Recent Discussions
RDP connection not possible and RDS-Virtualization role comes back after restart
Hello everyone, I have here an Windows Server 2022 Standard 21H2 (Build 20348.4052) (essentials) with the newest updates. This is the Domain Controller. Hyper-V is installed with one VM. The VM is a terminal server. In the past I have tried to install the terminal server on the Hyper-V Server. To do so I have installed all kind of remotdesktop roles. This was stupid of me. Especially it does not work on a DC. I want to connect as administrator by RDP (mstsc) to the server but it does not work anymore since I have installed all these roles and features. No other users are connected. I can still connect to the VM. In one situation I was able to connect to the server but after entering the password I have received the error 0x808 (0x101) that there is no licence server for remote desktop available. I have now removed all roles related to the terminal server and the rdp which I have installed. But I can not uninstall RDS-Virtualization. After uninstalling it comes back when I perform a restart. I have already tried Uninstall-WindowsFeature -Name RDS-Virtualization -Remove In the server manager appears a menu item about remote desktop services. But there is written that no connection broker server is in the pool. The submenu server lists my DC. I have found in the eventmanager a error related to the uninstalling process 0x80070057 wrong parameter But I do not have more information. DISM /RestoreHealth and sfc /scannow did not find any problems. I am not using VDI but is maybe the Hyper-V reinstalling the role after the restart? Do I need to uninstall the role to make RDP working again or could be there other reasons? Do you know where I find a detailed log about the problems about uninstalling the role and maybe the installing? Do you have any idea how I can find out more about the problem? Thank you!2025-10 Cumulative Update for Windows Server 2019 (KB5066586) Undoes Update on Reboot
We have a Windows Server 2019 Standard which will not install the 2025-10 Cumulative Update for Windows Server 2019 (KB5066586) update. The installation part goes fine, but when the server is rebooted to finalize the update, it goes into "Undoing changes". Then it reboots again, and I am back where I started. The error code is 0x8007000d. I have done the following to debug this: Ran System File Checker sfc /scannow. No errors found. DISM /Online /Cleanup-Image /ScanHealth. No errors found. Ran Windows Update Troubleshooter. No errors found. Shut down Windows Update services. Renamed SoftwareDistribution and Catroot2 folders. Restarted services. No change. Ran ScanDisk. No errors found. Disabled antivirus. No change. Ran Disk Cleanup and manually deleted additional temp files. No change. Checked Event Viewer. Only error is Event 20 which is a failure of the Windows Update Agent. I am out of ideas. If anyone has some, I would much appreciate the help. I am out of ideas.Hyper-v Virtual Switch warning
We have a four nodes Windows 2025 Hyper-v cluster with only one virtual switch of 2 NICS On each node we get this warning repeatedly V-Switch operation IOCTL_SWITCH_GET_INFO_EX (2241648) took too long to complete. Operation Type: IOCTL. Execution time 0 ms. Queued time 0 ms. Expected execution time less than 0 ms. SwitchName: CF06EC90-20EB-460D-9A88-6820BFCCB14D. SwitchFriendlyName: SWPrincipale Searching for it didn't get any useful thread so far, has anyone seen it and found the cause ? thanksWindows Server 2016 Essentials failing to get offered updates via Windows Update since July 2025.
Hi, Dealing with an ongoing issue where Windows Server 2016 Essentials (other SKU's seem fine) not being offered updates via Windows Update anymore, message says "Up to date". Manual updates via Update Catalogue work fine and although WS 2016 is ending support in Jan 2027 this is over a year away and while Server Migrations are happening in earnest end of first quarter next year it is not happening now. This can be replicated on a clean install on different hardware both Physical and Virtual. Any later Service Stacks or Cumulative updates installed manually have not fixed the issue and neither does clearing "Softwaredistribution" or "Catroot2" etc... Any feedback would be appreciated and confirmation of the issue from Microsoft would also help clarify the issue and potential fix. Thankyou.Windows Server unable to install Cumulative update 21H2 for x64-based Systems (KB5066782)
Hi All, Unable to install the above update. I tried things like sfc/scan, dism tool features but non works. all other updates install except the above. Tried running the update manually but failed. Think this is also breaking functionality of the virus /malware guard. ACS (azure Code signing). The last option that I am thinking of is to run a sever repair with the installation media. I also tried windows trouble-shooter for updates. Any ideas ? This is installed as a virtual machine on Hyper-V. Don't want to rebuild the server. Looking for a solution. The Error code is 0x80073701Windows Server on ARM64 (Insider Previews)
When will there be a preview build of Windows Server on ARM? There is demand for it from developers, and devops personal as well. It is known that it already partial exists due to the article on Azure Host OS. Azure Host OS – Cloud Host - Microsoft Community Hub Please release this so we can test it against our code.RDS Connection Broker High Availability
We're starting to plan for a fully available Windows Server 2025 RDS farm. We already have a SQL Server cluster on Linux Ubuntu in the environment. I couldn't find any Microsoft documentation stating whether a SQL Server cluster on Linux can be used. Does anyone have any official references on this topic? Current SQL Server cluster environment: 2 SQL Server Standard 2022 Linux Ubuntu 22.04, Linux cluster (Pacemaker + Corosync) Thank you.Microsoft Store Error – “Sorry about that! Something went wrong, but we are making it right.”
