We have a number of customers using Server 2019 as a VPN server with the IKEv2 protocol through the Routing and Remote Access (RRAS) service. Suddenly, every single one of them gets the following error on their clients "IKE credentials are unacceptable" - I've checked the common errors but none of them makes sense as the certificates haven't changed (which seems to be a common culprit). We have a number of customers with a matching setup but on server 2016 - without any issues. I've tried reinstalling the service, but the issue is the same. I've tried stopping the NPS service to verify if it was the NPS og RRAS throwing the error, and the error was the same, so I'm certain that the issue is with the RRAS. There has been no change in network or firewall configurations, no windows updates installed or software installations.
I've tried looking this up for hours but my google-fu is failing me it seems. The question is rather simple, if I configure multiple Radius servers in RRAS, if they're all ballanced equally, how are requests treated? Say, if the different RADIUS servers only authenticates specific authentication types (one using PEAP where certificates are used for authentication, one is using MSCHAPv2 and yet another uses, lets say smart card). Will the authentication request retry through the list of Radius servers until one succeeds or all fails? Or will it just be hit'n'miss on the first responder? Are all Radius servers in the list have to be configured with the same policies?
We have a Citrix farm running Server 2016. CPU Fair Share is enabled (by default) but still we have examples of a single user claiming 100% CPU when running queries in PowerBI. Shouldn't Fair Share prevent exactly this?
I've been all over Google for the past days and I simply can't find a solution to this that would work in this setup.
The setup: Windows Server 2012 R2 (RDS), Office 2016, file server is 2012R2.
The problem:
- User1 opens an Excel file either from the fileserver or from Microsoft SharePoint online in write mode.
- User2 opens the same Excel sheet - also in write mode and is not prompted that it is already being edited by another user.
- User1 saves changes and exits
- User2 saves changes and exits, hence changes by User1 is lost.
I have a vague memory that it was possible, centrally and NOT per sheet, to setup a notification that the sheet is already opened in write mode by another user. Any ideas on this?
I've been searching and searching for ages now, on how to integrate Skype For Business online with an on-premises Exchange 2010. More specifically I want to be able to see free/busy (availability) in Outlook, based on the status of their SFB status. The setup is quite simple: All mailboxes are on the on-premises Exchange 2010 - no hybrid setup nothing is being synched to O365. The Skype For Business is purely online.
I've found plenty of articles stating that it's supported and some who've reported that they've configured it, but absolutely nothing on how to actually do it. Does anyone know how to actually do this? Because MS doesn't seem to know either.
I've hit a wall on this one.
I have a 2012R2 RDS setup, it's not struggling with resources, config is good. When users login, some complain that it takes very long to connect (start session). I've tested with a test account from multiple clients and the results are: Client1 - Session start takes 30 - 40 seconds - Windows 10 Client2 - Session start takes 17 - 20 seconds - Windows 10 Client3 - Session start takes 7 - 10 seconds - Windows 10 Client4 - Session start takes 30 - 50 seconds - Windows 7 Client5 - Session start takes 7 - 10 seconds - Windows 7 Non of the above clients are in the same domain or network as the RDS, DNS is setup properly.
I've ruled out the RDS itself as connections are all external from otherwise good connections and computers that run well.
Any ideas on how to optimize the client for the RDS connections?
We're running an Exchange 2010 environment with multiple SMTP domains which we have configured autodiscover for as well.
Now we have discovered that some of the autodiscover addresses hass not been added as a SAN in the certificate, giving the users a warning when they configure profiles.
Is is possible to add more SAN / DNS names to an existing certificate and if so, how would I do it?
So, I know this is a very basic question but I'd like to ask the experts just to make sure.
We have a .NET application that is running on an application server, and our users launch it using a shortcut on their workstations which points to the main executable through an UNC path (\AppServer01\Software\MainApp.exe). The problem is that this application crashes from time to time, and I can see in the eventlog on the clients that there are appcrashes and the faulting module is a dll in .NET.
My question is, when you launch a .NET application from a UNC path, would it utilize the local .NET (the .NET on the client) or the remote instance of .NET (the .NET on AppServer01)?
I have an issue with deleting a forwarder in our Active Directory integrated DNS server, I get the following error: The server forwarders cannot be updated. Access was denied.
When I go to he security tap, select advanced and check the effective rights for my admin account, which has full control. I tried googling to check, but have not been able to find any usefull tips. The DNS domain does not exist anywhere else in DNS other than as a forwarder.
I've been searching here, technet and google but haven't been able to find an answer to my question yet.
I have a website running on IIS 7, Server 2012 R2. The IIS serves as an access to our Citrix farm. Connecting using https, I have created an SSL certificate using our CA server (certificate is for Citrix.contoso.com (internal FQDN for server)). But, users will try and connect using just https://Citrix which will generate a certificate error. So my question is: Is it possible, for the certificate to work for both Citrix and Citrix.contoso.com? If so, how do I manage to do this?