I only just noticed this now, but apparently since 2022-01-11 ("Patch Tuesday" in January 2022) my home network's dev-server's Hyper-V hypervisor has been unable to start.
- The box is a 6 year-old Xeon E3 machine (UEFI of course), running Windows Server 2012 R2 with the Domain Controller and Hyper-V host roles installed.
The Hyper-V Event Logs are littered with errors, but those are all second-order consequences of the initial service failure which is reported with this event in the System event log:
Level: Error
Source: Hyper-V-Hypervisor
Event ID: 80Hypervisor launch failed; The operating systems boot loader failed with error 0xC00000BB.
- The raw XML of the Event says that the
0xC00000BB
code is anNTSTATUS
error code, which apparently means "STATUS_NOT_SUPPORTED
" - which doesn't make any sense as Hyper-V was working fine before Patch Tuesday and I'm not aware of Intel pushing-out any processor microcode updates to disable hardware virtualization like some kind of horrible SPECTRE/MELTDOWN-esque mitigation...
- The raw XML of the Event says that the
As it happened right after patch Tuesday, I'm guessing Microsoft botched a Hyper-V patch - and I probably shouldn't be expecting the best quality-control for security patches for 8.5-year-old OS releases...
Any ideas?
Dai's questions
My home LAN has a Windows Active Directory domain, with the DNS name
corp.example.com
.My Synology NAS has the FQDN
nas.corp.example.com.
.My Windows 10 desktop has the FQDN
cube.corp.example.com.
.I am using split-brain DNS:
- The DNS servers within my home LAN will report that
nas.corp.example.com
is172.16.1.10
. - The Internet-accessible public DNS server for
example.com
will returnA IN 2.718.281.828
for queries for bothnas.corp.example.com
andcorp.example.com
- where2.718.281.828
is my home router's public IPv4 address (I use port forwarding, ofc).
- The DNS servers within my home LAN will report that
Both my (Windows 10) desktop computer and Synology NAS are domain-joined.
- Running
ipconfig /all
on my desktop reportsPrimary Dns Suffix: corp.example.com
.
- Running
Therefore I expect Windows 10 to know that
nas.corp.example.com.
(FQDN) andnas
(single-label) are the same host.But Windows 10 File Explorer lists my NAS twice: first with the FQDN and again with the single-label name.
Answer me these questions three:
- Why is it doing this?
- Is this benign, or does it cause issues (e.g. extraneous lookup requests, too many connections, SMB issues?)
- How can I make it coalesce the two nodes into one?
Screenshot proof:
The problem:
Lately I've noticed Chrome on my desktop stalling when it loads a new website, saying it's resolving the domain-name. Eventually it resolved, but it feels like DNS requests take up to 5 seconds to succeed, which isn't right.
The Set-up:
Windows Server 2012 R2 Active Directory domain controller.
- IPv4 address: 172.16.1.10 (name:
server.my.ad.domain
) - Windows DNS Server is configured to use only Google's 8.8.8.8 and 8.8.4.4 as the only Forwarders.
- It is also configured to use Root hints if no forwarders are available.
dcdiag
passes all tests.
- IPv4 address: 172.16.1.10 (name:
Windows 10 desktop computer, member of the domain.
- Name:
desktop.my.ad.domain
- Network settings:
- Bluetooth PAN: Disabled ("Not connected")
- Ethernet: Connected (Domain network profile)
- DHCP enabled.
- Using only 172.16.1.10 as its DNS server.
- Name:
nslookup
Output:
I ran this from my desktop - I was surprised to see timeout errors but for the name to resolve eventually without needing a second invocation of nslookup
:
C:\>nslookup stackoverflow.com
Server: server.my.ad.domain
Address: 172.16.1.10
DNS request timed out.
timeout was 2 seconds.
Non-authoritative answer:
DNS request timed out.
timeout was 2 seconds.
Name: stackoverflow.com
Addresses: 151.101.65.69
151.101.1.69
151.101.129.69
151.101.193.69
I can't seem to reliably reproduce the issue - even after running ipconfig /flushdns
on both my desktop and the server, and removing the cached items from the Windows DNS Server's cache.
I tried again just now with nslookup
and set debug
and I got this:
> openra.net
Server: server.my.ad.domain
Address: 172.16.1.10
------------
Got answer:
HEADER:
opcode = QUERY, id = 16, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
openra.net.my.ad.domain, type = A, class = IN
AUTHORITY RECORDS:
-> my.ad.domain
ttl = 3600 (1 hour)
primary name server = server.my.ad.domain
responsible mail addr = hostmaster.my.ad.domain
serial = 8384
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 17, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
openra.net.my.ad.domain, type = AAAA, class = IN
AUTHORITY RECORDS:
-> my.ad.domain
ttl = 3600 (1 hour)
primary name server = server.my.ad.domain
responsible mail addr = hostmaster.my.ad.domain
serial = 8384
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 18, rcode = NXDOMAIN
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
openra.net.ad.domain, type = A, class = IN
AUTHORITY RECORDS:
-> ad.domain
ttl = 298 (4 mins 58 secs)
primary name server = ns1.bdm.microsoftonline.com
responsible mail addr = azuredns-hostmaster.microsoft.com
serial = 1
refresh = 3600 (1 hour)
retry = 300 (5 mins)
expire = 2419200 (28 days)
default TTL = 300 (5 mins)
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 19, rcode = NXDOMAIN
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
openra.net.ad.domain, type = AAAA, class = IN
AUTHORITY RECORDS:
-> ad.domain
ttl = 298 (4 mins 58 secs)
primary name server = ns1.bdm.microsoftonline.com
responsible mail addr = azuredns-hostmaster.microsoft.com
serial = 1
refresh = 3600 (1 hour)
retry = 300 (5 mins)
expire = 2419200 (28 days)
default TTL = 300 (5 mins)
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 20, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
openra.net, type = A, class = IN
ANSWERS:
-> openra.net
internet address = 194.63.248.52
ttl = 3599 (59 mins 59 secs)
------------
Non-authoritative answer:
DNS request timed out.
timeout was 2 seconds.
timeout (2 secs)
Name: openra.net
Address: 194.63.248.52
>
Unfortunately it still doesn't tell me exactly what timed-out...
I'm trying to install ImageMagick on an Azure App Service instance running WordPress. The Azure App Service is running PHP 7.3.3 x64 otherwise fine.
