On several machines after the automatic installation of Windows updates KB4561600 and KB4560960, printing to some, but nit all, printers no longer works. It seems when you try to print, the application closes immediately and printing does not take place. The simple solution is to locate the most recent drivers, delete the existing printer and re-install using the new drivers.

Remote Access

Many years ago I wrote numerous blog articles relating to VPNs, and primarily PPTP VPNs. Hits on those blog pages are up 300% since the Coronavirus outbreak due to people looking for ways to work from home. I wanted to warn PPTP is an old solution and is considered to be “broken” and very insecure. Please consider other options.

Rather than creating new articles explaining how to configure various remote access methods I thought I would provide some suggestions and links as it has all been written before by very talented IT folk.

Firstly VPNs. I would always recommend using a VPN appliance/router over the server itself. It is more secure, authenticates at the network perimeter not the server itself, and allows more control. Cisco, Sonicwall, Juniper, Watchguard, and others provide very good solutions . However one concern with any VPN solution is the fact that though it is a secure tunnel, it also allows any and all traffic between an unmanaged remote client computer and the corporate network. Viruses can travers the VPN tunnel, should the client PC be hacked the hacker has direct access to the corporate network, and the remote user can easily copy/steal corporate data that they maybe should not. In addition VPNs occasionally just do not work due to network addressing, slow ISP service, or blocked protocols by ISPs.

If you do want to set up a VPN on a windows server, I would recommend SSTP.  Thomas Maurer has a great configuration guide:https://www.thomasmaurer.ch/2016/10/how-to-install-vpn-on-windows-server-2016/

Perhaps a better option than a VPN is a terminal server, now called a remote desktop server (RD Server). I have never seen the RDP protocol blocked, performance is usually better than a VPN, and all data stays on the corporate network. If set up correctly it uses the Remote Desktop Gateway service and SSL which is very secure. You can, if you like, also use this within your VPN tunnel and if using a business class VPN solution restrict traffic to RDP.

Another alternative if you don’t want to set up an RD Server is to configure the RD Gateway service on your server and allow users to connect securely to their own desktops PCs with the same level of performance. This was a built in feature of SBS and Server Essentials 2016 and earlier.  Mariette Knap has a excellent article on configuring the RD Gateway service, specifically on Server 2019 Std:https://www.server-essentials.com/support/setup-rds-gateway-as-a-replacement-for-access-anywhere-from-the-essentials-experience-role

Regardless of what method you use, as soon as you allow any remote access, make sure you configure Group Policy to enforce strong passwords and to lock accounts after ‘X’ wrong password guesses.  (I use 5, and lock out for 30 minutes). You can set this on the server for domain wide deployment or on an individual PC using GPedit.msc. For both it is located under Computer Configuration |Windows Settings | Security Settings | Account Policies .

The other alternative of course is to use cloud based services such as Microsoft’s Office 365 which you can from any where, at any time.  If dong so, make sure you enable multi-factor authentication for security.

I hope this is of some help and please stay safe n these uncertain times.

 

 

 

Hyper-V Missing VMs

Over the past 6 months I installed 4 Server 2019 Hyper-V hosts for various clients. After several months with no problems, following a reboot, all running VM’s completely disappeared from the Hyper-V management console and were not accessible from the network using management tools, file shares, remote desktop, or even pings. Oddly, shut down or saved VM’s were present.

When this first happened I was shocked. The VHDX files were all present so I could create a new VM, but that didn’t seem practical. Googling showed that this can happen if the Hyper-V Virtual Machine Management service did not start, but in my case it had. I tried restarting the service, the VM’s instantly reappeared, and were in a running state with boot up almost complete.

This issue over the coming months started happening on other 2019 servers and after every reboot, planned or due to a power outage, I had to connect to the host and restart the Hyper-V Virtual Machine Management service.

Further Googling this issue brings up suggestions of corrupt VM configuration files, granting “NT Virtual Machine\Virtual Machines” the “logon as a service right”, doing the same with group policy, and other suggestions, but where restarting the service would resolve in every case I assumed there was not a configuration issue.

