smallseo.info

windows-server-2012 interview questions

Top windows-server-2012 frequently asked interview questions

Random TCP RST's on certain websites, what's going on?

Short version: One Windows Server 2012 machine on my network is getting persistent but intermittent TCP RSTs when connecting to certain websites. Dunno where they're coming from. Check out the wireshark log for my analysis & questions.

Long version:

We run a caching web-proxy on one of our servers to service our small office. A co-worker reported getting a lot of 'Connection Reset' or 'Page can't be displayed' errors when connecting to certain sites, but that refreshing usually fixes it.

I verified the browser behavior, and then more directly by trying an un-proxied browser on the server itself. But pings & traceroutes to troublesome sites don't show any problems, the issues seemed to be limited to tcp connections.

I then made a script to test the affected sites by sending them HTTP HEAD requests directly via cURL & checking how often they succeed. A typical test looks like this: (this is unproxied, running directly on the bad server)

C:\sdk\Apache24\htdocs>php rhTest.php
Sending HTTP HEAD requests to "http://www.washingtonpost.com/":
20:21:42: Length: 0     Response Code: NULL (0%)
20:22:02: Length: 0     Response Code: NULL (0%)
20:22:22: Length: 0     Response Code: NULL (0%)
20:22:42: Length: 0     Response Code: NULL (0%)
20:23:02: Length: 3173  Response Code: HTTP/1.1 302 Moved Temporarily (20%)
20:23:22: Length: 3174  Response Code: HTTP/1.1 302 Moved Temporarily (33.33%)
20:23:43: Length: 0     Response Code: NULL (28.57%)
20:24:03: Length: 3171  Response Code: HTTP/1.1 302 Moved Temporarily (37.5%)
20:24:23: Length: 3173  Response Code: HTTP/1.1 302 Moved Temporarily (44.44%)
20:24:43: Length: 3172  Response Code: HTTP/1.1 302 Moved Temporarily (50%)
20:25:03: Length: 0     Response Code: NULL (45.45%)

Over the long term, only about 60% of the requests succeed, the rest return nothing, with a curl error code of: "cURL error (56): Failure when receiving data from the peer" The bad behavior is consistent for the websites I test (no site has ever 'gotten better') and it's quite persistent, I've been troubleshooting for a week now, and co-workers report the problem has been there for months apparently.

I tested the HEAD request script on other machines on our network: no problems, all connections go through to all the sites on my test list. Then I set up a proxy on my personal desktop, and when I run the HEAD requests from the problematic server though it, all connections go through. So whatever the problem is, it's very specific to this server.

Next I tried to isolate which websites exhibit the connection-reset behavior:

  • None of our intranet sites (192.168.x.x) drop connections.
  • No ipv6 site I've tested drops connections. (We are dual-stack)
  • Only a small minority of internet ipv4 sites drop connections.
  • Every site which uses cloudflare as a CDN (that I've tested) drops connections. (but the problem does not seem to be exclusive to cloudflare sites)

This angle wasn't developing into anything really helpful, so next I installed wireshark to look at what was going on when a request failed. A failed HEAD requests looks like this: (larger screenshot here: http://imgur.com/TNfRUtX )

127 48.709776000    192.168.1.142   192.33.31.56    TCP 66  52667 > http [SYN, ECN, CWR] Seq=0 Win=8192 Len=0 MSS=8960 WS=256 SACK_PERM=1
128 48.728207000    192.33.31.56    192.168.1.142   TCP 66  http > 52667 [SYN, ACK, ECN] Seq=0 Ack=1 Win=42340 Len=0 MSS=1460 SACK_PERM=1 WS=128
129 48.728255000    192.168.1.142   192.33.31.56    TCP 54  52667 > http [ACK] Seq=1 Ack=1 Win=65536 Len=0
130 48.739371000    192.168.1.142   192.33.31.56    HTTP    234 HEAD / HTTP/1.1 
131 48.740917000    192.33.31.56    192.168.1.142   TCP 60  http > 52667 [RST] Seq=1 Win=0 Len=0
132 48.757766000    192.33.31.56    192.168.1.142   TCP 60  http > 52667 [ACK] Seq=1 Ack=181 Win=42240 Len=0
133 48.770314000    192.33.31.56    192.168.1.142   TCP 951 [TCP segment of a reassembled PDU]
134 48.807831000    192.33.31.56    192.168.1.142   TCP 951 [TCP Retransmission] http > 52667 [PSH, ACK] Seq=1 Ack=181 Win=42240 Len=897
135 48.859592000    192.33.31.56    192.168.1.142   TCP 951 [TCP Retransmission] http > 52667 [PSH, ACK] Seq=1 Ack=181 Win=42240 Len=897
138 49.400675000    192.33.31.56    192.168.1.142   TCP 951 [TCP Retransmission] http > 52667 [PSH, ACK] Seq=1 Ack=181 Win=42240 Len=897
139 50.121655000    192.33.31.56    192.168.1.142   TCP 951 [TCP Retransmission] http > 52667 [PSH, ACK] Seq=1 Ack=181 Win=42240 Len=897
141 51.564009000    192.33.31.56    192.168.1.142   TCP 951 [TCP Retransmission] http > 52667 [PSH, ACK] Seq=1 Ack=181 Win=42240 Len=897
143 54.452561000    192.33.31.56    192.168.1.142   TCP 951 [TCP Retransmission] http > 52667 [PSH, ACK] Seq=1 Ack=181 Win=42240 Len=897

