Windows 2012 Essentials Question

les_garten

Limp Gawd
Joined
Dec 12, 2007
Messages
499
I migrated an office from 2003 to 2012 Essentials.

I admin'd the box fine setting it up at home with RDS and installed REALVNC on it. Everything was groovy.

Took it to the office and migrated all the workstations to this new domain controller, migrated profiles, etc, moved files, remapped shares, did scripts, etc. Everything went very smooth.

I get home and cannot get to the box thru the VPN as I always did with the 2003 server. Can't ping it, get to it with RDS, VNC, nothing. Can't get to any of the workstations either. I'm thinkin' ohhh crap, I'm in trouble Monday morning, this office is down hard and dead!

Nope, nothing, no calls. I send an email to ask the Doctor if they turned everything off and he said no, everything is working fine.

I am not interested particularly in the web admin access, that I most likely disabled because I can't reach it either. But it looks interesting and I might re-enable it.

But mainly, how do I get RDS and VNC access back? This is a remote site and I'd like to know before I drive 100 miles round trip.
 
Windows firewall?
Possibly it (properly) detected the new network when taken to the office, but set itself to Public network instead of Work or Home?

We had that happen once here, except it was when someone did RDP in. The Network Detection dialog popped up, but he ignored the box; Windows presumably then selected Public network and blocked pretty much all inbound connectivity.
Though that did block literally all inbound connections.
 
Windows firewall?
Possibly it (properly) detected the new network when taken to the office, but set itself to Public network instead of Work or Home?

We had that happen once here, except it was when someone did RDP in. The Network Detection dialog popped up, but he ignored the box; Windows presumably then selected Public network and blocked pretty much all inbound connectivity.
Though that did block literally all inbound connections.

It closed down all the workstations as well.

There was an IP renumbering when I took it to the office. Twice, once to get it on the network and second to assume the servers old IP.
 
So you either botched a policy or you did something to their router.

Neither I believe.

I'm thinking the change of network may have done it. Sonicwall fw has not been changed and I admin quite a few of those.

Thanx for playing though!
 
I have to ask..... if you configured RDS, why install VNC?

Is this Anywhere Access or a full on RDS config?

Does the RDS work for internal clients?

If you have the SonicWall, why not VPN?

Also, I remember there was some kind of problem with doing RDS on a 2012 DC, but
there was a fix released for that. Not sure that applies in your case or not, I don't remember
the details of the issue.

One more thing.... you might be able to fix this with Teamviewer or Showmypc.com, etc. so
you don't have to make the drive.


ETA: It sounds like you did a whole new domain and didn't add the 2012 server to the domain and then demote the 2003 box?
 
Last edited:
I have to ask..... if you configured RDS, why install VNC?

Is this Anywhere Access or a full on RDS config?

Does the RDS work for internal clients?

If you have the SonicWall, why not VPN?

Also, I remember there was some kind of problem with doing RDS on a 2012 DC, but
there was a fix released for that. Not sure that applies in your case or not, I don't remember
the details of the issue.

ETA: It sounds like you did a whole new domain and didn't add the 2012 server to the domain and then demote the 2003 box?

Ohhh dear...

2012 Essentials cannot add to a 2003 domain, demote, blah, blah. Discovered that the hard way. Standard 2003 >> 2012 Essentials does not join together, you have to build from scratch.

You add VNC because sometimes you need real console type access that RDP won't give you. It also gives you another doorway that is pretty much like console accress. Soi I always install encrypted VNC.

I VPN in and then RDP or VNC into the server usually. This works well and is secure.

I didn't intend or even know what Anywhere Access was till earlier today. I just intended to RDP in and admin if needed. This is just a simple file server. When I setup everything in the office the migration went Uber smooth. But I never RDP'd into anything after the IP address change in the office. It was working fine on my home network that morning before I went to do the install and prior to the IP and network change.

I really didn't see this coming.

I've been admin'ing this network for 10 years so there isn't anything hidden from me.

I have a suspicion the first response was correct that this was precipitated from the Network change maybe, still didn't see that coming. I just did a 2003 >> 2008 migration that I sent them the server and did everything remote. This has been a weird one and will be a road trip. Was hoping someone else had seen this.
 
Ohhh dear?

I think you did a lot more work than you had to with the new domain.

"The Windows Server 2012 R2 Essentials once deployed, must be the domain controller at the root of the forest and domain, and must hold all the FSMO roles. It can be installed in a pre-existing Active Directory domain only on the pretext that you are migrating to Windows Server 2012 R2 Essentials. Note that there is a grace period of 21 days for completing the entire migration from previous versions of Windows Server Essentials or Small Business Server editions. For more details, please refer to following article.

Deploying Windows Server 2012 R2 Essentials in an Existing Active Directory Environment"

http://blogs.technet.com/b/sbs/archive/2014/02/21/deploying-windows-server-2012-r2-essentials-in-an-existing-active-directory-environment.aspx

ETA: I must admit I do cheat on migrations like this.... once I transfer roles and get replication, I pull the plug on the old box and treat it as an orphaned server.
Much easier/faster than doing the demotion.

