Navigate / search

Configuring Remote Management for Windows Server 2012 in a Workgroup

So now you’ve got your Windows server 2012 installed (if not check out my previous post on installing Windows Server 2012), it’s time to get both the server side and client side configured so you can remotely manage your new machine from Server Manager.

Note: You must use Windows 8 Server Manager to remotely manage any Windows Server 2012 install

1. If you don’t have the remote server admin tools (i.e. Server Manager) for Windows 8 you can get it from here. Just download and install the package that’s right for your version of the OS.

2. Now we need to configure a few things on your client pc

.

  • User Account Control (UAC) needs to get configured so that your account on your client machine can manage a server.
  • Add your server to the trusted hosts config for winrm
  • Make sure your firewall is setup to allow remote management
  • Add the server to server manager and setup credentials

 Configuring UAC on you client PC

This is pretty straightforward. Start a command prompt as an Administrator

Type the following:

reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f

Adding your server as a Trusted Host on your client PC

You need to do this to make sure that authentication works between your client and the server. Again you need to have a command prompt open as an Administrator

Type the following:

winrm set winrm/config/Client @{TrustedHosts=”fully_qualified_server_name, server machine name”}

Now you might wonder why it has both the fully qualified name (foo.bar.com) and just the machine name (foo) – well the answer is I don’t know. But I can tell you that when I didn’t have both I couldn’t get the File and Storage role in Server Manager to work. So consider it a workaround.

As an aside big thanks goes to Tommy Patterson who writes at virtuallycloud9.com  for helping me troubleshoot this, Tommy has a great piece on getting server 2012 setup for remote management too.

If you don’t know where to get the ‘bar.com’ piece of the fully qualified address, I found that this was being provided by my gateway and can be found by using nslookup.

For example if you have a pc called foo you can go to a command prompt and type

nslookup foo

Configuring your firewall for winrm

So you may not have to do too much here, but if you test out server manager and it doesn’t work then you will need to come and check your firewall rule settings on both your client and server.

If you do run into issues I enabled the following sets of rules on the server and client (Probably overkill so you can tweak these if you want):

InBound Rules for the server and client

* Remote Event Log Management

* Remote Volume Management

* Windows Remote Management

* Windows Management Instrumentation

Finally, it’s time to try Server Manager

Start Server Manager and click Add Servers. Under the DNS tab type the name of your new server and press enter, you should find the machine and you can then add it. Once you add it you will probably get an error because the credentials are incorrect.

Right click the server name and click “Manage As”. Enter your server credentials (remember when you setup your server you created a user account with elevated credentials).

You should get your server to refresh and all the roles for each server to populate.

Now you’re ready to manager your server remotely with Server Manager, next I’ll tackle Storage setup.

Comments