FreeRDP Error: 0x2000D
KB ID 0001416 Problem The day after I had deployed some RDP Web access servers, I got the call that all the Linux (Intel NUC Thin clients), could not connect to the RDP farm, all the windows machines were fine? Error [08:19:16:178] [21254:21255] [ERROR][com.freerdp.core.transport] – BIO_read returned a system error 14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error [08:19:16:178] [21254:21255]...
Remote Desktop Services: Can’t Remove Dead Server
KB ID 0001415 Problem I was doing some RDS work for a client today, and it would seem that at some time in the past their RDS Licensing server had died, it had been replaced, and everything was working OK. But when I was adding roles to the new servers, this kept popping up; The following server in this deployment are not part of the server pool 1. Server-Name The servers must be added to the server pool. I could have ignored the...
Exchange Setup Error: Cannot Update Schema
KB ID 0001409 Problem I had a nightmare with this, (this morning). Client had an Exchange 2007 Server in a sub domain, and I am migrating them to Exchange 2016 (via Exchange 2013). While attempting to deploy the Exchange 2013 Server, the ‘Readiness Checks’ failed; Error: The Active Directory Schema isn’t up-to-date, and this user account isn’t a member of the ‘Schema Admins’ and/or ‘Enterprise...
Migrating RD Web and RD Gateway Roles
KB ID 0001406 Problem I’ve got a job coming up to deploy some Duo two factor authentication into a clients RDS farm. To make things a bit easier for them I needed to migrate their RD Connection Broker. They had their Connection Broker, Gateway, and Web roles on one server, (which is not unusual, or incorrect). It turned out, that moving the Connection Broker, was going to be a major task, and it would be a lot easier to move the...
PowerShell – Getting Server IP Address Information
KB ID 0001404 Problem I’ve been rebuilding some Hyper-V hosts over the last few weeks, and one thing I learned rebuilding VMware ESX hosts is, ‘make sure you know what all the network cards are doing before you flatten it!’ The same is true of storage as well but here I’m just concentrating on networking. List Network Cards and MAC Addresses If you have these documented you can rename the network card correctly...
Windows ‘Always On’ VPN Part 2 (NPS, RAS, and Clients)
KB ID 0001403 Problem Back in Part One, we setup the AD (Groups,) and the Certificate services that will knit everything together. Now we need to configure an NPS server that acts as a RADIUS server for our remote clients, And a RAS Server that our remote clients will connect to. Step1: Network Setup Microsoft have an alarming habit of telling you to connect DMZ assets to the LAN. In their defence I’ve seen some documentation...
Remotely Log Users Off From CLI / PowerShell
KB ID 0001401 Problem I’ve not had to do this since the days we got “The terminal server has exceeded the maximum number of allowed connections” errors. Now thankfully Windows Server tells us who is logged on so we can ‘ask politely’ before we boot them off! Today though, my user session got all messed up, and I needed to kick ‘myself’ off remotely, (and have a fresh session.) Solution From a...
PowerShell: Creating Domains and Domain Controllers
KB ID 0001400 Problem I needed to spin up some Windows 2016 Servers, and a domain to do some testing. I have promoted hundreds maybe thousands of domain controllers, so I wondered if this time I could do it with PowerShell. It’s actually easier than using the GUI! Solution If you were doing this in Server Manager, you would have to add the role first, and PowerShell is no different; Install-WindowsFeature AD-Domain-Services...
Windows ‘Always On’ VPN Part 1 (Domain and PKI)
KB ID 0001399 Problem Always On VPN was a bit of a misnomer when it was released, as it was only really ‘on’ when a user logged on. So when comparing it with ‘Direct Access’ it didn’t have the capacity to ‘Manage Out’. With the release of Windows 10 (1709) this has been rectified with ‘Device Tunnels’, (more on that later). The solution uses RAS, NAP (NPS), and PKI (Certificate...
Exchange 2016 Setup Error “Server-Gui-Mgmt-Infra” Isn’t Installed
KB ID 0001397 Problem During the Exchange 2016 Setup Readiness Checks; The Windows component Server-Gui-Mgmt-Infra isn’t installed on this computer and needs to be installed before Exchange Setup can begin Solution This is a known problem when installing Exchange 2016 on Server 2016, and was fixed in Exchange 2016 (Cumulative Update number 4). You are probably installing Exchange 2016 from the RTM media, (downloaded from...