IIS stuck with old SSL Certificate despite of deleting it from Server

Follow me Recently one of out client requested to configure remote app publishing through windows 2012 server. After configuring all remote app setting it failed because of certificate error as Remote app requires a valid trusted certificate to be installed so that the clients can open the applications from their desktop icon.  We went ahead and generated a self signed certificate on the remote app server and assigned it correctly on the required sites in IIS by editing the binding settings. Refer the screen shot below However despite of these changes the server kept presenting the old server certificate and hence the remote app wasn’t able to connect. I even deleted the old server certificate from the server and rebooted the server but still it kept presenting the old certificate. I researched further and found the following commands to check the installed certificates on the server and delete them as needed. Following command (ran from command prompt) display the certificates installed on a server. Netsh Http Show Sslcert   As we can see in the screenshot above, this command did reveal that the old certificate (which I had already deleted from the server) was still present on the server. The old and new certificates can be identified from the certificate hash value.   I used the following command to delete the non required stale certificate from the server Following command (ran from command prompt) deleted the required certificate from the server. Netsh delete Sslcert Ipport=[::]:443 (please replace IP Port value with your required value After this SSL certificate was deleted we ran the following command again and validated that its showing only...

Windows 2008: Transaction support within the specified resource manager is not started or was shut down due to an error.

Follow me Yesterday a client reported an issue that they are unable to create schedule task on a SBS 2011 server, upon checking I found that the schedule task wizard launches fine and goes almost till completion and just as we click on finish we get the following error. Transaction support within the specified resource manager is not started or was shut down due to an error. I felt very lucky when with the first google search I stumbled upon various blogs and articles including Microsoft suggesting the corruption in transaction manager log and  the following command (from command prompt) to resolve the issue quick. fsutil resource setautoreset true c:\ Pumped with adrenaline, I performed the command (from command prompt) and rebooted the server but unfortunately the issue persisted upon the reboot. I did try the reset a couple more times & of course multiple reboots with no success. I went ahead and checked the event viewer which also was giving multiple error while loading. I did find multiple errors in it, mostly about Windows search service failing the start mostly because of again some transaction log. Refer the error events below Event ID 7034: The Windows Search service terminated unexpectedly.It has done this 12 time(s). Event ID 7023 The Windows Search service terminated with the following error: Transaction support within the specified resource manager is not started or was shutdown due to an error. Event ID 1006 The Windows Search Service has failed to create the new search index. Internal error <10, 0x80071a91, Failed to save Crawl Scope Manager changes: >. Event ID 1029 Windows Search Service failed to process the...

Windows Update error Codes, Description & Solutions

Follow me Being a junior in the company I was given  the most painful task of updating over a 1000 servers recently. While updating these servers ranging from Windows 2003 to Windows 2012 R2 I encountered almost all the windows update errors one could get ( or at least I felt like that…LOL), so I decided to document all the error events for the benefit of others.  The list below consist of  various Error codes with their meanings and possible solution.  I hope this will be able to help others. I followed the steps listed in this article to resolve most of the errors below. Error Code Dec Error Code Error String Description 0x00000641 -4294965695 Error_Install_Service_failure The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. 0x00000652 -4294965678 ERROR_INSTALL_ALREADY_RUNNING Another installation is already in progress. Complete that installation before proceeding with this install. 0x00240001 -4292607999 WU_S_SERVICE_STOP Service stopped 0x00240005 -4292607995 WU_S_REBOOT_REQUIRED The system needs to be rebooted to complete installation. 0x80004004 -2147467260 E_ABORT Operation Aborted 0x80004015 -2147467243 CO_E_WRONG_SERVER_IDENTITY The security descriptor on the BITS service was changed by a security template such that Network Service account doesn’t have READ access to BITS service. 0x80070070 -2147024784 ERROR_DISK_FULL There is not enough space on the disk 0x80070422 -2147023838 ERROR_SERVICE_DISABLED The service cannot be started. If BITS service is disabled by the Administrator, then this error will be seen. 0x80070424 -2147023836 ERROR_SERVICE_DOES_NOT_EXIST Due to a bug in BITS 1.5 OOB setup, after BITS 1.5 install, the BITS service is deleted, but the 1.5 install...

Windows 2012 R2: WMI failed to connect “Win32: The parameter is incorrect”

Follow me After deploying a DPM agent on Windows 2012 R2 server we weren’t able to get it communicate to DPM 2012 server. Understanding that DPM agent communication is dependent on WMI we tried to access the DPM server from Windows 2012 R2 file server via WMI and found it connecting alright.  However when we try to connect from DPM server to Windows 2012 R2 File server the connection was failing with following error. “Win32: The parameter is incorrect” After performing the usual clean boot etc on the 2012R2 server we finally figured that it had a software named VEEAM installed. Disabling and finally uninstalling the software resolved the issue for us. Hope this quick solution save you from pulling out your hairs, else feel free to report new issues at our forum for expert help or open paid support incident with us for quick help Follow me...

Windows 2012: RDP Black screen event ID 7011 A timeout (30000 milliseconds) was reached.

Follow me On a windows 2012 server, client reported RDP black screen randomly, it used to work fine for few days, probably even for months but randomly it used to get stuck on black screen and the only solution was to reboot the server. I have already written an article in this regard which covers most possible reasons for this issue.  You should make sure you  follow that before checking out this one,  this one is specifically if you have the event id 1711 on Windows Server 2012/R2 event log. Source:        Service Control Manager Date:          27-4-2012 7:28:01 Event ID:      7011 Task Category: None Level:         Error Keywords:      Classic User:          N/A Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Spooler service.   After ruling out all the obvious reasons on the server listed here, our research reveal that this RDP black screen issue is happening because of some printer drivers installed on the Windows 2012 server.  Although I am not very sure which printer drivers are causing this issue but following are the steps to resolve the concern. 1) Install all the pending windows updates on the server 2) Uninstall all possible printer drivers including PDF writers from the Server.  I recommend that you keep the drivers uninstalled for a monitoring period if possible, otherwise uninstall all the drivers and reinstall the latest copies of only the most required drivers that too, after completing all the steps below. 3) If HP drivers are installed on the server, ensure to either remove them or stop the services Net Driver HPZ12 and PML Driver HPZ12 (if present). 4) Remove...

Windows 2012 R2: Nslookup Fails to query the A record

Follow me Recently a Client reported that he was unable to access his website, We were able to ping the website but if  we  nslookup the same name it gives the error as shown in the screenshot.   It looked like the DNS wasn’t responding in that case the ping should also fail with destination not found error, but that wasn’t happening.  In any case we restarted the DNS server and DNS client service on the server ( this was the domain controller so had DNS installed on itself) but still the nslookup failed to resolve the name of the site. Interesting thing to note is that now we were able to open the website as well on the server but the nslookup was still failing. After having no progress in this troubleshooting, I thought about using some other tool, so I tried Port Query from the same server. I tried to reach google through it and surprisingly it was responding.   This step cleared explains that the server is able to resolve the names just fine ( as Portqry will also use the DNS server listed on this server to resolve the names) and its just the nslookup which is not able to resolve the names to IP. We concluded that nslookup on Server 2012 or probably just this server was buggy and the purpose to write this article was also to suggest not to entirely depend on nslookup on windows server.  Hope this information helps many of you out there. Feel free to report new issues on our forum for expert help or open a paid support incident...