The way I'm reading this (correct me if I'm wrong, this isn't really my area) is that:

  • We open a tcp connection to the webserver
  • webserver ACK's
  • HTTP HEAD request is send
  • There is a RST packet, marked as from the webserver IP, that kills the connection.
  • Webserver sends ACK
  • Webserver (tries) to respond to HEAD request with valid HTTP data (The 951 byte reply contains the correct HTTP header)
  • Webserver retransmits (several times over several seconds) the valid HTTP response, but it cannot succeed since the connection has been RST

So if the webserver has sent a valid RST, why does it keep trying to fill the request? And if the webserver didn't generate the RST, what the heck did?

Things I have tried that have had no effect:

  • Disabling NIC teaming
  • Changing out the network adaptor (replacement NIC was known to be working)
  • Assigning a static ip.
  • Disabling ipv6.
  • Disabling jumbo frames.
  • Plugging server directly into our modem one night, bypassing our switches & router.
  • Turning off windows firewall.
  • Resetting TCP settings via netsh
  • Disabling practically every other service on the server. (We mostly use it as a fileserver, but there's apache & a couple DB's)
  • Banging head on desk (repeatedly)

I suspect something on the server is generating the RST packets, but for the life of me I can't find it. I feel like if I knew: why is it just this server? OR why only some websites? it'd help a lot. While I'm still curious, I'm increasingly inclined to nuke from orbit & start over.

Ideas / Suggestions?

-Thanks


Source: (StackOverflow)

How can I work around problems with certificate configuration in Remote Desktop Services?

I am setting up a Remote Desktop Services farm, and am having trouble configuring certificates for it to use. A demonstration of the problem I'm seeing can be found in Step #4.

At this point I am convinced that there are problems with the user interface, and am looking for ways around them. Is there any way to configure certificates in Remote Desktop Services so that the settings hold and are reflected in the GUI? If not, is there any way for me to verify that the settings are correct?

Step #1 - Create certificate to be used.

I've configured a certificate to use with RD Web Access. The certificate is stored with in the Certificates MMC on my RD Connection Broker, and I am configuring the farm from that computer. certificate

I found by letting RD Web Access generate its own certificate that the following properties are required:

  • Enhanced Key Usage
    • Server Authentication
    • Client Authentication
      • This may not be required, but the self-signed certificate includes it.
  • Key Usage
    • Digital Signature
    • Key Agreement
  • Subject Alternative Name
    • DNS Name=domain.com

Detour about self-signed certificate generation

As a quick detour, I was able to work around a problem with creating self-signed certificates using powershell. The documentation for the New-RDCertificate cmdlet gives the following example:

PS C:\> $password = ConvertTo-SecureString -string "password" -asplaintext -force
New-RDCertificate -Role RDWebAccess -DnsName "test-rdwa.contoso.com" -Password $password -ConnectionBroker rdcb.contoso.com -ExportPath "c:\test-rdwa.pfx"

Typing this into the shell will result in an error message claiming that a function, Get-Server cannot be found. Prior to using New-RDCertificate, you must import the RemoteDesktop Module with Import-Module RemoteDesktop.

