Not recommending anyone actually run a WHS2011 box online, this is simply for fun.
I have an old Windows Home Server 2011 box (very similar to 2008 R2), that I am running just for fun. (See this thread where I fixed server backup). It has no important files on it. I have a good time keeping this going for whatever reason but this year ran into a problem that I wanted to document here in case it helps anyone else.
The two semi-related problems that I ran into this year were that:
- On the Dashboard, the "Set up" button under Domain name simply showed an error when clicked.
- For existing setups the free .homeserver.com Domain name was no longer being updated with the current IP.
This week I dove in to see if this functionality could be restored.
Diving into the SharedServiceHost-DomainManagerServiceConfig log file I could see entries such as this.
DomainManager: Throwing FaultException with detail DomainManagerFault:[Reason:CommunicationFailure, Message:UpdateDNS failed, Detail:An error occurred while making the HTTP request to https://dyndns.domains.live.com/service/livedyndns.asmx. This could be due to the fact that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server. ]
Originally I thought the dyndns.domains.live.com site was now defunct with Home Server 2011 no longer officially supported. To my surprise though I was able to pull up the site via a browser so what was going on? That pointed me to the second part of the error message, security.
I first found this site which walks you through increasing the security on SBS 2011, which is very similar to WHS 2011: https://windowspoweressentials.com/2015/12/14/sbs-2011-standard-disable-tls-1-0/
Going through the steps and rebooting I still encountered the same problem but on the site he mentions a PowerShell script from Hass Alexander that takes his steps to the next levels as far as increasing web security goes. The script can be found here: https://www.hass.de/content/setup-microsoft-windows-or-iis-ssl-perfect-forward-secrecy-and-tls-12
I ran the script and rebooted when prompted. I then rebooted a second time after the script finished and to my surprise it worked! Using Nslookup I was able to verify that that the .homeserver.com domain name I was using now had my current IP and the logs no longer showed error entries, awesome! The server also achieved an "A" rating on the SSL Server Test site lol.
Now to tackle the dashboard setup. Looking at the Dashboard.log file, when trying the button you will see the following entry:
DomainConfigWizard: Error occurred in Domain Manager Object Model operations: System.Net.WebException: The remote name could not be resolved: 'www.microsoft-sbs-domains.com'
On a fresh install of WHS2011 in a VM the Set-up button still works fine, so it's not some dependency that's been changed, it's something internal to the system. I then started to apply recommended updates to the fresh install a few at a time, testing the Set-up button in-between until I saw the error. I was able to narrow the issue down to KB2757011 which is a rollup update for the system. Removing the update will restore set-up button functionality.
But what specifically broke this? Using WinMerge to compare file system contents before and after the update I had a few things to dig into. After testing by replacing different "before update" files onto a VM that had the update applied I discovered that it was Wssg.Web.DomainConfigWizard.dll inside of the Program Files\Windows Server\Bin folder. The new post-update file has a date of 11/3/2012, and the pre-update version that comes on a fresh server install was dated 3/2/2011 on my system. I simply renamed the 2012 file bak_ and then copied the working 2011 version into the directory.
After a reboot this button now worked again as well! I was able to register for a free new homeserver.com domain and had the option to change to my own provider. Again this was all just for fun, I'll be shutting down the server now but wanted to share in case anyone here was ever in a similar boat.
Edited by protivakid, 21 September 2021 - 06:01 PM.