- I went to this web-page to get the right zips to download: https://mlocati.github.io/articles/php-windows-imagick.html
phpinfo()
says I'm running PHP 7.3.3x64
MSVC15
non-thread-safe, so I downloaded:php_imagick-3.4.3-7.3-nts-vc15-x64.zip
ImageMagick-7.0.7-11-vc15-x64.zip
- I extracted the two zip files into their own respective subdirectories in
D:\home\site\ext
directory. - I created an empty file at
D:\home\site\ext\extensions.ini
. - In the Azure App Service configuration area, I added the environment variable
PHP_INI_SCAN_DIR=D:\home\site\ext\
. - In
extensions.ini
I put this single line:extension=D:\home\site\ext\php_imagick-3.4.3-7.3-nts-vc15-x64\php_imagick.dll
. - Then I restarted the Azure App Service. Since then PHP crashes immediately on startup.
To investigate I opened Kudu and ran the PHP command-line interface from the
wwwroot
directory:cd D:\home\site\wwwroot\ php -f phpinfo.php
- This causes PHP to crash immediately. It writes nothing to standard-output nor
stderr
(so runningphp -f phpinfo.php > out.txt 2> err.txt
gives me zero-byte filesout.txt
anderr.txt
). - My global
php.ini
already hasdisplay_errors = On
anddisplay_startup_errors = On
.
- This causes PHP to crash immediately. It writes nothing to standard-output nor
- Nothing is logged anywhere in Azure other than that the FastCGI Extension exited unexpectedly.
- After commenting out the
#extension=D:\home\site\ext...
line PHP works fine.
I'm assuming this might be an issue with a missing system dependency (such as VisualC++ Redistributables) but Azure claims all current VisualC++ Redistributables are pre-installed (and we can't install our own anyway).
Is there any way to investigate a process-crash-on-startup?
I know one option is WinDbg, but I don't know how to get a crash dump in an Azure App Service.
This question is a not duplicate of these existing questions:
- AUTHORITY\NetworkService does not exist (question is for Windows Server 2003
- How can I run a process as "NT Authority\NetworkService"? (this is a scripting question)
- https://stackoverflow.com/questions/34966029/adding-permissions-for-nt-authority-networkservice (this is about adding an
NT AUTHORITY
principal to an ACL, not selecting a principal in the Find User GUI)
I have a Windows Service configured on different computers:
- A workstation (non-domain) computer (running Windows 10)
- A workstation (non-domain) Windows Server (running Windows Server 2016)
- A domain workstation (running Windows 10)
- A domain member server (running Windows Server 2016)
- A domain controller (running Windows Server 2016)
Domain-joined computers and member servers:
In all computers except the domain controller, the services.msc
> Service Properties > Log On property sheet's "Select User" pop-up lets me select the NT AUTHORITY
built-in principals NETWORK SERVICE
and LOCAL SERVICE
(aka NT AUTHORITY\NetworkService
and NT AUTHORITY\LocalService
).
If I ignore the Search Users window and just type "network service
" into the Select User window and click "Check Names" then it's correctly resolved to NETWORK SERVICE
:
Domain Controllers:
However, on this Windows Server 2016 domain controller, the Select User popup does not let me specify any local computer name (which makes sense: the local computer's security system becomes the domain security system).
...which means it's not possible to resolve, search for or select NETWORK SERVICE
or LOCAL SERVICE
:
When I type it in directly into the Log On tab then I get this error:
The account name is invalid or does not exist, or the password is invalid for the account name specified.
I note that on a domain controller, the "Select User or Service Account" window only lets me select either "Service Accounts" or "Users" and not "Built-in security principals".
Domain-joined workstation or member-server:
Domain controller (Windows Server 2012 R2, but it's the same on 2016):
I know I can set the Service Logon Account by using sc config
or editing the registry manually (or by typing "Local Service
" or "Network Service
" into the "This account:" textbox) but what about other situations where I'd be using the "Select User or Service Account" dialog box outside of Services.msc on a domain controller?
Background:
My LAN's Windows Server 2012 R2 Domain Controller had been running without any external time server for a few years and I finally synchronized it now. It had been running about 2 minutes behind what it should be. Here's the command-line on the DC:
C:\Users\Administrator>w32tm /stripchart /computer:time.windows.com
Tracking time.windows.com [13.65.245.138:123].
The current time is 2018-09-10 13:28:32.
13:28:32 d:+00.1093953s o:+106.2069632s [ | @]
13:28:34 d:+00.0622590s o:+106.1968684s [ | @]
13:28:36 ^C
Observe the o:+106
values, indicating this computer is 106 seconds behind what time.windows.com
was returning.
I reconfigured it thusly:
w32tm /config /manualpeerlist:"time.windows.com,0x1" /syncfromflags:manual /reliable:yes /update
And now w32tm /stripchart
displays the correct time:
C:\Users\Administrator>w32tm /stripchart /computer:time.windows.com
Tracking time.windows.com [13.65.245.138:123].
The current time is 2018-09-10 13:33:34.
13:33:34 d:+00.0781640s o:-00.0007568s [ * ]
13:33:36 d:+00.0781226s o:+00.0094363s [ * ]
13:33:38 d:+00.0781165s o:+00.0109971s [ * ]
13:33:40 d:+00.0781163s o:+00.0049739s [ * ]
13:33:42 d:+00.1249971s o:+00.0221738s [ * ]
Observe the o:+00.02
values, indicating the DC is now within ~20ms of the NTP time.
The problem:
My personal computer on the LAN, a domain member workstation is synced to the DC, so it inherited the incorrect clock.
I ran w32tm /update
but this did not update my local computer's clock, which still had the ~102 second "root dispersion".
