none
Remote Firewall Management from MMC to a Server Core Installation RRS feed

  • Question

  • I am trying to attach to a remote Server Core installation to enable firewall rules from an administrative workstation with the MMC and Windows Firewall Snap-In in a workgroup environment.  I have enabled remote management in the current profile settings,  I have enabled the rule group "Windows Firewall Remote Management", all my profile states are on, I have run the "cmdkey /add:YOURSERVERNAME /user:USERNAMEONTHESERVER /pass:PASSWORDOFTHATUSER in PowerShell on the administrative workstation, and I have a local administrator account with the same name and password on the Server Core Server I am trying to manage. I still get an error when trying to attach to the remote server saying the server cannot be found. I cannot run Server Manager or Hyper-V Manager without enabling these firewall rules on the remote server. Any help would be appreciated.

    Michael T. Glenn


    Michael T. Glenn

    Tuesday, July 19, 2016 5:50 PM

Answers

  • Hi,

    Please try to use this command:

    Netsh advfirewall firewall set rule group=”Windows Firewall Remote Management” new enable =yes

    REF:How to Enable Remote Administration of Server Core via MMC using NETSH

    https://blogs.technet.microsoft.com/askds/2008/06/05/how-to-enable-remote-administration-of-server-core-via-mmc-using-netsh/

    ________________________________________
    Best Regards,
    Cartman
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Friday, July 22, 2016 1:42 AM
    Moderator

All replies

  • Hi,

    Workgroup server – This is the scenario in which you may need to make firewall configuration changes to allow remote management. If you just want all remote management to work you can use:
    Netsh advfirewall firewall set rule group=“remote administration” new enable=yes

    Quote from Configuring the Firewall on Server Core for Remote Management:
    http://blogs.technet.com/b/server_core/archive/2008/01/02/configuring-the-firewall-on-server-core-for-remote-management.aspx

    Besides, to use MMC snap-ins to administer a Server Core installation that belongs to a workgroup, you need to perform the following actions on your Server Core installation:
    1. Enable the required rule groups in Windows Firewall (see the previous section for details).
    2. Use Cmdkey to specify different credentials for MMC connections.

    Details you may reference below link- section: Using MMC Snap-ins to Administer Server Core in a Workgroup:
    https://msdn.microsoft.com/en-us/library/dd163507.aspx

    ________________________________________
    Best Regards,
    Cartman
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Wednesday, July 20, 2016 6:10 AM
    Moderator
  • Thanks for your reply.  Every time I try the Netsh advfirewall firewall set rule group=“remote administration” new enable=yes command I get a "rule not found error message".  I have checked the syntax several times and receive the same error message each time.  Any idea as to why this is happening?  Thanks once again.

    Michael T. Glenn


    Michael T. Glenn

    Wednesday, July 20, 2016 3:48 PM
  • Hi,

    Please try to use this command:

    Netsh advfirewall firewall set rule group=”Windows Firewall Remote Management” new enable =yes

    REF:How to Enable Remote Administration of Server Core via MMC using NETSH

    https://blogs.technet.microsoft.com/askds/2008/06/05/how-to-enable-remote-administration-of-server-core-via-mmc-using-netsh/

    ________________________________________
    Best Regards,
    Cartman
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Friday, July 22, 2016 1:42 AM
    Moderator
  • Know it's an old one, but I found myself here and this might help someone.

    Newer versions of Windows Server seem to have seen the GroupName change to Windows Defender Firewall Remote Management.

    Enable-NetFirewallRule -DisplayGroup "Windows Defender Firewall Remote Management"

    or

    Netsh advfirewall firewall set rule group=”Windows Defender Firewall Remote Management” new enable =yes

    Dan

    Sunday, June 9, 2019 3:03 PM