IT Consultant Everyday Notes

Just some problems/solutions storage

Tag Archives: Server 2012

Certificate WEB request failed with: This Web browser does not support the generation of certificate requests.

Issue: I am trying to send a certificate request from my Windows 2012 Server running IE 10 (default).

The request fails with the error: “This Web browser does not support the generation of certificate requests.”

 

Resolution: Press F12 and select IE 10 Compatibility View. After that CertSrv page should be displayed properly:

image

Advertisements

Server 2012: RDS deployment failed with: “Unable to connect to the server by using windows powershell remoting”

I tried to install an RDS on one of my 2012 servers.

Installed Session host and WEB server for Remote Apps using Sever manager-Add Role-RDS (that was a bad idea;  you need to use a separate Wizard from “Add Roles and Features Wizard”, not just add RDS role)

image 

After that I figured out I do not have management tools for RDS Smile

So I started the required Wizard. It tried to install Broker and failed with the above mentioned error.

I double checked I have Enable-PSRemoting ran. Still the same error.

I found a thread discussing the issue (http://social.technet.microsoft.com/Forums/en-US/winserver8setup/thread/bbb7427b-f839-48c4-b49c-467138f94b16) one of posts (not marked as an answer) says:

After working for weeks with M$ Support level 2 and higher on this issue below is the fix and reason for the issue.

In a PS Shell

Set-Item WSMan:\localhost\Shell\MaxMemoryPerShellMB 1000

then reboot

The default remote shell is allotted 150MB of memory. If we have Sharepoint/IIS App pool on the server then this memory is not sufficient to create a remote session (This is used mostly while installing any roles on windows server 2012) . Therefore by running that command we have enabled the remote shell to use 1000mb which will  provide more memory  to windows powershell to make remote sessions and resolve the issue.

I tried that and still got the error (but maybe it was a part of resolution).

After that I thought about my environment – I have two forests with two-way trust between them and I use my “management forest account” which is domain admin in the “demo” forest where I am installing the RDS. I decided to use an account from the “demo” forest instead and successfully installed RDS at this time.

Resolution:

Use admin account from the same forest were I installed RDS. Foreign forest account did not work regardless two–way trusts and admin permissions in the target domain.

Server 2012 PKI and XP compatibility

When your issuing CA is a nice and shiny Server 2012 your XP machines won’t be able to enroll for certificates.

You need to relax security as described in http://social.technet.microsoft.com/wiki/contents/articles/6289.certification-authority-authentication-level-incompatible-with-windows-xp.aspx

certutil -setreg CA\InterfaceFlags -IF_ENFORCEENCRYPTICERTREQUEST
net stop certsvc & net start certsvc

So it is your choice – lower security level or migrate to Windows 7/8.  XP support will end at April of 2014. Winking smile

SCCM 2007: Support for Windows 8 and Server 2012

Server 2012: Hyper-V on Gigabyte P67X-3DR

I am updating my home Lab to Server 2012. As a part of upgrade one of my Hyper-V hosts got the new OS. As soon as I enabled Hyper-V role it rebooted and sit forever showing me nice new windows logo (no logon screen).

 

I found resolution here. USB3 controller should be disabled in BIOS. Hopefully Gigabyte will fix it in later BIOS updates.

From this forum it looks like Windows 8 with Hyper-V role is affected too!

Server 2012: Remote Desktop access–“Insert smart card”

Issue: You try to RDP to a Windows Server 2012. There is no place to type a password on Logon page. There is a message “Insert smart card” instead even though Smart Card authentication is not configured.

Resolution: Log on locally with Administrator credentials. Remove profile of the user you logged on as. Try to RDP again to recreate the profile.

 

Note: it looks like the issue occurres only if you logged with your account locally first. Account with profile created during RDP session are not affected.

Server 2012: Failover Cluster configuration – HA File Share cannot see source path

File Server is one of the roles for Microsoft Failover Cluster. There is a convenient GUI wizard to add and configure the role.

Issue: When you create an HA share on File Server Cluster resource you cannot add any path to host it.

Resolution: Either run Failover Cluster management console from the node currently hosting File Server resource storage, or move the File Server resource to get Failover Cluster Management Console and the storage on the same node.

Note: I observed the issue on a full GUI version of the Server, interesting how it works with core and remote console?

PowerShell 3: Install PowerShell Web Access

1. Install feature (here and after all commands in PowerShell console started “As Administrator”!):

Install-WindowsFeature –Name WindowsPowerShellWebAccess –ComputerName <computer_name> IncludeManagementTools –Restart

image

2. Enable PS remoting (if it is not enabled)

Enable-PSRemoting –force

image

3. Configure PSWA using:

Install-PswaWebApplication –UseTestCertificate.

image

4. Add Authorization rule:

image

5. Verify PSWA using access to /pswa">/pswa">https://<server_name>/pswa from Internet Explorer.

image

6. Use PSWA

image

detailed instruction: at Technet site

Tip: Server 2012/Windows 8–How to logoff

In Server 2012/Windows 8 Microsoft changed “traditional” logoff way… Now, to logoff go to the Start page, click on your user account picture and select "Sign out".