Your network contains an Active Directory domain named adatum.com. The domain contains a
server named Server1 that runs Windows Server 2012 R2.
On a server named Core1, you perform a Server Core Installation of Windows Server 2012 R2. You
join Core1 to the adatum.com domain.
You need to ensure that you can use Event Viewer on Server1 to view the event logs on Core1.
What should you do on Core1?
A.
Run the Disable NetFirewallRule cmdlet.
B.
Install Remote Server Administration Tools (RSAT).
C.
Install Windows Management Framework.
D.
Run the Enable-Com + Network Access Firewall Rule.
Explanation:
Information regarding IPsec policy changes, etc. can be found in the Event Viewer. Thus you need to
enable the NetFirewallRule command. This will allow you to view the event logs.
c
0
0
The possible answers are weird, but I think D should be “Enable -NetFirewallRule cmdlet” (written incorrectly – maybe – i think so). In this case, the right answer would be D.
0
0
I agree. The given answers are weird.
The answer should be D be
Event Viewer snap-in from a remote GUI-based Windows installation, are default blocked by the Windows Firewall. To allow remote administration, you must execute the following command at the Server Core command prompt:
Netsh advfirewall firewall set rule group =
“Remote Administration” new enable = yes
Source:
http://windowsitpro.com/windows-server-2012/viewing-event-logs-gui-less-server-core-installation-remote-windows-server
0
0
Ah… maybe im a little confused now… I think “COM + Network Access (DCOM-In)” inbound firewall rule from Windows Firewall” was meant.
http://mikefrobbins.com/2013/02/28/use-powershell-to-remotely-enable-firewall-exceptions-on-windows-server-2012/
so, im not sure, but i go with D.
0
0
Event Viewer=> Connect to another computer => Error:Computer “WS2012R2Core.test.local” cannot be connected. Verify that the network path is correct, the computer ia available on the network, and that the appropriate Windows Firewall rules are enabled on the target computer.
To enable the appropiate Windows Firewall rules on the remote computer, open the Windows Firewall with Advanced Security snap-in and enable the following inbound rules:
COM+ Network Access (DCOM-In)
All rules in the Remote Event Log Management group
You can also enable these rules by using Group Policy settings foe Windows Firewall with Advanced Security.
For server that are RUNNING the SERVER CORE (!!!!) installation option, run the Netsh AdvFirewall command, or the Windows PowerShell NetSecurity module.
0
0
this may help
MMC (Microsoft Management Console) uses DCOM not WinRM
to view Event logs you should also enable Remote Event Log Management rules.
– COM+ Network Access (DCOM-In)
– Remote Event Log Management (NP-In)
– Remote Event Log Management (RPC)
– Remote Event Log Management (RPC-EPMAP)
*** Power Shell ***
Set-NetFirewallRule –name ComPlusNetworkAccess-DCOM-In –enabled True
Set-NetFirewallRule –name RemoteEventLogSvc-In-TCP –enabled True
Set-NetFirewallRule –name RemoteEventLogSvc-NP-In-TCP –enabled True
Set-NetFirewallRule –name RemoteEventLogSvc-RPCSS-In-TCP –enabled True
Enable one MMC at a time for remote management
Enable-NetFirewallRule -DisplayGroup “Remote Administration”
Event Viewer – Remote Event Log Management
Services – Remote Service Management
Shared Folders – File and Printer Sharing
Task Scheduler – Performance Logs and Alerts, File and Printer Sharing
Disk Management – Remote Volume Management
Windows Firewall with Advanced Security – Windows Firewall Remote Management
0
0
COM+ Network Access (DCOM-In) enabled ALONE will not allow remote event log access.
Once Enable-NetFirewallRule -DisplayGroup “Remote Event Log Management” has been run, you can view Event Logs remotely).
COM+ Network Access (DCOM-In) IS NOT REQUIRED to view Event Logs remotely – I have tried this in a lab and only the PowerShell cmdlet Enable-NetFirewallRule….. (above) is required.
The correct answer is NOT listed here!
0
0