Hi all,
I have a handful of development level boxes running Server 2012 that I can't seem to restart remotely using Server Manager from my workstation running Windows 8. The servers and my Win 8 workstation are all in the same domain. I can install roles & features, the "Manageability" for each is listed as "online", and I can remotely connect using Powershell (or Remote Desktop, for that matter). Besides the built-in Windows Firewall with Advanced Security turned on (using the domain profile) on both the workstation & the servers, there are no firewalls between them. They're also connected via the LAN using a healthy 1Gbps link.
WinRM is enabled & enforced via GPO, listening on all interfaces over IPv4 & IPv6 (IPv4 has priority over IPv6 on my workstation & the servers), and'Configure-SMRemoting.exe -ENABLE' has been run on all the servers, too.
All of the servers were built in the same manner, and they're all behaving the same as well (in that they all fail to restart remotely with the same error message). I've been picking on one of them to deem it as the lab rat, per se, to try and figure out the problem, so any logs, results, etc. listed here are from this single server.
First off, in Server Manager, if I right click the name of the server, select "Restart Server", and then click on the "OK" button on the confirmation dialog box, after 5-10 seconds a red error bar is displayed across the top that states:
One or more servers cannot be restarted
Clicking on the "More..." link on the far right of that bar yields the Notification message below. Please note that I've omitted the name of the server, including its FQDN:
<serverNetBIOSName> : The computer <serverFQDN> is skipped. Fail to retrieve its LastBootUpTime via the WMI service with the following error message: WinRM cannot complete the operation. Verify that the specified computer name is valid,
that the computer is accessible over the network, and that a firewall exception for the WinRM service is enabled and allows access from this computer. By default the WinRM firewall exception for public profiles limits access to remote computers within the
same local subnet.
The predefined, inbound firewall rule named "Windows Remote Management (HTTP-In)" that applies to the domain & private profiles is enabled (local port TCP 5985, remote "Any"), while the public profile version of the rule is disabled. Running this command:
winrm enum winrm/config/listener
Yields this result (actual IP's removed, but they are the IPv4 & IPv6 addresses of the server):
Listener [Source="GPO"]
Address = *
Transport = HTTP
Port = 5985
Hostname
Enabled = true
URLPrefix = wsman
CertificateThumbprint
ListeningOn = 127.0.0.1, <IPv4Address>, ::1, <IPv6MulticastAddress>, <ISATAPAddress>, <IPv6LinkLocalAddress>
Running 'winrm qc' yields:
WinRM service is already running on this machine.
WinRM is already set up for remote management on this computer.
And finally, running 'Configure-SMRemoting -GET' returns:
Server Manager Remoting is disabled
So if I run 'Configure-SMRemoting -ENABLE' twice, the first response returns:
Server Manager Remoting is now enabled: WinRM firewall exception enabled.
And the second time, run right after the first with no changes to any GPOs returns:
Server Manager Remoting is already enabled and enforced by Group Policy
The only change I can see is that the inbound firewall rule pertaining to the public profile gets re-enabled. Beyond that, I can't tell that anything changed.
So with all of that, anyone have any ideas as to why I can't seem to remotely restart any of these servers?