My company is running SBS2008/SBS2011/Essentials, but it has grown to the point where this no longer meets our needs (We have too many employees!) and/or the software is going out of extended support. What is the migration path off of SBS/Essentials?
We are having an issue on one of our clients relatively new sbs installs.
The domain consists of a single SBS 2011 server with 4 Windows 7 clients and 3 XP clients. Most of the time everything is fine, however roughly every 3 days, Windows 7 clients start timing out when trying to receive computer group policy.
This results in hour long delays before getting to the login screen in the morning. This is accompanied by event ID 6006, win login errors stating it took 3599 seconds to process policy. Once they've booted they can log in without issue however gpupdate fails again on computer policy and gpresult comes back with access denied, even when run as domain admin... At this point if we restart the server the network is fine for 3 days.
I thought perhaps it might be ipv6 or smb2, but disabling ipv6 on the clients doesn't help and the clients can browse the sysvol folder freely on smb2 anyway. Does anyone have any ideas or routes I can take to further diagnose the issue?
We currently have a SBS 2003 server that is on its way out. Our shop is small (< 10 PCs), and our needs are not that great. I've been looking at Small Business Server 2011 Essentials and trying to figure out if it will work for us. These are out basic needs:
- Domain Controller/Active Directory
- File and Printer Sharing
- IIS for Intranet
- Ability to create VPN connection
Our Intranet App uses MySQL, so SQL Server is not required. We have hosted email so Exchange is unimportant. We have no need for SharePoint.
Would SBS 2011 Essentials fit the bill for this? Or am I looking at the Standard version?
On a Small Business Server 2011 installation a whole number of w3wp.exe processes appear to be using a disproportional lot of memory. The SBS out-of-the-box installations comes with a total of 7 sites and 20 ASP.NET application pools (Sharepoint, Exchange, WSUS and SBS-specific stuff like Remote Web Workplace).
The resulting dozen of w3wp.exe processes tends to consume more than 4 GB of the server's memory over time with the peak application pool being the one belonging to WSUS with around 800 MB in the working set. Manually recycling the application pools through the IIS MMC helps temporarily reduce the memory usage (the w3wp.exe processes shrink back to 10 MB, some of them regrowing quickly), but obviously is not something an admin wants to do all day. I was unable to find any recommendations on automatic recycling of the SBS-preinstalled application pools, so I am somewhat reluctant to "just do it" on production systems.
My research on the net on how to limit this only threw up a number of posts stating that w3wp memory consumption would not hurt but benefit performance as memory would be "freed when needed by other applications". The trouble is that it does not work out:
- for one, an SBS is a multi-role server, one of the roles (the major one) being CIFS network storage which immensely benefits from filesystem caching which again relies on memory being "free" as in "not used by other processes in any way" - ASP.NET application pools which are hardly ever seeing users and eating memory are counterproductive
- another thing is that I still have to see substantial decrease of the w3wp instances memory consumption upon memory shortage - what I see is a minor decrease by significantly less than 100 mb and excessive swapping instead - again hurting performance
I hardly ever administer IIS or ASP.NET apps, so any ideas on how to effectively trim the memory requirements for the application pools are welcome.
I have been trying to set up an SSTP VPN to my SBS 2011 server and have been battling certificate issues the whole way. I've been able to generate a new certificate for my external vpn address, import it into my client machine, and added my server as a Trusted Certification Authority. Now I get the error:
Error 0x80092013: The revocation function was unable to check revocation because the revocation server was offline.
When I checked the CRL distribution points on the certificate I saw that the only urls were to my internal address, so I added another one that points to my external address (leaving the original internal urls intact). I generated a new certificate, deleted the existing one from my client and imported the new one, and restarted RRAS and verified that SSTP was using my new certificate but I am still getting the same error.
When I view the details the certificate that I imported I see that the new external CDP appears in the list (something to the effect of http://mydomain.com/CertEnroll/MYSERVER-CA.crl) . When I put that into a web browser I get a message saying the CRL import was successful, which lets me know that the URL is accessible from the outside and is online.
I feel like this is the last stop between me and a secured VPN, what am I missing here?