Category Archives: Windows Server 2008 R2

the path the path the path

got an error setting up a vanilla Windows 2008 R2 server for RD Web Apps – IIS wouldn’t load any web pages and the error message was telling me exactly what the problem was.  Funny thing is I couldn’t see the needle in that haystack.  So Google is my friend and so is this guy at this blog – Thank Indian for your helpful comment.  Removed the extra \ in the ISAPI filter path and all was fixed!

http://www.basarat.com/2010/11/calling-loadlibraryex-on-isapi-filter.html

Advertisements

autorun.inf AV blocking gotcha

Discovered this today from within Windows 7. …Any software process that involves copying, moving, or even deleting the autorun.inf file can fail as a result of current default antivirus software (aka AV) behavior.  This file is at the root of every Windows drive.

In preparation for an SBS 2011 install I wanted to create a bootable USB drive of the install media.  To start I attempted to clean off the drive of all its contents but that process failed with the autorun.inf file.  Then I realized that I should’ve just reformatted so to be thorough; of course that sledge-a-matic action worked.

I’ve done this before for SBS 2011 and WHS 2011 which can require this type of USB drive install media on headless servers.  The odd thing is that never before was this an issue so this must be something new that has emerged behind the security scenes but of which I was not aware.  What I uncovered was the Trend Micro WFBS Agent settings were blocking both ‘delete’ and ‘copy’ actions to the autorun.inf file.  This isn’t specific to just TM though as the Google search result I found pointed to a different AV vendor.  If you hit this error, disable the AV temporarily as the workaround. 

Initially I opted to go the Windows 7 USB/DVD Download tool method (creates a bootable USB drive from ISO or DVD) but hit an issue when it failed during the copying process.  After trying variations and getting the same failed result, I opted to go the longer manual creation route as detailed by Tim Barrett in his www.NoGeekLeftBehind.com blog.  During that process I hit the root issue in a way that gave me a usable error message to find the solution.  After disabling the AV I hit success.

SPLwow64.exe Terminal Server/Remote Desktop Service tweak needed

Now having had two clients with a related system process problem, I am documenting what I’ve discovered and the needed tweak to fix it.  Both of these small businesses are heavily using Remote Desktop Services aka Terminal Server.  One with SBS 2011 and Windows 2008 R2 on the member server (both virtualized on Hyper-V); the other uses SBS 2008 with Windows 2008 on its member server.  The first biz uses 98% of its connections as thin clients and has seen huge amounts of memory (commit size) set aside for instances of ‘splwow64.exe’.  The second client experienced an issue with Windows 2000 clients (yes they are still out there …yikes!) not automatically ending their session when they closed the Environment Tab specified application that their TS session is limited to running/displaying – just got the blue logoff screen in a hung stasis.

On the first I tried changing the configuration of the main shared printer.  The printer is which I determined was where all the SPLwow64.exe related print tasks were being sent.  First I disabled spooling and secondly I unchecked the box to render print jobs on client (in this case the RDS server).  Neither satisfied the desired memory release I wanted to see achieved.  I could confirm the correlation with the SPLwow64.exe process and actual memory consumed via the Hyper-V Manager console which showed the dynamic memory demand of this RDS machine.  When the topmost listed instances of the SPLwow64.exe process were ‘ended’ the overall memory dropped equally dramatically.  This server which typically needed roughly 4 GB of running memory was underperforming when maxing out at 10 GB that were dynamically being made available to it.

The link below states in the first post that you can adjust the time this process takes to release its memory and links to a dead KB article.

http://forums.techarena.in/windows-x64-edition/816779.htm

That applicable control registry key is:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\SplWOW64TimeOut

image

The second client’s issue led me to find the following thread and and in the last post the solution.  It’s a simple technique that can be applied if you want to turn off the use of system processes, SYSwow64.exe in this case, for a Terminal Server.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\SysProcs
Add a REG_DWORD called "splwow64.exe" set the value to 0

image

**Here’s another related conversation thread by an application developer found in the private Microsoft Forums

http://social.technet.microsoft.com/Forums/en-US/appvclients/thread/da0c76ea-5653-4439-a515-8246a2135cdc

SBS 2011 install and why Windows 2008 R2 SP1 doesn’t get offered

**After installing SBS 2011 I immediately wanted to install Windows 2008 R2 SP1 but instead I got offered 59 other updates and no SP1!  So of course you can just roll with that and eventually after cycles of updates and reboots you’ll get SP1 offered …but I really wanted to lay down SP1 saving time and then build from there.  Why isn’t it being offered though …even if you scan via Windows Updates?  Google didn’t give me any good results on Windows 2008 R2; however, remembering that since the Vista ‘major release’ kernel unification change to align the desktop and server kernel led me to look at Windows 7 information.

The following article identifies three required updates that must be installed in order to get offered W2k8R2 SP1.  Interestingly I was offered the KB2534366 patch (required a reboot) via WSUS but I had to go out to Windows Update to be offered the KB2533552 patch (didn’t require a reboot).  KB2454826 is the latest patch to be added to this list as this KB article has gone through multiple revisions over the years.

You do not have the option of downloading Windows 7 SP1 when you use Windows Update to check for updates