Category: Microsoft
Category Archives: Microsoft
DPM
Hello – my company is new to the Microsoft Partnership and we were told we should have a DPM. How do we go about getting one assigned to us?
Thanks,
Jess
Hello – my company is new to the Microsoft Partnership and we were told we should have a DPM. How do we go about getting one assigned to us? Thanks,Jess Read More
Discover Steev Innovative Solutions for Modern Challenges
Explore Steev, your go-to source for cutting-edge solutions and innovative approaches to modern challenges. Learn about our services, expertise, and how we can help you achieve your goals with efficiency and creativity. Join the Steev community today and transform your vision into reality.
Explore Steev, your go-to source for cutting-edge solutions and innovative approaches to modern challenges. Learn about our services, expertise, and how we can help you achieve your goals with efficiency and creativity. Join the Steev community today and transform your vision into reality. Read More
External user can not share folder with existing Azure user
Good evening,
We have a situation in which we work with 2 companies on their join-venture entity on a separated tenant.
So we have a joint venture between company A and company B.
Both companies use B2B direct connect to access shared channels in company C (joint venture entity).
External users (from company A and company B) are unable to share folders from company C. They always see a message:
We couldn’t find an exact match.
They are not trying to share externally, we agreed to share files only with existing team members, so they are added at least to one channel in company C (this is done via PowerAutomate and Microsoft Forms – and works).
Internal users (company C) are able to share with internal users (company A and company B) if they are added to at least one channel -> the prompting also suggest external users, which are not members of a specific channel.
External users -> they can write full e-mail address (no prompting – expected behavior), but than they receive a message:
We couldn’t find an exact match.
External users can find only existing channel members of the channel they want to share (what is not sufficient). We have General channel member and want to share something from Slides channel (for example).
Maybe there is a way to enable it for external users? I already tried a few SharePoint Management Shell commands, but it did not work for us.
Thank you for any response.
Good evening,We have a situation in which we work with 2 companies on their join-venture entity on a separated tenant.So we have a joint venture between company A and company B.Both companies use B2B direct connect to access shared channels in company C (joint venture entity). External users (from company A and company B) are unable to share folders from company C. They always see a message:We couldn’t find an exact match. They are not trying to share externally, we agreed to share files only with existing team members, so they are added at least to one channel in company C (this is done via PowerAutomate and Microsoft Forms – and works). Internal users (company C) are able to share with internal users (company A and company B) if they are added to at least one channel -> the prompting also suggest external users, which are not members of a specific channel. External users -> they can write full e-mail address (no prompting – expected behavior), but than they receive a message:We couldn’t find an exact match.External users can find only existing channel members of the channel they want to share (what is not sufficient). We have General channel member and want to share something from Slides channel (for example). Maybe there is a way to enable it for external users? I already tried a few SharePoint Management Shell commands, but it did not work for us. Thank you for any response. Read More
PowerAutomate flow “for a selected item” for external user
Good evening,
I have B2B direct connect users in my SharePoint.
They can access the files and collaborate on them, but are unable to start Automate menu and run the flow.
User, even external, has Power Automate Free license assigned and is added as Run-only user to this flow (flow uses service account to perform all actions).
Is there any way to show the Automate menu for external users?
Thank you,
any answer will be much appreciated.
Good evening,I have B2B direct connect users in my SharePoint.They can access the files and collaborate on them, but are unable to start Automate menu and run the flow. User, even external, has Power Automate Free license assigned and is added as Run-only user to this flow (flow uses service account to perform all actions). Is there any way to show the Automate menu for external users? Thank you,any answer will be much appreciated. Read More
Public Preview: Creating Web App with a Unique Default Hostname
App Service now allows you to create web apps with unique default hostnames to avoid a high-severity threat of subdomain takeover.
This feature is currently in Public Preview and is only available for web apps on multi-tenants. App Service Environment (ASE) resources are not supported. Functions and Logic Apps (Standard) are currently out of scope, but we have plans on supporting them soon, so stay tuned.
This feature would require you to “opt-in” to create a site with a unique default hostname. This means that when you create a site through the portal, you will need to select the option to enable the feature; Azure Portal will be fully deployed by June 7th, 2024. When you create a site through ARM, you will need to provide your deployment templates with new parameters. You will not be able to update pre-existing web apps to create unique default hostnames; unique default hostnames can only be opt-in during web app resource creation.
This article will go over the following:
What are dangling DNS and subdomain takeover
How the unique default hostname feature works
How to create new web app with a unique default hostname
What are dangling DNS and subdomain takeover?
One of the most common scenarios for subdomain takeover is when a customer forgets to clear the DNS entries after deleting a pre-existing web causing dangling DNS. A bad actor could come in and create a web app with the same name and use the pre-existing DNS records to takeover domains because the web app will still have the same default hostname as the previously deleted one. You can learn more about dangling DNS and subdomain takeover here.
How does this feature work?
The unique default hostname will have a different format than the original global default hostname in two ways. The unique default hostname will include:
A random hash appended to the web app name with a dash “-”
A region name
Comparing the format between the global (original) default hostnames and the unique (new) default hostnames, here is how the general format would look like:
Global (Original)
Unique (New)
Default Hostname Format
<AppName>.azurewebsites.net
<AppName>-<RandomHash>.<Region>.azurewebsites.net
SCM Endpoint Format
<AppName>.scm.azurewebsites.net
<AppName>-<RandomHash>.<Region>.scm.azurewebsites.net
As an example, if you create a site called “test” in East US:
Site Name
test
Unique Default Hostname
test-a6gqaeashthkhkeu.eastus-01.azurewebsites.net
SCM Endpoint
test-a6gqae9sh1hkhk8u.scm.eastus-01.azurewebsites.net
How does the hash in the unique default hostname work
The hash used for the unique default hostname would be a 16-character hash. This hash could be configured to a given “scope”, which ensures the degree of how unique you would like default hostname to be.
You can choose to generate the hash based on the following “scopes”:
Tenant Reuse
Subscription Reuse
Resource Group Reuse
No Reuse
So as an example, for my site called “test”, I could choose to generate a hash that could be shared across my subscription if I selected the “Subscription Reuse”. What this means is that anyone in my subscription who tries to create a web app called “test” in any region using the “Subscription Reuse” will end up with the same hash as I would. Anyone else outside of my subscription who tries to create a site name called “test” will not end up with the same hash as I would.
If your team tends to redeploy web apps in different environments for testing, it could be helpful to select a scope that is shared between environments. As an example, I have both Subscription AA (test subscription) and Subscription AB (production subscription) under Tenant A, and I tend to redeploy resources from Subscriptions AA to AB. What I should do is to deploy a site with the unique default hostname that uses the “Tenant Reuse” in Subscription AA because both subscriptions share the same tenant. Then when I need to delete and redeploy in Subscription AB, I should keep using Tenant Reuse. This ensures that the site I create will still have the exact same default hostname. More importantly, during the period that I try to delete and redeploy my resource, no one else outside of my tenant would be able to recreate another site with the exact same default hostname as my own site, which protects me from the threats of subdomain takeovers.
Hash and deployment slots
Your deployment slots will also follow the same format as your production site. However, each of your deployment slots will contain a different set of hashes from the production site and other deployment slots. Your slots will always be created with the same scope as the production site.