Step #2 - Observe out-of-box behavior

The first time you visit the Deployment Properties dialog box by navigating to Server Manager -> Remote Desktop Services -> Collections and selecting "Edit Deployment Properties" from the "TASKS" dropdown list in the "COLLECTIONS" grouping, you will see the following screen: enter image description here

This window is misleading because the level field is listed as "Not Configured". If I understand correctly all three of the role services are using a self-signed certificate. For the RD Web Access role this can be verified by visiting the website: certificate error

The certificate being used also appears in the Certificates MMC: certificates MMC showing the RD Web Access certificate

Step #3 - Assign new certificate

The Deployment Properties dialog box will allow me to select my existing certificate. The certificate must be placed within the local computers Certificates MMC in the "Personal" certificate store. The private key will need to be exportable, and you will need to provide the password. I temporarily exported my certificate to a file named temp.pfx with a password, and then imported it into Remote Desktop Services from there.

Once this is done the GUI will indicate that it is ready to accept the new configuration. ready to accept certificate

Once I click the "Apply" button, the GUI indicates success. enter image description here

This can be verified by visiting the RD Web Access web site a second time. There is no certificate error. enter image description here

Step #4 - The GUI fails to maintain its state

If the GUI is closed and reopened, all of these settings appear to be lost. settings are lost

Actually, the certificate I configured is still being used. I am able to continue accessing the RD Web Access site without any certificate errors.

Oddly, if I use the "Create new certificate..." button to generate a self-signed certificate this window will update to an "Untrusted" level. This setting will then be maintained through the opening and closing of the Deployment Properties dialog box.

Is there anything I can do to have my settings appear to stick? I feel like something is wrong when the GUI claims I haven't fully configured certificates.


Source: (StackOverflow)

Prevent Windows Server 2012 from forcing a reboot after updates

I have a domain controller with Windows Server 2012 on it. After updates, the server does not reboot immediately. However if I remote into the server I will be presented with a countdown for a reboot. The only options are to restart now or to close the notification. However the countdown still continues and the server eventually reboots without my permission. How can I stop this from occurring?


Source: (StackOverflow)

How can I connect to a Windows server using a Command Line Interface? (CLI)

Especially with the option to install Server Core in Server 2008 and above, connecting to Windows servers over a CLI is increasingly useful ability, if not one that's very widespread amongst Windows administrators.

Practically every Windows GUI management tool has an option to connect to a remote computer, but there is no such option present in the built-in Windows CLI (cmd.exe), which gives the initial impression that this might not be possible.

Is it possible to remotely management or administer a Windows Server using a CLI? And if so, what options are there to achieve this?


Source: (StackOverflow)

Configure custom SSL certificate for RDP on Windows Server 2012 in Remote Administration mode?

So the release of Windows Server 2012 has removed a lot of the old Remote Desktop related configuration utilities. In particular, there is no more Remote Desktop Session Host Configuration utility that gave you access to the RDP-Tcp properties dialog that let you configure a custom certificate for the RDSH to use. In its place is a nice new consolidated GUI that is part of the overall "edit deployment properties" workflow in the new Server Manager. The catch is that you only get access to that workflow if you have the Remote Desktop Services role installed (as far as I can tell).

This seems like a bit of an oversight on Microsoft's part. How can we configure a custom SSL certificate for RDP on Windows Server 2012 when it's running in the default Remote Administration mode without needlessly installing the Remote Desktop Services role?


Source: (StackOverflow)

How do I access the list of currently logged on users through Terminal Services Manager in Windows Server 2012?

In Windows 2003 and 2008 we had Terminal Services Manager (see screenshot below). However in Windows server 2012 it's gone.

Does anyone know how to access the list of currently remotely logged on users in Windows 2012 through a similar tool or some other way?

enter image description here

(I tried connecting to Windows 2012 from Windows 2008, that's why you see "win2012" in the TSM groups list. But that didn't quite work, and that's not a solution to my problem either. I was just trying to somehow manage remote users on the Win 2012 server.)


Source: (StackOverflow)

Unable to install .net 3.5 on Windows server 2012

I am trying to install .Net 3.5 on Windows Server 2012 and it constantly keeps failing. I am using "Add or Remove Features" and my Internet is already there. I've read that if alternate source couldn't be found, the installer tries to download online and installs it from there. However, it's not working. This is the screenshot that I keep seeing:

enter image description here

Please suggest what am I missing?

Edit:

I already tried using dism.exe /online /enable-feature /featurename:NetFX3 /Source:D:\sources\sxs /all but I do not have the source disk with me. I want to download it online.


