Windows Firewall to Remote SQL Server Configuration Manager (SSCM)

Previously we discussed about using computer management console to remotely configure SQL Server Configuration Manager (SSCM) in this post. If your environment has firewall turned on, there are additional firewall configuration need to be made to allow it to work.

First bring up the computer management console by running compmgmt.msc, or
Start->All Programs->Administrative Tools->Computer Management

Right click on the Computer Management node, select Connect to another computer. Provide the remote computer name with SQL Server installed.

Once the connection is successfully connected, expand the Services and Applications node.

SQL Server Configuration Manager (SSCM) is required to be installed on the local server/workstation. If not, you won't see the SQL Server Configuration Manager under the Services and Applications node. SSCM can be installed through the 'Client Tools Connectivity' during the SQL Server setup, or download and install SQL Server Management Studio Express (SQL Server 2008 R2 SP2 Express, SQL Server 2012 SP1 Express)

You may see multiple SSCM nodes if you have installed multiple versions (e.g. SQL Server 2008 R2, SQL Server 2012)

When you click on the SQL Server Services under the SSCM, you should see a list of SQL Server services (e.g. SQL Server Browser, SQL Server, SQL Server Agent, etc).

If you get a message 'Requesting data from WMI Provider' or 'There are no items to show in this view', you may need to enable one firewall rule.

On the local server/workstation, run WF.msc or
Start->All Programs->Administrative Tools->Windows Firewall with Advanced Security

Select Inbound Rules on the left pane, scroll down and find 'Windows Management Instrumentation (Async-In). Right click and enable that rule.

Close the Computer Management console and reconnect to the remote server again. If all other firewall rule is intact, you should be able to view all the SQL Server services.

Side note, to manage disk remotely, visit this article for more information or enable the following firewall inbound rules on remote servers,
- Remote Volume Management - Virtual Disk Service (RPC)
- Remote Volume Management - Virtual Disk Service Loader (RPC)
- Remote Volume Management (RPC-EPMAP)

To allow other remote management, enable remote management on the remote server to enable additional firewall rules. Visit this article for more information.

Note: After making the changes, verify the rules are enabled in Windows Firewall with Advanced Security console to make sure it is not superseded by Group Policy settings.

No comments:

Post a Comment