Comparing the format for slots between the global (original) default hostnames and the unique (new) default hostnames, here is how the general format would look like:
Global (Original)
Unique (New)
Default Hostname Format
<AppName>-<SlotName>.azurewebsites.net
<AppName>-<SlotName>-<RandomHash>.<Region>.azurewebsites.net
SCM Endpoint Format
<AppName>-<SlotName>.scm.azurewebsites.net
<AppName>-<SlotName>-<RandomHash>.<Region>.scm.azurewebsites.net
As an example, if you create a site called “test” and a slot called “slot” in East US:
Site Name
test (production site)
slot (deployment slot)
Unique Default Hostname
test-a6gqaeashthkhkeu.eastus-01.azurewebsites.net
test-slot-ekcda0qhg9em5yc9.eastus-01.azurewebsites.net
SCM Endpoint
test-a6gqae9sh1hkhk8u.scm.eastus-01.azurewebsites.net
test-slot-ekcda0qhg9em5yc9.scm.eastus-01.azurewebsites.net
You will notice that the hashes from the production site and the deployment slot are different, and this is the expected behavior. If you created site called “test” with “Tenant Reuse” and then created a slot called “slot”, anyone within your tenant who creates the same resources with those names will also get the same hashes that correspond to “test” and “slot”.
How does the region in the unique default hostname work
The region in the unique default hostname would be based on the region where the site is located. Since the unique default hostname is now regionalized, you will be able to create a site called “test” in different regions. The site name however still must be regionally unique, which means that there can only be one site called “test” in East US regardless if they have different hash values.
You will notice that the region name is appended by a number (ie. “-01”). You should expect that this number could change at any time in the future, and you should not have any hard dependencies or hard code the number appended to the region.
How to create a web app with a unique default hostname?
You can create a web app with a unique default hostname through Azure Portal, API, or ARM. CLI is currently not supported. This can only be done during resource creation, meaning that you will not be able to update your pre-existing web apps to have a unique default hostname. You will have to decide during resource creation to create a site with a unique (new) default hostname or a global (original) default hostname format – it’s one or the other.
Azure Portal
Any site created with a unique default hostname through Azure Portal will be created using the “Tenant Reuse” level (for more information, refer to section “How does the hash in the unique default hostname work”). Azure Portal will be fully deployed by June 7th, 2024.
If you would like to create a web app with a different scope for the hash, kindly use ARM or API.
To create a new web app with unique hostname on Azure Portal:
Go to the Web App Create page
Toggle option to enable “unique default hostname”
Fill out the required fields and click “Review + create”
ARM or API
If you are creating a web app using ARM or API, you can use this method to deploy your web app with a unique default hostname. You can also select the scope you would like to create your hash with.
In your API or ARM request, you need to add the following property to your site properties in the payload.
“AutoGeneratedDomainNameLabelScope”: “TenantReuse”
For the different scope level for your hash, you can choose from:
TenantReuse
SubscriptionReuse
ResourceGroupReuse
NoReuse
Sample API Call
PUT https://management.azure.com/subscriptions/<SUBSCRIPTIONID>/resourceGroups/<RGNAME>/providers/Microsoft.Web/sites/<SITENAME>?api-version=2022-03-01
{
“location”: “Central US”,
“kind”: “app”,
“properties”: {
“serverFarmId”: “<AppServicePlan”,
“AutoGeneratedDomainNameLabelScope”: “TenantReuse”,
…
…
}
}
Ending Note
We will continue to support pre-existing web apps that were created with the original global default hostnames. However, we highly encourage all customers to start creating web apps with the unique default hostnames to protect your organization from the threats of subdomain takeovers.
Microsoft Tech Community – Latest Blogs –Read More
How to fix windows update error: “Error ecountered, We couldn’t connect to the update service …”
I have tried all the “fixes” suggested here, here, and here, to no avail.
Specifically, I have attempted the following:
Disabling all third-party antivirus/antimalware software (in my case, MalwareBytes and CCleaner. I ran full scans with both products first before disabling them and rebooting, just to make sure a virus wasn’t causing my problems).I also disabled the Windows firewall and rebooted but that did not workRunning the Windows Update Troubleshooter did not work – I was even transferred to an agent who was unable to help me and suggested coming here to see if I could get it fixedI tried resetting windows update components and restarting but this did not work either.Changing my DNS settings to point to 8.8.8.8 and 8.8.4.4 for primary and secondary DNS servers, respectively.Deleting everything inside the C:WindowsSoftwareDistribution after stopping wuauserv, cryptSvc, bits, and msiserver (and starting them again after rebooting my PC).Running sfc /scannow (which indicated that there were no corrupted system files).Running the batch file Reset_Reregister_Windows_Update_Components_for_Windows11.bat, which I downloaded from here.While running the command line app as administrator, I also tried the following command DISM /Online /Cleanup-Image /RestoreHealth and it did not work.I also tried deleting the group policy and restarting and that did not workI checked the time and date settings and everything looks fine thereI run the network troubleshooter and everything seems fine there
I have tried everything I could find on Google to no avail. I attached the Windows update log to see if anyone can help me here. WindowsUpdate.log
In the Windows update log attached above, I noted the following error messages with corresponding codes:
2024/05/30 01:15:33.3272490 11192 11216 DataStore DS: JetAttachDatabase failed. Database file was not found.
…
…
…
2024/05/30 01:15:33.7967348 11192 11216 Agent *FAILED* [80070002] wuauengcore.dll, C:__w1ssrcClientlibutilfileutil.cpp @1030
2024/05/30 01:15:33.7967367 11192 11216 Agent *FAILED* [80070002] wuauengcore.dll, C:__w1ssrcClientlibutilfileutil.cpp @1068
…
…
…
2024/05/30 01:15:33.8226919 11192 9744 SLS Making request with URL HTTPS://slscr.update.microsoft.com/SLS/{9482F4B4-E343-43B6-B170-9A65BC822C77}/x64/10.0.26100.712/0?CH=115&L=en-US;de-DE&P=RingExternal;WUMUDCat&PT=0x30&WUA=1305.2404.25012.0&MK=Notebook++++++++++++++++++++++++&MD=N95TP6+++++++++++++++++++++++++ and send SLS events, cV=LDEDIm+/GECTvKjD.1.0.0.2.
2024/05/30 01:15:34.7058700 11192 9744 Misc *FAILED* [80072F8F] WinHttp: SendRequestWithAuthRetry using proxy failed for <HTTPS://slscr.update.microsoft.com/SLS/{9482F4B4-E343-43B6-B170-9A65BC822C77}/x64/10.0.26100.712/0?CH=115&L=en-US;de-DE&P=RingExternal;WUMUDCat&PT=0x30&WUA=1305.2404.25012.0&MK=Notebook++++++++++++++++++++++++&MD=N95TP6+++++++++++++++++++++++++>
2024/05/30 01:15:34.7058782 11192 9744 Agent *FAILED* [80072F8F] wuauengcore.dll, C:__w1ssrcClientlibDownloadFileDownloadSession.cpp @853
2024/05/30 01:15:34.7059155 11192 9744 SLS Complete the request URL HTTPS://slscr.update.microsoft.com/SLS/{9482F4B4-E343-43B6-B170-9A65BC822C77}/x64/10.0.26100.712/0?CH=115&L=en-US;de-DE&P=RingExternal;WUMUDCat&PT=0x30&WUA=1305.2404.25012.0&MK=Notebook++++++++++++++++++++++++&MD=N95TP6+++++++++++++++++++++++++ with [80072F8F] and http status code[0] and send SLS events.
