8c006024into the floppy disk. Then, dismount/unmount the floppy disk.
3. Mount the same floppy disk to the Windows Server 2003 x64 VM.
4. Then install the Legacy Network Adapter to the Windows Server 2003 x64 VM.
You should now be able to do your Windows Server 2003 x64 Updates.
Configuring Windows Server 2012 NIC Teaming to a Hyper-V Virtual Machine
NIC teaming is a new feature of Windows Server 2012, which allows multiple network adapters to be placed into a team for the purpose of providing network fault tolerance and continuous availability. When one of the network adapters fail, the other one takes over without requiring third-party hardware or software. Windows Server 2012 NIC teaming is supported by any vendor’s network card but both are recommended to be identical, in terms of speed and vendor.
Windows Server 2012 supports NIC Teaming up to 32 Network Cards. Hyper-V supports only two.
Image Copy From http://www.aidanfinn.com
Here we will configure NIC teaming for Hyper-V virtual machine. In the following steps, we will create, configure and add NIC teaming to a Hyper-V virtual machine.
1. Open Server Manager, click on All Servers or Hyper-V on the left-hand side pane, then right-click on the server, HOST1 to enable NIC teaming and select Configure NIC Teaming.
2. In the NIC Teaming dialog-box, click on TASKS and click New Team.
3. In the New team dialog-box, In Team name: type Corporate External Team as the Team name and under Member adapters select the network adapter to add to the NIC teaming. Under Additional properties, selectthe Teaming mode: Switch Independent, Load balancing mode: Hyper-V Port, Standby adapter: None (all adapters Active), Primary team interface: Corporate External Team: Default VLAN and then Click OK.
4. For the few seconds, we get Fault Status in NIC Teaming dialog-box and then get Online Status.
5. Under ADAPTERS AND INTERFACES, Click Team Interfaces Tab, Right-Click on Team Interface name,Corporate External Team and Click Properties.
6. In the Network Adapter Properties dialog box, under General information, noted Description: Microsoft Network Adapter Multiplexor Driver. Verify Default VLAN membership and Click OK.
7.In the Network Control Panel, verify Microsoft Network Adapter Multiplexor Protocol under Team Network Properties.
8.In Hyper-V Manager, on the Action pane, click Virtual Switch Manager. In the Virtual Switch Manager dialog box, select New virtual networkswitch, Ensure that External is selected and Click on Create Virtual Switch. Under External network select Microsoft Network Adapter Multiplexor Driver then Click Apply, review the warning, and then click Yes.
9.Open the Settings of Hyper-V virtual machine, click Network Adapter on the left pane, and selectCorporate Network under Virtual switch. Then Click Advanced Features on left pane, then Click on Enable this network adapter to be part of a team in the guest operating system under NIC Teaming, Click Applyand Click OK.
10.To verify NIC Teaming, Unplug Network Cable one of the NIC and PING the Destination Server. We will get Reply from the Destination Server.
Summary:
Network Fault tolerance is often overlooked. In High Availability Systems, this feature can be of great utility as the downtime is zero in terms of Network connectivity due to NIC failure.