Bob Lin - Chicagotech.net

Fixing “No Remote Desktop License Servers”

Situation: When attempting to access Remote Desktop server, you may receive this message: “No Remote Desktop License Servers”

Troubleshooting 1: Check the RD Licensing Manager Status

In Server manager, click on Tools>Remote Desktop Services>Remote Desktop Licensing Manager

It should have a green check.

If it shows yellow explanation,

right click on the RD server and run Review Configuration, and make sure install Licenses. Also you can go to Advanced to Reactive Server.

Troubleshooting 2: Run Remote Desktop Licensing Diagnoser to check any errors.

In Server manager, click on Tools>Remote Desktop Services>Remote Desktop Licensing Diagnoser.

If you receive this message: License server is not available, go back to resolution 1 to re-install the RD license or reactive license.

If you receive this message: remote desktop licensing mode is not configured, try this fix. Please refer to this post:

Fixing “Remote desktop licensing mode is not configured”

New PA Firewall can’t ping the default gateway IP address

Situation: The client configured their new Palo alto Firewall 440 but can’t access the Internet and ping the default gateway IP address. The ping from the firewall LAN or gateway IP 192.168.100.1 works. Ping from Management IP 192.168.100.254 doesn’t work.

Troubleshooting 1: We find they didn’t configure the Static Router.

Troubleshooting 2: No NAT configured.

Troubleshooting 3: Ping is unchecked in the management Profile.

Troubleshooting 4: In our case, the client configures it at home with two networks, 192.168.12.0/24 and 192.168.100.0/24.

This is incorrect connecting. The management IP 192.168.100.254 can’t pass the Internet router.

This is correct connection. The management IP should be the same as the first network IP. 192.168.120/24 range, 192.168.12.100 in our example.

If you don’t have two networks and PA firewall as default router, the LAN/ethernet IP and Management IP could be the same subnet.

Outlook: Changes to the public group membership cannot be saved

Situation: A user has been assigned as a Distribution group manager to manage the email group. However, he gets this message when he tries to add a member: Changes to the public group membership cannot be saved. You do not have sufficient permissions to perform this operation on this object.

Troubleshooting:

When we checked the status of owners, it shows the user is the owner.

Finally, we find the problem is the user doesn’t have permissions to add the membership.

Giving Full control fixes the problem.

However, as Microsoft article “Owners of an on-premises distribution group synced to O365 can’t manage the distribution group in Exchange Online” mentioned: When an on-premises distribution group is synced to a Microsoft 365 organization through Active Directory synchronization, migrated users who are owners of the distribution group can’t manage it in Microsoft Exchange Online.

Also quoted from Office 365 – Allowing Users to Edit Exchange Groups They Manage – Perficient Blogs

Exchange Hybrid and Directory Synchronization provide for the most full-featured integration experience with your on-premises messaging environment. Users, for the most part, are unaware of whether their mailbox is in the cloud or on-premises.

There are, however, a few limitations with Exchange Hybrid and Directory Synchronization.

One of these limitations is around distribution groups that have had managers assigned for administrative purposes. If you have users that manage their own distribution groups via Outlook, you’ll find that this functionality does not work once the group manager has been moved to Exchange Online. This limitation should hopefully not come as a surprise, it’s a topic I discuss with my clients during every Exchange Online engagement. It is also an issue where unfortunately there are not a lot of great options for resolution.

TP-Link WiFi AP shows HEARTBEAT MISSED

Situation: The client has some TP-Link WiFi APs managed by Omada Controller. On the Omada Controller, it shows HEARTBEAT MISSED. They would like to know what’s the problem.

Troubleshooting: It could be the WiFI Mossing the connation or restart. You can go to Dashboard to check the EAPS status. These examples

Can’t access remote office over Paloalto firewall site to site VPN

Situation: The client has a site to site VPN to connect head office and remote office. Current computers which IP addresses have been added to firewall work fine. However, when they add more IP addresses in inbound policy on the remote office, the new IP doesn’t work.

Troubleshooting: We do see those IP addresses in remote office PA firewall. Note: Go to POLICY>Security, check the IPSec inbound policy.

