DESKTOP

Managing Windows Server 2012 (part 5) - Working with Server Manager - Adding servers for management, Creating server groups, Enabling remote management

12/19/2013 3:10:17 AM

2.2 Adding servers for management

Before you can use Server Manager to manage remote servers, you must add the servers for management. Any server running Windows Server 2012 can be easily added. Servers running Windows Server 2008 with Service Pack 2 or later and Windows Server 2008 Release 2 with Service Pack 1 or later can be added as well, as long as each server has .NET Framework 4.0 and Windows Management Framework 3.0 and has been enabled for remote management.

You can add a single server to Server Manager by completing these steps:

  1. Open Server Manager. In the left pane, select All Servers to view the servers that have been added for management already. If the server you want to work with isn’t listed, select Add Servers on the Manage menu to display the Add Servers dialog box.

  2. In the Add Servers dialog box, the Active Directory panel is selected by default. Use the options on the Active Directory panel to enter the computer name or fully qualified domain name (FQDN) of the remote server that is running Windows Server. After you enter a name, tap or click Find Now. Alternatively, use the options on the DNS panel to specify a server by computer name or IP address and then tap or click the Search button.

  3. In the Name list, double-tap or double-click the server to add it to the Selected list.

  4. Repeat steps 2 and 3 to add others servers. Tap or click OK.

Rather than add servers one by one, you can use the Import process to add multiple servers. To do this, follow these steps:

  1. Create a text file that has one host name, fully qualified domain name, or IP address per line.

  2. In Server Manager, select Add Servers on the Manage menu. In the Add Servers dialog box, select the Import panel.

  3. Tap or click the options button to the right of the File box, and then use the Open dialog box to locate and open the server list.

  4. In the Computer list, double-tap or double-click each server you want to add to the Selected list. Tap or click OK.

Server Manager tracks the services, events, and more for each added server. Servers are listed in the All Servers view by server name, IP address, and manageability status. Server Manager always resolves IP addresses to host names. If a server is listed as Not Accessible, you typically need to log on locally and take corrective action as necessary. For example, you might need to use a console logon to enable remote management.

2.3 Creating server groups

When you add servers to Server Management, the servers are added to the appropriate server groups automatically based on the roles and features installed. Automatically created server groups make it easier to manage the various roles and features that are installed on your servers. If you select the AD DS group, as an example, you see a list of the domain controllers you added for management as well as any critical or warning events for these servers and the status of services the role depends on.

You can create your own server groups as well to group servers by department, geographic location, or other characteristic. When you create groups, the servers you want to work with don’t have to be added to Server Manager already. You can add servers to a group at any time and those servers are added automatically for management as well.

You can create a server group by completing these steps:

  1. Open Server Manager. Select Create Server Group on the Manage menu to display the Create Server Group dialog box.

    Enter a descriptive name for the group. Use the panels and options provided to add servers to the group with the following in mind:

    • The Active Directory panel allows you to enter the computer name or fully qualified domain name of the remote server that is running Windows Server. After you enter a name, tap or click Find Now. In the Name list, double-tap or double-click a server to add it to the Selected list.

    • The DNS panel allows you to add servers by computer name or IP address. After you enter the name or IP address, tap or click the Search button. In the Name list, double-tap or double-click a server to add it to the Selected list.

    • The Import panel allows you to import a list of servers. Tap or click the options button to the right of the File box, and then use the Open dialog box to locate and open the server list. In the Computer list, double-tap or double-click a server to add it to the Selected list.

    • The Server Pool panel, selected by default, lists servers that have been added for management already. If a server you want to add to your group is listed here, add it to the group by double-tapping or double-clicking it.

  2. Tap or click OK to create the server group.

2.4 Enabling remote management

You can use Server Manager and other Microsoft Management Consoles (MMCs) to perform some management tasks on remote computers, as long as the computers are in the same domain or you are working in a workgroup and have added the remote computers in a domain as trusted hosts. You can connect to servers running Full Server, Minimal Server Interface, and Server Core installations. On the computer you want to use for managing remote computers, you should be running either Windows Server 2012 or Windows 8 and you need to install the Remote Server Administration Tools.

With Windows Server 2012, remote management is enabled by default for applications and commands that use the following:

  • Windows Remote Management (WinRM) and Windows PowerShell remote access for management

  • Windows Management Instrumentation (WMI) and Distributed Component Object Model (DCOM) remote access for management

You’ll find that these types of applications and commands are enabled for remote management because related inbound rules and exceptions for Windows Firewall are enabled. For remote management, Windows Firewall has specific exceptions for Windows Management Instrumentation, Windows Remote Management, and Windows Remote Management (Compatibility). In Windows Firewall With Advanced Security, there are inbound rules that correspond to the standard firewall-allowed applications. For WMI, the inbound rules are Windows Management Instrumentation (WMI-In), Windows Management Instrumentation (DCOM-In), and Windows Management Instrumentation (ASync-In). For WinRM, the matching inbound rule is Windows Remote Management (HTTP-In). For WinRM compatibility, the matching inbound rule is Windows Remote Management - Compatibility Mode (HTTP-In).

You manage these exceptions or rules in either the standard Windows Firewall or in Windows Firewall With Advanced Security, not both. Generally, if you want to allow remote management using Server Manager, MMCs, and Windows PowerShell, you should permit WMI, WinRM, and WinRM compatibility exceptions in Windows Firewall.

