Monitor NTLM authentication delays and issues on Windows 2008 and 2012

Events to track authentication delays and issues: Finally we have new event log entries that can track NTLM authentication delays and issues in Windows Server 2008 R2, in a complex environment with multiple Forests and multiple Domains NTLM authentication request will be more and it’s difficult to monitor and track the Bottlenecks

Also Read: AD Slow Authentication and prompting for credentials again and again intermittently and experience time-outs when you connect to Authenticated Services

Install to enable event log entries that track NTLM authentication delays and failures

After installing the above hotfix, EventLogPeriodicity and WarningEventThreshold registry entries needs to be configured as per your requirement

Event ID: 5816 to Event ID: 5819 has been logged for if any error or warning condition is met

Some of the issues in application end for NTLM authentication delays

Web Services and Web Proxy:

  • Web clients are frequently prompted for credentials
  • Web clients receive delayed responses from the web server.

Exchange client:

  • Outlook receives delayed responses from the server.
  • Outlook is frequently prompted for credentials

Some of known issues for high authentication flow and authentication delays

  • There are highly transactional and heavily used application services in the environment.
  • There is heavy use of scripts that use the NTLM authentication through WINNT provider
  • Not properly configured applications and services to use Kerberos authentication (SPN Configuration to use only Kerberos)


Mostly occurs when a high volume of NTLM authentication or Kerberos PAC validation transactions occur on an application server, and that volume is greater than the volume that can be handled at one time by the application server or the domain controllers that are providing authentication.

Also Read: Troubleshoot Active Directory Server Replication


For applications and services that are using NTLM, just configure them to use Kerberos authentication only.

Default Maxconcurrentapi Value:

Workstations – One of the threads available for use

Member servers – Two of the threads available for use

Domain controllers – One available thread per security channel to trusted domains

Configure MaxConcurrentApi :

 Have a calculation to decide what value to set for the MaxConcurrentApi setting in your environment to resolve the issue, refer

Also See: Active Directory real time issues and solutions


Replsummary showing unknown for largest delta on AD replication checks

Largest delta would report as unknown on Source DC while running Repadmin /replsummary for your Domain and Forest, since it’s showing unknown and didn’t see the replication delta value and unable to find the affected Destination DC, will describe how to find the Destination DC

Also Read: Force active directory replication

Why it’s reporting unknown?

Let’s say if the new replication connection object has been created by KCC and it’s failed before complete the first replication cycle or yet to complete the first replication cycle , so replication destination has never replicated from the source and Repadmin /showrep shows Last success @ (never). Then largest delta would report as unknown

How to find the affected Destination DC?

Also Read: Active Directory Replication failed with “Target principal name is incorrect”

It’s not easy to find the Destination DC, since the connection object has not completed the first replication cycle, it won’t be available from Repadmin /replsummary output

Need to query each connection object from the Forest to find the Destination DC

Csvde -f c:\temp\list.csv -d “CN=Configuration,DC=Domainname,DC=com” -r (fromServer=*) -l fromserver

list.csv file contains all the connection object DN from your Forest and there fromserver attribute value

Search the list.csv with Source DC(fromserver attribute value), you will find the unknown Destination DC on the same line ( connection object DN), need to do many search till you get the correct Destination DC

This will also be used to check the opposite side of connection object, AD replication is two way pull replication and repadmin /showrep will show the connection object of respective Domain Controller and if you want to see what Domain Controller is pulling replication from this Domain Controller, then above method can be used

This can be easy in a very small environment with less then 10 Domain Controller, you can check this manually by running repadmin /showrep on each Domain Controller, let say you have a very large environment with more then a 100 DC then manual method can’t be easy and above procedure will find this in a easy way, hope this will help you to troubleshoot Active Directory replication issues

Also Read:Replication failed with “The destination server is currently rejecting replication requests” Error


Printer showing offline after upgraded to Windows 10 from Windows 8 and Windows 7

Cannot print after update to Windows 10: After upgrade your computer (PC) to Windows 10 from Windows 7, 8 and 8.1, your printer may stop working and show offline status, some printer drivers for a specific type of hardware might have issues with new Windows 10 Operating system, will discuss steps to resolve the printer going offline issue

Also See: Print spooler keep stopping automatically on Windows 10, Windows 8 and 8.1 and other client Operating system

Basic Pre-Checks

Check Printer connected to Network or Computer, USB cable plugged from the printer to the Windows 10 machine and there is no error on printer status, printer status should be green

