Key Features of Windows Server 2012

Windows Server 2003 reaches end of life on July 14 2015. We are suggesting all of our clients running Windows Server 2003 migrate to Windows Server 2012.  This list includes some of the key features provided by Windows Server 2012.

 IIS 8

 IIS 8 brings Internet Information Services up to feature parity with the rest of the world, and surpasses it in places. IIS 8 sports script pre-compilation, granular process throttling, SNI support and centralized certificate management



 PowerShell 3.0 is an evolution rather than a revolution. The 2012 line of products marks a revolution in Microsoft’s approach to server management.

 Every element of the operating system and virtually every other companion server, such as SQL, Exchange or Lync, are completely manageable through PowerShell. This is so ingrained that the GUIs are just buttons that call PowerShell scripts underneath.



 DirectAccess was a neat idea but it was poorly implemented in previous versions of Windows. Server 2012 makes it easier to use, with SSL as the default configuration and IPSec as an option. The rigid dependence on IPv6 has also been removed.

 DirectAccess has evolved into a reasonable, reliable and easy-to-use replacement for virtual private networks.


Cluster Shared Volumes

 With Server 2012 Cluster Shared Volumes are officially supported for use beyond hosting virtual hard disks for Hyper-V. You may now roll your own highly available multi-node replicated storage cluster and do so with a proper fistful of best-practice documentation.



 For years now, storage demand has been growing faster than hard drive density. Meeting our voracious appetite for data storage has meant more and more spindles, and more controllers, chassis, power supplies, electricity and cooling to keep those spindles spinning.

Deduplication has moved from nice to have to absolute must in recent years and Microsoft has taken notice. Server 2012 supports deduplication on NTFS volumes – though tragically it does not work with CSV – and deeply integrates it with BranchCache to save on WAN bandwidth.


Hyper-V 3.0

 Server 2012 sees Hyper-V catch up with VMware’s mainstream. Microsoft’s Hyper-V Server – a free Windows Core version of Hyper-V – is feature complete. If you have a yen to dive into PowerShell then you can run a complete 64-node, 8,000 virtual machine Hyper-V cluster without paying Microsoft a dime.Microsoft is betting you will spend the money on System Center 2012 and it is probably right. System Center 2012 is amazing, even more so with the newly launched Service Pack 1.


Hyper-V Replica

 Hyper-V Replica is a storage technology designed to continuously replicate your virtual machines across to a backup cluster. It ensures that snapshots no more than 15 minutes old of your critical virtual machines are available over any network link, including the internet.

 It replicates the initial snapshot in full – after that it sends only change blocks – and it fully supports versioning of your virtual machines.



With Windows Storage Server 2008, Microsoft first made an iSCSI target available. It eventually became an optional download from Microsoft’s website for Server 2008 R2 and is now finally integrated into Server 2012 as a core component.


NFS 4.1

 Microsoft’s NFS 4.1 server is good code. Designed from the ground up it is is fast, stable and reliable. It makes a great storage system for heterogenous environments and a wonderful network storage point for VMware servers.


SMB 3.0

 SMB 3.0 is the crown jewel of Server 2012. It supports multiple simultaneous network interfaces – including the ability to hot-plug new interfaces on the fly to increase bandwidth for large or complex transfers – and supports MPIO, thin provisioning of volumes and deduplication (assuming the underlying storage is NTFS).

 SMB 3.0 also supports SMB Direct and remote direct memory access, the ability for appropriately kitted systems to move SMB data directly from one system’s memory to the other, bypassing the SMB stack. This has enabled Microsoft to hit 16GBps transfer rates for SMB 3.0, a weighty gauntlet for any potential challenger to raise.

 Source: Microsoft


FORFILES – use to delete files older than specific time

Great built-in Windows command line tool to use if you want to purge backup files older than… say one week.

Batch file I create to to delete .bak (backup files) older than one week:

forfiles /P “<Path to files>” /S /M *.bak /D -7 /C “cmd /c del @PATH” 

From here, I set up Windows ‘Scheduled Tasks’ to run this batch file every night. Works great!

More info on switches:

How to test Office 365 SMTP server using PowerShell

Office 365 supports SMTP relay for authenticated accounts using TLS encryption.

Testing SMTP access is traditionally done using Telnet, but that’s not always an option when using Office 365 due to the authentication requirement.

Fortunately it’s easy to use PowerShell to accomplish the same thing.

