disable SMB2 caused massive DFS issues on 2012 R2 Domain Controller

  1. Users are not able to access shares on server
  2. unable to access netlogon and sysvol share on server
  3. unable to load or edit GPO’s
  4. DFS namespace seems to be broke on the domain controller

GPO2 GPO1 netlogon1


Decided to open a case with MS Support before restoring from backups.

  1.  ‘netdom query dc’  – resulted in error
  2. net share
  3. \\localhost – failed to open shares on server
  4. \\server\sysvol – failed to open with ‘You might not have permissions to use this network resource’ The specified network name is no longer available.
  5. Advanced Settings in Network adapter, Provider Order, Symantec was at top, moved WIndows Network up to top priority
  6. netsh int tcp show global
  7. C:\ programdata, microsoft, crypto, rsa, machinekeys
  8. uninstall Symantec Endpoint Protection Client per MS support, and reboot
  9. fltmc
  10. gpupdate /force failed
  11. DIsabled SMB2 the correct way instead of through the registry, this resolved all issues after rebooting

Sage 100 Unlock region failure

ProvideX:File locking
Unlock region failure
Likely Network/Hardware error
Unlock region Failure

I took on a customer that has been running into this error for about 4 months now.  They have an SBS 2011 server.  They have a mixed environment of both Windows 7 and Windows XP PC’s, however all the users running Sage are on Windows 7.

So far their HP switch has been replaced, and power management settings have been checked on the server and a workstation.

Server is an HP Proliant ML350 G6
NIC HP NC326i PCIe Dual Port – driver (10 Feb 2012)
Update NIC to (18 Feb 2014)

Questions to Ask

  1. When did the issue start? March 13th, end of February, begin March 1
  2. Who is affected, do they have logs of when it happens and where?
  3. Can they recreate the issue? No, computers get really slow before it happens
  4. Are the latest patches installed for Sage?
  5. How old is their network switch, are they running gigabit?
  6. When does the issue happen most often?

Things to check/try

  1. List of users having the issue, all of them?
  2. Go through event logs on server on 4/24/2014 to see what changed
  3. Scan server for viruses and malware
  4. Check firewall settings – firewall was on, disabled it
  5. Wireshark capture
  6. Update NIC drivers on server ML350 G6
  7. Disable HP power management on server, set maximum performance and static high performance, disable all Cstates
  8. Check for rouge hub or other network device
  9. Check speeds on NIC’s, auto negotiate?
  10. Test cables with Fluke for EMI
  11. Switch server to use its other NIC
  12. Disable interrupt moderation on NIC
  13. Backups only run at 6AM and 6PM would not cause issues during day
  14. Disable shadow copies
  15. Run MalwareBytes to check for malware
  16. No Windows Updates were installed around the time issue started happening
  17. Update BIOS, from 5/5/2011 to latest version, 7/2/2013
  18. Balanced Power and Performance, Dynamic Power Savings was set in BIOS
  19. Changed above settings to maximum performance and disabled all Cstates
  20. Disabled Flow Control on NIC, was at TX and RX
  21. Priority and VLAN disabled, was enabled
  22. Speed and duplex set to 1000Mb Full duplex, was set on auto negotiate
  23. HP V1810 J9660A 48G switch was running firmware 1.15 which is known to cause switch lockups.  Upgraded switch firmware to 1.18
  24. Run HP Service Pack for Proliant (SPP) on server to upgrade firmware and BIOS of server

Remote Desktop Connection Broker – Events 1306, 1296, 1280, 802

This started out as an issue with the 120 day grace period expiring.  I went into the Remote Desktop Licensing Manager and added the Microsoft Open agreement with the RDS CAL’s.
I noticed there was a yellow explanation point in the RDS licensing screen, and had the following warning.
The license server is not a member of the Terminal Service License Servers group in Active Direectory Domain Services.  The license server will not be able to issue RDS Per User CALs to users in the domain, and you will not be able to track or report the usage of RDS Per User CALs on this license server.  Clicked Add to Group, Click Continue.


RD Connection Broker failed to process the connection request for domain/user
Remote Desktop Services failed to join the Connection Broker on server RDS.domain.  Error: Current async message was dropped by async dispatcher, because there is a new message which will override the current one.
Remote Desktop Connection Broker Client failed while getting redirection packet from Connection Broker.  Error: Element not found.
Remote Desktop Connection Broker Client failed to redirect the user domain\user.  Error: NULL

Finding destination computer…



Troubleshooting with MS

  1. Create a test admin account, on the RDS server connected to ‘localhost’ and used test admin account, that worked fine.
  2. Modify Group Policy RDS Licensing, set name, and user CALs
  3. Restart RDS services
  4. Reboot Server
  5. Still getting error “Licenses are not available for this Remote Desktop Session Host server, and RD Licensing Diagnoser has identified licensing RD Session Host server.
  6. works with mstsc /admin which allows it to connect without certs
  7. Modified the group policies for licensing server, licensing mode
  8. Licensing issues still
  9. net stop termservlicensing
  10. c windows system32.lserver.old
  11. create new lserver folder, change permissions
  12. network service full control
  13. net start termservlicensing
  14. licmgr, add licesning again
  15. Delete all certificate entries from RCM key, reboot
  16. remove incorrect certificate in cert MMC
  17. Modify the following registry
  18. HKLM – System – Current Control Set – Control – Terminal Server – WinStations – RDP-TCP – Security Layer changed from 1 to 0

Manually Remove Symantec Mail Security for Exchange w/ Script

Removing Symantec Mail Security for Microsoft Exchange 6.5 (SMSMSE) for Microsoft Exchange 2010/2007 after Add or Remove Programs does not work

Manual removal script for Symantec Mail Security for Exchange (SMSMSE) for all versions