Remotely Administer Additional 2008 Servers

[Today's post comes to us courtesy of Wayne McIntyre]

Microsoft Windows Server 2008 is the first server product where the Windows firewall is enabled by default. This is definitely a plus from a security standpoint however by default it does not allow remote administration. If you attempt to remotely connect to the Event Viewer of one of your additional 2008 servers you will see the following error.

On the main SBS server we enable remote administration out of the box, however, if you want to be able to remotely administer any additional Windows 2008 servers in your environment you will have to enable the remote administration firewall policy inbound rule. You can either do this locally or if you have multiple servers you may want to implement a group policy to configure the firewall for your 2008 servers. To do this locally, follow these steps:

1. Open the Windows Firewall with Advanced Security snap in from Administrative Tools.
2. Select inbound rules and enable the following 3 rules.
   1. Remote Administration (NP-in)
   2. Remote Administration (RPC)
   3. Remote Administration (RPC-EPMAP)

Enabling this policy will enable remote administration for all services, but you can also get more granular and just enable remote administration for specific components as well.

Additional Resources: https://technet.microsoft.com/en-us/network/bb545423.aspx