Posts

Windows Server 2025 Domain and Functional Levels domainFunctionality and forestFunctionality attributes

The Active Directory domain and functional levels have changed for Windows Server 2025 with a new functional level being added. However the documetnation for the 3.1.1.3.2.26 domainFunctionality and 3.1.1.3.2.27 forestFunctionality attributes have not been updated. https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/6dd88965-8feb-4369-ae7e-075985da8071 0 DS_BEHAVIOR_WIN2000 1 DS_BEHAVIOR_WIN2003_WITH_MIXED_DOMAINS 2 DS_BEHAVIOR_WIN2003 3 DS_BEHAVIOR_WIN2008 4 DS_BEHAVIOR_WIN2008R2 5 DS_BEHAVIOR_WIN2012 6 DS_BEHAVIOR_WIN2012R2 7 DS_BEHAVIOR_WIN2016 The new value  10 DS_BEHAVIOR_WIN2025 Notice there is a gap of two numbers for Server 2016 and Server 2019 that didn't have an update to the domain and forest functional levels.

Enable-ClusterStorageSpacesDirect : Feature S2D is not supported on node 'NodeName'. Run cluster validation, including the Storage Spaces Direct tests, to verify the configuration

When you run the  Enable-ClusterStorageSpacesDirect cmdlet you may received the error  Feature S2D is not supported on node ' NodeName '. Run cluster validation, including the Storage Spaces Direct tests, to verify the configuration. This can occur if the operating system on the machine is Standard Edition. Storage spaces direct is only supported on Azure Stack HCI and data center editions of Windows Server.

SOLVED: The requested security information is either unavailable or can't be displayed

Image
When using Microsoft Cluster manager you see the error "The requested security information is either unavailable or can't be displayed" on the Cluster Permissions tab. This can occur if the following registry value is missing or corrupt. HKEY_LOCAL_MACHINE\Cluster\Security Descriptor REG_BINARY

Error when creating a Microsoft Failover Cluster Cloud Quorum: "An error occurred while validating access to Azure from cluster node 'servername"

Image
When you try and configure a Cloud Witness in a Microsoft Failover Cluster you may find you receive the following error. An error occurred while validating access to Azure from cluster node ‘nodename’. Verify the Azure storage account name, storage account type, storage account key, and network connectivity over HTTPS. This error is very misleading as it can occur when there's an existing Cloud Witness in the cluster core resources.

Get the hardware manufacturer name of the TPM in Windows PowerShell from Win32_TPM WMI class

When using the Win32_TPM class you can get the manufacturer name from the ManufacturerIdTxt property on Windows Server 2019 and above. For older operating systems you can convert the numeric ManufacturerId property to it's string value using the following PowerShell command as the value is actually an ASCII encoded string stored as an integer. $tpm = Get-CimInstance -Namespace "root\CIMV2\Security\MicrosoftTpm" -ClassName "Win32_Tpm" ; $bytes = [ System.BitConverter ]:: GetBytes( $tpm . ManufacturerId); [ System.Array ]:: Reverse( $bytes ); $manufacturer = [ System.Text.Encoding ]:: ASCII . GetString( $bytes );  

Install Azure HCI Stack Cluster on VMware Workstation

If you want to install Azure HCI Stack on VMware workstation it IS  possible though there are a few issues. There's a great YouTube video here on installing Azure Stack HCI in general https://www.youtube.com/watch?v=12Zoayvrols&t=1837s And there's a specific article on installing it on VMware https://virtualg.uk/how-to-install-azure-stack-hci-23h2-in-your-lab In summary there's a few things to think about in terms of VMware Use the latest version of VMware workstation (it has better support for encryption). Encrypt the virtual machines. Enable UEFI and Secure Boot. Use at least 4 cores in the virtual processors (else cluster creation will fail with AzStackHci_MOCStack_CpuCoreCount). Enable Virtualize Intel VT-x/EPT or AMD-V/RVI as you always have to with nested virtualization. Use two NICs Use 3 NVMe drives 200GB (boot) 500GB 500GB Add a TPM to the hardware Modify the .vmx file for all HCI stack hosts and change ethernet0 and ethernet1 from the e1000e adapter to the vmx

SOLVED: Installing Azure HCI Stack "EC test Test TPM Property LockoutCount is 0"

Image
When you try and install Azure HCI Stack and setup the Arc agent you may find you see the following error. Installing Azure HCI Stack "EC test Test TPM Property LockoutCount is 0" This occurs when a TPM lockout has occurred. Run the Get-Tpm PowerShell cmdlet and check the LockoutCount property. You will have to wait until the time limit has passed and the property correctly shows zero. Click the power sign off button in the user inteface. Log in again and restart the Arc Setup wizard.