Windows Server 2019 LTSC

Stern inaktivStern inaktivStern inaktivStern inaktivStern inaktiv

November 17, 2020—KB4594442 (OS Build 17763.1579) Out-of-band.

Updates an issue that might cause Kerberos authentication and ticket renewal issues that are related to the implementation of CVE-2020-17049.

Stern inaktivStern inaktivStern inaktivStern inaktivStern inaktiv

Windows Server 2019 Bug

It appears that Microsoft’s recently released Windows Server 2019 has a bug that prevents NPS from working correctly out of the box. Specifically, it looks like the default Windows firewall rules to allow inbound UDP port 1812 (RADIUS authentication) and inbound UDP port 1813 (RADIUS accounting) do not work.


To resolve this issue, open an elevated command window and enter the following command.

sc.exe sidtype IAS unrestricted

Once complete, restart the server and the default Windows Firewall rules for NPS traffic will work correctly.


other workaroaund:

Eine zusätzliche Firewall Regel anlegen die die Ports 1812 und 1813 (UDP) öffnet

Stern inaktivStern inaktivStern inaktivStern inaktivStern inaktiv


Windows Deployment Services cannot be located on the specified server. The server might be down, there might be problems with the network, Windows Deployment Services might not be installed, the installation might

be corrupt or you might not have permission to access the server.












How to fix:

On the WDS Server run the following commands in an Elevated Command Prompt:

wdsutil /uninitialize-server,
wdsutil /initialize-server /reminst:{RemoteInstallFolder}   (example: WDSUTIL /Initialize-Server /RemInst:D:\RemoteInstall)



Stern inaktivStern inaktivStern inaktivStern inaktivStern inaktiv

I have a web site running in IIS 10. When I access the site over HTTP, everything works fine. When I run the site over HTTPS, I immediately get an HTTP 503 error "Service Unavailable". The SSL certificate used on the site is an domain certificate.

The problem in this case is that everything on port 443 has been reserved and "prevents W3SVC from obtaining the rights to listen on port 80 when it tries to start the site. Furthermore, applications that run in IIS do not need explicit reservations to run, only non-IIS applications have to reserve a URL namespace if they want to use HTTP to listen for requests."

Here are the steps to determine if this is the problem and how to resolve:

  1. Open the Command Prompt
  2. Run: netsh http show urlacl url=https://+:443/
  3. If something is there, then this is your problem. Port 443 is completely reserved and is blocking IIS.
    • If there is a need to reserve port 443 for an application running outside of IIS, it needs to be registered with an application path (i.e. http://+:443/appPath)
    • If there is nothing there, then this might not be the issue. No need to continue.
  4. Run: netsh http delete urlacl https://+:443/
  5. Try running  the application again.



Copyright © All Rights Reserved.