In the end setting the Hyper-V Virtual Machine Management service start up type to “Automatic (delayed start)” resolved the problem on all machines, though it resulted in a slightly longer boot time for the VMs.

All of thee servers worked fine for a few months so I assume the problem was due to a Windows update but to date I have found no actual cause. Also, I can confirm this only occurs on my 2019 Hyper-V hosts. There are no issues with Server 2016 or earlier servers.

Hyper-V restart

Recently found on 3 two month old HP computers users could not open Office documents that were received as attachments to e-mails within Outlook. After troubleshooting, discovered it was due to an HP add-on utility “HP Single Click” a security app provided with many HP PCs. This can simply be uninstalled from Programs and Features, however any open apps that use it must be closed. A reboot will insure this. Also a reboot is required after uninstalling. Presumably this was caused by a windows or HP update as it had not been a problem in the past. Perhaps more recent updates have resolved the problem.

Intro to PowerShell

For those not knowing where to start with learning PowerShell, Netwrix is offering a free 47 page document “Windows PowerShell Tutorial for Beginners” which includes numerous simple, common, tasks.  One of the best intros I have seen.

https://try.netwrix.com/powershell-tutorial

I had a client where Adobe Acrobat XI Standard, on Windows 10, worked flawlessly for several years, but recently documents would open and then after a couple of seconds close with no warning.  Reinstallation and reactivating did not solve the problem nor did many Internet search results such as registry edits.

What did work was to open Adobe and very quickly, before it closed, click  “Help” on the menu bar and then select “Check for updates”.  It did find an update, download, and install.  It worked fine after that.  I suspect a compatibility issue with a recent Windows update may have caused the problem.

A client had a 4 hour power outage today.  Though the Hyper-V host, which was connected to a business class UPS, rebooted as it should, none of the VMs came back on line. The Hyper-V management console showed “No virtual machines were found on this server”.

capture1

After researching several solutions before simply recreating the virtual machines I restarted the “Hyper-V Virtual Machine Management service”, which was already running.  Instantly all VM’s reappeared and started up.  Perhaps this may assist others down the road.

This is a must have pdf reference file: 

An amazing, free, current, searchable, compilation of hundreds Windows commands with explanations, syntax, and examples of their use.  And, it’s free !

https://www.microsoft.com/en-us/download/details.aspx?id=56846

Windows Commands

It seems recently many users are receiving an error logging into Remote Desktop Servers (Terminal Servers) from off-site. The error reads:

KB4103725

An authentication error has occurred.
The function request is not supported.
Remote computer <ServerName>
This could be due to CredSSP encryption oracle remediation.
For more information, see https://go.microsoft.com/fwlink/?linkid=866660

This is a result of a March 13th update. The previous error message was shorter, but an Apr 17 update elaborated the error message to read as above.

The link explains how to resolve using group policy but the simple fix, as of May 8th, is to apply the KM4103725 monthly rollup update. This will require a reboot on most servers, but should resolve the problem once complete.

 

It seems Windows 10 Update fails sometimes, especially with the Fall Creators Update.  It continuously wants to install, you approve, it runs, and fails, often with error code 0xc1900208.   

In troubleshooting I have found most of the time it will install if you click the “Update now” button form the Creators Update Web page.  It seems to check for compatibility, make any adjustments, then Install.https://www.microsoft.com/en-us/software-download/windows10 

Should that fail to work, you can download the Windows 10 Update Troubleshooter, which will troubleshoot, and offer to repair any issues found.  There is also a troubleshooter for Win  7 and 8.https://support.microsoft.com/en-us/help/4027322/windows-update-troubleshooter 

However, I also recently read about an issue with attached USB drives oddly causing the update to fail.  Recently,  on a PC on which I tried all of the aforementioned options, and had no attached USB devices, I discovered a DVD in the drive.  Once ejected the update installed without a problem.  This strikes me as very bizarre, but perhaps the update searches other available drives for some reason. 

Therefore; I recommend if having issues with Windows updates, try disconnecting any USB devices such as external drives, thumb drives, phones which may be charging, and possibly even USB printers, and don’t forget to check the DVD tray, just in case.

Tag Cloud