Source: (StackOverflow)

Managing Windows Powershell from Linux terminal

I manage Windows Server 2012 servers. I'm learning PowerShell to manage these servers through command line. My workstation runs Ubuntu and I usually manage Linux servers by connecting via SSH.

Is there a way that I can use Windows PowerShell on Windows Servers from my Linux workstation through command line like SSH access on Linux?


Source: (StackOverflow)

When deploying a single server on new hardware, do you virtualize it or not?

There are a few questions that I've found on ServerFault that hint around this topic, and while it may be somewhat opinion-based, I think it can fall into that "good subjective" category based on the below:

Constructive subjective questions:

* tend to have long, not short, answers
* have a constructive, fair, and impartial tone
* invite sharing experiences over opinions
* insist that opinion be backed up with facts and references
* are more than just mindless social fun

So that out of the way.


I'm helping out a fellow sysadmin that is replacing an older physical server running Windows 2003 and he's looking to not only replace the hardware but "upgrade" to 2012 R2 in the process.

In our discussions about his replacement hardware, we discussed the possibility of him installing ESXi and then making the 2012 "server" a VM and migrating the old apps/files/roles from the 2003 server to the VM instead of to a non-VM install on the new hardware.

He doesn't perceive any time in the next few years the need to move anything else to a VM or create additional VMs, so in the end this will either be new hardware running a normal install or new hardware running a single VM on ESXi.

My own experience would lean towards a VM still, there isn't a truly compelling reason to do so other than possibilities that may arise to create additional VMs. But there is the additional overhead and management aspect of the hypervisor now, albeit I have experienced better management capabilities and reporting capabilities with a VM.

So with the premise of hoping this can stay in the "good subjective" category to help others in the future, what experiences/facts/references/constructive answers do you have to help support either outcome (virtualizing or not a single "server")?


Source: (StackOverflow)

Receiver limits TCP window size to 64,512

Facts (please identify any false statements):

  1. I have a 100 Mbps connection between two sites that are 80 ms apart

  2. This is a long fat connection that could benefit from a large TCP window size perhaps up to 100 Mbps * 0.08 sec = 1,000,000 bytes

  3. Both machines are running Windows Server 2012. "Receive window auto tuning level" is normal on both. "Window scaling heuristics" are disabled on both.

  4. I ran "iperf -s" on one side and "iperf -c" on the other. The transfer happened at 5 Mbps. I get the same result going the other direction.

  5. Both sides advertised support for TCP sliding windows in their SYNs.

  6. The receiver requested a TCP window size of 64,512 bytes (0xFC00) during the entire run with a TCP window scale value of "no shift" (0x000).

  7. The network was able to handle a larger window size (see sequence diagrams below)

  8. The receiver kept the window smaller than the network supports

  9. This connection is happening within an IPSEC VPN. MTU of the tunnel interface is reduced to 1400 bytes in both directions.

Question

  • Why is the receiver keeping the window small?

Non-Answers

  • The network is broken

    Linux machines running on the same network open the TCP window to 1.5 megabytes and transmit data at 6 times the bandwidth

  • Window scaling heuristics are enabled

    Window scaling heuristics are disabled (see output of "netsh interface tcp show heuristics" below)

  • Receive Window Auto-Tuning Level is not normal

    Receive Window Auto-Tuning Level is normal (see output of "netsh interface tcp show global" below)

  • This just doesn't work well on a virtual machine within ESXi

    I get 6 times better performance on a virtual linux machine running on the same host.


Update 1 June 12, 2015 4:30 pm PDT

I modified the test by putting linux on one side of the connection. Sure enough, when linux sends data to Windows Server 2012, Windows offers a too-small TCP receive window (64,512 bytes).

When I send data from Windows to linux, linux offers a large-enough TCP receive window (1,365,120 bytes). However, Windows restricts sends to max ~60,000 bytes in flight.


Update 2 June 13, 2015 3:00 pm PDT

A step closer to root cause. In my setup, neither SO_SNDBUF nor SO_RCVBUF are set (by iperf). These are the send and receive buffers which effectively bound the receive window. When not specifying these values, Windows Server 2012 provide a default value of 64 kB. So the question is now:

Question

  • When one is not specified, why isn't Windows Server 2012 dynamically increasing SO_SNDBUF/SO_RCVBUF to accommodate long fat pipes as described at MSDN?

Non-answers

  • "netsh winsock show autotuning" is disabled

    It is enabled.


