Remotely managing the disk management snap-in in Windows Server 2008 Print E-mail
You might have noticed, particularly if you’re working with Server Core, that even when your Windows Server 2008 machines are members of a domain that you get an RPC server unavailable type message when attempting to connect to the Disk management snap-in of a remote machine. While this isn’t specific to server core, it has been noticed because a remote instance of disk management is preferable to DISKPART to many people.

The reason you cannot connect to the disk management snap-in, or more specifically why the disk management snap-in cannot connect to the virtual disk service is simply a matter of the firewall rules. The firewall is enabled by default on Windows Server 2008 systems.

The interesting aspect of this is that simply enabling the rules in the “Remote Volume Management” firewall group on the target isn’t enough to allow this to work either. In addition, you need to have the “Remote Volume Management – Virtual Disk Service Loader (RPC)” firewall rule enabled on the source system too.

Summarised, if you’re trying to manage win2008svr06 with win2008svr03 you need the following rules enabled (minimum required to configure this):

Win2008svr06 (target machine)

  • Remote Volume Management - Virtual Disk Service (RPC)
  • Remote Volume Management - Virtual Disk Service Loader (RPC)
  • Remote Volume Management (RPC-EPMAP)

Win2008svr03 (source machine)

  • Remote Volume Management - Virtual Disk Service Loader (RPC)

Realistically, you need to ensure that all Windows Server 2008 member servers have all three rules in the Remote Volume Management group enabled, thus allowing any Windows Server 2008 server to remotely manage any other Windows Server 2008 server’s disk configuration (permissions permitting).

The nice thing with Windows Server 2008 is that you can configure these firewall rules using Group Policy. So rolling this setting to all your machines is nice and easy.

You use the following portion of group policy:
Computer Configuration | Policies | Windows Settings | Security Settings | Windows 
Firewall with Advanced Security | Windows Firewall with Advanced Security | Inbound Rules
Right clicking on “Inbound Rules” and choosing “New Rule” results in the “New Inbound Rule wizard”. Selecting “Remote Volume Management” from the “predefined” list, followed by “Next”, “Next” again (accepting the defaults) and then Next again (accepting the default “Allow the connection”) followed by “Finish” results in the necessary settings being configured.

Hope this helps!

< Prev   Next >