Solved

Remote Administration issue.

Posted on 2011-03-11
17
657 Views
Last Modified: 2012-05-11
Dear all,

I need help to solve issue with Server. From remote machines I cannot execute nothing on this server.

I have this setting on the server:
- Remote Managment
 Remote Managment
- Set-ExecutionPolicy Unrestricted
 Execution Policy
When I run the command for example:
winrs -r:Servername ipconfig/all

I recieve this error:
 Error
0
Comment
Question by:Gonzalo Becerra
  • 10
  • 7
17 Comments
 
LVL 42

Expert Comment

by:kevinhsieh
Comment Utility
Did you run "winrm quickconfig" on the server? Is the server 2008 or 2008 R2. 2008 needs the winrm 2.0 update.
0
 
LVL 1

Author Comment

by:Gonzalo Becerra
Comment Utility
Yep I runned winrm quickconfig and see two messages ok.

I have Windows 2003 R2 Enterprise.
0
 
LVL 42

Expert Comment

by:kevinhsieh
Comment Utility
You installed Windows Management Framework Core package (Windows PowerShell 2.0 and WinRM 2.0)? Just wondering because I didn't bother with my older boxes.
http://support.microsoft.com/kb/968930
0
 
LVL 1

Author Comment

by:Gonzalo Becerra
Comment Utility
Yep but this update is for Windows 2003 and we have server with Windows 2008 R2.
0
 
LVL 42

Expert Comment

by:kevinhsieh
Comment Utility
I think that the 2003 version is what you want. 2003 R2 is really just an add on pack to Windows 2003, so the only difference is for services that 2003 R2 updates, such as adding DFS-R. Now, Windows 2008 R2 is not at all the same as 2008.
0
 
LVL 1

Author Comment

by:Gonzalo Becerra
Comment Utility
Yep, I have Windows 2008 R2 now and when I run a command remotly always I recieved the same error.
I cannot execute nothing remotly to this server. I don't know why.
0
 
LVL 42

Expert Comment

by:kevinhsieh
Comment Utility
Is your firewall active?
0
 
LVL 1

Author Comment

by:Gonzalo Becerra
Comment Utility
No, I don't have firewall active. I have other Server with Windows 2008 R2 in the same network and work fine. I have the problem to run remotly only with this server.
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 42

Expert Comment

by:kevinhsieh
Comment Utility
It looks like your first screen shot is taken from Windows 2008 or 2008 R2. There is no server manager in Windows 2003.
0
 
LVL 1

Author Comment

by:Gonzalo Becerra
Comment Utility
Yep. The All images except the last one are taken from Local server with problem (Windows 2008 R2 / ServerName: Servername1).

The last image are taken from other server we execute the command pointing to Servername1 to verify the error.
0
 
LVL 42

Expert Comment

by:kevinhsieh
Comment Utility
Wait, which server are you trying to manage, and from where? I thought that you are trying to manage a Windows 2003 R2 server from Windows Vista, 7, 2008, 2008 R2. Commands, such as "winrm quickconfig " need to be run on the box being managed. Your first screenshot shows you configuring the Windows 2008 R2 being configured to be remotely managed.

Are both machines members of the domain? Are you runnint winrs as a user that is an administrator on Servername1?
0
 
LVL 1

Author Comment

by:Gonzalo Becerra
Comment Utility
No,

I have two servers with Windows 2008 R2.

Servername2 (Always work remotly)
Servername1 (not work remotly)

If I connect fromServername1 to Servername2 and execute any remotly work all fine.

If I connect from Servername2 to Servername1 and try execute any remotly I recieve the error.
0
 
LVL 1

Author Comment

by:Gonzalo Becerra
Comment Utility
both Servers are in the Same Domain (DomainName)
0
 
LVL 1

Author Comment

by:Gonzalo Becerra
Comment Utility
This is the Actual configuration of WINRM on Servername1

PS C:\ACO-SRVS\Scripts\Site Creation> winrm get winrm/config
Config
    MaxEnvelopeSizekb = 150
    MaxTimeoutms = 60000
    MaxBatchItems = 32000
    MaxProviderRequests = 4294967295
    Client
        NetworkDelayms = 5000
        URLPrefix = wsman
        AllowUnencrypted = false
        Auth
            Basic = true
            Digest = true
            Kerberos = true
            Negotiate = true
            Certificate = true
            CredSSP = false
        DefaultPorts
            HTTP = 5985
            HTTPS = 5986
        TrustedHosts = Servername1
    Service
        RootSDDL = O:NSG:BAD:P(A;;GA;;;BA)S:P(AU;FA;GA;;;WD)(AU;SA;GWGX;;;WD)
        MaxConcurrentOperations = 4294967295
        MaxConcurrentOperationsPerUser = 15
        EnumerationTimeoutms = 60000
        MaxConnections = 25
        MaxPacketRetrievalTimeSeconds = 120
        AllowUnencrypted = false
        Auth
            Basic = false
            Kerberos = true
            Negotiate = true
            Certificate = false
            CredSSP = false
            CbtHardeningLevel = Relaxed
        DefaultPorts
            HTTP = 5985
            HTTPS = 5986
        IPv4Filter = *
        IPv6Filter = *
        EnableCompatibilityHttpListener = false
        EnableCompatibilityHttpsListener = false
        CertificateThumbprint
    Winrs
        AllowRemoteShellAccess = true
        IdleTimeout = 180000
        MaxConcurrentUsers = 5
        MaxShellRunTime = 2147483647
        MaxProcessesPerShell = 15
        MaxMemoryPerShellMB = 150
        MaxShellsPerUser = 5
0
 
LVL 1

Accepted Solution

by:
Gonzalo Becerra earned 0 total points
Comment Utility
I opened a case in Microsoft to solve this issue:

- Problem: Duplicate SPN's

- Query to verify if we have SPN Duplicated:  ldifde -f dump_spn.txt -d "dc=DOMAIN,dc=com" -p subtree -r "(servicePrincipalName=HTTP/Servername*)" -l servicePrincipalName

- Solution: Verify the log dump_spn.txt and delete the duplicates SPN.
0
 
LVL 42

Expert Comment

by:kevinhsieh
Comment Utility
Wow, I never would have come even close to finguring that out. Glad Microsoft was able to help you get that resolved.
0
 
LVL 1

Author Closing Comment

by:Gonzalo Becerra
Comment Utility
I opened a case in Microsoft to solve this issue.
0

Featured Post

The curse of the end user strikes again      

You’ve updated all your end user’s email signatures. Hooray! But guess what? They’re playing around with the HTML, adding stupid taglines and ruining the imagery. Find out how you can save your signatures from end users today.

Join & Write a Comment

You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now