RWA on Essentials 2016 only working for a short time?

On February 28, 2017, in news, by susan

As noted in these threads…..

https://social.technet.microsoft.com/Forums/windowsserver/en-US/fc9140e3-9ae7-4ba3-898b-1ec196ab8538/remote-web-access-works-for-about-a-week-at-a-time?forum=ws16essentials

https://social.technet.microsoft.com/Forums/en-US/95098edc-e4f8-478d-ab90-edd717cf1e94/server-essentials-2016-rww-broken?forum=winserveressentials

There’s a workaround to use until such time as the final fix is deployed.

https://social.technet.microsoft.com/Forums/en-US/95098edc-e4f8-478d-ab90-edd717cf1e94/server-essentials-2016-rww-broken?forum=winserveressentials

 

Vote as helpful

1
Vote

Hi All,

This issue might occur when you have O365/AAD enabled on the server. The product team is investigating it, in the mean time, the following workaround might help mitigate this issue:

1. On the server, go to folder %programfiles%\Windows Server\Bin\FeatureDefinitions\Microsoft PwdSync\

2. Make a copy of file Definition.xml for backup

3. Edit the original Definition.xml (if you don’t have permission, copy the file out, edit it and put it back in the folder):

Comment out the following two sections:

<!–

<HealthDefinition Name=”PasswordSyncInvalidPassword”

</HealthDefinition>

<HealthDefinition Name=”PasswordSyncOtherFailure”             …

</HealthDefinition>

–>

4. Restart WseEmailSvc windows service.

Please let me know whether it helps nor not.

Thanks,

 

 

https://support.microsoft.com/en-us/help/4011347

January 26, 2017—KB 3216755 (OS Build 14393.726)

On the catalog site at this time is an update that those of us in the SMB world will want to get and install on our Windows 10 1607 machines.  It fixes a painful bug that if indexing is enabled on the server, causes naming or renaming a file folder to crash.

The bug can be seen discussed in this forum post – https://social.technet.microsoft.com/Forums/windows/en-US/b72c763e-d029-4e65-a2dc-885a5aabf643/problem-creatingrenaming-a-folder-on-a-network-share-with-win10-anniversary-update-error?forum=win10itpronetworking

Also here:  https://networkdefend.blogspot.com/2016/09/fix-windows-10-error-0x8007003b-when.html

It will be in the normal release soon, but for now we can get that update on impacted machines now, not later.

 

Keep the faith

On January 18, 2017, in news, by susan

https://networkdefend.blogspot.com/2016/09/fix-windows-10-error-0x8007003b-when.html

The fix is coming soon.

But man, it’s making me seriously consider that I need to not rely on Windows basic indexing as a network feature going forward.  This has taken much too long to fix.

 

De-consumerizing Windows 10 Pro

On January 9, 2017, in news, by susan

So here’s many of the scripts and links I’ve accumulated and used to “de-consumerize” Windows 10 at the office:

Removing the unwanted apps in Windows 10

Step one:

Download this zip file taken from this blog site.

Extract the file, launch PowerShell.

Enter the following command:

PowerShell.exe –ExecutionPolicy Bypass –File .\removeapps.ps1

 While I can’t turn off the consumer experience via group policy in windows 10 — what I can do is shoot out this same info to the local group policy or registry and doing so removes the other remaining inbox apps and stops the “Microsoft recommends” consumer apps  – http://www.ghacks.net/2016/03/02/turn-off-microsoft-consumer-experience/

More ideas here:  Windows 10 Decrapifier – Script Center – Spiceworks:

https://community.spiceworks.com/scripts/show/3298-windows-10-decrapifier

 

I then uninstall one drive

Disable or Uninstall OneDrive Completely in Windows 10 – Tech Journey:

https://techjourney.net/disable-or-uninstall-onedrive-completely-in-windows-10/

 Once I do all of this, the system should retain these settings when the next Creator’s update gets released.

 

 

Windows 10 roll out tips

On January 9, 2017, in news, by susan

So to remind myself of the next time I’m rolling out Windows 10… here are some tips to fix annoyances:

Can’t enable numlock?

Win10:

  • Change the value of …ControlPanel/Keyboard/InitialKeyboardIndicators to 2147483650 for ALL USERS not only for .Default (my current user was 2).
  • Then SHUTDOWN computer.
  • Turn on computer and wait for login screen (NumLock is still off).
  • Enable NUMLOCK
  • SHUTDOWN computer.
  • Turn on computer.