I know that w32tm
takes a while to skew the clock, so I kept w32tm /stripchart /computer:mydomaincontroller.example.com
open to see what happens (scroll inside the console output below to 13:48:12
):
13:43:22, d:+00.0005054s o:+106.136670s [ | @]
13:43:24, d:+00.0004627s o:+106.148705s [ | @]
13:43:26, d:+00.0004954s o:+106.137005s [ | @]
13:43:28, d:+00.0004715s o:+106.134875s [ | @]
13:43:30, d:+00.0004988s o:+106.146821s [ | @]
13:43:32, d:+00.0005307s o:+106.139592s [ | @]
13:43:34, d:+00.0005019s o:+106.139095s [ | @]
13:43:37, d:+00.0007535s o:+105.927297s [ | @]
13:43:40, d:+00.0007354s o:+104.828951s [ | @]
13:43:43, d:+00.0007817s o:+103.742545s [ | @]
13:43:46, d:+00.0007865s o:+102.642791s [ | @]
13:43:49, d:+00.0007320s o:+101.546082s [ | @]
13:43:52, d:+00.0008024s o:+100.454105s [ | @]
13:43:55, d:+00.0007654s o:+99.3528989s [ | @]
13:43:58, d:+00.0007588s o:+98.2569027s [ | @]
13:44:01, d:+00.0007654s o:+97.1527004s [ | @]
13:44:04, d:+00.0007201s o:+96.0618527s [ | @]
13:44:08, d:+00.0009005s o:+94.9689223s [ | @]
13:44:11, d:+00.0007284s o:+93.8602069s [ | @]
13:44:14, d:+00.0007848s o:+92.7715585s [ | @]
13:44:17, d:+00.0007439s o:+91.6724994s [ | @]
13:44:20, d:+00.0007593s o:+90.5664585s [ | @]
13:44:23, d:+00.0007368s o:+89.4831227s [ | @]
13:44:26, d:+00.0007447s o:+88.3853008s [ | @]
13:44:29, d:+00.0007927s o:+87.2853882s [ | @]
13:44:32, d:+00.0014306s o:+86.1826024s [ | @]
13:44:35, d:+00.0007676s o:+85.0888854s [ | @]
13:44:39, d:+00.0006994s o:+83.9959068s [ | @]
13:44:42, d:+00.0007425s o:+82.8974550s [ | @]
13:44:45, d:+00.0008042s o:+81.7985327s [ | @]
13:44:48, d:+00.0007711s o:+80.6964513s [ | @]
13:44:51, d:+00.0007447s o:+79.6006962s [ | @]
13:44:54, d:+00.0006940s o:+78.5088182s [ | @]
13:44:57, d:+00.0011122s o:+77.4025070s [ | @]
13:45:00, d:+00.0007742s o:+76.3107419s [ | @]
13:45:03, d:+00.0007566s o:+75.2144979s [ | @]
13:45:06, d:+00.0007527s o:+74.1133596s [ | @]
13:45:10, d:+00.0006337s o:+73.0224708s [ | @]
13:45:13, d:+00.0007905s o:+71.9189507s [ | @]
13:45:16, d:+00.0014890s o:+70.8245257s [ | @]
13:45:19, d:+00.0007905s o:+69.7305667s [ | @]
13:45:22, d:+00.0007772s o:+68.6362814s [ | @]
13:45:25, d:+00.0007734s o:+67.5348673s [ | @]
13:45:28, d:+00.0007698s o:+66.4317496s [ | @]
13:45:31, d:+00.0007720s o:+65.3373735s [ | @]
13:45:34, d:+00.0007804s o:+64.2428301s [ | @]
13:45:37, d:+00.0007918s o:+63.1449978s [ | @]
13:45:41, d:+00.0007857s o:+62.0499115s [ | @]
13:45:44, d:+00.0007284s o:+60.9480690s [ | @]
13:45:47, d:+00.0012708s o:+59.8517536s [ | @]
13:45:50, d:+00.0007579s o:+58.7505085s [ | @]
13:45:53, d:+00.0037715s o:+57.6545484s [ | @]
13:45:56, d:+00.0006672s o:+56.5706047s [ | @]
13:45:59, d:+00.0007557s o:+55.4594937s [ | @]
13:46:02, d:+00.0007200s o:+54.3766916s [ | @]
13:46:05, d:+00.0006849s o:+53.2666784s [ | @]
13:46:08, d:+00.0007134s o:+52.1778095s [ | @]
13:46:12, d:+00.0007328s o:+51.0857880s [ | @]
13:46:15, d:+00.0007170s o:+49.9836731s [ | @]
13:46:18, d:+00.0007619s o:+48.8915497s [ | @]
13:46:21, d:+00.0007891s o:+47.7894672s [ | @]
13:46:24, d:+00.0007848s o:+46.6901181s [ | @]
13:46:27, d:+00.0007883s o:+45.5868773s [ | @]
13:46:30, d:+00.0007839s o:+44.4886931s [ | @]
13:46:33, d:+00.0007544s o:+43.4053996s [ | @]
13:46:36, d:+00.0008094s o:+42.2947382s [ | @]
13:46:39, d:+00.0007966s o:+41.2076924s [ | @]
13:46:43, d:+00.0008997s o:+40.1155935s [ | @]
13:46:46, d:+00.0007689s o:+39.0088370s [ | @]
13:46:49, d:+00.0007918s o:+37.9193197s [ | @]
13:46:52, d:+00.0007896s o:+36.8095748s [ | @]
13:46:55, d:+00.0006786s o:+35.7175588s [ | @]
13:46:58, d:+00.0007420s o:+34.6152128s [ | @]
13:47:01, d:+00.0007227s o:+33.5327719s [ | @]
13:47:04, d:+00.0007931s o:+32.4339650s [ | @]
13:47:07, d:+00.0007909s o:+31.3318090s [ | @]
13:47:10, d:+00.0007447s o:+30.2393576s [ | @]
13:47:14, d:+00.0008138s o:+29.1437457s [ | @]
13:47:17, d:+00.0007676s o:+28.0457416s [ | @]
13:47:20, d:+00.0007883s o:+26.9461491s [ | @]
13:47:23, d:+00.0007649s o:+25.8427590s [ | @]
13:47:26, d:+00.0007958s o:+24.7448775s [ | @]
13:47:29, d:+00.0007896s o:+23.6572525s [ | @]
13:47:32, d:+00.0007790s o:+22.5522966s [ | @]
