Do NOT add a newer boot file into an older Windows Deployment Service

In my company, there is a Windows Deployment Service (WDS for short) hosted by Windows Server 2012 R2. Since I got the new release of Windows Server yesterday, named Windows Server 2012 R2 with Update, I added the boot.wim from the new CD into this server and began my nightmare.

Result: All boot images from installation CD work great. But all capture images are failed to start, no matter the capture image is pre-existed, new created or copied from other servers. They’re failed in 2 ways:

  • Error in \Windows\System32\boot\winload.exe with status code 0xc000000f after the loading bar completed; or,
  • Black screen after displaying the Windows logo.

To fix this, I’ve tried to remove the new added boot image but this trying is ineffective. Finally, I googled and find there is a person who added a Windows 8 Preview boot file into an old WDS server, which lead to the similar result. The way to fix is:

  1. Stop the WDS;
  2. Restore the Boot folder from a previous version; and,
  3. Restart the WDS.

If you don’t have backup, you may need to reinstall WDS.

I guess when you add a new boot image into a WDS, it will update the existed boot folder to the latest version, which may not be compatible with other boot files. Maybe it will be fixed after patching the server OS, but it’s better never to do such a thing again.

Update: There is another way to fix the broken capture image file directly. But you have to do that for every capture file.

Enable Remote Management for Hyper-V Server

After a clean installation process, firewall of Hyper-V Server is set to deny any remote connection by default.

If you need to management other than using console, you may want to enable inbound rules for Remote Management and Remote Desktop by running these commands in the console.

To enable the Remote Management:

cscript C:\windows\system32\scregedit.wsf /im 1

To enable the Remote Desktop:

cscript C:\windows\system32\scregedit.wsf /ar 0

And, you need to enable the remote desktop from the sconfig (the blue console window) also.

AVMA: An easier way to activate Windows Server 2012 R2 in Hyper-V

Microsoft provides a new way to activate VMs hosted in Hyper-V, named Automatic Virtual Machine Activation (AVMA). It makes the activation step of VMs much easier.


  • Hypervisor: Windows Server 2012 R2 Datacenter with Hyper-V role. Other versions are not supported. Dedicated Hyper-V Server is not supported.
  • VM: Windows Server 2012 R2 Datacenter, Standard and Essentials.


  1. Prepare and activate your Hypervisor;
  2. Install supported OS as VM with the key listed below, or change the key of an installed VM with command “slmgr /ipk <key>”.


  • Windows Server 2012 R2 Datacenter: Y4TGP-NPTV9-HTC2H-7MGQ3-DV4TW
  • Windows Server 2012 R2 Standard: DBGBW-NPF86-BJVTX-K3WKJ-MTB6V
  • Windows Server 2012 R2 Essentials: K2XGM-NMBT3-2R6Q8-WF2FK-P36R2

These keys are supported to being used in any unattend.exe setup file also.



Remove unwanted IP addresses belong to Domain Controllers from DNS

If you have multiple IP addresses on domain controller and do not want to publish them all to local DNS, the original way may not help because no matter how you setup, all the interfaces can still access the DNS (localhost).

In this case, you can do this by editing the registry directly.

Open regedit.exe from Domain Controller, navigate to HKLM\System\CurrentControlSet\Services\DNS\Parameters, add a string value, named as PublishAddresses, and set the value to the IP address which you want to be published to DNS.

Don’t forget to reboot and delete the existed unwanted records from DNS manually.

Set Windows Update to use http proxy

By default, Windows Update will access to microsoft update server or your WSUS server directly, no matter you set a http proxy in IE option window or not. If your computer cannot access the internet directly, that may cause a problem.

To resolve that, you need to:

  1. Set a http proxy in IE option window;
  2. Open cmd window by administrator permission;
  3. Enter this command and press enter:
    netsh winhttp import proxy source=ie

To disable the proxy setting of Windows Update, do the similars above, just changing the step 1 to disable that http proxy.

Remove A records of Domain Controller from DNS

Because it’s possible to access the DNS through all IP addresses of domain controller, you will see lots of A records pointed to each IP address of domain controller. That may cause some problem for client while determining the IP address of domain controller.