2024/05/30 01:15:34.7059269 11192 9744 SLS *FAILED* [80072F8F] GetDownloadedOnWeakSSLCert
2024/05/30 01:15:34.7069919 11192 9744 SLS *FAILED* [80072F8F] Method failed [CSLSClient::GetResponse:660]
2024/05/30 01:15:34.7070022 11192 9744 Agent *FAILED* [80072F8F] wuauengcore.dll, C:__w1ssrcClientlibEndpointProvidersEndpointProviders.cpp @1842
2024/05/30 01:15:34.7070062 11192 9744 Agent *FAILED* [80072F8F] wuauengcore.dll, C:__w1ssrcClientlibEndpointProvidersEndpointProviders.cpp @1387
2024/05/30 01:15:34.7070107 11192 9744 Agent *FAILED* [80072F8F] wuauengcore.dll, C:__w1ssrcClientlibEndpointProvidersEndpointProviders.cpp @1398
2024/05/30 01:15:34.7070131 11192 9744 Agent *FAILED* [80072F8F] Method failed [CAgentServiceManager::DetectAndToggleServiceState:3020]
2024/05/30 01:15:34.7070151 11192 9744 Agent *FAILED* [80072F8F] SLS sync failed during service registration (cV: LDEDIm+/GECTvKjD.1.0.0.)
2024/05/30 01:15:34.7160785 11192 9744 Agent Total possible federated services: 1 (cV: LDEDIm+/GECTvKjD.1.0.0.)
2024/05/30 01:15:34.7160829 11192 9744 Agent Candidate federated service 9482F4B4-E343-43B6-B170-9A65BC822C77 (cV: LDEDIm+/GECTvKjD.1.0.0.)
2024/05/30 01:15:34.7160888 11192 9744 Agent Federated service 9482F4B4-E343-43B6-B170-9A65BC822C77 is not added due to an associated SLS registration failure (cV: LDEDIm+/GECTvKjD.1.0.0.)
2024/05/30 01:15:34.7160901 11192 9744 Agent Total allowed federated services: 0 (cV: LDEDIm+/GECTvKjD.1.0.0.)
2024/05/30 01:15:34.7160941 11192 9744 Agent *FAILED* [80072F8F] wuauengcore.dll, C:__w1ssrcClientEngineAgentRegisteredServiceUtil.cpp @3484
2024/05/30 01:15:34.7160985 11192 9744 Agent *FAILED* [80072F8F] Failed to execute service registration call {C7171C38-18A1-4626-9EA4-4A7328477514} (cV: LDEDIm+/GECTvKjD.1.0.1)
2024/05/30 01:15:34.7161306 11192 9744 Reporter OS Product Type = 0x00000030
2024/05/30 01:15:34.7284776 11192 9744 IdleTimer WU operation (SR.Device Driver Retrieval Client ID 1, operation # 3) stopped; does use network; is not at background priority (cV = LDEDIm+/GECTvKjD.1.0)
2024/05/30 01:15:34.7336610 1176 11100 ComApi * END * Federated Search failed to process service registration, hr=0x80072F8F (cV = LDEDIm+/GECTvKjD.1.0)
2024/05/30 01:15:34.7338401 1176 11180 ComApi XxxJobImpl: _EndXxx invoked (cV = LDEDIm+/GECTvKjD.1.0)
2024/05/30 01:15:34.7339160 1176 11180 ComApi *FAILED* [80072F8F] wuapicore.dll, C:__w1ssrcClientcomapiXxxJob.cpp @372
2024/05/30 01:15:34.7339181 1176 11180 ComApi *FAILED* [80072F8F] wuapicore.dll, C:__w1ssrcClientcomapiUpdateSearcher.cpp @343
2024/05/30 01:15:35.0160911 1176 11108 ComApi * START * SLS Discovery (cV = LDEDIm+/GECTvKjD.2.0)
2024/05/30 01:15:35.0170264 11192 11228 IdleTimer WU operation (CDiscoveryCall::Init.{124B2C8C-ABC9-4FF9-8309-D790A2C090F2} ID 2) started; operation # 8; does use network; is not at background priority (cV = LDEDIm+/GECTvKjD.2.0)
2024/05/30 01:15:35.0171267 1176 11108 ComApi *QUEUED* SLS Discovery (cV = LDEDIm+/GECTvKjD.2.0)
2024/05/30 01:15:35.0171284 1176 11108 ComApi XxxJobImpl: _EndXxx invoked (cV = LDEDIm+/GECTvKjD.2.0)
2024/05/30 01:15:35.0172085 11192 11328 Agent CDiscoveryCall::Execute – Invoking SLSClient (cv = LDEDIm+/GECTvKjD.2.1)
2024/05/30 01:15:35.0259499 11192 11328 SLS Get response for service 2B81F1BF-356C-4FA1-90F1-7581A62C6764 – forceExpire[False] asyncRefreshOnExpiry[True] (cV = LDEDIm+/GECTvKjD.2.2)
2024/05/30 01:15:35.0259552 11192 11328 SLS path used for cache lookup: /SLS/{2B81F1BF-356C-4FA1-90F1-7581A62C6764}/x64/10.0.26100.712/0?CH=115&L=en-US;de-DE&P=RingExternal;WUMUDCat&PT=0x30&WUA=1305.2404.25012.0&MK=Notebook++++++++++++++++++++++++&MD=N95TP6+++++++++++++++++++++++++
2024/05/30 01:15:35.0260299 11192 11328 SLS Retrieving SLS response from server…
2024/05/30 01:15:35.0263472 11192 11328 SLS MS-CV header: MS-CV: LDEDIm+/GECTvKjD.2.3
I also checked on error code 80070002 and realized I had to restart my router and run the network troubleshooter, but that did not solve the issue.
When I checked on error code 80072F8F I realized that I had to check if TLS 1.2 was enabled on my system but I am not sure how to go about it, including checking .NET frameworks and editing WinHTTP DefaultProtocol (DWORD) registry edits according to this link here. That’s where I got confused trying to figure things out since I am not sure how to go about it exactly and what to do or change.
I would appreciate any thoughts or help on this.
To solve this issue, I recently upgraded from Windows 11 Pro 23H2 to 24H2 x64 version 10.0.26100 build 26100, hardware abstraction layer 10.0.26100.1. Before the upgrade and even still after the upgrade, when I try to run Windows Update, I get the following error:I have tried all the “fixes” suggested here, here, and here, to no avail.Specifically, I have attempted the following:Disabling all third-party antivirus/antimalware software (in my case, MalwareBytes and CCleaner. I ran full scans with both products first before disabling them and rebooting, just to make sure a virus wasn’t causing my problems).I also disabled the Windows firewall and rebooted but that did not workRunning the Windows Update Troubleshooter did not work – I was even transferred to an agent who was unable to help me and suggested coming here to see if I could get it fixedI tried resetting windows update components and restarting but this did not work either.Changing my DNS settings to point to 8.8.8.8 and 8.8.4.4 for primary and secondary DNS servers, respectively.Deleting everything inside the C:WindowsSoftwareDistribution after stopping wuauserv, cryptSvc, bits, and msiserver (and starting them again after rebooting my PC).Running sfc /scannow (which indicated that there were no corrupted system files).Running the batch file Reset_Reregister_Windows_Update_Components_for_Windows11.bat, which I downloaded from here.While running the command line app as administrator, I also tried the following command DISM /Online /Cleanup-Image /RestoreHealth and it did not work.I also tried deleting the group policy and restarting and that did not workI checked the time and date settings and everything looks fine thereI run the network troubleshooter and everything seems fine thereI have tried everything I could find on Google to no avail. I attached the Windows update log to see if anyone can help me here. WindowsUpdate.logIn the Windows update log attached above, I noted the following error messages with corresponding codes: 2024/05/30 01:15:33.3272490 11192 11216 DataStore DS: JetAttachDatabase failed. Database file was not found.
