Coming Soon: GET-IT: Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET Coming Soon: GET-IT: Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET
Windows Server 2008

Remotely Manage Devices in Windows 2008 Server Core

As I wrote in previous Windows Server 2008 articles, a Server Core installation provides a minimal environment for running specific server roles, which reduces the maintenance and management requirements and the attack surface for those server roles. You can read more about Server Core in the “What’s Related” section at the bottom of this page.

Getting to the point of this article, remotely managing Server Core is not as hard as it seems. You can read more about it on several of my articles, but the point is that most things can be done remotely by using the regular MMC-based snap-in Administration tools, WinRM and WinRS, and even through Remote Desktop.

This article focuses on remote administration via the MMC-based Administration tools. In order to get these to work across the network you will need to run the following command on the server core machine (or on any other Windows Server 2008 server for that matter):

Sponsored Content

Say Goodbye to Traditional PC Lifecycle Management

Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.

​netsh advfirewall firewall set rule group=“remote administration” new enable=yes

The above command will allow for most remote management tools to work out-of-the-box. However, in addition to allowing the MMC snap-ins through the firewall, using Device Manager remotely requires additional configuration. If you don’t perform the following steps you will end up with this error:

Running Device Manager remotely

To allow Device Manager to connect to a remote computer, you must first enable the “Allow remote access to the PnP interface” setting on the target computer’s Local Group Policy.

1. On a Windows Vista or Windows Server 2008 installation, start the Group Policy Object MMC snap-in by typing MMC in the Run box and pressing Enter.

2. In the Add or Remove Snap-Ins window, scroll to find Group Policy Object Editor, and click Add.

3. In the Select Group Policy Object window, click Browse.

4. In the Browse for Group Policy Object window, click Another Computer, and either type or browse for the remote server core machine.

5. In the Select Group Policy Object window, click Finish.

6. In the Add or Remove Snap-Ins window click Ok.

7. In the Group Policy of the remote computer, navigate to Computer Configuration -> Administrative Templates -> System -> Device Installation.

8. Enable the Allow remote access to the PnP interface setting.

9. Close the MMC console (you don’t have to save it, but you can if you want to).

10. Restart the Server Core installation.

Now you can connect to the remote server core machine and manage its devices by using Device Manager.

1. Open Computer Management through the Administrative Tools folder.

2. Right-click Computer Management and select Connect to another computer.

3. In the Select computer window, type or browse to the remote server core computer. Click Ok.

4. Expand System tools -> Device Manager. Note that now you can perform changes on the listed devices.

And that’s it! You are done!

Related Topics:

Live Webinar: Active Directory Security: What Needs Immediate Priority!Live on Tuesday, October 12th at 1 PM ET

Attacks on Active Directory are at an all-time high. Companies that are not taking heed are being punished, both monetarily and with loss of production.

In this webinar, you will learn:

  • How to prioritize vulnerability management
  • What attackers are leveraging to breach organizations
  • Where Active Directory security needs immediate attention
  • Overall strategy to secure your environment and keep it secured

Sponsored by: