Remote Computer Management on Windows 7

I am attempting to remotely manage Windows 7 machines within a SBS2008 domain environment. When I connect to remote machines using a domain administrator account, Computer Management opens fine, but when I attempt to view Device Manager I get the error "Unable to access the computer COMPUTERNAME. Make sure that this computer is on the network, has remote administration enabled, and is running the 'Plug and Play' and 'Remote Registry' services. The error was: Access is denied." This computer is running those two listed services. I am not sure how to check for remote administration outside of RDP access (which is enabled). The domain policy disables the Windows firewall within the corporate network, so I wouldn't expect exceptions are needed. I verified that the Domain Administrators group is a part of the computer's local admin group. I am able to connect to XP machines using the same method without error. What can I do to enable this access or is this locked in Win7?
LVL 2
GISCOOBYDirector of Information TechnologyAsked:
Who is Participating?
 
GISCOOBYDirector of Information TechnologyAuthor Commented:
I checked this document, but it doesn't apply in this situation. The firewall is disabled through group policy when the machine is connected to the "Domain network." I tried to add the policy rule anyway, but it generated the message: "No rules match the specified criteria." Also, the MMC snap-in chart from the link does not include a reference for Device Manager. All other items on this chart can be managed remotely.
0
 
pnorris99Commented:
Hi, this may sound stupid but is the Firewall disabled for the correct connection, you can have a firewall enabled for each connection type, Home, Office and Public Network.

I stupidly made this mistake before, however aswell as disabling the firewall I also included exceptions for the ports 'Remote Management' uses then forced a GP update on all of the machines. This enabled me to remotley manage the Windows 7 machines, I still cannot 'Fully' remotley manage XP machines in this manner.

Hope you find a solution.
0
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

 
GISCOOBYDirector of Information TechnologyAuthor Commented:
Thank you for the input. To ensure that this wasn't the case, I did verify the machines Windows Firewall with Advanced Security profile settings. The Windows Firewall is set to turn on, on all profiles except the Domain Profile, which is the active profile. Is it even possible to view the Windows 7 Device Manager remotely?
0
 
GISCOOBYDirector of Information TechnologyAuthor Commented:
I was able to find the final solution based on ALECHEV's link. The final solution was based on the article "http://blogs.technet.com/server_core/archive/2008/01/14/configuring-the-firewall-for-remote-management-of-a-workgroup-server-core-installation.aspx", which indicated that I needed to add a Group Policy as follows:
To allow Device Manager to connect, you must first enable the “Allow remote access to the PnP interface” policy<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
1.    On a Windows Vista or full Server installation, start the Group Policy Object MMC snap-in
2.    Connect to the Server Core installation
3.    Navigate to Computer Configuration\Administrative Templates\Device Installation
4.    Enable “Allow remote access to the PnP interface”
5.    Restart the Server Core installation
0
 
GISCOOBYDirector of Information TechnologyAuthor Commented:
I was able to find the final solution based on ALECHEV's link. The final solution was based on the article "http://blogs.technet.com/server_core/archive/2008/01/14/configuring-the-firewall-for-remote-management-of-a-workgroup-server-core-installation.aspx", which indicated that I needed to add a Group Policy as follows:

To allow Device Manager to connect, you must first enable the “Allow remote access to the PnP interface” policy<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office"

1.    On a Windows Vista or full Server installation, start the Group Policy Object MMC snap-in

2.    Connect to the Server Core installation

3.    Navigate to Computer Configuration\Administrative Templates\Device Installation

4.    Enable “Allow remote access to the PnP interface”

5.    Restart the Server Core installation
0
All Courses

From novice to tech pro — start learning today.