How to fix printer offline issues in Windows 10 to Windows 7, Windows 8 and 8.1

Uninstall and Re-install Printer drivers

  • Open Device Manager Window
  • Locate Printer on the left side of the window
  • Expand the icon of the printer
  • Right click on the printer icon in the Device manager
  • Click Uninstall
  • Follow the instructions on pop up window to remove the installed printer
  • Restart the Windows 10 system
  • Install the printer from CD that came along with the printer
  • Restart the Windows 10 system
  • Check the printer status
  • Update latest Driver for Windows 10

Check the printer website for new driver for Windows 10 for your printer, download and install as per the instructions

Also See: Print spooler stopping automatically on Windows Server 2012, 2008 and 2003

My wireless Printer showing offline after unplugged accidentally

If printers are suddenly unplugged without power off or proper shutdown, its un-proper removal which may have lost contact with the router and the computer (PC)

To resolve the issue you need to restart all the devices between your computer and printer (router/switch and computer)

If it all remains same and still the printer showing offline, then you need to reinstall the printer software/driver on Windows 10 from Windows 7, 8 and 8.1 to resolve the issue

Also See: Install printer through group policy


Print spooler stopping automatically on Windows 10, Windows 8 and 8.1

Unable to Print and Print spooler service keep stopping automatically on Windows 10, Windows 8 and 8.1, issue might be with the printer driver or if you have installed multiple printer and issue might be with one of the printer that causing print spooler service stop, I would suggest list of checks and troubleshooting steps to resolve the issue

If you have searching for Print spooler issue on Windows Server, I have already discussed the same issue on Windows Print Server 2003, 2008 and 2012 with multiple network printer installed, See More: Print spooler stopping automatically on Windows Server 2012, 2008 and 2003

Uninstall unnecessary printers

Only keep the required printer drivers which is in use, uninstall other printer drivers that may conflict with working printers

Clear Printer Spooler Files

  • Click Start, type Services.msc in Search box or Click WIN+Q, type “Services.msc” in the open box
  • Services can be found under Computer Management on older operation system (Windows XP)
  • Double-click Printer Spooler in the list
  • Click Stop and click OK.
  • Open C:\Windows\System32\spool\PRINTERS
  • Delete all files in PRINTERS folder
  • Unplug the printer from Computer
  • Start Printer Spooler Service
  • Plug the printer back in

Note: PRINTERS folder is hidden so if you are not displaying hidden system folders than you should just copy and paste this path into windows explorer: “C:\Windows\System32\spool\PRINTERS”

Also See: Printer showing offline after upgraded to Windows 10 from Windows 8 and Windows 7

Enable the Spooler Service or Start Printer Spooler Service

  • Click Start, type Services.msc in Search box or Click WIN+Q, type “Services.msc” in the open box
  • Double-click Printer Spooler in the list
  • Click on Start, In the Startup Type list, make sure that “Automatic” is selected and click OK
  • Check the printer

Proceed with the below steps if still issue not resolved

  • Click Start, type Services.msc in Search box
  • Double-click Printer Spooler in the list
  • Go to Recovery tab and Select Restart the Service in Subsequent Failures field.
  • This will restart the print spooler service whenever it fails
  • Go to Dependencies’ tab and check all depending services are started state
  • If require start all dependencies services

Other steps to resolve  the issue

Try to reinstall Printer drivers from CD that comes with printer or download new updated drivers from internet and uninstall old installed driver and install downloaded driver



Convert Windows Mobil Phone to Desktop Computer (PC) with Windows 10

Windows 10 Phone on a TV: Now you can use your Windows 10 phone into a second screen PC with Continuum, Windows 10 new Continuum features allows Windows phone to function like a full-fleshed desktop PC when you connected to an external monitor, televisions (TV) and any other Second Screen

Windows 10 is a single operating system across multiple devices and platforms. This will adds some complexities, mainly on how applications will transfer from one type of device to another, like Mobile to big screen televisions.

With universal apps, this can be possible. Applications will be developed to make a pleasant experience on phones, small tablets, and PCs

Microsoft applications like MS Outlook and MS Office resemble their desktop versions when run via a phone on a bigger screen.

Also See: Troubleshooting Tips for Windows 7, 8.1 and Windows 10 Slowness Problems

How to Convert Windows Mobil Phone to Desktop Computer with Windows 10?

Just connect Windows 10 mobile phone to external monitor, televisions and any other large screen device

How to connect Windows phones to external monitor/ televisions?

