none
Remote device management - Update for windows 2012 server

    Question

  • Hi to all, im trying to acces the windows device manager remotely.

    I have found the procedure on technet and on forums, this procedure have no issue when using against 2008R2 server device manager, but when i tried the same for the new windows 2012 it does not work.

    I have tried Windows 2012 RTM with full gui as a target and also free hyper-v 2012 server as the target too.

    As the source i have tried the 2008R2 MMC and 2012 RTM MMC.

    I have Enabled the “Allow remote access to the PnP interface” via domain GPO secondary via local GPO to see if there is some difference.

    All the computers are members of the same activedirectory domain which have 2008R2 funciton level (both domain and forest).

    All atempts made towards the W2012 platform (ragardless the core or full gui) ends with error:"make sure the computer is on network, has remote managemet enabled and runing Plug and play service and remote registry service. the error was the service is not running"

    I have checked all: the remote mangement is configured to enable, and both services are also runing, i have disabled the windows firewall to be sure that it is not blocked anywhere along the way.

    I was checking the target server event log to see if there is some active refusal of the remote device mananger request. System and app log does not seem to have any trace. Only in security log I am able to see succesfull audit for the logon (type3) atempt from my source server IP which i think is related to the MMC request.

    could you please confirm that this is a bug in the new windows server, or get us some workaround please?

    As for the microsft hyper-v server 2012, the remote way is the only posible for device manager, this is a serious issue althou the devman is in read only mode and the sconfig does not provide any other means for accessing the HW info.

    I gues that the powershell will be the first workaround in answers, but i would like the remote gui management to work too.

    Thank you very much.

    Tuesday, October 30, 2012 3:36 PM

Answers

All replies

  • 2008 cannot manage 2012 via the RSAT (yet).  Currently, if you want to manage 2012 remotely, you need to have either a Windows 8 or Windows Server 2012 platform from which you are managing.  RSAT if operating system version dependent.  And, yes, this has been raised many times in this forum and others, and there has been no word from Microsoft as to when/if they will be releasing a backported RSAT for use with Windows 7 and Windows Server 2008.  We are all hoping that since the engineers have completed the release of 2012 they will now have time to backport to the earlier, and more commonly installed Windows 7/Windows Server 2008.

    As for remote management from 2012 to 2012, I have written a script to try to open up things to enable it.  Give this a try. I'm still working to ensure I have everything needed, but I think I have most of it covered.

    #
    #  Set-HyperVRemoteMgmt.ps1
    #
    # This script works on a variety of settings that are easiest done from the local machine to make it 
    # remotely manageable by a management workstation.
    
    # Set some firewall rules
    
    #  Allow ping requests in
    Set-NetFirewallRule –Name “FPS-ICMP4-ERQ-In” –Enabled True
    
    #  Allow ping requests out
    Set-NetFirewallRule –Name “FPS-ICMP4-ERQ-Out” –Enabled True
    
    #  Allow remote disk management
    Set-NetFirewallRule –Name “RVM-VDS-In-TCP” –Enabled True
    Set-NetFirewallRule –Name “RVM-VDSLDR-In-TCP” –Enabled True
    Set-NetFirewallRule –Name “RVM-RPCSS-In-TCP” –Enabled True
    
    #  Allow DCOM management requests in
    Set-NetFirewallRule –Name “ComPlusNetworkAccess-DCOM-In” –Enabled True
    
    #  Allow WMI management requets in
    Set-NetFirewallRule –Name “WMI-WINMGMT-In-TCP” –Enabled True
    
    #  Set some services to automatically start and start them.
    Set-Service -Name PlugPlay -StartupType Automatic
    Start-Service PlugPlay
    Set-Service -Name RemoteRegistry -StartupType Automatic
    Start-Service RemoteRegistry
    Set-Service -Name vds -StartupType Automatic
    Start-Service vds
    
    #  Enable Remote Desktop
    (Get-WmiObject Win32_TerminalServiceSetting -Namespace root\cimv2\TerminalServices).SetAllowTsConnections(1,1) | Out-Null
    (Get-WmiObject -Class "Win32_TSGeneralSetting" -Namespace root\cimv2\TerminalServices -Filter "TerminalName='RDP-tcp'").SetUserAuthenticationRequired(0) | Out-Null
    One note I forgot to include ... In order for remote disk management to work, the Remote Volume Management firewall ports much be open on BOTH the managed and the managing machines.

    tim


    Tuesday, October 30, 2012 6:05 PM
  • Hi Tim, i appreciate your reply but this does not move me anywhere.