13:47:35, d:+00.0007214s o:+21.4532253s [ | @]
13:47:38, d:+00.0008226s o:+20.3563652s [ | @]
13:47:41, d:+00.0007892s o:+19.2598154s [ | @]
13:47:45, d:+00.0014072s o:+18.1705858s [ | @]
13:47:48, d:+00.0007874s o:+17.0739438s [ | @]
13:47:51, d:+00.0007852s o:+15.9732302s [ | @]
13:47:54, d:+00.0008063s o:+14.8770975s [ | @]
13:47:57, d:+00.0007438s o:+13.7800971s [ | @]
13:48:00, d:+00.0007592s o:+12.6852783s [ | @]
13:48:03, d:+00.0007504s o:+11.5794419s [ | @]
13:48:06, d:+00.0007945s o:+10.4884036s [ | @]
13:48:09, d:+00.0007284s o:+09.3837856s [ | * ]
13:48:12, d:+00.0008046s o:+08.2928605s [ | * ]
13:48:16, d:+00.0007786s o:+07.1999294s [ | * ]
13:48:19, d:+00.0007918s o:+06.1020690s [ | * ]
13:48:22, d:+00.0007755s o:+04.9987732s [ | * ]
13:48:25, d:+00.0008050s o:+03.9116931s [ | * ]
13:48:28, d:+00.0022462s o:+02.7994469s [ | * ]
13:48:31, d:+00.0008183s o:+01.7082490s [ | * ]
13:48:34, d:+00.0007896s o:+00.6100597s [ | * ]
13:48:37, d:+00.0007954s o:-00.4889544s [ *| ]
13:48:40, d:+00.0008032s o:-01.5803174s [ * | ]
13:48:43, d:+00.0008090s o:-02.6780945s [ * | ]
13:48:47, d:+00.0007856s o:-03.7791214s [ * | ]
13:48:50, d:+00.0007839s o:-04.8662262s [ * | ]
13:48:53, d:+00.0007861s o:-05.9760549s [ * | ]
13:48:56, d:+00.0008121s o:-07.0592479s [ * | ]
13:48:59, d:+00.0007909s o:-08.1615378s [ * | ]
13:49:02, d:+00.0007636s o:-09.2653625s [ * | ]
13:49:05, d:+00.0007478s o:-10.3539575s [@ | ]
13:49:08, d:+00.0007580s o:-11.4467884s [@ | ]
13:49:11, d:+00.0007984s o:-12.5508851s [@ | ]
13:49:14, d:+00.0007927s o:-13.6431688s [@ | ]
13:49:18, d:+00.0007874s o:-14.7514953s [@ | ]
13:49:21, d:+00.0007429s o:-15.8458746s [@ | ]
13:49:24, d:+00.0007781s o:-16.9331431s [@ | ]
13:49:27, d:+00.0008015s o:-18.0341578s [@ | ]
13:49:30, d:+00.0007923s o:-19.1328127s [@ | ]
13:49:33, d:+00.0007342s o:-20.2368764s [@ | ]
13:49:36, d:+00.0007258s o:-21.3345439s [@ | ]
13:49:39, d:+00.0007711s o:-22.4182898s [@ | ]
13:49:42, d:+00.0007984s o:-23.5189611s [@ | ]
13:49:45, d:+00.0007483s o:-24.6187188s [@ | ]
13:49:49, d:+00.0007619s o:-25.7221868s [@ | ]
13:49:52, d:+00.0007090s o:-26.8065768s [@ | ]
13:49:55, d:+00.0007187s o:-27.9051191s [@ | ]
13:49:58, d:+00.0007944s o:-29.0071497s [@ | ]
13:50:01, d:+00.0008922s o:-30.1066847s [@ | ]
13:50:07, d:+00.0007918s o:-32.1167016s [@ | ]
13:50:26, d:+00.0007821s o:-39.0050306s [@ | ]
13:50:29, d:+00.0007328s o:-40.1024143s [@ | ]
13:50:32, d:+00.0007373s o:-41.2001761s [@ | ]
13:50:35, d:+00.0007984s o:-42.2963254s [@ | ]
13:50:39, d:+00.0007332s o:-43.3965310s [@ | ]
13:50:42, d:+00.0007456s o:-44.4922956s [@ | ]
13:50:45, d:+00.0007544s o:-45.5799108s [@ | ]
13:50:48, d:+00.0008759s o:-46.6777145s [@ | ]
13:50:51, d:+00.0007139s o:-47.7814006s [@ | ]
13:50:54, d:+00.0008556s o:-48.8813794s [@ | ]
13:50:57, d:+00.0006602s o:-49.9652265s [@ | ]
13:51:00, d:+00.0007676s o:-51.0659718s [@ | ]
13:51:03, d:+00.0007808s o:-52.1606286s [@ | ]
13:51:06, d:+00.0007777s o:-53.2685501s [@ | ]
13:51:10, d:+00.0008085s o:-54.3679582s [@ | ]
13:51:13, d:+00.0008001s o:-55.4645542s [@ | ]
13:51:16, d:+00.0007711s o:-56.5497060s [@ | ]
13:51:19, d:+00.0007777s o:-57.6471636s [@ | ]
13:51:21, d:+00.0004823s o:-58.1410037s [@ | ]
13:51:23, d:+00.0005036s o:-58.1423600s [@ | ]
13:51:25, d:+00.0005077s o:-58.1283064s [@ | ]
13:51:27, d:+00.0004903s o:-58.1394481s [@ | ]
13:51:29, d:+00.0004439s o:-58.1354109s [@ | ]
13:51:31, d:+00.0004652s o:-58.1415750s [@ | ]
13:51:33, d:+00.0004849s o:-58.1282355s [@ | ]
13:51:35, d:+00.0004695s o:-58.1418706s [@ | ]
13:51:37, d:+00.0004172s o:-58.1298115s [@ | ]
13:51:39, d:+00.0005153s o:-58.1378304s [@ | ]
13:51:41, d:+00.0004908s o:-58.1386067s [@ | ]
So my desktop computer decides to skew its clock to match my domain controller's... but then it just lets it keep on skewing and for the past 7 minutes it's been stuck with o:-58.14s
.
My questions:
- How do I force an immediate time sync without any clock skewing or slow updates: but a hard, fast computer clock reset to match the parent time source computer?
- Why did my computer's time start to sync and then overshoot it?
