You need to ensure that you can manage Server2 by using…

Your network contains an Active Directory domain named contoso.com. The domain contains a server named
Server1 that runs Windows Server 2012 R2.
On a server named Server2, you perform a Server Core Installation of Windows Server 2012 R2. You join
Server2 to the contoso.com domain. You need to ensure that you can manage Server2 by using the Computer
Management console on Server1.
What should you do on Server2?

Your network contains an Active Directory domain named contoso.com. The domain contains a server named
Server1 that runs Windows Server 2012 R2.
On a server named Server2, you perform a Server Core Installation of Windows Server 2012 R2. You join
Server2 to the contoso.com domain. You need to ensure that you can manage Server2 by using the Computer
Management console on Server1.
What should you do on Server2?

A.
Run the Disable-NetFirewallRulecmdlet.

B.
Run the Enable-NetFirewallRulecmdlet.

C.
Run sconfig.exe and configure the network settings.

D.
Run sconfig.exe and configure remote management.

Explanation:
As we can see on the following screenshot, Remote Management is enabled by default on a new Server Core
installation of 2012 (so we don’t have to configure it on Server2) BUT that’s not enough as it only enables
WinRM-based remote management (and computer management is not WinRM- based of course). To enable
the remote management from an MMC (such as server manager, or computer manager), we have to enable
exception rules in the Firewall, which can be done, amongst other ways, using Powershell and the EnableNetFirewallRulecmdlet.http://technet.microsoft.com/en-us/library/jj554869.aspx

Enable-NetFirewallRule
Detailed Description
The Enable-NetFirewallRulecmdlet enables a previously disabled firewall rule to be active within the computer
or a group policy organizational unit. This cmdlet gets one or more firewall rules to be enabled with the Name
parameter (default), the DisplayName parameter, rule properties, or by associated filters or objects. The
Enabled parameter for the resulting queried rules is set to True.



Leave a Reply 1

Your email address will not be published. Required fields are marked *


fiber

fiber

To configure Windows Firewall to allow MMC snap-in(s) to connect
To allow all MMC snap-ins to connect, run

Enable-NetFirewallRule -DisplayGroup “Remote Administration”

To allow only specific MMC snap-ins to connect, run:

Enable-NetFirewallRule -DisplayGroup “”

Where:

Rulegroup is one of the values from the table below, depending on which snap-in you want to connect.