Update 3 August 24, 2015 4:00 pm PDT

netsh apparently has been replaced with Set-NetTCPSetting and family. Get-NetTCPSetting combined with Get-NetTCPConnection shows I am operating in the 'Internet' regime which offers me these settings:

SettingName                   : Internet
MinRto(ms)                    : 300
InitialCongestionWindow(MSS)  : 4
CongestionProvider            : CTCP
CwndRestart                   : False
DelayedAckTimeout(ms)         : 50
MemoryPressureProtection      : Enabled
AutoTuningLevelLocal          : Normal
AutoTuningLevelGroupPolicy    : NotConfigured
AutoTuningLevelEffective      : Local
EcnCapability                 : Enabled
Timestamps                    : Disabled
InitialRto(ms)                : 3000
ScalingHeuristics             : Disabled
DynamicPortRangeStartPort     : 49152
DynamicPortRangeNumberOfPorts : 16384

Sender TCP Settings

PS C:\Users\acs> netsh interface tcp show global
Querying active state...

TCP Global Parameters
----------------------------------------------
Receive-Side Scaling State          : enabled
Chimney Offload State               : disabled
NetDMA State                        : disabled
Direct Cache Access (DCA)           : disabled
Receive Window Auto-Tuning Level    : normal
Add-On Congestion Control Provider  : none
ECN Capability                      : enabled
RFC 1323 Timestamps                 : disabled
Initial RTO                         : 3000
Receive Segment Coalescing State    : enabled

PS C:\Users\acs> netsh interface tcp show heuristics
TCP Window Scaling heuristics Parameters
----------------------------------------------
Window Scaling heuristics         : disabled
Qualifying Destination Threshold  : 3
Profile type unknown              : normal
Profile type public               : normal
Profile type private              : normal
Profile type domain               : normal

PS C:\Users\acs> Get-NetTCPSetting

SettingName                   : Automatic
MinRto(ms)                    : 
InitialCongestionWindow(MSS)  : 
CongestionProvider            : 
CwndRestart                   : 
DelayedAckTimeout(ms)         : 
MemoryPressureProtection      : 
AutoTuningLevelLocal          : 
AutoTuningLevelGroupPolicy    : 
AutoTuningLevelEffective      : 
EcnCapability                 : 
Timestamps                    : 
InitialRto(ms)                : 
ScalingHeuristics             : 
DynamicPortRangeStartPort     : 
DynamicPortRangeNumberOfPorts : 

SettingName                   : Custom
MinRto(ms)                    : 20
InitialCongestionWindow(MSS)  : 4
CongestionProvider            : DCTCP
CwndRestart                   : True
DelayedAckTimeout(ms)         : 10
MemoryPressureProtection      : Enabled
AutoTuningLevelLocal          : Normal
AutoTuningLevelGroupPolicy    : NotConfigured
AutoTuningLevelEffective      : Local
EcnCapability                 : Enabled
Timestamps                    : Disabled
InitialRto(ms)                : 3000
ScalingHeuristics             : Disabled
DynamicPortRangeStartPort     : 49152
DynamicPortRangeNumberOfPorts : 16384

SettingName                   : Compat
MinRto(ms)                    : 300
InitialCongestionWindow(MSS)  : 2
CongestionProvider            : Default
CwndRestart                   : False
DelayedAckTimeout(ms)         : 200
MemoryPressureProtection      : Enabled
AutoTuningLevelLocal          : Normal
AutoTuningLevelGroupPolicy    : NotConfigured
AutoTuningLevelEffective      : Local
EcnCapability                 : Enabled
Timestamps                    : Disabled
InitialRto(ms)                : 3000
ScalingHeuristics             : Disabled
DynamicPortRangeStartPort     : 49152
DynamicPortRangeNumberOfPorts : 16384

SettingName                   : Datacenter
MinRto(ms)                    : 20
InitialCongestionWindow(MSS)  : 4
CongestionProvider            : DCTCP
CwndRestart                   : True
DelayedAckTimeout(ms)         : 10
MemoryPressureProtection      : Enabled
AutoTuningLevelLocal          : Normal
AutoTuningLevelGroupPolicy    : NotConfigured
AutoTuningLevelEffective      : Local
EcnCapability                 : Enabled
Timestamps                    : Disabled
InitialRto(ms)                : 3000
ScalingHeuristics             : Disabled
DynamicPortRangeStartPort     : 49152
DynamicPortRangeNumberOfPorts : 16384