Update:
I kept the /stripchart
window open and eventually I saw this happen:
13:58:29, d:+00.0004937s o:-58.1387805s [@ | ]
13:58:31, d:+00.0005710s o:-58.1364607s [@ | ]
13:58:33, d:+00.0004962s o:-58.1399987s [@ | ]
13:58:35, d:+00.0005213s o:-58.1502970s [@ | ]
13:58:37, d:+00.0005110s o:-58.1416546s [@ | ]
13:58:39, d:+00.0004792s o:-58.1371685s [@ | ]
13:57:43, d:+00.0004684s o:+00.0050874s [ * ]
13:57:45, d:+00.0004559s o:+00.0049452s [ * ]
13:57:47, d:+00.0004935s o:+00.0010764s [ * ]
13:57:49, d:+00.0004701s o:+00.0141863s [ * ]
Why did it suddenly jump by 58 seconds back to where it should have been in the first place?
One of my clients' friends suffered a hack-attack this morning due to an insecure Remote Desktop configuration and I was asked to take a look. (All of their business files were encrypted by the 2018-Q1 strain of the Dharma ransomware).
Fortunately the Windows Event Logs were not tampered with and after looking at each log individually (Application, Security, System, etc) I was able to piece-together a timeline of the attack: indicting when and how the attacker connected to the machine, installed their malware, I saw Windows Services being stopped or crashed, and then they disconnected.
In Windows XP and earlier there were only the Application, System and Security logs to go through, but since Windows Vista there are application-specific logs located under the "Applications and Services Logs" tree-view node, and with each new Windows release there are more and more new logs to examine - unfortunately you have to go through them manually: there doesn't seem to be any kind of way of selecting data from all of those logs and then applying a date/time range filter or doing a textual search.
...or is there?
(I know you can create a custom log view in Event Viewer, but it isn't easy to add another log to the search and it's very slow, in fact the entire Event Viewer UI is painfully slow, laggy and awkward since its redesign in Windows Vista). It even advises you from creating a view that references more than 10 logs:
The filter or custom view you are creating references more than 10 event logs. The result might perform poorly and consume a large amount of memory or processor time. Do you want to continue?
In fact, when I created a view just now that referenced every Log on my computer it caused Event Viewer to lock-up and freeze and then eventually display zero items - so I guess that's just completely broken.
Is there a PowerShell command I could run to dump all events from all logs between two giving timestamps?
My Hyper-V machine stores its VM disks on an iSCSI volume located on a Synology DiskStation.
Occasionally (once a month) the DiskStation will restart itself for firmware and package updates, this causes an interruption to the iSCSI services and Hyper-V moves to kill the VM instances, reporting being unable to access the VM configuration.
Is there a way to configure Hyper-V to instead immediately pause a VM and wait for iSCSI connectivity to resume instead of killing the VMs?
I have a Windows Azure VM running Windows Server 2012 R2 that hasn't been able to install updates since April 2016. The "View update history" screen in the Control Panel lists hundreds of successive failures from constant attempts to install the updates on every machine restart.
The Details window for each update resembles:
Update for Windows Server 2012 R2 (KB3133690)
- Installation date: 2016-04-25 10:34
- Installation status: Failed
- Error details: Code 800F0922 Get help with this error
- Update type: Recommended
Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer.
More information: http://support.microsoft.com/kb/3133690
Help and Support: http://support.microsoft.com
(As usual, the "Get help with this error" link is useless and opens a Windows Help and Support window that simply reads "Getting search results... We couldn't find any results. Here are some things to try:". Ugh,
The Windows Event log is also littered with events like these:
- Log Name: System
- Source: WindowsUpdateClient
- Event ID: 20
- Level: Error
- User: SYSTEM
- OpCode: Installation Installation Failure: Windows failed to install the following update with error 0x800F0922: Security Update for Windows Server 2012 R2 (KB3159398).
The Application event log contains more useful information:
- Log Name: Application
- Source: Windows Error Reporting
- Event ID: 1001
- Level: Information
- User: N/A Fault bucket , type 0 Event Name: WindowsUpdateFailure3 Response: Not available Cab Id: 0
Problem signature: P1: 7.9.9600.18235 P2: 800f0922 P3: BA0F75FF-19C3-4CBD-A3F3-EF5B5C0F88BF P4: Install P5: 202 P6: 0 P7: 0 P8: AutomaticUpdatesWuApp P9: {7971F918-A847-4430-9279-4A52D1EFE18D} P10: 0
Attached files: C:\Windows\WindowsUpdate.log C:\Windows\SoftwareDistribution\ReportingEvents.log C:\Windows\Logs\CBS\CBS.log
These files may be available here: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_7.9.9600.18235_(Redacted)
Analysis symbol: Rechecking for solution: 0 Report Id: (Redacted) Report Status: 4 Hashed bucket:
The server would reboot to install updates, then stop and perform a rollback immediately afterwards, making a normal reboot last 15+ minutes.
The logfile C:\Windows\WindowsUpdate.log
doesn't yield any clues - it doesn't report any obvious errors or warnings - besides excessive messages about it being unable to use the Metered connection API: "WARNING: Failed to get Network Cost info from NLM, assuming network is NOT metered, error = 0x80240037".
The C:\Windows\SoftwareDistribution\ReportingEvents.log
file just contains the same text as the Windows Update control panel: "Failure Content Install Installation Failure: Windows failed to install the following update with error 0x800f0922: Security Update for Windows Server 2012 R2 (KB3162343)."
Finally, C:\Windows\Logs\CBS\CBS.log
is a 180MB+ sized text file that I skimmed through but couldn't find anything obvious.
There are plenty of resources available online that discuss using SSD drives in RAID configurations - however these mostly date back a few years, and the SSD ecosystem is very fast-moving - right as we're expecting Intel's "Optane" product release later this year which will change everything... again.
I'll preface my question by affirming there is a qualitative difference between consumer-grade SSDs (e.g. Intel 535) and datacenter-grade SSDs (e.g. Intel DC S3700).
My primary concern relates to TRIM
support in RAID scenarios. To my understanding, despite it being over 6 years since SSDs were introduced in consumer-grade computers and 4 years since NVMe was commercially available - modern-day RAID controllers still do not support issuing TRIM
commands to attached SSDs - with the exception of Intel's RAID controllers in RAID-0 mode.
I'm surprised that TRIM
support is not present in RAID-1 mode, given the way drives mirror each other, it seems straightforward. But I digress.
I note that if you want fault-tolerance with disks (both HDD and SSD), you would use them in a RAID configuration - but as the SSDs would be without TRIM it means they would suffer Write-Amplification which results in extra wear, which in turn would cause SSDs to fail prematurely - this is an unfortunate irony: a system designed to protect against drive failure might end-up directly resulting in it.