…
…
…
2024/05/30 01:15:33.7967348 11192 11216 Agent *FAILED* [80070002] wuauengcore.dll, C:__w1ssrcClientlibutilfileutil.cpp @1030
2024/05/30 01:15:33.7967367 11192 11216 Agent *FAILED* [80070002] wuauengcore.dll, C:__w1ssrcClientlibutilfileutil.cpp @1068
…
…
…
2024/05/30 01:15:33.8226919 11192 9744 SLS Making request with URL HTTPS://slscr.update.microsoft.com/SLS/{9482F4B4-E343-43B6-B170-9A65BC822C77}/x64/10.0.26100.712/0?CH=115&L=en-US;de-DE&P=RingExternal;WUMUDCat&PT=0x30&WUA=1305.2404.25012.0&MK=Notebook++++++++++++++++++++++++&MD=N95TP6+++++++++++++++++++++++++ and send SLS events, cV=LDEDIm+/GECTvKjD.1.0.0.2.
2024/05/30 01:15:34.7058700 11192 9744 Misc *FAILED* [80072F8F] WinHttp: SendRequestWithAuthRetry using proxy failed for <HTTPS://slscr.update.microsoft.com/SLS/{9482F4B4-E343-43B6-B170-9A65BC822C77}/x64/10.0.26100.712/0?CH=115&L=en-US;de-DE&P=RingExternal;WUMUDCat&PT=0x30&WUA=1305.2404.25012.0&MK=Notebook++++++++++++++++++++++++&MD=N95TP6+++++++++++++++++++++++++>
2024/05/30 01:15:34.7058782 11192 9744 Agent *FAILED* [80072F8F] wuauengcore.dll, C:__w1ssrcClientlibDownloadFileDownloadSession.cpp @853
2024/05/30 01:15:34.7059155 11192 9744 SLS Complete the request URL HTTPS://slscr.update.microsoft.com/SLS/{9482F4B4-E343-43B6-B170-9A65BC822C77}/x64/10.0.26100.712/0?CH=115&L=en-US;de-DE&P=RingExternal;WUMUDCat&PT=0x30&WUA=1305.2404.25012.0&MK=Notebook++++++++++++++++++++++++&MD=N95TP6+++++++++++++++++++++++++ with [80072F8F] and http status code[0] and send SLS events.
2024/05/30 01:15:34.7059269 11192 9744 SLS *FAILED* [80072F8F] GetDownloadedOnWeakSSLCert
2024/05/30 01:15:34.7069919 11192 9744 SLS *FAILED* [80072F8F] Method failed [CSLSClient::GetResponse:660]
2024/05/30 01:15:34.7070022 11192 9744 Agent *FAILED* [80072F8F] wuauengcore.dll, C:__w1ssrcClientlibEndpointProvidersEndpointProviders.cpp @1842
2024/05/30 01:15:34.7070062 11192 9744 Agent *FAILED* [80072F8F] wuauengcore.dll, C:__w1ssrcClientlibEndpointProvidersEndpointProviders.cpp @1387
2024/05/30 01:15:34.7070107 11192 9744 Agent *FAILED* [80072F8F] wuauengcore.dll, C:__w1ssrcClientlibEndpointProvidersEndpointProviders.cpp @1398
2024/05/30 01:15:34.7070131 11192 9744 Agent *FAILED* [80072F8F] Method failed [CAgentServiceManager::DetectAndToggleServiceState:3020]
2024/05/30 01:15:34.7070151 11192 9744 Agent *FAILED* [80072F8F] SLS sync failed during service registration (cV: LDEDIm+/GECTvKjD.1.0.0.)
2024/05/30 01:15:34.7160785 11192 9744 Agent Total possible federated services: 1 (cV: LDEDIm+/GECTvKjD.1.0.0.)
2024/05/30 01:15:34.7160829 11192 9744 Agent Candidate federated service 9482F4B4-E343-43B6-B170-9A65BC822C77 (cV: LDEDIm+/GECTvKjD.1.0.0.)
2024/05/30 01:15:34.7160888 11192 9744 Agent Federated service 9482F4B4-E343-43B6-B170-9A65BC822C77 is not added due to an associated SLS registration failure (cV: LDEDIm+/GECTvKjD.1.0.0.)
2024/05/30 01:15:34.7160901 11192 9744 Agent Total allowed federated services: 0 (cV: LDEDIm+/GECTvKjD.1.0.0.)
2024/05/30 01:15:34.7160941 11192 9744 Agent *FAILED* [80072F8F] wuauengcore.dll, C:__w1ssrcClientEngineAgentRegisteredServiceUtil.cpp @3484
2024/05/30 01:15:34.7160985 11192 9744 Agent *FAILED* [80072F8F] Failed to execute service registration call {C7171C38-18A1-4626-9EA4-4A7328477514} (cV: LDEDIm+/GECTvKjD.1.0.1)
2024/05/30 01:15:34.7161306 11192 9744 Reporter OS Product Type = 0x00000030
2024/05/30 01:15:34.7284776 11192 9744 IdleTimer WU operation (SR.Device Driver Retrieval Client ID 1, operation # 3) stopped; does use network; is not at background priority (cV = LDEDIm+/GECTvKjD.1.0)
2024/05/30 01:15:34.7336610 1176 11100 ComApi * END * Federated Search failed to process service registration, hr=0x80072F8F (cV = LDEDIm+/GECTvKjD.1.0)
2024/05/30 01:15:34.7338401 1176 11180 ComApi XxxJobImpl: _EndXxx invoked (cV = LDEDIm+/GECTvKjD.1.0)
2024/05/30 01:15:34.7339160 1176 11180 ComApi *FAILED* [80072F8F] wuapicore.dll, C:__w1ssrcClientcomapiXxxJob.cpp @372
2024/05/30 01:15:34.7339181 1176 11180 ComApi *FAILED* [80072F8F] wuapicore.dll, C:__w1ssrcClientcomapiUpdateSearcher.cpp @343
2024/05/30 01:15:35.0160911 1176 11108 ComApi * START * SLS Discovery (cV = LDEDIm+/GECTvKjD.2.0)
2024/05/30 01:15:35.0170264 11192 11228 IdleTimer WU operation (CDiscoveryCall::Init.{124B2C8C-ABC9-4FF9-8309-D790A2C090F2} ID 2) started; operation # 8; does use network; is not at background priority (cV = LDEDIm+/GECTvKjD.2.0)
2024/05/30 01:15:35.0171267 1176 11108 ComApi *QUEUED* SLS Discovery (cV = LDEDIm+/GECTvKjD.2.0)
2024/05/30 01:15:35.0171284 1176 11108 ComApi XxxJobImpl: _EndXxx invoked (cV = LDEDIm+/GECTvKjD.2.0)
2024/05/30 01:15:35.0172085 11192 11328 Agent CDiscoveryCall::Execute – Invoking SLSClient (cv = LDEDIm+/GECTvKjD.2.1)
2024/05/30 01:15:35.0259499 11192 11328 SLS Get response for service 2B81F1BF-356C-4FA1-90F1-7581A62C6764 – forceExpire[False] asyncRefreshOnExpiry[True] (cV = LDEDIm+/GECTvKjD.2.2)
2024/05/30 01:15:35.0259552 11192 11328 SLS path used for cache lookup: /SLS/{2B81F1BF-356C-4FA1-90F1-7581A62C6764}/x64/10.0.26100.712/0?CH=115&L=en-US;de-DE&P=RingExternal;WUMUDCat&PT=0x30&WUA=1305.2404.25012.0&MK=Notebook++++++++++++++++++++++++&MD=N95TP6+++++++++++++++++++++++++
2024/05/30 01:15:35.0260299 11192 11328 SLS Retrieving SLS response from server…
2024/05/30 01:15:35.0263472 11192 11328 SLS MS-CV header: MS-CV: LDEDIm+/GECTvKjD.2.3 I also checked on error code 80070002 and realized I had to restart my router and run the network troubleshooter, but that did not solve the issue.When I checked on error code 80072F8F I realized that I had to check if TLS 1.2 was enabled on my system but I am not sure how to go about it, including checking .NET frameworks and editing WinHTTP DefaultProtocol (DWORD) registry edits according to this link here. That’s where I got confused trying to figure things out since I am not sure how to go about it exactly and what to do or change.I would appreciate any thoughts or help on this. Read More
Equation Question
The following is a formula that I have in my spreadsheet:
=-SUM(SUMIF(INDIRECT({“k2″,”k7″,”k11″,”k15″,”k19″,”k23″,”k27″,”k31″,”k35″,”k39″,”k43″,”k47″,”k51″,”k55″}),”>0″))
I would like to drag, or copy the formula to column L and have all references to column K change to column L. What is the easiest way to do this. I’m currently using Word and doing a search and replace for K and changing to L.