SettingName                   : Internet
MinRto(ms)                    : 300
InitialCongestionWindow(MSS)  : 4
CongestionProvider            : CTCP
CwndRestart                   : False
DelayedAckTimeout(ms)         : 50
MemoryPressureProtection      : Enabled
AutoTuningLevelLocal          : Normal
AutoTuningLevelGroupPolicy    : NotConfigured
AutoTuningLevelEffective      : Local
EcnCapability                 : Enabled
Timestamps                    : Disabled
InitialRto(ms)                : 3000
ScalingHeuristics             : Disabled
DynamicPortRangeStartPort     : 49152
DynamicPortRangeNumberOfPorts : 16384

Sender SYN

No.     Time           Source                Destination           Protocol Length Delta      Sequence number Acknowledgment number Bytes in flight Calculated window size Info
    814 5.036577000    10.10.0.21            10.11.0.1             TCP      66     0.000000000 0               0                                     64512                  49758→5001 [SYN, ECN, CWR] Seq=0 Win=64512 Len=0 MSS=1460 WS=1 SACK_PERM=1

Frame 814: 66 bytes on wire (528 bits), 66 bytes captured (528 bits) on interface 0
Ethernet II, Src: 00:11:22:33:44:55, Dst: aa:bb:cc:dd:ee:ff
Internet Protocol Version 4, Src: 10.10.0.21 (10.10.0.21), Dst: 10.11.0.1 (10.11.0.1)
Transmission Control Protocol, Src Port: 49758 (49758), Dst Port: 5001 (5001), Seq: 0, Len: 0
    Source Port: 49758 (49758)
    Destination Port: 5001 (5001)
    [Stream index: 73]
    [TCP Segment Len: 0]
    Sequence number: 0    (relative sequence number)
    Acknowledgment number: 0
    Header Length: 32 bytes
    .... 0000 1100 0010 = Flags: 0x0c2 (SYN, ECN, CWR)
    Window size value: 64512
    [Calculated window size: 64512]
    Checksum: 0x1451 [validation disabled]
    Urgent pointer: 0
    Options: (12 bytes), Maximum segment size, No-Operation (NOP), Window scale, No-Operation (NOP), No-Operation (NOP), SACK permitted
        Maximum segment size: 1460 bytes
        No-Operation (NOP)
        Window scale: 0 (multiply by 1)
            Kind: Window Scale (3)
            Length: 3
            Shift count: 0
            [Multiplier: 1]
        No-Operation (NOP)
        No-Operation (NOP)
        TCP SACK Permitted Option: True

Sender perspective of sequence graph enter image description here

enter image description here

Receiver TCP Settings

PS C:\Users\acs> netsh interface tcp show global
Querying active state...

TCP Global Parameters
----------------------------------------------
Receive-Side Scaling State          : enabled
Chimney Offload State               : disabled
NetDMA State                        : disabled
Direct Cache Access (DCA)           : disabled
Receive Window Auto-Tuning Level    : normal
Add-On Congestion Control Provider  : none
ECN Capability                      : enabled
RFC 1323 Timestamps                 : disabled
Initial RTO                         : 3000
Receive Segment Coalescing State    : enabled

PS C:\Users\acs> netsh interface tcp show heuristics
TCP Window Scaling heuristics Parameters
----------------------------------------------
Window Scaling heuristics         : disabled
Qualifying Destination Threshold  : 3
Profile type unknown              : normal
Profile type public               : normal
Profile type private              : normal
Profile type domain               : normal

PS C:\Users\acs> Get-NetTCPSetting

SettingName                   : Automatic
MinRto(ms)                    : 
InitialCongestionWindow(MSS)  : 
CongestionProvider            : 
CwndRestart                   : 
DelayedAckTimeout(ms)         : 
MemoryPressureProtection      : 
AutoTuningLevelLocal          : 
AutoTuningLevelGroupPolicy    : 
AutoTuningLevelEffective      : 
EcnCapability                 : 
Timestamps                    : 
InitialRto(ms)                : 
ScalingHeuristics             : 
DynamicPortRangeStartPort     : 
DynamicPortRangeNumberOfPorts : 

