Mouse and keyboard suddenly not working? How to fix the KB4074588 update bug

Microsoft has recently issued a Windows 10 update, code KB4074588, that is causing many headaches to system admins and IT staff.

It’s not clear what triggers the problem, but in the affected systems the update compromises the USB ports causing input devices such as mouse and keyboard to stop working.

The user is left without the possibility to interact in any way with his PC.

How to fix this mess?
(more…)

Configure a Radius server on Windows Server to authenticate Cisco VPN users

A Virtual Private Network (VPN) allows to connect to a private network through the Internet, from anywhere in the world.

It may be very helpful to business users willing to access from outside the internal resources of their company.

In this post we’ll see how you can allow Active Directory users to perform the login to a VPN, configured on a Cisco router.

The setup includes a Cisco 1801 router, configured with a Road Warrior VPN, and a server with Windows Server 2012 R2 where we installed and activated the domain controller and Radius server role.
(more…)

How to configure DHCP failover on Windows Server 2012 R2

Configuring the DHCP failover in your LAN is a simple operation to improve the reliability of the network.

There are two main ways to provide DHCP failover:

  • Load balancing
  • Hot standby

Load balancing allows to share the load between two or more DHCP servers while the Hot standby mode simply provide DHCP redundancy.

In this guide we adopted the Hot standby mode. The DHCP servers are two Windows 2012 R2 machine in the same domain (mandatory requirement).
(more…)

How to configure NIC Teaming on Windows Server 2012

Load balancing and failover (LBFO), also known as NIC Teaming, is a powerful feature introduced by Microsoft only with Windows Server 2012. With previous versions of Windows you could only rely on third party software, a curious limitation.

NIC Teaming allows an administrator to place in a team multiple network adapters being part of the same machine.

Working as a team, the network adapters improve bandwidth and protect from failures, sharing the same IP and network configuration.

The reason is pretty straightforward, if one of the adapters breaks, the others will take care of the local connectivity. Windows supports up to 32 adapters placed in a single team.
(more…)

How to reset NTFS permissions with ICACLS

File and folder permissions are really important to Windows. Sometimes a user may mess with the permissions causing software or even the operating system to work in an undesired way.

There’s a simple way to solve this kind of problems without headaches, using the ICACLS command.

Launch the command prompt as an Administrator and navigate through the tree of folders you need to fix.

Then launch the command ICACLS * /T /Q /C /RESET.

ICACLS will reset the permissions of all the folders, files and subfolders. After a while, depending on the number of file, the permissions will be fixed.

Sometimes, you may need to take the ownership of a tree of folders. You can use the command takeown /R /F * before launching the ICACLS.

Be careful, taking the owenership of system folders may break your operating systems.

Configuring and using Windows Deployment Services (WDS)

Windows Deployment Services (WDS) is a really interesting tool from Microsoft. It allows an administrator to remotely deploy Windows operating systems to machines booting from a network adapter.

In environments with a high number of clients WDS can be very useful, a new computer can be formatted just plugging the Ethernet, without any physical support like Windows DVDs or USB drives.

The configuration isn’t difficult but there are some requirements:

  • There must be an Active Directory Domain Services
  • At least one partition on the server must be formatted as NTFS
  • A DHCP server must be active to assign IP addresses to the WDS clients

Let’s see how you can configure and use the Windows Deployment Services.
(more…)

How to deploy (and/or remove) software packages via GPO

One of the greatest advantages of having an Active Directory Domain is the possibility to deploy software packages via GPO (Group Policy Object). Software deployment is crucial in business environments to save time and money.

Microsoft not only gives us a simple way to deploy software, but also provides a quick solution to uninstall it when we don’t need it anymore.
(more…)