How to test SMTP server using PowerShell:

Capture and store the Office 365 credentials for the account you intend to use for SMTP auth:

$msolcred = get-credential | save the credential of from address

Use the stored credentials to send a test message from to, over port 587 (Encrypted w/ SSL):

Send-MailMessage –From –To –Subject “Test Email” –Body “Test SMTP Relay Service” -SmtpServer -Credential $msolcred -UseSsl -Port 587

Use Command Prompt to return the logged in user of a remote computer

If you need to determine the user account that is logged into a computer with a known IP address or computer name you may use the following command. This command is confirmed to work with Windows 7 but should also work the same on Windows 8 +.

You will need to make sure the Windows Firewall on the remote computer is configured to allow access inbound for “Remote Administration (RPC)” and/or “Remote Service Management (RPC)”

Open the Command Prompt and run:

“wmic.exe /node:(computer name or IP address) computersystem get username”

If you are returned an error of RPC server unavailable make sure the Firewall is open as described above.

MSSQL Database – Limiting RAM Usage

Every so often I log into a server to find that it is encountering errors due to it running low on Resources, usually RAM.  If it is a Windows SBS or SQL Database Host, more often than not the issue is due to an SQL Database that just got out of hand.  Most of the time it seems that the SQL Database has no Max Memory limit set.  After many interactions where I have had to go into SQL Studio to try to set the limits.  I recently discovered a set of commands to accomplish the same in 5 minutes or less.  That is what I shall share.


The SQL Database I was working on when I encountered this fix was the Internal Database used for WSUS, so I will start with that example.

Start by opening up a command prompt, then type in the following and hit enter.

sqlcmd -S \\.\pipe\mssql$microsoft##ssee\sql\query -E

Flags Used:
  • -S [protocol:]server[\instance_name][,port]
    Example: sqlcmd -S tcp:*ComputerName*\*DatabaseName*,1433
  • -E (use trusted connection)

This will bring you to an SQL Prompt that in the Command Prompt window.  Your line should be: >1

From here, we are entering a few SQL commands to run against the Database.

sp_configure ’show advanced options’, 1;
sp_configure ‘max server memory’, 512;

sp_configure [ [ @configname = ] 'option_name' [ , [ @configvalue = ] 'value' ] ]
  • show advanced options – Required to access Max Server Memory
  • max server memory – Sets Max Memory in MB the Server can use
  • min server memory – Sets Minimum Memory in MB the Server starts with
RECONFIGURE - Specifies that if the configuration setting does not require a server stop and restart, the currently running value should be updated
GO - sqlcmd specific, Used to send all commands to SQL Database to execute.
And that’s it.  The SQL Server with reconfigure the RAM usage on the fly.

Cannot display webpage after updating SSL Certificate

Check if the server certificate has the private key corresponding to it. Refer the below picture:

SSL Cert wo and wprivate key

If private key is missing, then you need to get a certificate containing the private key, which is essentially a .PFX file. There is a command that we could try to run in order to associate the private key with the certificate:

 C:\>certutil –repairstore my “‎1a 1f 94 8b 21 a2 99 36 77 a8 8e b2 3f 42 8c 7e 47 e3 d1 33”

 certutil repair

 Note: 1a 1f 94 8b 21 a2 99 36 77 a8 8e b2 3f 42 8c 7e 47 e3 d1 33 is the thumbprint of the certificate. Open the certificate and click on the details tab. Scroll down to find the thumbprint section. Select the thumbprint section and click on the text below. Do a “Ctrl+A” and then “Ctrl+C” to select and copy it. Below is a snapshot for your reference:

cert thumbprint 

If the association is successful, then you would see the following window:

successful cert repair

Error opening Word, Excel, PowerPoint files or email attachments in Office 2010

If you find that you are not able to open an Word 2010, Excel 2010, or PowerPoint 2010 file from the Internet or in some cases Outlook,  and you get an error message, performing the following steps will resolve the issue:

Office 2010 may report the file as being corrupt. The exact Errors may include:

Word: Word Experienced an error trying to open the file.:

Excel: The file is corrupted and cannot be opened.

PowerPoint: PowerPoint found a problem with content in file. PowerPoint can attempt to repair the presentation.

The following steps will set component security settings back to the defaults.

Open Control Panel

Open Administrative Tools

Open Component Services and expand the tree under Console Root to Computers > My Computer.

Right-click on My Computer and select Properties.


Select the Default Properties tab and set the following values:

Default Authentication Level: Connect

Default Impersonation Level: Identify.



