Windows Server – System Channel Event ID Error 36888

July 28, 2020

When your event viewer is flooded by the Channel Event ID 36888 alerts.

image

SOLUTION :

Turn this off by changing the registry key value :

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL

From 1 to 0

image

Enjoy!


Windows Server 2019 – Backup System State failed Error 0x800700a1

July 27, 2020

After the latest Windows 2019 update I ran into the problem that the Windows System State did not run anymore ?

All other backup selections where still running OK …

When I investigated the error it was saying : The specified path is invalid


image



Error in backup of C:\ during write: Error [0x800700a1] The specified path is invalid.
Error in backup of C:\Windows\ during write: Error [0x800700a1] The specified path is invalid.
Error in backup of C:\Windows\System32\ during write: Error [0x800700a1] The specified path is invalid.
Error in backup of C:\Windows\System32\Tasks\ during write: Error [0x800700a1] The specified path is invalid.
Error in backup of C:\Windows\System32\Tasks\Backup Failed during write: Error [0x800700a1] The specified path is invalid.
Application backup

SOLUTION :

In the event viewer I saw error ID 8193, and I applied these changes

https://audministrator.wordpress.com/2017/11/08/windows-server-2016-event-id-8193-8194-error/

But no success Sad smile

image

Next I ran this Create Shadow command

vssadmin Create Shadow /For=C: /AutoRetry=2

image

And checked the status again using this command

vssadmin list shadows

And bingo this was a success Smile

image

Next I ran the full backup again using the windows backup and all seems OK again

image

TIP:

If this still does not help in your case.

DELETE the Windows Backup job and recreate it again.

If this still does not help, check to see if the REMOTE shared folder is accessible.

Or test using the IP address instead of the DNS name for the destination SERVER or NAS.

Enjoy!!


Windows 2019 – Assign a fixed IP address based on a MAC address

June 9, 2020

I had a case were I needed to assign a Fixed IP address to 3D printer that had a Linux based OS.

There were 2 options :

– Configure the fixed IP on the linux OS. Which was not supported out of the box.

– Configure the DHCP server to assign a fixed IP address based on the MAC address of the device

image

So I went for the second option Winking smile

Solution :

1. find out the MAC address of the device in your network

This can easily be done using a (free) network scanner tool.

Or even better use PowerShell Smile

CLS

Get-NetNeighbor 

Once you see the MAC address list of your device

2. Open the DHCP Manager and add a RESERVATION based on the MAC Address

image

3. Reboot the device that had an DHCP address

And check the result

Enjoy!

 





Windows 2019 – Start Menu Management

May 20, 2020

When you need to customize the Windows Start Menu on Windows 2016/2019 or Windows 10

image

Solution :

To add folders and Shortcuts you need to go to :

%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs

Create a new folder and go back to check it.

image

Keep in mind that empty folders will NOT be visible ?! Sad smile)

Set the folder permission to add a Shortcut to your application.

image

To make it visible put at least 1 shortcut in the folder Smile

Took me a few hours to find out why my entries where not visible…

Enjoy !


Windows 2019 – hMailserver Migration

May 19, 2020

If you are interested to run hMailserver on the latest and greatest Windows Server 2019 ?

For this who are not familiar with hMailerServer look here :

https://audministrator.wordpress.com/2014/08/18/exchange-hmailserver-as-mail-relay-server/

https://audministrator.wordpress.com/2014/08/18/autoit-sending-a-mail-using-the-hmailer-com-library/

Look here for the migration steps below :

Prerequisites are :

– Install the Windows Server Features .Net Framework 3.5

  image

– Install the Windows MS SQL Compact redistributable

   https://www.microsoft.com/en-us/download/details.aspx?id=30709

   Even though MS is not listing this as a supported OS, it does work fine !

Migration Steps :

– After installing the 2 prerequisites you can test MS SQL Compact installation using this script

  https://audministrator.wordpress.com/2014/07/01/powershell-accessing-ms-sql-compact-edition/

– Install the latest version of hMailServer on the new server (best is to keep both version level the same !)

  So upgrade the existing installation on the old server if needed first.

  https://www.hmailserver.com/download?page=contactform

– Stop the service on the old server & the new server.

image

– Copy the database and the ini file to the new server

image

image

– Start the services again and login

image

PS :

Make sure that have set the correct permissions on the hMailServer folders to make the database connection possible

This procedure also works for Windows 2016 Smile

Enjoy!