To resolve this, you have 2 choices:

1 Remove DNS service on some IP address. This will avoid the specified IP address is listed as an A record because it’s not possible to access the DNS through this IP any more.

But if you have to enable DNS on that IP, a public IP address for example, you may want to choose the 2nd way.

2 Create a REG_SZ key named PublishAddresses in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters, and set value to all IP addresses that you want to listed in DNS. If you need to declare multiple IP addresses, please separate them by space. Reboot when done.

Only all specified IP addresses will be displayed as A records in this way.

This function does NOT affect the failover cluster. All IP addresses belongs to cluster will still remain existed.



Time Sync between OSX and Windows

Through Boot Camp, we can install a dedicated Windows instance with OSX in the same mac computer. Due to the different time models, you may see that the time is not right while booting into another system.


  • OSX, as well as other unix-like system, setting UTC to hardware time, convert to local time dynamically while displaying;
  • Windows use LOCAL TIME as hardware time directly.

You may not realized this because one of these reasons below:

  • You are in England, or other countries in Time Zone 0 (GMT);
  • Your computer system, both OSX and Windows has a client of NTP, which will get the right time from internet server very soon after booting. Certainly, the related computer should have an active internet connection.

How to fix it:

I didn’t find a way to change the time model of OSX. But we can do that in Windows.

  1. Start Regedit;
  2. Nav to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\TimeZoneInformation;
  3. Create a new DWORD named as RealTimeIsUniversal, and set it value to 1.

Install dotNet framework 3.5 on Win8 / WinSvr2012

We know that from Windows Vista, the original optical media is useless after you finish system installation. Enabling a role of feature do not require that media any more.

But in Windows 8 / Windows Server 2012, for some reason we don’t know, the situation is changed a little. The setup package of dotNet framework 3.5 is not pre-copied to your hard drive. It will have to be downloaded from Microsoft while enabling that feature.

If you hate this, luckily, that setup package is on installation media also. We just need to tell the system to use that instead of downloading.

You may want to run this as administrator:

DISM /Online /Enable-Feature /FeatureName:NetFx3 /All /LimitAccess /Source:d:\sources\sxs


  • /Online targets the operating system you’re running (instead of an offline Windows image).
  • /Enable-Feature /FeatureName:NetFx3 specifies that you want to enable the .NET Framework 3.5.
  • /All enables all parent features of the .NET Framework 3.5.
  • /LimitAccess prevents DISM from contacting Windows Update.
  • /Source specifies the location of the files needed to restore the feature (in this example, the D:\sources\sxs directory).


Volume Shadow Copy Service error on Windows Server 2012

In many instance of Window Server 2012, there are lots of errors in Event Log about Volume Shadow Copy Service like this:
Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {463948d2-035d-4d1d-9bfc-473fece07dab} [0x80070005, Access is denied.].
Creating instance of hardware provider
Obtain a callable interface for this provider
List interfaces for all providers supporting this context
Query Shadow Copies
Provider ID: {3f900f90-00e9-440e-873a-96ca5eb079e5}
Provider ID: {3f900f90-00e9-440e-873a-96ca5eb079e5}
Class ID: {463948d2-035d-4d1d-9bfc-473fece07dab}
Snapshot Context: -1
Snapshot Context: -1
Execution Context: Coordinator

Actually, that may be a bug of Windows Server 2012. You need to and are able to correct it manually by setting up the right credential for related DCOM. You can choose UI or PS to reach that:
UI mode:
1 Open Component Services, open Computers – My Computer – DCOM Config.
2 Locate WTVdsProv and press right mouse key – Properties – Identity, select This user, enter an account name and password with local administrator’s permission.
3 Do the same step for WTSnapshotProvider.
PS mode:
Open PowerShell and use these commands:
$PsCred = Get-Credential
$PrvdIdentityPath = New-Object System.Management.ManagementPath(“root\wmi:WT_iSCSIStorageProviderIdentity”)
$PrvdIdentityClass = New-Object System.Management.ManagementClass($PrvdIdentityPath)