Adventures in System Administration

Category: Windows

Articles dealing with Microsoft Windows operating system.

Domain Administrator Cannot Open Ethernet Adapter Settings

Creating a new Active Directory forest and domain on Windows Server 2019 recently, I found the domain administrator could not open Network Connections. This happened when right-clicking on the Network icon on the Task Bar to open Network & Internet Settings, selecting Ethernet, and clicking on “Change adapter options”.

This only occurs when trying to open Network Connections through Windows Settings. There are no problems opening Network Connections through Control Panel or directly by running ncpa.cpl. And it only affects the domain administrator. Other users do not experience this problem. But the domain administrator has this problem on any computer in the domain.

Windows Server 2022 SMTP Relay List Bug

It appears a bug was added the IIS SMTP Server in Windows Server 2022. After installing the SMTP Server feature, you are not able to open the properties window in Internet Information Services (IIS) 6.0 Manager with MMC (Microsoft Management Console) displaying an error.

This is because the setting for RelayIpList in MetaBase.xml is incorrect . Since the SMTP Server hasn’t been significantly changed since Windows Server 2003 – it runs in IIS 6.0 Compatibility Mode after all – how this bug got introduced is a mystery. And Microsoft has taken no steps to fix it. Fortunately, this problem is easily corrected.

DCOM Permission Errors

I occasionally encounter errors when trying to install a software package on Windows with the less than helpful message that the Windows Installer Service could not be accessed.

A typical search will return lots of results about reinstalling the MSI Installer service, changing registry entries, and otherwise tinkering with low-level Windows components, but the problem is actually much simpler. The user trying to run the MSI Installer has been denied rights to run it.

The MSI Installer – the Windows Installer service – is a COM (Component Object Model) component. Windows uses a large number of COM comments for the operating system. Like files, users are granted permissions to access and run COM comments. This normally is not an issue. At least it wasn’t until Windows 10/Windows Server 2016. But a bug appears to have crept into Windows that will randomly revoke a user’s permission to run one or more COM objects, the MSI Installer being one of them. Antivirus programs seems to aggravate this, but I’ve encountered the problem on systems with only Windows (or Microsoft) Defender Antivirus.

Large Send Offload and Network Performance

An issue that I’ve encountered fairly often are complaints of slow network performance, especially when transferring large files. Although there are many issues that can affect network throughput, the most common issue is related to Large Send Offload.

Large Send Offload (also known as Large Segmentation Offload, and LSO for short) is a feature that allows the operating system TCP\IP network stack to build a large TCP message of up to 64KB in length before sending to the Ethernet adapter. Then the hardware on the Ethernet adapter — what I’ll call the LSO engine — segments it into smaller data packets (known as “frames” in Ethernet terminology) that can be sent over the wire. This is up to 1500 bytes for standard Ethernet frames and up to 9000 bytes for jumbo Ethernet frames. (The actual sizes are bit larger to accommodate the overhead – header and frame check sequence – in the packet). This is designed to free up the CPU on the server from having to handle segmenting large TCP messages into smaller packets required by the frame size. Sounds like a good deal. What could possibly go wrong?

Windows Server 2012 Update Failure – 0x80072EFE

I recently built a Windows Server 2012 virtual machine to do some compatibility testing for a PowerShell script I was working on. I wanted PowerShell 3.0 to be the minimum version required for the script so it could be used with older versions of Windows. Since PowerShell is included as an operating system component, I needed an older version of Windows to use PowerShell 3.0.  Windows Server 2012 fit the bill.

After getting Windows Server 2012 installed, trying to check for updates returned error 0x80072EFE. Microsoft had updated distribution of updates, and the Windows Update Client installed with Windows Server 2012 is out of date. You must download and install the KB2937636 update. After a reboot, the Windows Update Client will install an additional update and then it will be able to search for and install updates.

IIS SMTP Server SmtpOutboundCommandSupportOptions Bug

It’s not uncommon for Windows web servers to use the IIS SMTP Server as a mail relay. It’s a smart host in that it can do the MX record lookups to find the mail server handling the recipients’ mailboxes. But there is a problem. The big mail services such as Google and Microsoft are very picky about which mail servers they will communicate with as they try to mitigate the never-ending stream of spam. To this end, they will generally only accept mail from servers that speak ESMTP (Extended Simple Mail Transport Protocol) as currently defined in RFC 5321. Use of ESMTP is considered optional, with a fallback to the older SMTP commands if one mail server doesn’t support ESMTP. But because spammers are now the primary users of older SMTP, the big mail services simply drop the connection if the sending mail server doesn’t use ESMTP.

Copyright © 2024 Charles Rutledge

Powered by WordPress & Theme by Anders Norén