In the Head Office PA firewall, we check the Monitor and find those IP addresses accessing to Remote Office port 3389 was denied.

Checking Head Office PA firewall IPSec outbound policy, we don’t see those IP addresses in.

Adding those IP addresses into Head Office PA firewall IPSec outbound policy fixes the problem.

Can’t login with this message: Failed to connect to the Veeam Backup & Replication server

Situation: When attempting to login Veeam backup & Replication, yo umay receive this error: Failed to connect to the Veeam Backup & Replication server:
No connection could be made because the target machine actively refused it <IP>:9392




Troubleshooting: The Veeam Backup Service has not started yet. Starting the services fixes the problem.

Veeam Error: The RPC server is unavailable. RPC function call failed

Situation: The client receives this Error: The RPC server is unavailable. RPC function call failed. Function name: [InvokerTestConnection] from their Veeam Backup. Target machine: Host05.

Troubleshooting 1: Veeam Backup & Replication may not be able to reach the Veeam Installer Service on the remote machine.

To fix this issue, please follow steps:

Make sure the Veeam Installer Service is running on the machine specified in the error, Host05 in our case.
If the Veeam Installer Service cannot be started, check if another application is using the default port (6160) used by the Veeam Installer Service.Use the following command to list the PID of the application using port 6160:
```
Get-Process -Id (Get-NetTCPConnection -LocalPort 6160).OwningProcess
```
Alternatively, check within the Listening Ports section of the Network tab in Resource Monitor:
1. If the Veeam Installer Service is running on the remote machine, run the following PowerShell command on the Veeam Backup & Replication server to isolate the connection issue:
  Replace <remote_machine> with the hostname, FQDN, or IP shown in the error.
```
Test-NetConnection -ComputerName "<remote_machine>" -Port 6160
```
1. If neither PowerShell nor Veeam Backup & Replication can reach the port and the Veeam Installer Service is running on the remote machine, investigate whether a firewall is blocking connectivity between the two machines.
Other possible resolutions:
- The Netlogon service is not running and is disabled.
- Antivirus on the remote machine is preventing the VeeamDeploymentSvc.exe from being run.
  Process location: C:\Windows\Veeam\Backup
- The Veeam Installer Service is not installed. In such a situation, edit the machine’s entry within the Backup Infrastructure > Managed Servers section and next the pages of the Edit Windows Server wizard to force the package to be redeployed.
- The Veeam Installer Service package was partially updated. In such a situation, uninstall the Veeam Installer Service from the remote machine. Then edit the machine’s entry within the Backup Infrastructure > Managed Servers section and next through the pages of the Edit Windows Server wizard to force the package to be redeployed.

Device is pending in TP-Link Wireless Controller

Situation: The client purchased two TP-link wireless APs and tries to configure them as Wireless Controller. He can see the Wireless APs but they are pending.

Troubleshooting: By design, TP-Link controller uses default username and password admin to add each AP. If you have changed the default admin password, it will show pending. You need to click on Pending to abode it, which will popup for the admin password you changed. If you don’t enter correct password or don’t remember the password, you need to reset the Wireless AP.

What’s the problem of This field should be visible ASCII

Situation: When the client sets up his password, he gets this message: This field should be visible ASCII.

Troubleshooting: Quoted: “ASCII, in full American Standard Code for Information Interchange, a standard data-encoding format for electronic communication between computers. ASCII assigns standard numeric values to letters, numerals, punctuation marks, and other characters used in computers”.

Some symbols may not allow to use as password. In our example, it can’t take space.

Fixing QNAP: “Failed to upload disk analysis data”

Situation: The client has QNAP storage and receives this message: Message: [Storage & Snapshots] Failed to upload disk analysis data. Disk: Host: Disk 2. The network quality is poor. The system will retry uploading the data once per day. After 7 failed attempts the data will be automatically deleted.

Troubleshooting: This is just a warning and will not affect the data on the drive. You may wat to disable it if the message persists.

Go to NAS Storage & Snapshots.

2. Click on Global Settings icon located on the top right of the window.

3. Click on Disk / Device.

4. Disable “Share my disk analysis data with QNAP” and click “Apply”.