So:
- Is
TRIM
support necessary for modern (2015-2016 era) SSDs?- Is there any difference in the need for
TRIM
support between SATA, SATA-Express, and NVMe-based SSDs?
- Is there any difference in the need for
- Often drives are advertised as having improved built-in garbage-collection; does that obviate the need for
TRIM
? How does their GC process work in RAID environments?- For example, see this QA from 2010 which describes pretty-bad performance degradation due to not-TRIMming - and this article from 2015 makes the case that using TRIM is strongly recommended.
What is your response to these strong arguments for the necessity ofTRIM
?
- For example, see this QA from 2010 which describes pretty-bad performance degradation due to not-TRIMming - and this article from 2015 makes the case that using TRIM is strongly recommended.
- A lot of articles and discussion from earlier years concerns SLC vs MLC flash and that SLC is preferable, due to its much longer lifespan - however it seems all SSDs today (regardless of where they sit on the Consumer-to-Enterprise spectrum) are MLC thesedays - is this distinction of relevance anymore?
- And what about TLC flash?
- Enterprise SSDs tend to have have much higher endurance / write-limits (often measured in how many times you can completely overwrite the drive in a day, throughout a drive's expected 5 year lifespan) - if their write-cycle limit is very high (e.g. 100 complete writes per day) does this mean that they don't need
TRIM
at all because those limits are so high, or - the opposite - are those limits only attainable by usingTRIM
?
(Posted to ServerFault instead of StackOverflow because I feel it concerns OS configuration more than programming code).
I'm currently responsible for maintaining a system which connects to a third-party webservice. This webservice requires client authentication certificates, which is fair enough, but the webservice itself is secured with a self-signed certificate created by a self-created root certification authority certificate - the same root that creates the client auth certificates.
It would be enough to merely add the current service certificate to the known-trusted list and to ignore the self-created authority certificate, unfortunately the service certificate changes regularly so the authority certificate must be trusted to ensure the application doesn't break when the service cert is renewed.
However I don't (personally) trust the CA cert based on my experience with the company running the webservice - it would not surprise me if it would be leaked to the web - and worryingly the CA cert has no key-usage restrictions placed on it (while external MITM attacks are a possibility, though remote, I'm more concerned about a leaked certificate used for code-signing, for example).
Is it possible for me to tell my computer (currently a server box, but in future ordinary desktop client boxes) to trust a CA but only for a given set of key-usages and a small set of possible subject-names (domain-names)?
The server is currently Windows Server 2012 R2, but it could be running on a Linux box - though the desktop machines are all Windows boxes.
I've bought a new server which only allows disks to be connected to a built-in Intel RMS25CB080 RAID controller card. The server has 8 2.5" slots.
I'm considering using SSDs with this server, however I'm not interested in having the SSDs in a RAID configuration owing to the lack of TRIM support (it's 2015, why isn't TRIM supported in RAID1/5/10 yet?), so the SSDs would have to be in a "passthrough" configuration, however I cannot see anything in the manual about presenting single physical disks as-is to the hardware's operating system.
The documentation of the controller says it does support certain "Non-disk" devices, I found this thread from February 2013 talking about support for Intel 530-series SSDs ( https://communities.intel.com/thread/36368 ) however it doesn't explain what exactly it means to support SSDs. Does this mean the controller does send TRIM commands to the SSDs (even in various RAID configurations) or something else?
I have a Windows Server 2012 VM running on Windows Azure.
I want to enable the ability for 2 simultaneous administrative sessions over Remote Desktop. This is permitted under the EULA for Windows Server 2012. This is not the same thing as the fully-blown Terminal Services (Remote Desktop Services) feature.
In Windows Server 2000 and 2003, multiple concurrent sessions (up to a limit of 2, plus the root /console
session) were enabled by default (such that logging-in via RDP without logging-out first would create a new session rather than reconnecting to the old session). In Server 2008 and later it uses single-sessions by default, as this simplifies administration (as most people want to connect to old sessions).
In Windows Server 2008 R2, you can add the MMC snap-ins for Remote Desktop Host Configuration which allows you to re-enable concurrent sessions.
However, in Server 2012, after adding the Remote Administration snap-ins from Server Manager it seems the Remote Desktop Host Configuration snap-in has been removed.
How can I re-enable the multiple concurrent sessions for Remote Desktop for Administration in Windows Server 2012?
I'd like to avoid discussion of IIS ARR for now - it isn't essential to get NLB working.
I have two computers (both in the same domain, btw) who are connected to two networks:
- A private internal network that the AD domain lives on. 192.168.0.10 and 192.168.0.11 respectively. This network has no default gateway.
- The public Internet. 123.123.123.10 and 123.123.123.11 respectively.
I'd like both servers to participate in an NLB cluster to serve a series of web applications that will keep on running even if one of the servers goes down (Windows updates, hardware failures, etc).
I've installed the NLB role on both computers and set up a cluster on the public (123.123.123.xxx) adapters and set the cluster to use a new IP address 123.123.123.12.
The cluster is in Multicast mode. I understand that Unicast mode causes ARP flooding and also prevents the "public" adapter from being used for anything besides NLB tasks (I would like to keep some applications on a single server and I can't install a third NIC just yet, hence multicast mode).
The NLB manager says the cluster is "Converged" without any problems, and when I try accessing the public cluster IP 123.123.123.12 from each machine then the IIS Default webpage loads fine.
However when I try that IP address from my home connection it doesn't work - I get a TCP timeout.
Also, in IIS Manager when I go to Site Bindings the cluster IP address isn't listed. Nor does it appear when I run ipconfig /all
which is strange because it appears in Network Adapter properties.
So my question is: why do I get TCP timeouts and why isn't the cluster IP appearing in IIS?
EDIT: When I ran ipconfig /all
again, the cluster IP appears. Strange. Maybe I missed it originally?
I'm unsure about the differences in these storage interfaces. My Dell servers all have SAS RAID controllers in them and they seem to be cross-compatible to an extent.
The Ultra-320 SCSI RAID controllers in my old servers were simple enough: One type of interface (SCA) with special drives with special controllers, humming at 10-15K RPM. But these SAS/SATA drives seem like the drives I have in my desktop, only more expensive. Also my old SCSI controllers have their own battery backup and DDR buffer - neither of these things are present on the SAS controllers. What's up with that?