Thanks in advance…John
The following is a formula that I have in my spreadsheet:=-SUM(SUMIF(INDIRECT({“k2″,”k7″,”k11″,”k15″,”k19″,”k23″,”k27″,”k31″,”k35″,”k39″,”k43″,”k47″,”k51″,”k55″}),”>0″)) I would like to drag, or copy the formula to column L and have all references to column K change to column L. What is the easiest way to do this. I’m currently using Word and doing a search and replace for K and changing to L. Thanks in advance…John Read More
Copilot in Word – use web content and citations
I want to use Copilot in Word to write a summary about information from the web. I want Copilot to add references for the information it wrote, so I can cross-check if the generated information is correct and validate sources.
An example prompt in Copilot in Word for instance: “Write recent news events from last week, add citations”.
However, I noticed that Copilot in Word doesn’t seem to have recent web information, instead it writes old-dated content. Also, it adds a template for the URL but doesn’t fill in the URL. Instead, it writes a pattern such as: “[URL: [URL]]” but not the actual URL.
How can I ensure Copilot in Word uses web search content, as well as adds all reference URLs for the summarized information (similar to Bing Chat Enterprise)?
I want to use Copilot in Word to write a summary about information from the web. I want Copilot to add references for the information it wrote, so I can cross-check if the generated information is correct and validate sources. An example prompt in Copilot in Word for instance: “Write recent news events from last week, add citations”. However, I noticed that Copilot in Word doesn’t seem to have recent web information, instead it writes old-dated content. Also, it adds a template for the URL but doesn’t fill in the URL. Instead, it writes a pattern such as: “[URL: [URL]]” but not the actual URL. How can I ensure Copilot in Word uses web search content, as well as adds all reference URLs for the summarized information (similar to Bing Chat Enterprise)? Read More
Office365 sharing calendar between desktop and mobile
I’m a paying 365 subscriber, and recently had to get a whole new iPhone and telephone number. I was easily able to also get Outlook mobile receiving my personal emails, but my calendar is not shared between the desktop and mobile versions of Outlook.
I’ve done my due diligence searching, but every response I see references settings that don’t exist in my Outlook. I presume they were older posts, while I likely have the very latest version(s).
This must be pretty basic, but I am clearly missing something.
I’m a paying 365 subscriber, and recently had to get a whole new iPhone and telephone number. I was easily able to also get Outlook mobile receiving my personal emails, but my calendar is not shared between the desktop and mobile versions of Outlook.I’ve done my due diligence searching, but every response I see references settings that don’t exist in my Outlook. I presume they were older posts, while I likely have the very latest version(s). This must be pretty basic, but I am clearly missing something. Read More
Link from Drop Down List to first blank cell on a specific worksheet (same WB)
Hello! I’m have a workbook with many data entry tables, each in a separate worksheet in the workbook. I need to set up a directory with a list of each of the ‘Tabs’ that will function as a hyperlink which sends the user to the last open cell in the table of the specified worksheet.
I’ve tried one suggestion that I couldn’t get to work correctly. Namely, by creating a ‘dummy’ named range pointing to a cell on order to get the hyperlink established, and then using the following formula to return the correct worksheet. I’ve tried using the INDIRECT(ADDRESS(XMATCH formulas without any success. Any assistance would be helpful. Thank you!
Hello! I’m have a workbook with many data entry tables, each in a separate worksheet in the workbook. I need to set up a directory with a list of each of the ‘Tabs’ that will function as a hyperlink which sends the user to the last open cell in the table of the specified worksheet. I’ve tried one suggestion that I couldn’t get to work correctly. Namely, by creating a ‘dummy’ named range pointing to a cell on order to get the hyperlink established, and then using the following formula to return the correct worksheet. I’ve tried using the INDIRECT(ADDRESS(XMATCH formulas without any success. Any assistance would be helpful. Thank you! Read More
I would like to understand the ease of integration between Entra ID and Atom C2
We are using Atom C2 as our ticketing platform to submit various types of requests, including access request, and would like to keep using C2 while making our transition to Entra ID, I am trying to understand the ease of integration between C2 and Entra ID. How would I go about doing it, could someone point me in the right direction?
We are using Atom C2 as our ticketing platform to submit various types of requests, including access request, and would like to keep using C2 while making our transition to Entra ID, I am trying to understand the ease of integration between C2 and Entra ID. How would I go about doing it, could someone point me in the right direction? Read More
Data Base Integration with Sentinel
Hi All,
I am quite new to Sentinel platform but not new to SIEM.
How to integrate Data Base (any like Oracle, MsSql etc) audit or application logs which is in different table other than audit whether it is on-prem or Azure or other cloud, with Sentinel.
As I do not see official Data connectors for data bases as like in Splunk, ArcSight etc.
Hi All, I am quite new to Sentinel platform but not new to SIEM. How to integrate Data Base (any like Oracle, MsSql etc) audit or application logs which is in different table other than audit whether it is on-prem or Azure or other cloud, with Sentinel. As I do not see official Data connectors for data bases as like in Splunk, ArcSight etc. Read More
Migrate data to Azure Managed Lustre retaining POSIX attributes
Introduction
This blog will utilize manual steps on for exporting data to blob storage in order to retain specific POSIX attributes. The exporting of data is achieved using the Lustre HSM (Hierarchical Storage Management) interface. The Managed Lustre system will need to have HSM enabled and setup in advance. See this article: Blob integration
For more information around setting up automatic synchronization to Azure BLOB Storage for Azure Managed Lustre refer to this blob post: Automatic Synchronization to Azure BLOB Storage.
Connect client to the Lustre file system
Client machines running Linux can access Azure Managed Lustre directly. See the following article that details the client prerequisites: Connect client to the file system
To mount lustre:
sudo mount -t lustre -o noatime,flock <MGS_IP>@tcp:/lustrefs /<client_path>
Migrate data retaining POSIX attributes
Once you have a client that is connected to the file system you can now copy data directly into that file system.
Assuming the source location is /mydata and the destination lustre file system is /lustredata
The -a option preserves all POSIX attributes, such as ownership, permissions, timestamps, symlinks, etc. See the rsync manual page for more details.
To copy data into lustre:
Note: When migrating data to AMLFS, ensure that the total storage used does not exceed the system’s allowed capacity. If migrating more storage than allowed by the file system capacity then files will need to be archived and released to blob storage as needed before continuing the data migration.