Windows Server 2019 – Hyper-V VMMS Errors Event ID 19100

March 25, 2020

On the internet I found this nice visual that helps understanding the Hyper-V and Backup Infrastructure.

image

After we installed a Hyper-V on a new Window Server 2019, everything seemed to be running OK.

But apparently after the 1st backup there where a lot of errors in the Event viewer ID 19100.

Error 0x8007052F

image

After that point no backups would run anymore, until the Hyper-V host was restarted.

Next backup cycle the same story Sad smile

So I checked the VSS writer to see if all was OK. But I saw that there was an error reported?

Microsoft Hyper-V VSS writer : Unexpected Error ?

image

So that did not help a lot ?

Next I ran some VSS diagnostics apps, but no errors found ?

VSSDoctor :

image

VssDiag :

image

Everything pointed out to be OK, but it was not … Sad smile

Solution :

Conclusion was that this could be nothing else then a Permission issue.

So I ran the Resultant Set of Policy – rsop.msc

image

I noticed that some policies where overruled by a Domain Policy so I started cleaning up.

But still no success until I noticed that the Local Log on As a Service Policy again I clean this one up.

And check the local Policy settings for this policy using SecPol.msc

image

I noticed that the ‘NT VIRTUAL MACHINE\Virtual Machines’ was not in there ?

After adding the NT VIRTUAL MACHINE\Virtual Machines to the LOCAL Policy ‘Allow run as a Service’

All Backup problems were solved. Smile

TIPS :

Make sure the Hyper-V Guest Integration Services and the Backup (Volums Shadow Copy) are active as well

image

And the CheckPoints are set like this

image

See also here :

https://audministrator.wordpress.com/2020/03/12/windows-server-2019-hyper-v-backup-error-event-id-19100-event-id-32/

Enjoy !


Window Server 2019 – Error DCOM Event ID 10000

March 19, 2020

On a Hyper-V Guest you might see the Event Id 10000 DCOM error

image

Vdsldr.exe is a “Virtual Disk service loader”

This event look very similar to the DCOM Error Event ID 10016 ?

See here for more info.

I go and open the registry to look for the GUID {9C38ED61-D565-4728-AEEE-C80952F0ECDE}

image

Also make note of the AppID GUID {5364ED0E-493F-4B16-9DBF-AE486CF22660}

Use the Reg Query command to check it :

reg query "HKEY_CLASSES_ROOT\CLSID\{9C38ED61-D565-4728-AEEE-C80952F0ECDE}" /ve
 
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{5364ED0E-493F-4B16-9DBF-AE486CF22660}" /ve

image

SOLUTION :

1. Open the Component Services Manager using the DCOMCNFG command

And look for Virtual Disk Service Loader

image

Next check the AppId GUID is matching the one in the Event Viewer

image

This is the one we found in the registry Smile

2. Check the Security for this DCOM App

Go to the Security Tab to see who has access…

image

Hmm the buttons are greyed out !

That is that reason why we get errors reported… !

image

See on the AppID GUID permission is set the TrustedInstaller

Similar as to the 10016 Event Errors you can fix the restricted access the same way.

3. Fix the Access

First in the Registry you need to change the OWNER of the RegKeys to the Administrator,

Instead of the TrustedInstaller.

And set the Adminstrator to have FULL CONTROL

image

If this still does not help go back to the DCOMCNFG and add Full Control for the

Administrator to the LAUNCH and ACTIVATION Permissions

image

Enjoy!


Windows 2019 – SceCli Error Event ID 1202

March 18, 2020

When you see this Event ID 1202. follow this procedure to fix it.

SOLUTION :

Follow the steps as indicated in the Event Viewer :

image

Security policies were propagated with warning. 0x534 : No mapping between account names and security IDs was done.


Advanced help for this problem is available on https://support.microsoft.com. Query for “troubleshooting 1202 events”.


Error 0x534 occurs when a user account in one or more Group Policy objects (GPOs) could not be resolved to a SID. 