SettingName                   : Custom
MinRto(ms)                    : 20
InitialCongestionWindow(MSS)  : 4
CongestionProvider            : DCTCP
CwndRestart                   : True
DelayedAckTimeout(ms)         : 10
MemoryPressureProtection      : Enabled
AutoTuningLevelLocal          : Normal
AutoTuningLevelGroupPolicy    : NotConfigured
AutoTuningLevelEffective      : Local
EcnCapability                 : Enabled
Timestamps                    : Disabled
InitialRto(ms)                : 3000
ScalingHeuristics             : Disabled
DynamicPortRangeStartPort     : 49152
DynamicPortRangeNumberOfPorts : 16384

SettingName                   : Compat
MinRto(ms)                    : 300
InitialCongestionWindow(MSS)  : 2
CongestionProvider            : Default
CwndRestart                   : False
DelayedAckTimeout(ms)         : 200
MemoryPressureProtection      : Enabled
AutoTuningLevelLocal          : Normal
AutoTuningLevelGroupPolicy    : NotConfigured
AutoTuningLevelEffective      : Local
EcnCapability                 : Enabled
Timestamps                    : Disabled
InitialRto(ms)                : 3000
ScalingHeuristics             : Disabled
DynamicPortRangeStartPort     : 49152
DynamicPortRangeNumberOfPorts : 16384

SettingName                   : Datacenter
MinRto(ms)                    : 20
InitialCongestionWindow(MSS)  : 4
CongestionProvider            : DCTCP
CwndRestart                   : True
DelayedAckTimeout(ms)         : 10
MemoryPressureProtection      : Enabled
AutoTuningLevelLocal          : Normal
AutoTuningLevelGroupPolicy    : NotConfigured
AutoTuningLevelEffective      : Local
EcnCapability                 : Enabled
Timestamps                    : Disabled
InitialRto(ms)                : 3000
ScalingHeuristics             : Disabled
DynamicPortRangeStartPort     : 49152
DynamicPortRangeNumberOfPorts : 16384

SettingName                   : Internet
MinRto(ms)                    : 300
InitialCongestionWindow(MSS)  : 4
CongestionProvider            : CTCP
CwndRestart                   : False
DelayedAckTimeout(ms)         : 50
MemoryPressureProtection      : Enabled
AutoTuningLevelLocal          : Normal
AutoTuningLevelGroupPolicy    : NotConfigured
AutoTuningLevelEffective      : Local
EcnCapability                 : Enabled
Timestamps                    : Disabled
InitialRto(ms)                : 3000
ScalingHeuristics             : Disabled
DynamicPortRangeStartPort     : 49152
DynamicPortRangeNumberOfPorts : 16384

Receiver SYN

No.     Time           Source                Destination           Protocol Length Delta      Sequence number Acknowledgment number Bytes in flight Calculated window size Info
    817 5.110501000    10.11.0.1             10.10.0.21            TCP      70     0.073924000 0               1                                     64512                  5001→49758 [SYN, ACK, ECN] Seq=0 Ack=1 Win=64512 Len=0 MSS=1460 WS=1 SACK_PERM=1 [ETHERNET FRAME CHECK SEQUENCE INCORRECT]

Frame 817: 70 bytes on wire (560 bits), 70 bytes captured (560 bits) on interface 0
Ethernet II, Src: aa:bb:cc:dd:ee:ff, Dst: 00:11:22:33:44:55
Internet Protocol Version 4, Src: 10.11.0.1 (10.11.0.1), Dst: 10.10.0.21 (10.10.0.21)
Transmission Control Protocol, Src Port: 5001 (5001), Dst Port: 49758 (49758), Seq: 0, Ack: 1, Len: 0
    Source Port: 5001 (5001)
    Destination Port: 49758 (49758)
    [Stream index: 73]
    [TCP Segment Len: 0]
    Sequence number: 0    (relative sequence number)
    Acknowledgment number: 1    (relative ack number)
    Header Length: 32 bytes
    .... 0000 0101 0010 = Flags: 0x052 (SYN, ACK, ECN)
    Window size value: 64512
    [Calculated window size: 64512]
    Checksum: 0xb5bb [validation disabled]
    Urgent pointer: 0
    Options: (12 bytes), Maximum segment size, No-Operation (NOP), Window scale, No-Operation (NOP), No-Operation (NOP), SACK permitted
        Maximum segment size: 1460 bytes
        No-Operation (NOP)
        Window scale: 0 (multiply by 1)
            Kind: Window Scale (3)
            Length: 3
            Shift count: 0
            [Multiplier: 1]
        No-Operation (NOP)
        No-Operation (NOP)
        TCP SACK Permitted Option: True
    [SEQ/ACK analysis]

Receiver perspective of sequence graph enter image description here enter image description here

TCP Window enter image description here


Source: (StackOverflow)

Suppressing the "reason" for shutdown on Windows Server

How can I suppress giving a reason for shutdown on a Windows Server host?