"Enterprise" SATA drives are compatible with my SAS RAID controller, but I'd like to know what advantage SAS drives have over SATA drives as they seem to have similar specs (but one is a lot cheaper).
Also, how do SSDs fit into this? I remember when RAID controllers required HDDs to spin at the same rate (as if the controller card supplanted the controller in the drive) - so how does that work out now?
And what's the deal with Near-line SATA?
I apologise about the rambling tone in this message, it's 5am and I haven't slept much.
I'm trying to set up TLS for the POP3 server in the Exchange CAS role.
I purchased a cert from NameCheap, and the CA path is fully trusted, and installed it within the Certificates MMC snap-in without any trouble.
However Exchange 2010 doesn't seem to like it: I see this in the event viewer:
Event ID: 2007 Source: MSExchangePOP3 A certificate for the host name "mail.mydomain.net" couldn't be found. SSL or TLS encryption can't be made to the POP3 service.
...despite the fact that such a certificate does exist:
[PS] C:\Windows\system32>Get-ExchangeCertificate
Thumbprint Services Subject
---------- -------- -------
DAFFAE2391F40412386DCFC3AC8E822AAE181312 .P.W.. CN=mail.mydomain.net, OU=PositiveSSL, OU=Domain Control Validated
1C363A4D6A40921230BBD02C47A3260863D05CAA I...S. CN=machineName
BCSH281A051860123D70C0BD2E1EB6DBABDC98DD ...... CN=WMSvc-MACHINENAME
I've started the server (and services) numerous times. I don't understand why it doesn't work.
I have a Windows Server 2008 R2 machine with SQL Server 2008 R2 Enterprise installed. The SQL Server is setup as a named instance, so its full name is "ATLANTA3\FOO" ("Atlanta3" being the machine name, and "Foo" being the instance name).
I have set up a Windows Firewall with Advanced Security rule to allow all incoming connections to sqlservr.exe, and this is what is set in Configuration Manager:
Shared Memory: Enabled
TCP/IP: Enabled
Protocol:
Enabled: Yes
Keep Alive: 30000
Listen All: Yes
IP Addresses:
(Most of these are IPv6 addresses assigned to tunnel adapters and are ignored)
IP2:
Active: Yes
Enabled: Yes
IP Address 192.168.0.17 // this is the internal LAN adapter
TCP Dynamic Ports: 0
TCP Port: (blank)
IP4:
Active: Yes
Enabled: Yes
IP Address 89.xx.xx.xx // this is the Internet-exposed adapter. I can ping this from home.
TCP Dynamic Ports: 0
TCP Port: (blank)
IPAll:
TCP Dynamic Ports: 49280
I use TCPView to see the port that the instance is listening on (49280) and I can open a telnet connection perfectly fine.
However I can't seem to connect to the instance from any remote machine, on both the internal 192.168.0.x LAN as well as from the Internet. I get this error from SSMS:
TITLE: Connect to Server
Cannot connect to ATLANTA3\FOO.
ADDITIONAL INFORMATION:
A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified) (Microsoft SQL Server, Error: -1)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft%20SQL%20Server&EvtSrc=MSSQLServer&EvtID=-1&LinkId=20476
I've followed all of the instructions in the TechNet and MSDN articles for allowing SQL Server through the firewall. This sounds like a problem with SQL Server Browser, but I can't find any information on getting SSB to play nice with the firewall, assuming it ever needed to.
I can't disable the firewall outright, because when I do the server disconnects itself from all networks and isn't responsive remotely and I have to get the datacenter guys to manually reboot the machine for me (not good).
I'm looking at options for high-availability for my SQL Server-powered application.
The requirements are:
- HA protection from storage failure.
- Data accessibility when one of the DB servers is undergoing software updates (e.g. planned outage for Windows Update / SQL Server service-packs).
- Must not involve much in the way of hardware procurement.
- The application is an ASP.NET web application.
- The web application's users have their own database instances.
I've seen two main options: SQL Server failover clustering, and SQL Server mirroring.
I understand that SQL Server Failover Clustering requires the purchasing of a shared disk array and doesn't offer any protection if the shared storage goes down (so the documentation recommends to set up a Mirroring between two clusters).
Database Mirroring seems the cheaper option (as it only requires two database servers and a simple witness box) - but I've heard it doesn't work well when you have a large number of databases. The application I'm developing involves giving each client their own database for their application - there could be hundreds of databases. Setting up the mirroring is no problem thanks to the automation systems we have in place.
My final point concerns how failover works with respect to client connections - SQL Server Failover Clustering uses MSCS which means that the cluster is invisible to clients - a connection attempt might fail during the failover, but a simple reconnect will have it working again. However mirroring, as far as I know, requires that the client be aware of the mirrored partners: if the client cannot connect to the primary server then it tries the secondary server.
I'm wondering how this work with respect to Connection Pooling in ASP.NET applications - does the client connection failovering mean that there's a potential 2-second (assuming 2000ms TCP timeout policy) pause when the connection pool tries the primary server on every connection attempt?
I read somewhere that Mirroring can be used on top of MSCS which means that the client does not need to be aware of mirroring (so there wouldn't be any potential delays during connection, and also that no changes would need to be made to the client, not even the connection string) - however I'm finding it hard to get documentation or white papers on this approach. But if true, then it means the best method is then Mirroring (for HA) with MSCS (for client ignorance and connection performance).
...but how does this scale to a server instance that might contain hundreds of mirrored databases?
I have a domain controller configured to use time.windows.com (with 0x09 flags set). I've noticed that frequently the systems' clock is fast - it varies from 10 minutes to even 45 minutes. I always have to keep resetting the system date/time back to what it should be.
When I run "w32tm /query /source" it tells me it's using time.windows.com, and obviously I trust Microsoft not to serve incorrect times, but why is my server's clock fast?
EDIT:
There are a few Time-Service events in the System log:
Event ID: 142
Message: The time service has stopped advertising as a time source because the local clock is not synchronized.
Event ID: 139
Message: The time service has started advertising as a time source.
These two messages appear in pairs every hour or so. Event 142 appears 14 to 16 minutes after 139 appears.