This error is possibly caused by a mistyped or deleted user account referenced in either the User Rights or Restricted Groups branch of a GPO.  To resolve this event, contact an administrator in the domain to perform the following actions:


1.    Identify accounts that could not be resolved to a SID:


From the command prompt, type: FIND /I “Cannot find”  %SYSTEMROOT%\Security\Logs\winlogon.log


The string following “Cannot find” in the FIND output identifies the problem account names.


Example: Cannot find JohnDough.


In this case, the SID for username “JohnDough” could not be determined. This most likely occurs because the account was deleted, renamed, or is spelled differently (e.g. “JohnDoe”).


2.    Use RSoP to identify the specific User Rights, Restricted Groups, and Source GPOs that contain the problem accounts:


a.    Start -> Run -> RSoP.msc
b.    Review the results for Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment and Computer
     Configuration\Windows Settings\Security Settings\Local Policies\Restricted Groups for any errors flagged with a red X.


c.    For any User Right or Restricted Group marked with a red X, the corresponding GPO that contains the problem policy setting is listed under the column entitled “Source GPO”.
     Note the specific User Rights, Restricted Groups and containing Source GPOs that are generating errors.


3.    Remove unresolved accounts from Group Policy


a.    Start -> Run -> MMC.EXE
b.    From the File menu select “Add/Remove Snap-in…”
c.    From the “Add/Remove Snap-in” dialog box select “Add…”
d.    In the “Add Standalone Snap-in” dialog box select “Group Policy” and click “Add”
e.    In the “Select Group Policy Object” dialog box click the “Browse” button.
f.    On the “Browse for a Group Policy Object” dialog box choose the “All” tab
g.    For each source GPO identified in step 2, correct the specific User Rights or Restricted Groups that were flagged with a red X in step 2.
     These User Rights or Restricted Groups can be corrected by removing or correcting any references to the problem accounts that were identified in step 1.

If you run step 1 :

FIND /I "Cannot find"  %SYSTEMROOT%\Security\Logs\winlogon.log

image

You will find out easily which account entries are causing the errors.

Open the GPEDIT.msc again and remove the entries from the Domain or Local Policy

image

Because the Policy Editor will accept any kind of string that you enter.

If the account SID does not exist it starts complain using Event ID 1202

Enjoy!


Windows Server 2019 – Hyper-V VMMS Errors Event ID 15300 – 19600 – 15010 – 16010

March 13, 2020

After restarting the Hyper-V manager or creating a new VM you can get these errors

Event ID 15300 & 19600 & 15010 & 16010 Errors

image

It took me some time to figure out what was causing this …

SOLUTION :

Open the Hyper-V Settings

The reason was an incorrect path in the Hyper-V settings

image

After correcting the PATH to the new destination, all was OK again Smile

Enjoy!


Windows Server 2019 – Hyper-V Backup Error Event ID 19100 & Event ID 32

March 12, 2020

After running a backup of the Hyper-V Virtual Machines you might get this error Event ID 19100

“Either the component that raises this event is not installed on your local computer

or the installation is corrupted. You can install or repair the component on the local computer.”

SOLUTION :

1. I noticed that the Guest Services was not activated…

image

Make sure this is selected. A reboot of the VM might be needed.

If this is not fixed see the next steps

2. Run this PowerShell command

Get-VM | Format-List Name, ID

image

Check the Event ID 19600 error code details

image

As you can see the GUID is the same as the one returned from the PS command.

3. Run this iCALCS command using Admin Privileges


Icacls <the path to the folder containing the VHDS files> /grant "NT VIRTUAL MACHINE\":(OI)F

image

See here for more details :

image

After this step it did not yet start ! Sad smile

I could not INPSECT the disk, there was always an error !

image

There are Event ID 32 reported !!

clip_image002

Hmmm….

So I decided to stop the VM and next manually MERGE the checkpoints.

There where 4 in total in the chain

image

The MERGE operation did not go as planned too Sad smile

The first 3 where OK …. the last one did not want to merge !

It ended up in a error as well …

SOLUTION 2 :

So you need to this manually 1 by 1 or use PowerShell…

image

Select the AVHDX file .

image

Select MERGE

image

Select TO NEW VIRTUAL HARD DISK

image

It will end up in a new VHDX file …

But I could not connect it to the previous VM… ?

Once I DELTEDED the VM from the Hyper-V manager and created a NEW VM in a new Folder.

Connected the NEW MERGED VM to the new VM all was OK Smile

Enjoy!