Specifically, on 2008 R2, but all versions back to 2003 and up to 2012 would be appreciated.


Source: (StackOverflow)

Is IIS SFTP natively supported by Windows Server 2012 R2?

Does Windows Server 2012 R2 have native SFTP support?

I see a role FTP Server but it doesn't say whether this includes SFTP.


Source: (StackOverflow)

What's the best way to see logged in users on Windows Server 2012?

Right now I use a powershell script to see the currently logged in users. But I don't see if there session is idle, active or inactive. I can see when the session was started but that's it. Is there a easy way to see how many users are currently logged in on the server I am logged in and probably see their status? It should not be remotely executed. I would like to avoid third party tools if possible.


Source: (StackOverflow)

Should I still have a physical DC, even post-Server 2012?

Back in the pre-Windows Server 2012 days, the recommendation seemed to be to have at least one physical domain controller sat along-side your virtualised DCs.

One justification for this was because if your Hyper-V hosts were clustered, then they required a DC to be contactable during boot-up. This makes total sense to me.

However, I would often hear people say it is still important to have a physical DC even if you don't have a clustered set up (say for example in a simple setup with a single Hyper-V server running a couple of VMs, one of which is a DC). The justification for this seemed (and I could never quite be sure) that you would still have a problem in the sense that when the Hyper-V host first boots, there's no DC present on the network. Cached credentials mean you can still log on, but what about all those bits that happen during boot up that mean having a DC around is beneficial? Is this actually an issue? Are there actually any operations that might run only at boot up that will cause a problem? Any Group Policies for example? What I'm basically asking is, does the physical DC argument only really hold water when clustering is involved, or was (pre-2012) there a significant technical case for it without clustering? This article from Altaro (see "The “Chicken-and-Egg” Myth" section) suggests there is no need, but I'm still unsure.

Now to the second (and main) part of my question:

Windows Server 2012 introduced several features targeted at addressing the issues around virtualising domain controllers, including:

  1. VM-Generation ID - This addressed the USN rollback issue that meant snapshotting (or more specifically, rolling back to a snapshot) was unsupported/a really bad idea
  2. Cluster Bootstrapping - This addressed the "chicken and egg" issue surrounding Failover Clustering that I mentioned above. Failover Clustering no longer requires a DC to be present during boot-up.

So my second question is similar to the first, but this time for 2012+. Assuming both the vDC and the host are 2012+ and you take clustering out of the equation, are there any other issues like those mentioned above that mean I should still consider a physical DC? Should I still be considering having a physical DC along-side my single, non-clustered 2012/2012R2 Hyper-V host that has a single virtualised DC on it? I hear some people suggest putting AD on the Hyper-V host, but I don't like that idea for various reasons (WB cache being disabled for a start).

As a side-note, my question implicitly assumes that it makes sense to have your Hyper-V host joined to the domain to improve manageability. Does this assertion stand up to scrutiny?

UPDATE:

After reading some answers, it occurred to me that I could phrase things slightly differently to get to the heart of what I'm asking:

Even with the improvements in 2012 and later, the fact still remains that without any physical DCs or virtual DCs on another host, the host still boots when there's no DC available. Is this actually an issue? In a sense, I suppose it's the same (or very similar) question if you take virtualisation out of the picture completely. If you start member servers before any DCs regularly, is that a problem?


Source: (StackOverflow)

What replaces IIS SMTP server in Windows Server 2012

I have read the notes here http://technet.microsoft.com/en-us/library/hh831568.aspx regarding deprecated and removed features in Windows 2012 and it says that SMTP is deprecated. I assume this is referring to the IIS SMTP server. The advice is to use System.Net.Smtp instead but I assume this is a misprint because I can't find any references elsewhere to anything called System.Net.Smtp.

If they actually meant to say System.Net.Mail, that is just an API and I fail to see how an API replaces a server process. I need a service that accepts connections on port 25 and routes the email to the destination like IIS SMTP used to do.

Can anyone clarify the situation here please? If they had said it was replaced by Exchange then I would curse at them but at least that would me a meaningful statement to make whereas the current one most definitely is not.


Source: (StackOverflow)