Export data and attributes to blob storage
Once the files have been copied into the Lustre File system, now utilize the export job process in order to write those files as well as the POSIX attributes as metadata to the blob storage container. This process includes using the export jobs with archive process.
Which POSIX attributes are retained during an export job?
When you export files from your Azure Managed Lustre system to blob storage there are additional attributes that are saved as metadata inside the blob storage as shown here: Metadata for exported files. The following attributes may be written as metadata to each object in blob storage depending on the type of object:
Parameter
Description
modtime
The last modification time of the file
owner
The owner of the file
group
The group owner of the file
permissions
The existing permissions of the file
hdi_isfolder
If object is a folder, this value is set to true. Name corresponds with folder name.
The metadata will appear in the blob attributes in storage as shown here:
Restoring data into a new Azure Managed Lustre File System:
Now that the blob storage contains the attributes for each blob object including permissions and ownership of each file and directory, this data can be imported into any new Azure Managed Lustre file system and retain those attributes as it does. Follow these steps in order to import data using import jobs.
Note: This step is only required when setting up a new Azure Managed Lustre File System. This is not required for utilizing the existing AMLFS the data was originally copied to.
References
Azure Managed Lustre File System Documentation
Azure Managed Lustre with Automatic Synchronisation to Azure BLOB Storage
GitHub repositories
Microsoft Tech Community – Latest Blogs –Read More
Calculations off–what am I doing wrong?
The calculations on my excel spreadsheet are off. It is a simple calculation. I am simply multiplying 2 columns.
The value of column e30 is $3.48 is being multiplied by column f30 1198. In column g30 it give me a sum of $4,174.95. The formula reads =SUM(E30*F30). However the correct answer is $4169.04. Other calculations on spread sheet check out. What am I doing wrong.
The calculations on my excel spreadsheet are off. It is a simple calculation. I am simply multiplying 2 columns. The value of column e30 is $3.48 is being multiplied by column f30 1198. In column g30 it give me a sum of $4,174.95. The formula reads =SUM(E30*F30). However the correct answer is $4169.04. Other calculations on spread sheet check out. What am I doing wrong. Read More
Identification and highlighting of interdependent materials within a bill of materials (BOM)
I am seeking assistance with a Bill of Materials (BOM) dataset that includes columns for Level, Pegged Requirement, and Material. In this dataset, a material number that has sub-materials appears as the Pegged Requirement, and these sub-materials can also have their own sub-materials, continuing this hierarchy down to the last level.
Is there a macro that can identify and highlight all rows that are dependent on a specific material number? This would assist in comprehending the complete dependency chain of any material, including all sub-levels.
Thank you in advance for your support!
I am seeking assistance with a Bill of Materials (BOM) dataset that includes columns for Level, Pegged Requirement, and Material. In this dataset, a material number that has sub-materials appears as the Pegged Requirement, and these sub-materials can also have their own sub-materials, continuing this hierarchy down to the last level.Is there a macro that can identify and highlight all rows that are dependent on a specific material number? This would assist in comprehending the complete dependency chain of any material, including all sub-levels. Thank you in advance for your support! Read More
Sharing folders with external users (not guest users)
When sharing a folder in SharePoint online with an external user (not a guest user), we are seeing that the subfolders are not also shared. External sharing is allowed at the tenant level. The subfolders are inheriting permissions from the parent which is the top folder. The external users can see the folder, but not the subfolders. Is this the expected result of sharing with external users?
TYIA
When sharing a folder in SharePoint online with an external user (not a guest user), we are seeing that the subfolders are not also shared. External sharing is allowed at the tenant level. The subfolders are inheriting permissions from the parent which is the top folder. The external users can see the folder, but not the subfolders. Is this the expected result of sharing with external users?TYIA Read More
Is/will Copilot in Teams able to follow/process shared content in Teams Meetings?
My team frequently uses Teams meetings for code reviews and discussions to share screen and view each other’s work. Is Copilot in Teams able to see/process shared content along with spoken audio to provide a wholistic summary of meeting content? This may also be useful in the case of shared files or live collaboration on M365 files like Word documents or PowerPoint presentations.
My team frequently uses Teams meetings for code reviews and discussions to share screen and view each other’s work. Is Copilot in Teams able to see/process shared content along with spoken audio to provide a wholistic summary of meeting content? This may also be useful in the case of shared files or live collaboration on M365 files like Word documents or PowerPoint presentations. Read More
How to pull data from multiple workbooks
I am trying to pull data from the same cell in multiple work sheets. All these files are labeled by date. There is a file for every day of the year. These files are massive with lots of data and can not be combined. The master where I would like to pull data and store here to use as a template to measure performance. This has a row for every single day and displays the average, max, and low.
I would like to match the row to match the file on where to pull the data from. Is there any way to do this without going back and forth between worksheets? I would like to continue to use this template year after year.
I am trying to pull data from the same cell in multiple work sheets. All these files are labeled by date. There is a file for every day of the year. These files are massive with lots of data and can not be combined. The master where I would like to pull data and store here to use as a template to measure performance. This has a row for every single day and displays the average, max, and low.I would like to match the row to match the file on where to pull the data from. Is there any way to do this without going back and forth between worksheets? I would like to continue to use this template year after year. Read More
Move files to specific directories based on file modified by date.
Hi All,
I’m trying to make sense of 1000’s of photos and I’m looking for something a little different to the year – month standard option.
I’m trying to sort my pictures between specific dates for instance.
For example:
Pics from between 05-01-2000 & 04-02-2000 to be moved to directory ‘Year 1Month 0’
Pics from between 05-02-2000 & 04-03-2000 to be moved to directory ‘Year 1Month 1’
Pics from between 05-03-2000 & 04-04-2000 to be moved to directory ‘Year 1Month 2’
Pics from between 05-04-2000 & 04-05-2000 to be moved to directory ‘Year 1Month 3’
From searching i have found the following script
CmdletBinding(SupportsShouldProcess=$true)]
param (
[Parameter(Mandatory=$true)][string]$SourceDirectory,
[Parameter(Mandatory=$true)][string]$DestinationDirectory,
[Parameter(Mandatory=$true)][string]$ModifiedAfter,
[Parameter(Mandatory=$true)][string]$ModifiedBefore
)
Get-ChildItem -Path $SourceDirectory |
Where-Object {
$_.LastWriteTime `
-gt (Get-Date $ModifiedAfter) `
-and $_.LastWriteTime -lt (Get-Date $ModifiedBefore) } |
ForEach-Object { $_ | Copy-Item -Destination $DestinationDirectory }
You then run it with
.Copy-Files-Modified-Between-Dates `
-SourceDirectory C:Tempall `
-DestinationDirectory C:Tempsubset `
-ModifiedAfter ‘2000-01-05 18:00’ `
-ModifiedBefore ‘2000-02-04’
My question is how can this be made to increment onto the next month automatically or to reference a file for info maybe a csv or text file to say
Pics from between 05-04-2010 & 04-05-2010 to be moved to directory ‘Year 10Month 3’
Hi All,I’m trying to make sense of 1000’s of photos and I’m looking for something a little different to the year – month standard option.I’m trying to sort my pictures between specific dates for instance.For example:Pics from between 05-01-2000 & 04-02-2000 to be moved to directory ‘Year 1Month 0’Pics from between 05-02-2000 & 04-03-2000 to be moved to directory ‘Year 1Month 1’Pics from between 05-03-2000 & 04-04-2000 to be moved to directory ‘Year 1Month 2’Pics from between 05-04-2000 & 04-05-2000 to be moved to directory ‘Year 1Month 3’From searching i have found the following script CmdletBinding(SupportsShouldProcess=$true)]
param (
[Parameter(Mandatory=$true)][string]$SourceDirectory,
[Parameter(Mandatory=$true)][string]$DestinationDirectory,
[Parameter(Mandatory=$true)][string]$ModifiedAfter,
[Parameter(Mandatory=$true)][string]$ModifiedBefore
)
Get-ChildItem -Path $SourceDirectory |
Where-Object {
$_.LastWriteTime `
-gt (Get-Date $ModifiedAfter) `
-and $_.LastWriteTime -lt (Get-Date $ModifiedBefore) } |
ForEach-Object { $_ | Copy-Item -Destination $DestinationDirectory } You then run it with .Copy-Files-Modified-Between-Dates `
-SourceDirectory C:Tempall `
-DestinationDirectory C:Tempsubset `
-ModifiedAfter ‘2000-01-05 18:00’ `
-ModifiedBefore ‘2000-02-04’ My question is how can this be made to increment onto the next month automatically or to reference a file for info maybe a csv or text file to sayPics from between 05-04-2010 & 04-05-2010 to be moved to directory ‘Year 10Month 3’ Read More
Announcing Windows Server Preview Build 26227
Announcing Windows Server Preview Build 26227
Hello Windows Server Insiders!
