When deploying your first Windows Server Core installation, you may find yourself having difficulty managing the server using Windows RSAT. This may be because there is no DOMAIN and one or both the server and workstation are part of a WORKGROUP. Below is the method I use to ensure initial access from a workstation using Windows RSAT Tools.
The demo connects a Windows 10 Pro workstation to manage a Microsoft Hyper-V Server 2012 R2 installation. Remember that you’ll at least need to be running Windows 8.1 to properly remotely manage a Windows 2012 server.
Prerequisites
- Installed the server software and configured Windows for Remote Management by running the following on both the workstation and server:
winrm quickconfig
- Firewall rules have been configured. If you are just testing, you can easily turn of the firewall by running the following:
netsh advfirewall set allprofiles state off
Instructions
You’ll need to start by opening the Component Services MMC, or Run… dcomcnfg. Expand Component Services, then Computers.
- Right-click My Computer and select Properties
- Select the COM Security tab
- Under the Access Permissions section, click Edit Limits…
- Highlight ANONYMOUS LOGIN
- Check the box next to Remote Access; by default it should be unchecked
Next, you’ll want to run PowerShell as an Administrator. The name of my lab server is “2012CORE” and the user is “2012CORE\Administrator“. You’ll want to replace these with your own values.
The first line will add credentials for your server to Windows Credential Manager. The second line adds your server’s DNS hostname to the TrustedHosts list. You cannot use an IP for this. If your workstation cannot reach the server via hostname, you may need to update the hosts file manually. Finally, the third line is used to verify that your server now appears in the TrustedHosts list.
cmdkey /add:2012CORE /user:2012CORE\Administrator /pass Set-Item "WSMan:\localhost\Client\TrustedHosts" 2012CORE Get-Item -Path WSMan:\localhost\Client\TrustedHosts | fl Name, Value
Hopefully, this will help you remotely manage that core server outside of your domain using Windows RSAT.
6 years later and this is still the correct fix. I used it on my Server 2022 WSUS non domain joined server and after following this, I was able to access it from my domain joined PC. Thanks!!