Cry about...
Windows Hyper-V-Server
Server Manager: Computer cannot be managed ...
When using Server Manager to open Computer Management for a hyper-v-server a dialog is displayed showing the message:
Computer SERVER-NAME cannot be managed. Verify that the network path is correct, the computer is available on the network and that the appropriate Windows Firewall rules are enabled on the target computer.
To enable the appropriate Windows Firewall rules on the remote computer, open the Windows Firewall with Advanced Security snap-in and enable the following Inbound Rules:
CDOM+ Network Access (DCOM-In)
All rules in
the Remove Event Log Management group.
You can also enable these rules by using Group Policy settings for Windows Firewall with Advanced Security. For servers that are running the Server Core installation option, run the Netsh AdvFirewall command or the Windows PowerShell NetSecurity module.
Where SERVER-NAME in the above is the name (or IP address) of the hyper-v server you are trying to manage.
The Solution
It is worth checking the basics, namely that the name of the server (or its IP address) is correct.
Assuming the server name (or IP address) is correct then the next thing to check is the firewall.
Assuming you are trying to connect to hyper-v-server then you won't have access to "Windows Firewall with Advanced Security". However, if your hyper-v-server is part of your domain then you can achieve the same effect by editing the group policy.
Otherise you will need to either use "Netsh AdvFirewall" or the
PowerShell "NetSecurity" command. You need one or the other, but not
both as both are different ways of doing the same thing.
Netsh AdvFirewall
The error message refers to the need to enable the "COM+ Network Access (DCOM-In)" and "Remote Event Log Management", but this is wrong. Remote Event Log Management is correct, but it should be "Windows Management Instrumentation (WMI)" not "COM+ Network Access (DCOM-In)".
On the hyper-v-server, at the command line type (and this is not case sensitive):
netsh advfirewall firewall set rule group="Windows Management Instrumentation (WMI)" new enable=yes
netsh advfirewall firewall set rule group="Remote
Event Log
Management" new enable=yes
thus:
C:\>netsh advfirewall firewall set rule group="Windows Management Instrumentation (WMI)" new enable=yes
Updated 4 rule(s).
Ok.
C:\>netsh advfirewall firewall set rule group="remote event log management" new enable=yes
Updated 3 rule(s).
Ok.
C:\>
My thanks to http://joe.blog.freemansoft.com/2013/02/enabling-remote-management-for-windows.html for this.
If you get the message "No rules match the specified criteria"
then the group setting is not correct.
It should now be able to successfully start Computer Management from Server Manager.
PowerShell NetSecurity (alternative to Netsh)
On the hyper-v-server, at the command line type:
powershell
to start Windows PowerShell. Then in PowerShell type:
Set-NetFirewallRule -DisplayGroup 'Windows Management Instrumentation (WMI)' -Enabled true -PassThru
Set-NetFirewallRule -DisplayGroup 'Remote Event Log Management' -Enabled true -PassThru
The "-PassThru" parameter isn't strictly necessary, but forces
the command to display what it is doing which personally I prefer.
About the author: Brian Cryer is a dedicated software developer and webmaster. For his day job he develops websites and desktop applications as well as providing IT services. He moonlights as a technical author and consultant.