NumLock disabled after booting up Windows 10? from Windows10

Merely enabling it in the bios did NOTHING.  I had to do this funky trick of shutting down and registry edits to get it to ‘take’.

Windows 10 1607 [Anniversary release]

 

So what’s the most annoying thing about Windows 10?

On December 21, 2016, in news, by susan

Not the patching, not the dealing with customizing the menu system (more on that later) but printers.

Flat out I have had more issues with personal laserjet printers than anything else.  Network based printers, my Ricohs have been relatively easy to set up.  Two of them were picked up just fine, one – a slightly older one – I set it up as a tcp/ip printer and had the operating system pick up the generic Ricoh driver.

But on my workstation where I have a Lexmark printer, I have had to move it from a usb connection setup to a tcp/ip printer setup.  When it was a usb printer, it would go to sleep.  And once it went to sleep it would then not wake up to print… or if it did… it would error out and the only way I could get it to fully “wake up” and print properly was to unplug the usb cable and plug it back in.  Not the greatest experience.  I tried getting new printer drivers and that didn’t work.

So far whenever I’ve had really problematic printers, the workaround that works is to make them no longer be usb based printers and instead hang them off the network.

I’ve found at home that I’ve had to move my wireless printers to wired in order to get them settle down with Windows 10 as well.

Bottom line tcp/ip is working the best.  Other protocols… not so much.

 

So what happens when SHA1 falls out of support?

On December 21, 2016, in news, by susan

If you have your SBS (and Essentials) servers set up properly with a third party SSL cert and not a self signed cert, nothing should happen.

SBS can support higher SSL certs than SHA1.  If your SSL cert is soon to be out of date or blocked just go to CheapSSL certs or Godaddy or wherever you get cheap certs and buy a third party SSL certs.  No one should be using self signed certs anyway.

https://www.digicert.com/sha1-sunset/

SHA1 Deprecation: What You Need to Know

 

 

Essentials server impacted by DST

On November 8, 2016, in news, by susan

Essentials is impacted by the DST and is complaining about sending out the email after the daylight savings change.

Storage server Essentials is also impacted.
http://www.mcbsys.com/blog/2014/11/cant-email-essentials-health-report-since-daylight-savings-time/

Manually restart the service seems to work.

 

SBS 2008 and the RWW issue

On October 31, 2016, in news, by susan

Install the cumulative update KB3197954 released on 10/27/2016 (in addition to the flash update that also came out out of band)

If you are STILL having issues connecting via RWW AFTER this update PLEASE let me know.
Addressed connectivity issue from a 32-bit application to a Remote Desktop Gateway that doesn’t have HTTP tunneling enabled.

Show all
October 27, 2016—KB3197954 (OS Build 14393.351)

 

Did you see the new SMB Jump start series?

On October 28, 2016, in news, by susan
Hello Microsoft Cloud Partners,

Our new SMB JumpStart: Enterprise Mobility + Security (EMS) program kicks off on November 8 and you won’t want to miss this great opportunity designed to help your team comprehend, adopt, and deploy EMS based solutions to expand your business opportunities.

Register now

This five-week program is comprised of weekly webinars focused on a new aspect of the chosen technology, as well as hands-on independent learning assignments and 1: Many coaching sessions to help ensure your comprehension and ability to adopt. The program will include a private Yammer group where participants can access resources, ask questions and join the conversation with others in the program.

Benefits to you:

In this 5-week program, you’ll receive step-by-step guidance and resources on the following topics:

  • Communicating the EMS customer value proposition, choosing an internal champion, and activating your Internal Use Rights
  • Using Azure Active Directory to configure single-sign on, multi-factor authentication, and self-service access to third-party SaaS applications
  • Leveraging Azure Information Protection for sharing, tracking, and revoking protected documents, even outside of your organization
  • Utilizing Intune for mobile application management without requiring device enrollment
  • Using Intune to provide MDM (mobile device management) and overview of additional capabilities of EMS including Advanced Threat Analytics

Who should participate? This program is best-suited companies who are ready to commit to starting a EMS or Azure practice today. We recommend your company’s Office 365 and/or Azure technical lead attend the sessions.

Ready to get started? The program kicks off on Tuesday, November 8. Register for the program and you will receive access to the webinars, private Yammer group, and resources webpage. Spaces are limited – don’t miss out.

Register today!  

If you have any further questions on the SMB JumpStart: Enterprise Mobility + Security program, please send an email to smbin@microsoft.com

View article…