When you are working with Server Manager, you can select Local Server in the console tree to view the status of the remote management property. If you don’t want to allow remote management of the local server, tap or click the related link. Next, in the Configure Remote Management dialog box, clear Enable Remote Management Of This Server From Other Computers and then tap or click OK.

When you clear the Enable Remote Management Of This Server From Other Computers check box and then tap or click OK, Server Manager performs several background tasks that disable Windows Remote Management (WinRM) and Windows PowerShell remote access for management on the local server. One of these tasks is to turn off the related exception that allows applications to communicate through Windows Firewall using Windows Remote Management. The exceptions for Windows Management Instrumentation and Windows Remote Management (Compatibility) aren’t affected.

You must be a member of the Administrators group on computers you want to manage by using Server Manager. For remote connections in a workgroup-to-workgroup or workgroup-to-domain configuration, you should be logged on using the built-in Administrator account or configure the LocalAccountTokenFilterPolicy registry key to allow remote access from your computer. To set this key, enter the following command at an elevated, administrator command prompt:

reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v
LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f

Another way to enable remote management is to type Configure-SMRemoting.exe –Enable at an elevated, administrator prompt.

Although these techniques enable basic remote management of computers, you also need to enable rules for these specific management areas:

  • Disks and volumes Remote Volume Management must be allowed in Windows Firewall to remotely manage a computer’s disks and volumes in Computer Management or Disk Management. In the advanced firewall, there are several related rules that allow management of the Virtual Disk Service and Virtual Disk Service Loader.

    Note

    You don’t need to enable Virtual Disk Service–related rules to remotely manage Storage Spaces. You manage Storage Spaces in Server Manager using the options available when you are working with File And Storage Services.

  • Event Log Remote Event Log Management must be allowed in Windows Firewall to remotely manage a computer’s event logs. In the advanced firewall, there are several related rules that allow management via named pipes (NP) and remote procedure calls (RPCs).

  • Remote Desktop Remote Desktop must be enabled to allow someone to connect to a server using Remote Desktop.

  • Scheduled Tasks Remote Scheduled Task Management must be allowed in Windows Firewall to remotely manage a computer’s scheduled tasks. In the advanced firewall, there are several related rules that allow management of scheduled tasks via RPC.

  • Services Remote Service Management must be allowed in Windows Firewall to remotely manage a computer’s services. In the advanced firewall, there are several related rules that allow management via named pipes and RPCs.

Only Remote Service Management is enabled by default. Remote management is enabled by default on Server Core. You can configure remote management on a Server Core installation of Windows Server 2012 using sconfig. Start the Server Configuration utility by typing sconfig.

Using Windows PowerShell for remote management

Windows PowerShell provides several ways for you to work with remote computers. One way is to use an interactive remote session. To do this, open an elevated, administrator Windows PowerShell prompt. Type enter-pssession ComputerName –credential UserName , where ComputerName is the name of the remote computer and UserName is the name of a user who is a member of the Administrators group on the remote computer or in the domain of which the remote computer is a member. When prompted to enter the authorized user’s password, type the password and then press Enter. You can now enter commands in the session as you would if you were using Windows PowerShell locally. To exit the session, type exit-pssession.
Other  
 
Top 10
Extending LINQ to Objects : Writing a Single Element Operator (part 2) - Building the RandomElement Operator
Extending LINQ to Objects : Writing a Single Element Operator (part 1) - Building Our Own Last Operator
3 Tips for Maintaining Your Cell Phone Battery (part 2) - Discharge Smart, Use Smart
3 Tips for Maintaining Your Cell Phone Battery (part 1) - Charge Smart
OPEL MERIVA : Making a grand entrance
FORD MONDEO 2.0 ECOBOOST : Modern Mondeo
BMW 650i COUPE : Sexy retooling of BMW's 6-series
BMW 120d; M135i - Finely tuned
PHP Tutorials : Storing Images in MySQL with PHP (part 2) - Creating the HTML, Inserting the Image into MySQL
PHP Tutorials : Storing Images in MySQL with PHP (part 1) - Why store binary files in MySQL using PHP?
REVIEW
- First look: Apple Watch

- 3 Tips for Maintaining Your Cell Phone Battery (part 1)

- 3 Tips for Maintaining Your Cell Phone Battery (part 2)
VIDEO TUTORIAL
- How to create your first Swimlane Diagram or Cross-Functional Flowchart Diagram by using Microsoft Visio 2010 (Part 1)

- How to create your first Swimlane Diagram or Cross-Functional Flowchart Diagram by using Microsoft Visio 2010 (Part 2)

- How to create your first Swimlane Diagram or Cross-Functional Flowchart Diagram by using Microsoft Visio 2010 (Part 3)
Popular Tags
Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Biztalk Exchange Server Microsoft LynC Server Microsoft Dynamic Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 Adobe Indesign Adobe Flash Professional Dreamweaver Adobe Illustrator Adobe After Effects Adobe Photoshop Adobe Fireworks Adobe Flash Catalyst Corel Painter X CorelDRAW X5 CorelDraw 10 QuarkXPress 8 windows Phone 7 windows Phone 8 BlackBerry Android Ipad Iphone iOS