Today we are pleased to release a new build of the next Windows Server Long-Term Servicing Channel (LTSC) Preview that contains both the Desktop Experience and Server Core installation options for Datacenter and Standard editions, Annual Channel for Container Host and Azure Edition (for VM evaluation only). Branding has been updated for the upcoming release, Windows Server 2025, in this preview – when reporting issues please refer to Windows Server 2025 preview. If you signed up for Server Flighting, you should receive this new build automatically.
What’s New
[NEW] Delegated Managed Service Accounts (dMSA)
A new account type known as delegated Managed Service Account (dMSA) is now available that allows migration from a traditional service account to a machine account with managed and fully randomized keys, while disabling original service account passwords.
Authentication for dMSA is linked to the device identity, which means that only specified machine identities mapped in AD can access the account. Using dMSA helps to prevent harvesting credentials using a compromised account (kerberoasting), which is a common issue with traditional service accounts.
To learn more about dMSA, visit https://learn.microsoft.com/en-us/windows-server/security/delegated-managed-service-accounts/delegated-managed-service-accounts-overview.
More Server Message Block (SMB) protocol changes.
Starting with Build 26097 and higher, we are introducing the following Server Message Block (SMB) protocol changes for QUIC, signing, and encryption:
SMB over QUIC client and server disable: Administrators can now disable the SMB over QUIC client and SMB over QUIC server options with Group Policy and PowerShell.
SMB over QUIC client and server connection auditing: Successful SMB over QUIC client and SMB over QUIC server connection events are now written to the event log to include the QUIC transport.
SMB signing and encryption auditing: Administrators can now enable auditing of the SMB server and client for support of SMB signing and encryption. This shows if a third-party client or server doesn’t support SMB encryption or signing. You can configure these settings with PowerShell and Group Policy.
For details on configuring these new settings, review https://aka.ms/SMB74MDNP.
For more information on SMB over QUIC in Windows and Windows Server Insider Preview builds, review https://aka.ms/SMBoverQUICServer and https://aka.ms/SmbOverQuicCAC.
For more information on SMB signing and encryption in Windows and Windows Server Insider Preview builds, review https://aka.ms/SmbSigningRequired and https://aka.ms/SmbClientEncrypt.
Windows Server Flighting is here!!
If you signed up for Server Flighting, you should receive this new build automatically later today.
For more information, see Welcome to Windows Insider flighting on Windows Server – Microsoft Community Hub
The new Feedback Hub app is now available for Server Desktop users!
The app should automatically update with the latest version, but if it does not, simply Check for updates in the app’s settings tab.
Known Issues
[NEW] Secure-boot Gen2 VMs created using ISO media may not boot: Some users may encounter boot issues when creating secure-boot Gen 2 VMs. Disabling secure-boot allows the Gen2 VM to boot successfully. This will be addressed in a future release.
Upgrade does not complete: Some users may experience an issue when upgrading where the download process does not progress beyond 0%. If you encounter this issue, please upgrade to this newer build using the ISO media download option. Download Windows Server Insider Preview (microsoft.com)
Access denied error when using Diskpart –> Clean Image on Winpe.vhdx VMs created using WinPE: Create bootable media | Microsoft Learn. We are working to resolve this issue and expect to have it fixed in the next preview release.
Download Windows Server Insider Preview (microsoft.com)
Flighting: The label for this flight may incorrectly reference Windows 11. However, when selected, the package installed is the Windows Server update. Please ignore the label and proceed with installing your flight. This issue will be addressed in a future release.
Setup: Some users may experience overlapping rectangle voids following mouse clicks during “OOBE” setup. This is a graphics rendering issue and will not prevent setup from completing. This issue will be addressed in a future release.
WinPE – Powershell Scripts: Applying the WinPE-Powershell optional component does not properly install Powershell in WinPE. As a result, Powershell cmdlets will fail. Customers who are dependent on Powershell in WinPE should not use this build.
If you are validating upgrades from Windows Server 2019 or 2022, we do not recommend that you use this build as intermittent upgrade failures have been identified for this build.
This build has an issue where archiving eventlogs with “wevetutil al” command causes the Windows Event Log service to crash, and the archive operation to fail. The service must be restarted by executing “Start-Service EventLog” from an administrative command line prompt.
If you have Secure Launch/DRTM code path enabled, we do not recommend that you install this build.
Available Downloads
Downloads to certain countries may not be available. See Microsoft suspends new sales in Russia – Microsoft On the Issues
Windows Server Long-Term Servicing Channel Preview in ISO format in 18 languages, and in VHDX format in English only.
Windows Server Datacenter Azure Edition Preview in ISO and VHDX format, English only.
Microsoft Server Languages and Optional Features Preview
Keys: Keys are valid for preview builds only
Server Standard: MFY9F-XBN2F-TYFMP-CCV49-RMYVH
Datacenter: 2KNJJ-33Y9H-2GXGX-KMQWH-G6H67
Azure Edition does not accept a key
Symbols: available on the public symbol server – see Using the Microsoft Symbol Server.
Expiration: This Windows Server Preview will expire September 15, 2024.
How to Download
Registered Insiders may navigate directly to the Windows Server Insider Preview download page. If you have not yet registered as an Insider, see GETTING STARTED WITH SERVER on the Windows Insiders for Business portal.
We value your feedback!
The most important part of the release cycle is to hear what’s working and what needs to be improved, so your feedback is extremely valued. Beginning with Insider build 26063, please use the new Feedback Hub app for Windows Server if you are running a Desktop version of Server. If you are using a Core edition, or if you are unable to use the Feedback Hub app, you can use your registered Windows 10 or Windows 11 Insider device and use the Feedback Hub application. In the app, choose the Windows Server category and then the appropriate subcategory for your feedback. In the title of the Feedback, please indicate the build number you are providing feedback on as shown below to ensure that your issue is attributed to the right version:
[Server #####] Title of my feedback
See Give Feedback on Windows Server via Feedback Hub for specifics. The Windows Server Insiders space on the Microsoft Tech Communities supports preview builds of the next version of Windows Server. Use the forum to collaborate, share and learn from experts. For versions that have been released to general availability in market, try the Windows Server for IT Pro forum or contact Support for Business.