Hello Insider Community, I’m currently experiencing a persistent issue with the Microsoft Store on my Windows device. Every time I try to open the Store or update apps, I receive the following error message: > “Sorry about that! Something went wrong, but we are making it right.” This has been happening consistently, and clicking “Refresh” does not resolve the issue. I’ve already tried the following troubleshooting steps: - Resetting the Store cache using `wsreset.exe` - Repairing and resetting the Store via Settings - Re-registering the Store using PowerShell - Verifying time, region, and account settings - Running SFC and DISM scans - Restarting the Microsoft Store Install Service Despite these efforts, the error persists. I am signed in with a Microsoft account, and my internet connection is stable. I’m not using a VPN or proxy. I’m currently on [WINDOWS 11 HOME SL, INSIDER BUILD DEV CHANNEL] Any guidance, known workarounds, or confirmation of this being a known Insider build issueMigrate upgraded ADFS farm from WID to SQL
Hi, We have a few ADFS farms that have been upgraded/migrated from ADFS v3 to ADFS v4 in the past. We now want to migrated the WID database to SQL Always-On. There are numerous articles describing the migration from WID to SQL, but they all only mention AdfsConfiguration.mdf, but in an upgraded farm you also have a AdfsConfigurationV3.mdf (and its respective ldf). Can we ignore the V3 files or do we need to migrate them to? Please advise! Kind regards, Enrico KleinAllow “Edit/Save/Rename Without Delete” NTFS Permission
Problem Description: I manage shared folders using NTFS permissions. I want users to edit, save, and rename files without being able to delete them. Currently, if “Delete” and “Delete subfolders and files” are unchecked, users cannot delete, but they also cannot save or rename files because most applications temporarily delete/rename files during saving. If delete is allowed, users can save but also delete files. Request: Introduce an NTFS permission that allows file editing and renaming without granting delete rights, to prevent accidental data loss while maintaining normal file operations. Observation: This limitation is inherent in the current NTFS permission model. NTFS does not distinguish between: Intentional deletion by user File replacement/temporary deletion by application As a result, administrators cannot fully protect shared folder data while still allowing normal file editing workflows. Impact: Prevents enterprise administrators from enforcing safe file editing without risk of accidental deletion. Creates workarounds such as Shadow Copies or backups, but these do not prevent the deletion itself. Suggested Improvement: Introduce a new NTFS permission or enhanced behavior that allows: Edit, save, rename files without granting delete rights Deny manual deletion of files/folders by users Maintain compatibility with standard application save workflows Such a feature would significantly improve data protection in enterprise file shares, reduce accidental data loss, and simplify NTFS permission management.Windows event collector (WEC) troubles
Hi all. I have really frustrating issue I can`t resolve. We have set up WEC, a long time ago... Now I upgraded in-place to server 2025 and it`s behaving really weird. Problem is this: I created new subscription and my PC was sending events just fine yesterday. I rebooted server and my PC, still all is fine. Turned off my PC, went to sleep, started working in the morning and NO logs from my machine in WEC. At all. Other PCs also randomy sending logs some yes some no. So I tested WinRM connectivity all fine. Error on my PC: The forwarder is having a problem communicating with subscription manager at address http://MYWECSERVER:5985/wsman/SubscriptionManager/WEC. Error code is 2150859263 and Error Message is <f:WSManFault xmlns:f="http://docinfo.docicloud.dynv6.net/portal/?wreply=3mail@a.b.c0&m=uggc%3N%2S%2Sfpurznf.zvpebfbsg.pbz%2Sjorz%2Sjfzna%2S1%2Sjfznasnhyg" Code="2150859263" Machine="MYWECSERVER"><f:Message> <f:ProviderFault provider="Subscription Manager Provider" path="%systemroot%\system32\WsmSvc.dll"> <f:WSManFault xmlns:f="http://docinfo.docicloud.dynv6.net/portal/?wreply=3mail@a.b.c0&m=uggc%3N%2S%2Sfpurznf.zvpebfbsg.pbz%2Sjorz%2Sjfzna%2S1%2Sjfznasnhyg" Code="2150859263" Machine="MYWECSERVER"> <f:Message>The event source of the push subscription is in disable or inactive on the Event controller server. </f:Message></f:WSManFault></f:ProviderFault></f:Message></f:WSManFault>. I have also some errors on WEC server: The Subscription DomainComputers could not be activated on target machine MY-PERSONAL-PC due to communication error. Error Code is 0. All retries have been performed before reaching this point and so the subscription will remain inactive on this target until subscription is resubmitted / reset. Additional fault message: eventsource is in either disable or inactive state OR The Subscription DomainComputers could not be activated on target machine MY-PERSONAL-PC due to communication error. Error Code is 20. All retries have been performed before reaching this point and so the subscription will remain inactive on this target until subscription is resubmitted / reset. Additional fault message: eventsource is in either disable or inactive state Also runtime status is like this: A lot of Active computers, mine is in yellow Inactive state... I have NO idea how to fix this, and why it works for some clients and not for others and most perplexing question, why it worked yesterday until sleep. Just like that WEC sets status to Inactive and then my PC sends logs and does not change status back to Active. Thanks for all suggestions!Noob needs help with RDP Services
