How to correctly cleanup WSUS server

Problem A typical WSUS server is getting more and more updates over time and disk space needed for those updates is growing. Unfortunately the integrated Cleanup Wizard does only half of the work needed, to really cleanup the WSUS server from unnecessary updates. Solution Decline superseded updates Open WSUS admin console and go to "All Updates". Change "Approval" to "Any…

Create SAN certificate request for IIS web servers

Open certificate MMC snap-in on the server. Click on "Personal" -> "All Tasks" -> "Advanced Operations" -> "Create custom request" Click "Next" on the certificate enrollment wizard. Select "Proceed without enrollment policy" and click "Next". Choose "(No template) CNG key" and "PKCS #10" as request format and click "Next". On the certificate information page, click on "Details" and the click…

Backup and restore Shares and NTFS permissions

Backup shares (GUI) Open Registry Editor (regedit.exe). Open the following registry location: HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares Right-click "Shares" key and select "Export". Give it any filename you prefer such as "SharePermissions.reg". Backup shares (Command) Open command prompt. Type the following command: reg export HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares SharePermissions.reg Restore shares Double-click the exported file named "SharePermissions.reg" OR Type the following command: reg import SharePermissions.reg Backup NTFS…

Performing AD Schema Updates

Disable AD Replication Before you start to update your AD Schema (for example to prepare AD for Installation of Exchange Servers) you should disable AD replication on your AD Schema master. repadmin /options +DISABLE_OUTBOUND_REPL +DISABLE_INBOUND_REPL sc.exe \\ STOP NTFRS sc.exe \\ CONFIG NTFRS START= DISABLED Enable AD Replication repadmin /options -DISABLE_OUTBOUND_REPL -DISABLE_INBOUND_REPL sc.exe \\ CONFIG NTFRS START= AUTOMATIC…

Recreate deleted RODC NTDS connection

Problem You may have accidentially deleted the RODC NTDS connection, which is typically named "RODC Connection (FRS)". Even tought deleting this connection is normally not possible without removing the "protect deletion" flag, the object no longer exists. Solution You have two option to recreate the RODC NTDS connection. Demote and repromote the RODC. Manually recreate the NTDS object. Since demoting…

WSUS installation fails on Server 2008 R2

Problem Trying to install WSUS on Windows Server 2008 R2 you receive the following error message: The update could not be found. Solution The problem may be, that there is already a WSUS server on the network and you have applied some WSUS Group Policies to this new server. Check for any Group Policies applied to this server, which is…

Error 0xc1420127 on adding drivers to a WIM image

Problem On adding drivers to a WIM Image in Windows Deployment Services you might get the following error message. Error code: 0xc1420127 Solution This error can happen without any specific error. To resolve this problem please follow this steps. Clear all temporary folders on the WDS Server. Start Registry Editor. Delete all key and entries below this Folder: HKLM\SOFTWARE\Microsoft\WIMMount\MountImages Close…