Windows ‘Always On’ VPN Part 2 (NPS, RAS, and Clients)
KB ID 0001403 Problem Back in Part One, we setup the AD (Groups,) and the Certificate services that will knit everything together. Now we need to configure an NPS server that acts as a RADIUS server for our remote clients, And a RAS Server that our remote clients will connect to. Step1: Network Setup Microsoft have an alarming habit of telling you to connect DMZ assets to the LAN. In their defence I’ve seen some documentation...
Remotely Log Users Off From CLI / PowerShell
KB ID 0001401 Problem I’ve not had to do this since the days we got “The terminal server has exceeded the maximum number of allowed connections” errors. Now thankfully Windows Server tells us who is logged on so we can ‘ask politely’ before we boot them off! Today though, my user session got all messed up, and I needed to kick ‘myself’ off remotely, (and have a fresh session.) Solution From a...
PowerShell: Creating Domains and Domain Controllers
KB ID 0001400 Problem I needed to spin up some Windows 2016 Servers, and a domain to do some testing. I have promoted hundreds maybe thousands of domain controllers, so I wondered if this time I could do it with PowerShell. It’s actually easier than using the GUI! Solution If you were doing this in Server Manager, you would have to add the role first, and PowerShell is no different; Install-WindowsFeature AD-Domain-Services...
Windows ‘Always On’ VPN Part 1 (Domain and PKI)
KB ID 0001399 Problem Always On VPN was a bit of a misnomer when it was released, as it was only really ‘on’ when a user logged on. So when comparing it with ‘Direct Access’ it didn’t have the capacity to ‘Manage Out’. With the release of Windows 10 (1709) this has been rectified with ‘Device Tunnels’, (more on that later). The solution uses RAS, NAP (NPS), and PKI (Certificate...
Exchange 2016 Setup Error “Server-Gui-Mgmt-Infra” Isn’t Installed
KB ID 0001397 Problem During the Exchange 2016 Setup Readiness Checks; The Windows component Server-Gui-Mgmt-Infra isn’t installed on this computer and needs to be installed before Exchange Setup can begin Solution This is a known problem when installing Exchange 2016 on Server 2016, and was fixed in Exchange 2016 (Cumulative Update number 4). You are probably installing Exchange 2016 from the RTM media, (downloaded from...
Deleting Folders With ‘Long Filenames’ (Source Path Too Long)
KB ID 0001396 Problem Source Path Too Long The source file name(s) are larger than is supported by the file system. Try moving to a location which has a shorter path name, or try renaming to shorter name(s) before attempting this operation. “Have you come across a problem deleting folders with long filenames?” I got asked this question twice in the first week at a new job. In a former role my colleague did a lot of work in...
Windows – Set Desktop Wallpaper From Central Server Share
KB ID 0001280 Problem You have a corporate wallpaper, and you want to set it as the desktop wallpaper on all your machines. Solution Firstly make sure you have some wallpaper! Create a hidden, (with a $ on the end) share on your server, set the share permissions to Everyone = Read. On the security tab make sure ‘Domain Users’ have read, and I would add in administrators with full control to be on the safe side. Now create...
Windows: Enable ‘Previous Versions’
KB ID 0001393 Problem Anyone who’s ever trashed a spreadsheet, or saved a file over the top of one that they shouldn’t, will appreciate previous versions. It’s done by a technology we have had since Windows XP (and Server 2003) called ‘shadow copy’. If you are familiar with virtualisation it’s a bit like taking ‘snapshots’ of files. It’s also great for sysadmins, as users can...
Windows Server: Connecting to iSCSI Storage Using MPIO
KB ID 0001392 Problem In my scenario my Windows Server is a VMware virtual machine. To enable MPIO (Multipath I/O) I’m going to need two network cards, connected to the two iSCSI networks. Above I’ve shown both iSCSI networks in different colours 192.168.51.0/24 and 192.168.50.0/24 in production I would also have these in their own VLANs, (or even separate physical networks). This article is not about setting up your...
Windows Server 2016: Active Directory Recycle Bin
KB ID 0001389 Problem To be honest we have had the capability to recover deleted active directory objects for ages. It’s just in Windows 2016 things look a bit neater. Enable Active Directory Recycle Bin From Server Manager > Tools > Active Directory Administrative Center ,> {Domain-Name} > Enable Recycle Bin. OK Note: You may need to restart ADAC before you will be able to see the option greyed out. Enable Active...