Diagnostic and Usage Information
Microsoft collects this information over the internet to help keep Windows secure and up to date, troubleshoot problems, and make product improvements. Microsoft server operating systems can be configured to turn diagnostic data off, send Required diagnostic data, or send Optional diagnostic data. During previews, Microsoft asks that you change the default setting to Optional to provide the best automatic feedback and help us improve the final product.
Administrators can change the level of information collection through Settings. For details, see http://aka.ms/winserverdata. Also see the Microsoft Privacy Statement.
Terms of Use
This is pre-release software – it is provided for use “as-is” and is not supported in production environments. Users are responsible for installing any updates that may be made available from Windows Update. All pre-release software made available to you via the Windows Server Insider program is governed by the Insider Terms of Use.
Announcing Windows Server Preview Build 26227
Hello Windows Server Insiders!
Today we are pleased to release a new build of the next Windows Server Long-Term Servicing Channel (LTSC) Preview that contains both the Desktop Experience and Server Core installation options for Datacenter and Standard editions, Annual Channel for Container Host and Azure Edition (for VM evaluation only). Branding has been updated for the upcoming release, Windows Server 2025, in this preview – when reporting issues please refer to Windows Server 2025 preview. If you signed up for Server Flighting, you should receive this new build automatically.
What’s New
[NEW] Delegated Managed Service Accounts (dMSA)
A new account type known as delegated Managed Service Account (dMSA) is now available that allows migration from a traditional service account to a machine account with managed and fully randomized keys, while disabling original service account passwords.
Authentication for dMSA is linked to the device identity, which means that only specified machine identities mapped in AD can access the account. Using dMSA helps to prevent harvesting credentials using a compromised account (kerberoasting), which is a common issue with traditional service accounts.
To learn more about dMSA, visit https://learn.microsoft.com/en-us/windows-server/security/delegated-managed-service-accounts/delegated-managed-service-accounts-overview.
More Server Message Block (SMB) protocol changes.
Starting with Build 26097 and higher, we are introducing the following Server Message Block (SMB) protocol changes for QUIC, signing, and encryption:
SMB over QUIC client and server disable: Administrators can now disable the SMB over QUIC client and SMB over QUIC server options with Group Policy and PowerShell.
SMB over QUIC client and server connection auditing: Successful SMB over QUIC client and SMB over QUIC server connection events are now written to the event log to include the QUIC transport.
SMB signing and encryption auditing: Administrators can now enable auditing of the SMB server and client for support of SMB signing and encryption. This shows if a third-party client or server doesn’t support SMB encryption or signing. You can configure these settings with PowerShell and Group Policy.
For details on configuring these new settings, review https://aka.ms/SMB74MDNP.
For more information on SMB over QUIC in Windows and Windows Server Insider Preview builds, review https://aka.ms/SMBoverQUICServer and https://aka.ms/SmbOverQuicCAC.
For more information on SMB signing and encryption in Windows and Windows Server Insider Preview builds, review https://aka.ms/SmbSigningRequired and https://aka.ms/SmbClientEncrypt.
Windows Server Flighting is here!!
If you signed up for Server Flighting, you should receive this new build automatically later today.
For more information, see Welcome to Windows Insider flighting on Windows Server – Microsoft Community Hub
The new Feedback Hub app is now available for Server Desktop users!
The app should automatically update with the latest version, but if it does not, simply Check for updates in the app’s settings tab.
Known Issues
[NEW] Secure-boot Gen2 VMs created using ISO media may not boot: Some users may encounter boot issues when creating secure-boot Gen 2 VMs. Disabling secure-boot allows the Gen2 VM to boot successfully. This will be addressed in a future release.
Upgrade does not complete: Some users may experience an issue when upgrading where the download process does not progress beyond 0%. If you encounter this issue, please upgrade to this newer build using the ISO media download option. Download Windows Server Insider Preview (microsoft.com)
Access denied error when using Diskpart –> Clean Image on Winpe.vhdx VMs created using WinPE: Create bootable media | Microsoft Learn. We are working to resolve this issue and expect to have it fixed in the next preview release.
Download Windows Server Insider Preview (microsoft.com)
Flighting: The label for this flight may incorrectly reference Windows 11. However, when selected, the package installed is the Windows Server update. Please ignore the label and proceed with installing your flight. This issue will be addressed in a future release.
Setup: Some users may experience overlapping rectangle voids following mouse clicks during “OOBE” setup. This is a graphics rendering issue and will not prevent setup from completing. This issue will be addressed in a future release.
WinPE – Powershell Scripts: Applying the WinPE-Powershell optional component does not properly install Powershell in WinPE. As a result, Powershell cmdlets will fail. Customers who are dependent on Powershell in WinPE should not use this build.
If you are validating upgrades from Windows Server 2019 or 2022, we do not recommend that you use this build as intermittent upgrade failures have been identified for this build.
This build has an issue where archiving eventlogs with “wevetutil al” command causes the Windows Event Log service to crash, and the archive operation to fail. The service must be restarted by executing “Start-Service EventLog” from an administrative command line prompt.
If you have Secure Launch/DRTM code path enabled, we do not recommend that you install this build.
Available Downloads
Downloads to certain countries may not be available. See Microsoft suspends new sales in Russia – Microsoft On the Issues
Windows Server Long-Term Servicing Channel Preview in ISO format in 18 languages, and in VHDX format in English only.
Windows Server Datacenter Azure Edition Preview in ISO and VHDX format, English only.
Microsoft Server Languages and Optional Features Preview
Keys: Keys are valid for preview builds only
Server Standard: MFY9F-XBN2F-TYFMP-CCV49-RMYVH
Datacenter: 2KNJJ-33Y9H-2GXGX-KMQWH-G6H67
Azure Edition does not accept a key
Symbols: available on the public symbol server – see Using the Microsoft Symbol Server.
Expiration: This Windows Server Preview will expire September 15, 2024.
How to Download
Registered Insiders may navigate directly to the Windows Server Insider Preview download page. If you have not yet registered as an Insider, see GETTING STARTED WITH SERVER on the Windows Insiders for Business portal.
We value your feedback!
The most important part of the release cycle is to hear what’s working and what needs to be improved, so your feedback is extremely valued. Beginning with Insider build 26063, please use the new Feedback Hub app for Windows Server if you are running a Desktop version of Server. If you are using a Core edition, or if you are unable to use the Feedback Hub app, you can use your registered Windows 10 or Windows 11 Insider device and use the Feedback Hub application. In the app, choose the Windows Server category and then the appropriate subcategory for your feedback. In the title of the Feedback, please indicate the build number you are providing feedback on as shown below to ensure that your issue is attributed to the right version:
[Server #####] Title of my feedback
See Give Feedback on Windows Server via Feedback Hub for specifics. The Windows Server Insiders space on the Microsoft Tech Communities supports preview builds of the next version of Windows Server. Use the forum to collaborate, share and learn from experts. For versions that have been released to general availability in market, try the Windows Server for IT Pro forum or contact Support for Business.
Diagnostic and Usage Information
Microsoft collects this information over the internet to help keep Windows secure and up to date, troubleshoot problems, and make product improvements. Microsoft server operating systems can be configured to turn diagnostic data off, send Required diagnostic data, or send Optional diagnostic data. During previews, Microsoft asks that you change the default setting to Optional to provide the best automatic feedback and help us improve the final product.
Administrators can change the level of information collection through Settings. For details, see http://aka.ms/winserverdata. Also see the Microsoft Privacy Statement.
Terms of Use
This is pre-release software – it is provided for use “as-is” and is not supported in production environments. Users are responsible for installing any updates that may be made available from Windows Update. All pre-release software made available to you via the Windows Server Insider program is governed by the Insider Terms of Use. Read More