Easiest way to connect Windows 10 mobile phone to external monitor/ televisions through HDMI (High-Definition Multimedia Interface) port, you should have a compatible cable to connect both the device

We can connect through WiFi also, will see more details about the supported connection and methods in my upcoming post

How do I use keyboard and mouse on Windows 10 mobile phone?

You can connect the input and output device like mouse and keyboard through Bluetooth on Windows 10 mobile phone

Can I use my existing Windows phones to connected to an external monitor?

As per Microsoft update, special hardware is used to support the multi-screen feature, unfortunately existing Windows phones won’t be able to use Continuum or connected to an external monitor/ televisions, even after upgraded to Windows 10


Need to wait and see are all future phones will be able to support this feature or only selected one, without doubt Continuum is cool feature which going to attract many new users to Microsoft Windows 10 mobile phone


How to Uninstall Windows 10 to Windows 7, Windows 8 and 8.1

After Windows 10 free upgrade, can I downgrade to Windows 7, Windows 8 and 8.1? Or go back to my older Windows version of operating system, is this possible? Of course yes

Everyone is waiting to install Windows 10 and I just think in reverse can I uninstall Windows 10? Couple of ways we can do this

If you have upgraded your system to Windows 10 (not through clean installation of Windows 10) you’ll have an easy option that revert to the last version of Windows, may be To Windows 8 or Windows 7

Also See: How to change windows 10 icons (My Computer, Recycle Bin and windows explorer icon)

How to Uninstall Windows 10 and downgrade to Windows 7, Windows 8 and 8.1

  • Open Start menu from Windows 10 desktop
  • Select Settings
  • Click Update & security icon
  • Select Recovery
  • Select Go back to Windows 7 or Go back to Windows 8.1 option
  • Click Get started
  • This will uninstall your Windows 10 and restore your previous Windows Operating System

Note: you won’t able to find the above options if you upgrade Windows over a month ago or if you deleted the C:\Windows.old folder

Windows.old Folder

C:\Windows.old folder store Windows 20 installation files and this will be used in the time of uninstallation

Also See: Troubleshooting Tips for Windows 7, 8.1 and Windows 10 Slowness Problems

How to Downgrade if Windows.old Folder not there or Deleted?

Yes, we can still uninstall the Windows 10, you can do clean install of WIndows 7 or 8.1 from an OS DC with product key

If you don’t have a OS CD, You can download Windows 7 and 8.1 ISO files using Microsoft’s Windows download


Compare Installed Windows Security Patches with other Servers

How to compare Installed Windows Security Patches with different Servers: If you are troubleshooting Windows server 2003, 2008 ans 2012 issues and you may have a working server and not working server, want to check is any patches are missing compared to working server? Use the below PowerShell command to compare installed patches between two servers

Normally we use to compare manually and it’s time consuming and painful procedure, you many end up with human errors and may not verify correctly, by doing below automated procedure will save time and effort and get very accurate result which helps to isolate issue while troubleshooting server issues

Also see: One line commands which helps to resolve the issues

Compare Installed Windows Security Patches between two servers with powershell command

$server01 = Read-Host “Computer01″

$server02 = Read-Host “Computer02″

$server01Patches = get-hotfix -computer $server01 | Where-Object {$_.HotFixID -ne “File 1″}

$server02Patches = get-hotfix -computer $server02 | Where-Object {$_.HotFixID -ne “File 1″}

Compare-Object ($server01Patches) ($server02Patches) -Property HotFixID

You can also user -Property sideindicator for -Property HotFixID to get the output in Sideindicator

Computer01 and Computer02 are server names you want to compare the patches

Output will list the difference between two servers on installed patches

Also See: How to extract bulk object from AD with the specific attributes


Is Leap Second Impact Windows Servers and Application?

Is your Windows infrastructure is ready for the Leap Second change? Before start discussing the Windows Server and Application impact, Leap Second is a one second adjustment to UTC time (Coordinated Universal Time) across the globe which is added every few years to maintain alignment with solar time. The next leap second will be added at 23:59:59 on Tues 30th June 2015 by adding an additional second before 00:00:00 on 1st July 2015.

See also:Time Service in Windows (Part 1)

How Windows Time service will handle leap second?

Windows NTP Server

Leap second is not only affecting the Windows Time service, all external NTP servers will get affected or get the Leap second changes

Once an external NTP server sends a Leap Indicator that has a value of 01 to the Windows Time service NTP server, Windows NTP server sends the same value to all NTP clients

Windows Client

After the leap second change, NTP client running on Windows Time service is one second faster than the Universal Time (UTC). This time difference is updated at the next time synchronization from a NTP server, see more from MS

How Applications will handle leap second?

