February update cycle again sent my server into a reboot loop, shutting down all services until I could diagnose the problem on site.
Following the same steps as in my previous post, I switched the boot choice to Safe Mode, and observed another boot failure. This time instead of getting into the weeds of troubleshooting the update system with a second Safe Mode boot, I decided to let the server go back to the normal boot mode, because some other websites have reported this as a good solution.
In this case, the failed Safe Mode boot followed by no other action did successfully restore the server.
After reviewing the Event Viewer logs, I could only find a repeated Event ID 1074, “TrustedInstaller.exe has initiated the restart”. KB2992611 and KB890830 both installed successfully before the loop, then KB4502496, KB2822241, and KB4537814 installed after the loop.
My current recommendation is to disable automatic updates for Windows servers and only perform update checks while on site. Also, run the update check twice in a row. The servicing stack update from December didn’t show up until after recovering from the reboot loop and then checking again for more updates.
After linking two local Excel files by a simple reference to a cell in another workbook, I began seeing an ominous error:
SECURITY WARNING Links to external sources could be unsafe. If you trust the links, click Update. Click for more details.
This behavior was observed in version 1907 of Excel from the Office 365 software package.
Warnings of this nature should be taken seriously. In this case, however, the message has been seriously mislabeled. Clicking into the details brings up an ancient Help page for Excel 2007. Searching for similar situations online brings up some misleading instructions.
If you are experiencing the situation described above, continue reading below for a simple workaround and more background information.
Someone attempted a very noisy attack against my router’s built-in OpenVPN server today. While there was no chance this person could guess my encryption parameters to gain access, he or she did manage to cause a denial of service.
But that doesn’t solve the problem. Fine-tuning or even disabling the slow-link mode forces the Client Side Cache (CSC) to use its “Action on server disconnect” configuration any time the network isn’t performing perfectly. The default behavior, “Work offline”, treats each affected (meaning cache-enabled) share as being totally unavailable and then the CSC attempts to retrieve cached copies. This happens even if the server is still available but failed a single ping check.
Why is this still a problem? Well, in practice, most files don’t need to be available offline. By default, the Windows file server is configured, and the Windows client is designed to allow each user to select individual files as “Always available offline” from the file context menu. When a user selects this option, that one file is copied to the CSC, and in theory that one file is always available. This allows for targeted use and minimal sync time. The problem arises with all the other files. When the CSC goes offline and marks the shared folder as disconnected, it effectively blocks access to all the files that were never cached, even if the server and its files are still available.
At this point, you and I now understand the situation that needs to be avoided. We don’t want to have a large number of files under the unnecessary clutches of the CSC, regardless of network quality.
At first, I thought the solution was to change the file server’s default configuration of allowing users to decide which files are cached. I changed folders that needed maximum online availability to be set to “No files or programs from the shared folder are available offline.” This server setting automatically disables the CSC.
Unfortunately, the result was that the folders configured for offline caching worked great, but the folders configured for no offline caching only worked until some network error or server reboot. In this configuration, once a path became disconnected, an Offline Files message is logged in the Event Viewer, and even though no files are being cached the entire path becomes unavailable. At that point, the workstation persistently throws Error 0x80070035 any time that particular path is accessed, until the workstation is rebooted.
The only solution I’ve found that works now is to completely disable the Offline Files feature on the workstation. With Offline Files disabled from the Control Panel, the network and server errors are now transient and I am not having any problems with disconnected paths or persistent errors.
Offline Files is ultimately broken and does not improve the Windows experience.
I just resolved a long-term problem where one specific Windows 2012 server was unable to ping one specific device on the same LAN.
There were no relevant resources or similar-looking cases on the web. Everything else on this LAN worked normally. The server could ping all other clients, and the clients could ping the server and the NVR. I just could not get the server to ping the NVR for the life of me.
I suspected at one point that this was a routing issue due to my desire for strong security policies around IOT devices. This turned out not to be the case as I could find nothing wrong with the router or any routing tables.
At last, I decided this problem was so specific that it could be a bug in the NVR itself. In this case, the only thing special about the Windows server from the NVR’s perspective was that the server was providing both DHCP and DNS to the NVR. I tried disabling each service, and found exactly what I was looking for.
The NVR will not respond to pings from its DNS server.
I don’t know why this is broken and don’t really care to investigate any further. The workarounds are either:
Create a DHCP reservation with its own option to specify a 3rd-party DNS server, OR
Disable the NVR’s DHCP client and set a static address with an alternative DNS server address value.
In my case, the NVR does not need to use the local DNS server, so this is an easy fix. So long as my server’s IP address is not used in the NVR DNS configuration, everything works normally and the server can ping the NVR.