by Contributed | Jan 25, 2021 | Technology
This article is contributed. See the original author and article here.
Looking for Windows Server 2019 training resources? Here are the latest Microsoft Learn modules, ranging from introductory to advanced topics!
Select Windows Server editions, servicing options, and activation
This module describes the different editions of Windows Server 2019 (Essentials, Standard, Datacenter and Hyper-v) and when to use each. It explains the different servicing channels, for environments that need a longer-term operating system with less frequent updates (often important in industries like healthcare and manufacturing). Then you’ll learn about licensing and activation and how to implement automatic activation for your new virtual machines.
Describe Windows Server administration tools
This module describes the latest tools for managing your servers, including a demonstration of Windows Admin Center, a description of the traditional Server Manager tool, the supported capabilities of Remote Server Administration Tools and an overview of Windows PowerShell. You’ll see a scenario of using Windows PowerShell to remotely administer a server. This content is great for people with a Windows Server administration background who want to understand what modern management tools are now available and when they can be used.
Orchestrate containers on Windows Server using Kubernetes
Curious about containers? Here you will learn how container orchestration can be used to automate and manage large numbers of containers and the architecture and common terms used by Kubernetes (a popular container orchestration tool). You’ll step through how to create a Kubernetes cluster on Windows. Then you’ll discover how Azure Arc-enabled Kubernetes can help you take advantage of Microsoft Azure tooling for your on-premises clusters and how to connect them.
Implement Windows Server DNS
A core networking feature, Domain Name System is explained in this module – how it works, what zones and records are
and how to create them. You’ll also about DNS forwarding, that sends requests on to other DNS servers when appropriate.
Manage advanced features of AD DS
Active Directory Domain Services can be used in a simple structure to hold user and computer accounts, but what if you’re environment is large or complicated? This module explains trust relationships between different AD DS forests, what Enhanced Security Administrative Environment (ESEA) forests are, how to create custom AD partitions and how to monitor and troubleshoot Active Directory replication.
Implement Group Policy objects
In this module, you’ll learn about what Group Policy objects do – how they are scoped and inherited, how to configure a domain-based GPO, what containers and templates are and how administrative templates can be used to control operating systems and the user experience.
Manage Windows Server file servers
For keeping files local and shared on the network, file shares on Windows Server have some key considerations. Learn about file system types, File Server Resource Manager, the SMB protocol and how Volume Shadow Copy Service works for actioning file backups.
Implement remote access
This module focuses on securely enabling remote access to files, applications and web apps on Windows Server. Learn how to manage remote access, set up VPNs, plan and enforce network access policies, plan for digital certificates and use Web Application Proxy.,
Deploy Windows Server
Learn the key elements of a Windows Server deployment – compare Server Core with the Desktop experience, understand the hardware requirements, choose your deployment option and explore some tools that help with your deployments. This module also describes features on demand and using Windows Deployment Services.
Implement IP Address Management
The IPAM framework provides a way of discovering, auditing and managing the IP address space of your network, including IPv6 addresses. This module teaches you how to deploy IPAM, configure its administration, configure IPAM options using Group Policy and then how to manage DNS zones, DHCP servers and IP addressing.
Implement and manage Active Directory Certificate Services
This module explains the concept of certificates and PKI. You’ll learn about different certification authorities and how to manage certificate enrolment, revocation and trusts.
Show me the collection!
Want to find all of these from one page? I’ve created a public collection for Windows Server 2019 content on Microsoft Learn that I’ll keep updated as more modules are published. You can find it here AND it will track how much of this content you have completed: Windows Server 2019
You can also find detailed documentation at Get started with Windows Server 2019.
by Contributed | Jan 25, 2021 | Technology
This article is contributed. See the original author and article here.
Final Update: Monday, 25 January 2021 05:33 UTC
We’ve confirmed that all systems are back to normal with no customer impact as of 01/25, 04:40 UTC. Our logs show the incident started on 01/22, 00:00 UTC and that during the 3 days, 4 hours and 40 minutes that it took to resolve the issue some of customers using Azure Monitor service may have experienced errors when registering subscriptions with the Microsoft Insights Resource Provider, with the state stuck on “Registering”. Retries may have been successful.
- Root Cause: The failure was due to an issue in one of our dependent services.
- Incident Timeline: 3 Days, 4 Hours & 40 minutes – 01/22, 00:00 UTC through 01/25, 04:40 UTC
We understand that customers rely on Azure Monitor as a critical service and apologize for any impact this incident caused.
-Anmol
by Contributed | Jan 24, 2021 | Technology
This article is contributed. See the original author and article here.