Disable Flash in IE

To disable Flash completely, click the gear icon in the upper right corner of the IE 10 window and then click Manage add-ons from the menu:









That opens the Manage Add-ons dialog box, shown below. Select the Shockwave Flash Object add-on and note that it is identified as a Microsoft Windows 3rd party Component. Also note the file date, which is a month before the relevant security fixes were available:













 Click Disable, and then click Close. You are now safe from any exploits that rely on vulnerabilities in Flash. Any Flash-based code, legitimate or otherwise, will not run in Internet Explorer 10 when this add-on is disabled.

Preload Office 2013 on new computers for distribution to end users

This is a technique you can use to preload the Office 2013 installation media on a system, bypassing the need to download the installation files during activation.

You will require a qualified Microsoft Partner account in order to download the media from the following link:

  • Download the disk image appropriate for your language.
  • Extract the disk image using a utility like 7zip to a folder.
  • Copy the Office 2013 Single image source folder to local PC. (Folder contains installation data and batch files for prep)
  • Uninstall the already installed Office 2013 installer  from Programs and Features (if it already exists).
  • Run as administrator the script oemsetup.en-us inside the single image source folder, this preps the system to use the local source for Office 2013 instead of downloading.
  • Open the Microsoft Office app following script completion, and select Buy online.
  • Purchase the office software using a Microsoft account affiliated with the client or user.
  • Go through the purchase process until you have confirmed, and are presented with a product key. Make sure to document what key will be assigned to each user  if preparing multiple systems.
  • Copy the Product Key to your clipboard and go back to the Office installer and now select Activate.
  • Enter the Product Key you copied.
  • Select the Redeem Online button.
  • Sign in with the same Microsoft Account used to purchase the software.
  • Select the region and language.
  • Once the key has been associated with your account you will be taken to a web page that displays all keys tied to the account.
  • Minimize the browser window and go back to the Office installer.
  • Select Activate, on the enter product key screen select the option to “sign in with an active account instead”.
  • Sign in with the Microsoft account.
  • Once signed in, you should be presented with the ‘Choose your product window’.
  • The most recent purchase is a the bottom of this list,  select it and Continue.
  • Office Click-to-run will now complete the install using the local installation source instead of downloading the software. 

This is especially helpful when dealing with multiple systems at a site with poor download speed.

Connect Windows Explorer to an Office 365 Sharepoint Library

This post will outline the authentication process and configuration necessary to access an Office 365 SharePoint Library via a mapped drive in Windows Explorer.

This information was originally posted on at


Login to the Portal

Sign in to the SharePoint Online site by using your Office 365 credentials. Make sure that you click to select the Keep me signed in check box. This is important because you need to be (and stay) authenticated via the web portal to access the SharePoint document library via a mapped drive.


Click Start, Right-click Computer, and then click Map Network Drive



Click the “Connect to a Web site that you can store your documents and pictures” link, and then click Next two times.



Type the site URL, click Next, and then follow the instructions in the wizard.

Depending on your permissions level you may need to map to a document library level


Remove the tick from “automatically detect settings” in your proxy settings page (found in the connections tab in Internet options).

This Really makes a big difference to folder traversal in explorer.


If you encounter issues with the mapped drive disconnecting follow these steps

Make sure that you are authenticated to Office 365. To do this, follow these steps: 
1. Sign in to the SharePoint Online site by using your Office 365 credentials, and make sure that you click to select the Keep me signed in check box. 
2. Open a document library in Explorer View. 
3. Try to access the mapped network drive.

If you are authenticated to Office 365 and the issue persists, make sure that the entries for SharePoint are added to the Trusted sites zone in Windows Internet Explorer. To do this, follow these steps: 
1. On the Tools menu In Internet Explorer, click Internet options. 
2. Click the Security tab, click the Trusted sites zone, and then click Sites. 
3. Verify that the following entries are listed in the Websites list:


 If these entries are not present, add them to the Trusted sites list of websites. 

Make sure that the entries for SharePoint are added to the Local Intranet Zone in Windows Internet Explorer. To do this, follow these steps: 
1. On the Tools menu In Internet Explorer, click Internet options. 
2. Click the Security tab.
3. Click the Local intranet zone, click Sites, and then click Advanced. 
4. Verify that the following entries are listed in the Websites list:


If the above entries are not present, add them to the Local intranet zone list of websites.

You should now be able to map a drive to a SharePoint Library

You may also use the Open with Explorer feature in SharePoint while you have a Library open by clicking the Library tab and selecting the Open with Explorer button located in the Connect and Export section:

Open with Explorer

Open with Explorer