Installation is forbidden by system policy

On a Windows Server 2012 R2 RDS (Remote Desktop Services) server I suddenly had a problem installing an update of PDF XChange Pro. I got a message like “Installation is forbidden by system policy”.

I tried the “Set the RDS in install mode” by opening the CMD and type “change user /install“. But still no chance of installing the MSI for the software. Also some Office updates started to fail to install.

After some research on different forums, I found the solution:

  1. Go to START > RUN > Regedit
  2. Browse the registry to HKLM\Software\Policies\Microsoft\Windows\Installer
  3. Change the REG_WORD-value of DisableMSI to 0 (mine was set to 2)
  4. Close the registry editor and try to install the program/update again (it now installs)

I hope it helps someone to.

Migration DHCP server from Windows Server 2003 to Windows Server 2012R2

The DHCP database can be moved or migrated from a Windows Server 2003 server to a Windows Server 2012R2 server. I will explain how I did this for my network. It took me like 5 minutes to migrate.

To move a DHCP database and configuration from a server that is running Windows Server 2003 to another server that is running Windows Server 2012R2 (or 2008):

1. Log on to the source DHCP server by using an account that is a member of the local Administrators group. Domain Administrator worked for me.

2. Click Start, click Run, type cmd in the Open box, and then click OK.

3. Type “netsh dhcp server export C:\dhcp.txt all” , and then press ENTER.

Note: You must have local administrator permissions to export the data.

Configure the DHCP server service on the server that is running Windows Server 2012R2

1. Click Start, click Administrative Tools, click Server Manager. If needed acknowledge User Account Control.

2. In Roles Summary click Add Roles, click Next, check DHCP server, and then click Next.

Import the DHCP database

1. Log on as a user who is an explicit member of the local Administrators group. A user account in a group that is a member of the local Administrators group will not work. If a local Administrators account does not exist for the domain controller, restart the computer in Directory Services Restore Mode, and use the administrator account to import the database as described later in this section. (For me it worked with Domain Administrator account login in normal startup mode).

2. Copy the exported DHCP database file to the local hard disk of the Windows Server 2012R2.

3. Verify that the DHCP service is started on the Windows Server 2012R2.

4. Click Start, click Run, type cmd in the Open box, and then click OK.

5. At the command prompt, type “netsh dhcp server import c:\dhcp.txt all” , and then press ENTER, where c:\dhcp.txt is the full path and file name of the database file that you copied to the server.

6. Verify that all settings, scopes and clients are imported.

Authorize the DHCP server

1. Click Start, point to All Programs, point to Administrative Tools, and then click DHCP.

Note You must be logged on to the server by using an account that is a member of the Administrators group. In an Active Directory domain, you must be logged on to the server by using an account that is a member of the Enterprise Administrators group.

2. In the console tree of the DHCP snap-in, expand the new DHCP server. If there is a red arrow in the lower-right corner of the server object, the server has not yet been authorized.

3. Right-click the server object, and then click Authorize.

4. After several moments, right-click the server again, and then click Refresh. A green arrow indicates that the DHCP server is authorized.

5. On the old DHCP server (2003), unauthorize the DHCP server if everything went well.

Don’t forget to install another server with DHCP and create a DHCP Failover (Hot Standby or Load Balanced). This is one of the new nifty features since Windows Server 2012.

HP MSA 2040 and DL380 Gen8 – New storage and virtualization project

In our firm we needed a new solution for our ever growing storage demands. Also the current server and storage (Dell PowerEdge 2950 and MD1000) is out of support after 7 years 🙂
After deciding virtualization is THE solution to go for, I also choose to go for a proper central storage box. I invited some partners to show me their solutions and I made a shortlist of 3. Dell/Equallogic (PS 4100X), EMC (VNX 5100) and HP (MSA 2040). After intens talks and comparisons, I decided to choose for an HP MSA 2040 with dual 12Gb/s SAS controllers and 24x 900GB 10k Enterprise SAS disks together with 2 HP DL380 Gen8 dual 8-core and 128GB RAM to run VM Essential Plus on.
In my believe the EMC VNX 5100 8Gb/16Gb FC and the MSA 2040 6Gb/12Gb SAS are good competitors and they both gave me huge discounts, but in the end I choose for HP meanly because the VNX 5100 will probably be end of life (EOL) in 2014 and the HP is just launched 6 months ago.

It this moment of writing, I’m waiting for the new boxes to be delivered. Maybe within 1 or 2 weeks I will receive everything and then I will do some I/O testing on this setup.

Here’s my setup:
-2 X HP Proliant DL380p Gen8 Servers (2 X 8 Core processors each, 128GB RAM each)
-HP MSA 2040 Dual Controller – 12Gb/s SAS
-HP MSA 2040 is equipped with 24 X 900GB 10k SAS Dual Port Enterprise Drives
-Each host is directly attached via 2 X 12Gb/s SAS miniHD cables (Each server has 1 SAS cable going to controller A, and Each server has 1 SAS cable going to controller B)
-On the servers, VMWare Essentials Plus will be installed as the hypervisor and for the vm’s I will be installing Windows Server 2012 R2 Datacenter.

Update on the setup and testing soon.