Final Update: Monday, 25 January 2021 01:35 UTC
We’ve confirmed that all systems are back to normal with no customer impact as of 1/25, 01:22 UTC. Our logs show the incident started on 1/25, 00:14 UTC and that during the 68 minutes that it took to resolve the issue customers in UK South with
workspace-enabled Application Insights resources experienced intermittent data gaps and latent data as well as possible misfiring of alerts based on such data gaps or latencies.- Root Cause: The failure was due to a backend resource that hit an operational threshold.
- Incident Timeline: 68 minutes – 1/25, 00:14 UTC through 1/25, 01:22 UTC
We understand that customers rely on Application Insights as a critical service and apologize for any impact this incident caused.
-Jeff
by Contributed | Jan 24, 2021 | Technology
This article is contributed. See the original author and article here.
- We failed to install SQL cluster instance and encountered below error.
- We checked SQL setup logs. Issue happened when SQL setup was trying to check if SQL service account exists in AD.
(05) 2021-01-18 15:36:44 Slp: Sco: Attempting to check if user account xxxxxxxx exists
(05) 2021-01-18 15:36:44 Slp: Sco: Attempting to look up AD entry for user xxxxxxxx
(05) 2021-01-18 15:36:44 Slp: Sco.User.OpenRoot – root DirectoryEntry object already opened for this computer for this object
(05) 2021-01-18 15:36:44 Slp: Sco.User.LookupADEntry – Attempting to find user account xxxxxxxx
(05) 2021-01-18 15:36:44 Slp: Sco: Attempting to check if container ‘WinNT://xxxx’ of user account exists
(05) 2021-01-18 15:36:44 Slp: Prompting user if they want to retry this action due to the following failure:
(05) 2021-01-18 15:36:44 Slp: —————————————-
(05) 2021-01-18 15:36:44 Slp: The following is an exception stack listing the exceptions in outermost to innermost order
(05) 2021-01-18 15:36:44 Slp: Inner exceptions are being indented
(05) 2021-01-18 15:36:44 Slp:
(05) 2021-01-18 15:36:44 Slp: Exception type: Microsoft.SqlServer.Configuration.Sco.ScoException
(05) 2021-01-18 15:36:44 Slp: Message:
(05) 2021-01-18 15:36:44 Slp: Access is denied.
(05) 2021-01-18 15:36:44 Slp:
(05) 2021-01-18 15:36:44 Slp: HResult : 0x84bb0001
(05) 2021-01-18 15:36:44 Slp: FacilityCode : 1211 (4bb)
(05) 2021-01-18 15:36:44 Slp: ErrorCode : 1 (0001)
(05) 2021-01-18 15:36:44 Slp: Data:
(05) 2021-01-18 15:36:44 Slp: WatsonData = Domain
(05) 2021-01-18 15:36:44 Slp: DisableRetry = true
(05) 2021-01-18 15:36:44 Slp: Inner exception type: System.UnauthorizedAccessException
(05) 2021-01-18 15:36:44 Slp: Message:
(05) 2021-01-18 15:36:44 Slp: Access is denied.
(05) 2021-01-18 15:36:44 Slp:
(05) 2021-01-18 15:36:44 Slp: HResult : 0x80070005
(05) 2021-01-18 15:36:44 Slp: Stack:
(05) 2021-01-18 15:36:44 Slp: at System.DirectoryServices.Interop.UnsafeNativeMethods.IAdsContainer.GetObject(String className, String relativeName)
(05) 2021-01-18 15:36:44 Slp: at System.DirectoryServices.DirectoryEntries.Find(String name, String schemaClassName)
(05) 2021-01-18 15:36:44 Slp: at Microsoft.SqlServer.Configuration.Sco.User.LookupADEntry()
- I captured Process Monitor trace. But we don’t find any ‘Access Denied’ error in process monitor trace.
- I also analyzed Network monitor trace and found below error message sat 13:14:16.AD engineer confirmed it’s “RPC Access denied”
- According to the analysis of AD engineer, we found “RPC Access denied” is because of AuthLength =0 .
Root Cause:
=========
Incorrect GPO setting: Customer configured RPC restriction permission to two groups in GPO: Default Domain Controller Policy, but GPO security filtering is empty hence every DC will be rejected to apply settings in this GPO, and finally used default policy value: Administrators group only, caused user SAMR query “Access is denied” error, and SQL installation failed with same error.
Solution:
=======
Add back “Authentication Users” group under Default Domain Controller Policy – Security Filtering, run: gpupdate /force on DCs and issue resolved.
Recent Comments