Problems with Essentials role configuration

Published on in Essentials Server, Windows Server by Elvis

In some cases, you can have different errors when you try to configure Essentials role on Standard Windows Server 2012R2. First you have to check is if they are all FSMO roles hosted on the server where you are trying to install the Essentials role. This is an obligated condition.
The second error is also frequent and I found it when I tried to migrate SBS 2008 or 2011 to Standard server 2012R2 with Essentials role enabled. The error (as you can see on the picture) is very bad documented and it is practically impossible to understand what is wrong.

Essential Role Error 1
The next step that an Administrator has to check is the Event viewer and here is the situation more clearly.

Event ID: 7000
Source: Service Control Manager
Description: The Windows Server Essentials Management Service failed to start due to the following error: The service did not start due to a logon failure.

If you see this error, you have just to find the Error 7041, where is listed the username responsible for this event (usually is ServerAdmin$ or MediaAdmin$). The second way to find the right account is open the Service manager console and check which account is used for starting Windows Server Essentials Management Service.

Essential Role Error 2
When you know the account name, you have to assign to this account “Run as a service” right in the Default Domain Controllers Policy. To do this open Group Policy Editor and Edit the Default Domain Controllers Policy.

Essential Role Error 3
Add to the missing account Run as Service right in “Computer Configuration>Windows Settings>Security Settings>Local Policies>User Rights Assignment”, close the console and restart the server.
When the server comes up, you will be able to configure successfully Essentials role.

Essential Role Error 4

Good luck..

PowerShell in Essentials Server 2012R2

Published on in Essentials Server, PowerShell, Windows Server by Elvis

For anyone who want to know and use PowerShell as much is possible, here it is a list of all commands that you can use with Server Essentials role. There are many commands and you can do almost all configurations and management from Shell. It is just a different way… and sometimes it is a better way..

Publishing Remote App thru DNS

Published on in Terminal server, Windows Server by Elvis

If you are delivering Remote Apps to clients via control panel (available only in Windows 7 and newer systems), you can do it in two ways. You always have to open Control Panel > Remote App and Desktop connections and here you have two options:

  • Specify the internet address of RDWeb server,
  • Specify the E-Mail address (only in Windows 8).

RDPublish1The second option sounds strange; how will I receive my RD application with specifying only the E-Mail address? Actually it’s very simple. If you specify your E-Mail address, you tell to the system your public domain name and we know where to look for the corresponding record in the DNS. Therefore, in this case, you need to add a specific DNS record to locate your RDWeb server. This is a TXT DNS record with the following information:

  • Record Name: _msrade
  • Text: https://myrdwebserver.mydomain.com/rdweb/feed

Of course, in the text you have to change myrdwebserver.mydomain.com with your real RDWeb server name and be careful because the end of the string webfeed.aspx is excluded!
RDPublish2The another important thing to know is that the entered E-Mail address is used only to discover a RDWeb server address and later you will be asked to enter your credentials (form this we can deduce that the E-Mail address can be different as the User name).
This approach is very useful for hosters, because they are able to link many hosted domains to only one RDWeb server..

How to access to RD Gateway settings in Essentials

Published on in Essentials Server, Windows Server by Elvis

As all of us know, that the Windows Server Essentials 2012R2 (and also 2012 and 2011) has a RD Gateway installed and is working by default. This is a great functionality and my personal opinion is that users use it a lot. However, the only thing that is missing is the management console to configure it. I miss it a lot.
It is not difficult to install it and you can do it with the command dism /online /Enable-Feature:Gateway-UI (run it from the administrative command prompt).
After this, you will be able to configure all settings that are available in standard Windows Server product.
The complete Microsoft article about all this functionality is available here..

Server 2012 – SYSVOL and NETLOGON not created (shared)

Published on in Windows Server by Elvis

I had a problem adding the second domain controller into an existing domain. It was strange, because it was a small environment with only one DC. However, after a year, the customer decided to add a second DC. Until here, I followed a normal procedure: I installed the second server and promote it to DC. Everything was OK, without any error and from security reasons I just run Active Directory Replication Status Tool. There were no errors, but in dcdiag I saw some strange errors like there is no SYSVOL share. When I opened Explorer and typed in the address \\localhost, I realized that all shares were really missing.
What causes this situation? How to find the solution? After a couple of solutions I tried and after looking into Event viewer, I realized that I had a problem with DFS replication. In Microsoft KB article, I find how to test DFS replication for all DC’s:
For /f %i IN (‘dsquery server -o rdn’) do @echo %i && @wmic /node:”%i” /namespace:\\root\microsoftdfs path dfsrreplicatedfolderinfo WHERE replicatedfoldername=’SYSVOL share’ get replicationgroupname,replicatedfoldername,state
The returned state values has to be:
0 = Uninitialized
1 = Initialized
2 = Initial Sync
3 = Auto Recovery
4 = Normal
5 = In Error
But my first DC returns a strange value: “No Instance(s) Available.” and the same value was reported locally form that DC.

Output

At this point I realized that I have some problems on the old DC and I have to review the Event viewer of DFS Replication on that computer. It was not difficult to find the event 2212 (Dirty shutdown) and form here it was easy to solve the problem.

Event 2212

You have just to reactivate the replication with the command (run from administrative shell):
wmic /namespace:\\root\microsoftdfs path dfsrVolumeConfig where volumeGuid=”GUID-NUMBER” call ResumeReplication
Where GUID-NUMBER is the GUID reported in Error (red boxed on picture 2). The Output should be something like this screen:

wmic output

The last thing you have to do is to search in the Event viewer the event 2214. This will confirm that the replication is active.

Event 2214

At this point, you can go to the second controller and you will see that all shares are present and replicated..

WP to LinkedIn Auto Publish Powered By : XYZScripts.com