    I conducted many test with different settings, but as i wrote i was primary using 2012 MMC vs. 2012 hyper-v server (which by the MS proclamation is based on the windows 2012 core with limited role availabylity). I aslo tryed the 2012 full gui vs. another 2012 full gui. The usage of 2008MMC was only when other alternatives failed, but de result was oposite to what i was suposed. im not using RSAT from desktop system becouse im aware about the RSAT incompatibility. The script you provide will be usefull in future but as I wrote im not using windows firewall so the settings are not necesary for me at this time and im 100% able to manage the services remotely via single MMC and also via remote computer management option of the 2012 all servers section in server manger(the remote volume managment work fine too). Also im able to manage the remote server via other single MMC snapin modules like windows firewall (which i used to complety disable the windows firewall) and event logs etc. My only issue is to aquire graphical data remotely from windows Device Manager. I know about the incompatibility of several consoles betwean 2008 and 2012 (failover clustering for example) and i take this as a fact, but if you try to open your own mmc on windows 2008 and add the event viewer snapin you are able to connect to 2012 server and read the events (but this is not my intention and i was testing only a few of the all available snap-ins). I wanted to be able to mange 2012 core via 2012 with full gui. Yesterday i applyed the latest cumulative update for 2012 (the KB 2756872) but the remote device issue is still there. Im convinced that this is a bug, not a configuration problem. So please tell me are you able to open device manager remotely from 2012 to another 2012 server regardles of its edition. This will be crucial info for me. Thank you very much.

    Thursday, November 1, 2012 1:09 PM
  • Actually, no, I am not able to use the GUI for Device Manager.  The problem with Device Manager failing to properly access remote systems has been raised repeatedly.  In another post in this forum, Microsoft responded with "Remote access to PnP was disabled completely in Windows 8 and cannot be re-enabled.  That's why you're seeing this behavior."  So, you have to resort to PowerShell - http://blogs.technet.com/b/wincat/archive/2012/09/06/device-management-powershell-cmdlets-sample-an-introduction.aspx.

    tim

    Thursday, November 1, 2012 8:43 PM
  • Basically, the best MS option (but definitely not free) to manage multiple environments is to use SCVMM 2012 SP1.

    Details on why are here: http://blogs.msdn.com/b/virtual_pc_guy/archive/2012/05/30/the-v2-wmi-namespace-in-hyper-v-on-windows-8.aspx

    Thursday, November 1, 2012 8:59 PM
  • I can't believe this thread has gone dead so quickly...
    I've been breaking my head over this issue for 2 full days now, and I really don't understand how this doesn't seem to be an issue for almost any admin...
    The OP is completely right, and thus far I have not been able to find a solution for this problem.

    Powershell CMDlets are "ok" , but I've picked Windows for a reason... SO GIVE ME A WINDOW!
    If I wanted to use freakin commandline crap, I would have picked Linux years ago! 
    Funny enough, Linux is moving more and more towards GUI's while "Windows" is moving towards the commandline.

    I do like the fact to run server-core and Hyper-v server like this, but the lack of a device manager (over remote MMC) is really unbelievable.

    For those of you who are still roaming the internet: There are 2 tools that come somewhat close to being usefull.
    They won't allow you to manually update or replace a driver (which is what I wanted to do) but at least you'll get an overview of what's installed.

    1: DevManView - A great free tool by Nir Sofer. available on www.nirsoft.net (no installation required, runs fine on hyper-v server)

    2: devmanpro11 - A (german) tool that has many features, but as I said, in German... I can read a little, so I haven't really tried to see if there's a language-file you can set as default; it doesn't offer from the menu though. Also, this tool requires you to install the .net 3 framework first, which can be done like this: in the cmd-window--> type: start powershell , and the powershell window will appear. In the powershell window--> type:
    get-windowsfeature net-framework-features (this will download and install the framework required for this software)

    link : http://www.vs-support.com/freeware/freeware.htm


    • Edited by Michael Star Tuesday, November 20, 2012 4:03 PM typo
    Tuesday, November 20, 2012 4:01 PM