Archive for the ‘Windows Server 2016’ Category
Microsoft Windows Server Remote Desktop Services (RDS) with Citrix Hypervisor (XenServer) – opted for 15 user per VM with a max of 18-20 in case of outage (hardware failure etc.) with specs of 6 vCPUs and 48 GB RAM
Donnerstag, September 23rd, 2021Microsoft Windows Print Spooler – remote code execution vulnerability
Freitag, Juli 2nd, 2021
Microsoft Windows Print Spooler – remote code execution vulnerability
Determine if the Print Spooler service is running (run as a Domain Admin)
Run the following as a Domain Admin:
Get-Service -Name Spooler
If the Print Spooler is running or if the service is not set to disabled, select one of the following options to either disable the Print Spooler service, or to Disable inbound remote printing through Group Policy:
Option 1 – Disable the Print Spooler service
If disabling the Print Spooler service is appropriate for your enterprise, use the following PowerShell commands:
Stop-Service -Name Spooler -Force
Set-Service -Name Spooler -StartupType Disabled
Impact of workaround Disabling the Print Spooler service disables the ability to print both locally and remotely.
Option 2 – Disable inbound remote printing through Group Policy
You can also configure the settings via Group Policy as follows:
Computer Configuration / Administrative Templates / Printers
Disable the “Allow Print Spooler to accept client connections:” policy to block remote attacks.
Impact of workaround This policy will block the remote attack vector by preventing inbound remote printing operations. The system will no longer function as a print server, but local printing to a directly attached device will still be possible.
Microsoft Windows Server 2008 R2 – how to in-place upgrade to Windows Server 2019
Donnerstag, Juni 17th, 2021
Microsoft Native Image Generator (NGen) – on some machines NGen did use all of the computers memory
Montag, Mai 17th, 2021 When NGen did go crazy like this Microsoft Support suggested to delete the registry key
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft \.NETFramework\v2.0.50727\NGenService\Roots
and its decendants
That fixed the issue but it remained mysterious why this was happening and what exactly did break when you delete the registry key NGen will build up its Ngen root dll cache automatically and inside the registry keys was no obvious garbage data visible and the issue remained mysterious
Microsoft Windows – ein Lösungsweg für den Windows Fehlercode ‚0xc0000005‘
Mittwoch, April 14th, 2021 Fehlercode ‚0xc0000005‘ – zählt zu den bekannteren Windows Fehlern und er betrifft nicht nur Nutzer von Windows 10 sondern auch Nutzer älterer Versionen wie Windows 8 und Windows 7 plus deren Windows Server Versionen. Mit der Data Execution Prevention (oder „Datenausführungsverhinderung“) hat Windows eine Funktion zum Schutz des Arbeitsspeichers integriert die unfreiwillig für Zugriffsprobleme wie 0xc0000005 verantwortlich sein kann. Einige Programme sind mit diesem Sicherheitsfeature nämlich nicht kompatibel sodass bestimmte Aktionen zwangsläufig zu dem Fehler führen. Die einfachste Lösung besteht in diesem Fall darin den Schutzmechanismus für die jeweilige Anwendung zu deaktivieren
Microsoft Windows Server 2016 – how to install Remote Desktop Services (RDS)
Mittwoch, November 11th, 2020 Microsoft Windows Server 2016 – how to install Remote Desktop Services (RDS)
Microsoft Windows Server 2008 R2 and above – released a patch for the ZeroLogon vulnerability that needs to be applied to your domain controllers if you haven’t done this already do this asap
Mittwoch, Oktober 21st, 2020Download the patch here … https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472
Microsoft Windows Server 2008 R2 and above – ‚Zerologon‘ unauthenticated domain controller compromise by subverting Netlogon cryptography (CVE-2020-1472)
Montag, September 28th, 2020ZeroLogon – testing script
Microsoft Windows Server 2019 versus 2016 – which to choose?
Samstag, Dezember 7th, 2019Connected Devices Platform Service (CDPSvc) – der Dienst für Synchronisationsaufgaben Mail-Abruf, Live-Kacheln, OneDrive-Synchronisierung etc. verantwortlich
Freitag, Dezember 6th, 2019Microsoft Windows 10 / Microsoft Windows Server 2016 – CDPUserSvc Probleme
Der Befehl weist Windows an den Dienst in einem eigenen Prozess auszuführen
C:\> sc config cdpusersvc type=own
Microsoft Server 2016 Windows Update – kann beschleunigt werden
Samstag, Oktober 19th, 2019Microsoft Server 2016 Windows Update – langsam kann aber beschleunigt werden
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate]
„DoNotConnectToWindowsUpdateInternetLocations“=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
„NoAutoUpdate“=dword:00000001
„UseWUServer“=dword:00000001
Microsoft Windows Client / Microsoft Windows Server – how to determine which .NET Framework versions are installed
Freitag, Oktober 11th, 2019Users can install and run multiple versions of the .NET Framework on their computers. When you develop or deploy your app, you might need to know which .NET Framework versions are installed on the user’s computer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Full
Microsoft Windows Server 2008 R2 & 2012 R2 – applications may crash or become unresponsive if another user logs off Remote Desktop session
Montag, Oktober 7th, 2019To resolve this issue upgrade to Windows Server 2016 the issue is fixed in this version of Windows Server
Microsoft Windows 7/8 & Windows Server W2k8/W2k12/W2k16/W2k19 – CVE-2019-1182 | Remote Desktop Services Remote Code Execution Vulnerability Security Vulnerability
Mittwoch, August 14th, 2019A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights
Microsoft Windows Server 2016 & 2019 – Windows Search is disabled by default
Samstag, August 3rd, 2019
Microsoft Windows Server 2016 & 2019 – this is because indexing of the volumes can cause problems in certain scenarios such as with Cluster Shared Volumes (CSV) and in running Remote Desktop Session Host (RDSH) with multiple simultaneous sessions
c:\services.msc