I've migrated a number of 2003 domains (from SBS too) to 2012 domains. The minimum functional forest/domain level for 2012 is 2003, so no problems.

Good luck on fixing the RDS thing.
 
Last edited:
Ohhh dear?

I think you did a lot more work than you had to with the new domain.

"The Windows Server 2012 R2 Essentials once deployed, must be the domain controller at the root of the forest and domain, and must hold all the FSMO roles. It can be installed in a pre-existing Active Directory domain only on the pretext that you are migrating to Windows Server 2012 R2 Essentials. Note that there is a grace period of 21 days for completing the entire migration from previous versions of Windows Server Essentials or Small Business Server editions. For more details, please refer to following article.

Deploying Windows Server 2012 R2 Essentials in an Existing Active Directory Environment"

http://blogs.technet.com/b/sbs/archive/2014/02/21/deploying-windows-server-2012-r2-essentials-in-an-existing-active-directory-environment.aspx

ETA: I must admit I do cheat on migrations like this.... once I transfer roles and get replication, I pull the plug on the old box and treat it as an orphaned server.
Much easier/faster than doing the demotion.

I've migrated a number of 2003 domains (from SBS too) to 2012 domains. The minimum functional forest/domain level for 2012 is 2003, so no problems.

Good luck on fixing the RDS thing.

You might want to check on your info here.

You cannot migrate a Standard 2003 >> Essentials

You can Migrate a SBS >> Essentials

You can migrate Standard 2003 >> Server 2012

I posted and researched this a lot ahead of time, spent a lot of time trying to avoid the scratch build to no avail.

Wish you could help me on my real problem though, thanx!
 
You might want to check on your info here.

You cannot migrate a Standard 2003 >> Essentials

You can Migrate a SBS >> Essentials

You can migrate Standard 2003 >> Server 2012

I posted and researched this a lot ahead of time, spent a lot of time trying to avoid the scratch build to no avail.

Wish you could help me on my real problem though, thanx!


Yes, you can migrate 2003 Standard to 2012 Essentials, I've done it. Although you will get errors with migration tools and wizards (and there are ways around that too, see link), there is nothing stopping you from joining the 2012 Essentials to the 2003 domain as a member server, promo the 2012 server, let it replicate, transfer roles, pull plug on old 2003 server. It has worked for me every time, no migration tools or wizards used at all.

Link for workaround on migration tool errors:

https://social.technet.microsoft.co...ration-tool-problem?forum=winserveressentials

As for your original RDS issue, I asked if internal clients can RDS but didn't see an answer. That's a critical piece of information to know what direction to go.
Walk the customer through installing Teamviewer on the server and then you'll have access to everything remotely to fix the problem.

Edit: Were you trying to upgrade 2003 to 2012 Essentials on the same box? Yes, I can see where maybe that wouldn't work. New server joining 2003 domain, no problem.
 
Yes, you can migrate 2003 Standard to 2012 Essentials, I've done it. Although you will get errors with migration tools and wizards (and there are ways around that too, see link), there is nothing stopping you from joining the 2012 Essentials to the 2003 domain as a member server, promo the 2012 server, let it replicate, transfer roles, pull plug on old 2003 server. It has worked for me every time, no migration tools or wizards used at all.

Link for workaround on migration tool errors:

https://social.technet.microsoft.co...ration-tool-problem?forum=winserveressentials

As for your original RDS issue, I asked if internal clients can RDS but didn't see an answer. That's a critical piece of information to know what direction to go.
Walk the customer through installing Teamviewer on the server and then you'll have access to everything remotely to fix the problem.

Edit: Were you trying to upgrade 2003 to 2012 Essentials on the same box? Yes, I can see where maybe that wouldn't work. New server joining 2003 domain, no problem.

Haitian Doctor's Office. I gotta drive down there.

Can't check the other machines, they all seem to have the same issue.
 
So it sounds like there is a language barrier with the customer, that makes things extra fun.

You have me thinking on the 2003 Standard to 2012 Essentials thing..... I know I've done a few of
them and it wasn't always a smooth migration but it got done. It's a supported (meaning possible)
MS migration even though they don't provide documentation for it like they do on the 2003 SBS migration.

I'm guessing to the MS way of thinking, they don't like seeing customers go from a full server OS
down to a cheaper Essentials or SBS type of server OS, so they don't document it or make it simple.

A few sources stated that you have to use the migration tool to do it, but I don't remember using
the migration tool. There were some challenges on those installs for sure though.

Again, good luck on the RDS thing. This stuff is usually something simple, you just have to find it.
That's the hard part. :)
 
As previously stated, I would guess a GPO is locking everything down.
The workstations did not have a "change of network" from what you state.
 
Problem has mysteriously healed itself.

That area is prone to lots of power outages that can outrun the battery and I suspect that was a lot of the issues. We have had pretty severe weather down here recently since the migration.
 
Back
Top