Going back a few months, these events appear:
Event ID: 35
Message: The time service is now synchronizing the system time with the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.21.21:123).
Event ID: 37
Message: The time provider NtpClient is currently receiving valid time data from time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.21.21:123).
Event ID: 47
Message: Time Provider NtpClient: No valid response has been received from manually configured peer time.windows.com,0x9 after 8 attempts to contact it. This peer will be discarded as a time source and NtpClient will attempt to discover a new peer with this DNS name. The error was: The time sample was rejected because: The peer is not synchronized, or it has been too long since the peer's last synchronization.
These three events only appear once in the log, back in October.
EDIT:
Here is the output of w32tm /query /status /verbose:
enter code here
C:\Users\Administrator>w32tm /query /status /verbose
Leap Indicator: 3(last minute has 61 seconds)
Stratum: 3 (secondary reference - syncd by (S)NTP)
Precision: -6 (15.625ms per tick)
Root Delay: 0.1794868s
Root Dispersion: 4.6419912s
ReferenceId: 0x41371515 (source IP: 65.55.21.21)
Last Successful Sync Time: 2011-12-05 23:25:18
Source: time.windows.com,0x9
Poll Interval: 6 (64s)
Phase Offset: 0.0000695s
ClockRate: 0.0156243s
State Machine: 1 (Hold)
Time Source Flags: 0 (None)
Server Role: 0 (None)
Last Sync Error: 2 (The computer did not resync because only stale time data was available.)
Time since Last Good Sync Time: 1281.9919104s
I'm upgrading my organisation's Exchange set-up from 2007 to 2010 (by provisioning a new server with 2010 on, moving the mailboxes across, then decommissioning the 2007 server). The move went by without any real problems, however I've got a problem where I can't get rid of the old 2007 server without error messages.
The 2007 server has the Public Folder database on it still, when I try to Remove the Public Folder database from within EMC I get this error:
Microsoft Exchange Error
The public folder database 'Public Folder Database' cannot be deleted.
Public Folder Database Failed Error: The public folder database "OLDSERVER\Second Storage Group\Public Folder Database" contains folder replicas. Before deleting the public folder database, remove the folders or move the replicas to another public folder database. For detailed instructions about how to remove a public folder database, see http://go.microsoft.com/fwlink/?linkid=81409.
OK
I followed the links and saw that I need to move all the replicas within the database using this command:
.\MoveAllReplicas.ps1 -Server Server01 -NewServer Server02
So I ran it:
[PS] C:\Program Files\Microsoft\Exchange Server\Scripts>.\MoveAllReplicas.ps1 -Server "OLDSERVER" -NewServer "NEWSERVER"
Set-PublicFolder : The parameter "Replicas" cannot be $null or an empty array.
At C:\Program Files\Microsoft\Exchange Server\Scripts\ReplaceReplicaOnPFRecursive.ps1:147 char:24
+ $_ | set-publicfolder <<<< -server $_.OriginatingServer;
Set-PublicFolder : The parameter "Replicas" cannot be $null or an empty array.
At C:\Program Files\Microsoft\Exchange Server\Scripts\ReplaceReplicaOnPFRecursive.ps1:147 char:24
+ $_ | set-publicfolder <<<< -server $_.OriginatingServer;
Set-PublicFolder : The parameter "Replicas" cannot be $null or an empty array.
At C:\Program Files\Microsoft\Exchange Server\Scripts\ReplaceReplicaOnPFRecursive.ps1:147 char:24
+ $_ | set-publicfolder <<<< -server $_.OriginatingServer;
Set-PublicFolder : The parameter "Replicas" cannot be $null or an empty array.
At C:\Program Files\Microsoft\Exchange Server\Scripts\ReplaceReplicaOnPFRecursive.ps1:147 char:24
+ $_ | set-publicfolder <<<< -server $_.OriginatingServer;
Set-PublicFolder : The parameter "Replicas" cannot be $null or an empty array.
At C:\Program Files\Microsoft\Exchange Server\Scripts\ReplaceReplicaOnPFRecursive.ps1:147 char:24
+ $_ | set-publicfolder <<<< -server $_.OriginatingServer;
Set-PublicFolder : The parameter "Replicas" cannot be $null or an empty array.
At C:\Program Files\Microsoft\Exchange Server\Scripts\ReplaceReplicaOnPFRecursive.ps1:147 char:24
+ $_ | set-publicfolder <<<< -server $_.OriginatingServer;
Set-PublicFolder : The parameter "Replicas" cannot be $null or an empty array.
At C:\Program Files\Microsoft\Exchange Server\Scripts\ReplaceReplicaOnPFRecursive.ps1:147 char:24
+ $_ | set-publicfolder <<<< -server $_.OriginatingServer;
Set-PublicFolder : The parameter "Replicas" cannot be $null or an empty array.
At C:\Program Files\Microsoft\Exchange Server\Scripts\ReplaceReplicaOnPFRecursive.ps1:147 char:24
+ $_ | set-publicfolder <<<< -server $_.OriginatingServer;
Set-PublicFolder : The parameter "Replicas" cannot be $null or an empty array.
At C:\Program Files\Microsoft\Exchange Server\Scripts\ReplaceReplicaOnPFRecursive.ps1:147 char:24
+ $_ | set-publicfolder <<<< -server $_.OriginatingServer;
Set-PublicFolder : The parameter "Replicas" cannot be $null or an empty array.
At C:\Program Files\Microsoft\Exchange Server\Scripts\ReplaceReplicaOnPFRecursive.ps1:147 char:24
+ $_ | set-publicfolder <<<< -server $_.OriginatingServer;
Set-PublicFolder : The parameter "Replicas" cannot be $null or an empty array.
At C:\Program Files\Microsoft\Exchange Server\Scripts\ReplaceReplicaOnPFRecursive.ps1:147 char:24
+ $_ | set-publicfolder <<<< -server $_.OriginatingServer;
[PS] C:\Program Files\Microsoft\Exchange Server\Scripts>
When I run the same command from the Exchange 2010 shell it simply quits and returns to the shell prompt. I still get the Replica error when I try to remove the Public Folders database.
I had a look around inside the 2010 version of ReplaceReplicaOnPFRecursive.ps1 and it turns out that it doesn't do anything at all with the data it's given. The recursive list of folders to modify that it builds is empty, so no commands end up being executed.
Any ideas?