Most applications do not care about the leap second change, yes – applications are in minute time adjustments to the system clock, so leap seconds are not making any difference and impact

If application is coded that needs to be precise on sub-second accuracy then need to consider how the clock change will impact on leap second, however most of the applications are coded to use minute time

See also: Understanding the time zone configuration

Leap Second Vulnerability

Currently there is no Vulnerability on Windows servers, Windows Servers detect the Leap Second change and dynamically fix it and no impact at all, however watch out future changes


Normally Leap second change/update doesn’t cause any problem unless you are Windows infrastructure and application is time sensitive less than a second in duration

Windows and Applications are robust to handle leap second changes, however keep an eye on your IT environment and NTP Windows servers, and last leap second event (June 2012) didn’t affect the windows servers

Other Time Service issues


Troubleshooting Tips for Windows 7, 8.1 and Windows 10 Slowness Problems

My Windows machine is very slow: Here you will find the basic and simple Troubleshooting Tips for Windows 7, 8.1 and Windows 10 machine Slowness Problems. Couple of ways to speed up and improve Windows desktop operating system performance, you can apply and check these methods mentioned below to solve issues like  slow startup, slow responses, slow login, slow booting and shutdown.

Simple and Best Troubleshooting  Steps/Tips for Windows 7, 8.1 and Windows 10 Slowness Problems

Check number of startup items

Startup items are loaded while the time of user login, basically it helps the software start up more quickly and always run on background to facilitate other communication and you can see this in system tray, most of the startup’s are not necessary for the system to function, down the line this will slow down your system performance

How to validate this? Use MSconfig tool to check the current startup items and you can disable startup items selectively to boost overall system performance, just un-check the unwanted programs like below and reboot the system to take to apply changes

Run – MSconfig


Uninstall unnecessary Software’s

Check the installed software’s and uninstall all unnecessary ones, software programs are played major role on system performance, default vendor programs can be removed and this will free up some hard disk space and improve the system performance

Just Open Control Panel – programs – Uninstall programs

Uninstall programs

Select the Application and Click Uninstall

Check Task Manager

Task Manager will show all running background programs, you will see what application utilizing how much CPU and RAM, you can right click and end process to kill running process which is utilizing more of you system resource

Start Task Manager

Right click Task bar and select Start Task Manager

Keep Anti-viruses Up-to-date

To protect your system from internet, you should install latest Anti-viruses software and update virus definition regularly, and now a days anti-malware program also necessary to boost performance

Check your Memory

You should have enough memory to handle the system work load, it’s it depends on how much RAM system have? How much RAM utilized? If system have very lass free RAM available then need more memory to your PC

Check your Operating system minimum RAM requirement

Unnecessary services

Not every system service that is running on Windows machine is necessary. Some services can either be disabled or modified to run only when required, system no need to spend time starting the service and this will improve the system performance

Disk Space

System should have 10% at least of free disk space to operate without any issues, you can also do disk defragmentation using Disk Defragmenter tool to improve the performance


How to change windows 10 icons (My Computer, Recycle Bin and windows explorer icon)

I don’t really like the icons of windows 10! And we have an option to change windows 10 icons, just download your favorite Icon from Internet and follow below steps to customize your own windows 10 icons

Make sure you download your favorite Icon from web with .ico format, some icons comes with a package in compressed format and  .icl, .dll, and .exe

To change Desktop icons in windows 10 Operating System

  • Open download file and check the Icon’s, once you are happy with the set of icons
  • Right-click the windows 10 desktop and select the Personalize
  • Click on “Change desktop icons” and you should see all icons that can be configured to show up on your desktop
  • Select it in the Desktop Icon Settings
  • Click on Change Icon and browse the download Icon folder and select the one you like
  • Click OK
  • And Apply

Now you will see the new Icons on your windows 10 desktop

Let’s say you want to change the Recycle Bin icon, then select the Recycle Bin and Click on Change Icon

To change the windows explorer icons in windows 10

  • Open File Explorer/windows explorer
  • Right-click the folder  which you want to replace the icon
  • Click on Properties and select Customize tab
  • Click the Change icon option at the bottom of the screen
  • Select the new icon from download Icon folder

Will discuss more on How to customize windows 10 on my upcoming articles, please check back