I am new to Windows server management. I setup a 2019 Server in a VM (Hyper-V). I installed the licenses we got for RDP from MS after installing the Remote Desktop Services. I am getting an error about Remote Desktop Licensing Mode is not configured. Tells me to use Server Manger to specify RD Connection Broker. Either I neglected to install it or configure it, not sure. Articles I find say go to Server Manager -> Remote Desktop Services -> Overview... BUT, that tells me I am logged in with a local account but must use a domain account to manage servers and collections. Again, not using a DC. This server is not part of a domain. We do not run AD internally only AzureAD online. We have 1 program we still run internally and users RDP to it. Should I remove the service and reinstall? What about the licenses I added already? How to I keep them? Any assistance will be greatly appreciated... JLDAPS and Certificate Creation
Hi, I've been asked to setup secure LDAP and convert all of our LDAP services to LDAPS. Something totally new to me, so I've been trying to teach myself. One issue I've run into is I'm not finding much information on how to create the secure certificates, so I'm looking for guidance. An ex-colleague stood up a certificate authority server (CA) and an intermediate certificate authority server (IA). Currently, the CA is powered down, which seems to be a best practice. The IA server is up and running, however, when I go to my domain controller (DC) and look at the Local Computer\Personal\Certificates section I do see a certificate, but it was issued by the CA and expired last summer. Shouldn't that certificate have been issued by the IA? How do I go about issuing certificates for this and other purposes, like all of the web-based control systems in my network like vCenter that complain about not being secure when I log into them? I've been searching for tutorials on the subject but only seem to find tutorials on how to install it, not how to use certsrv to issue and renew certificates. Does anyone know of any tutorials or walk-throughs like this? Thanks in advance!Hyper-V: How do VMs communicate with external?
Simple scenario: VM --> vNIC --> vSwitch (external) --> physNIC --> physSwitch The vNIC assigned to the VM has MAC address aa:aa:aa:aa:aa:aa, the physical NIC (physNIC; the vSwitch of type external is connected to it) has bb:bb:bb:bb:bb:bb. What mechanism ensures that when the VM sends a network packet to the external network (the physical network connected to the physical switch physSwitch), the MAC address of its vNIC (aa:aa:aa:aa:aa:aa) is used, and not the MAC address of the physNIC (bb:bb:bb:bb:bb:bb)? In other words: what makes physSwitch "see" aa:aa:aa:aa:aa:aa when the VM communicates to an external endpoint?ISO version reporting
Is there a standard way in which the Windows installer ISOs can be interrogated for which version of Windows is on them? This is a bit convoluted so I'll explain the use case. When installing W10 on one of the last generation of x64 Apple Macs, the Boot Camp installer will take the ISO and prepare it by injecting drivers - particularly that for the T2 security chip which handles the first part of the boot process and is the storage controller, among other things. With W10 going out of support (and W11 not really an option due to the hardware requirements) I have been looking at trying to install one ofthe W10-based server versions instead. These are obviously very similar in structure and would probably install and work from a technical standpoint - but if I try it the Boot Camp installer reports that the ISOs aren't Windows 10, and won't proceed. I'm basically looking to clarify whether there is any minor editing of the ISO (or files on it) which can be done to convince Boot Camp that actually this is W10. Anyone know? ThanksPowerShell counterpart for Failover Cluster Manager "Live Migration Settings"
In Failover Cluster Manager, there's "Live Migration Settings" where I can define what cluster networks I want to carry live migration traffic. Even after some research, I cannot find a PowerShell cmdlet that lets me do the same...
Recent Blogs
- 7 MIN READWelcome to part one of my blog series on Cross Forest Certificate Enrollment. Nowadays, businesses often run across multiple Forests for distinct reasons. You would like to ensure secure authenticati...Oct 22, 2025
- 5 MIN READAbout media-based upgrade to Windows Server 2025 With N-4 media based upgrades, you can upgrade your organization’s physical devices and virtual machines directly from Windows Server 2012R2, Window...Sep 23, 2025
