Use PowerShell to Remotely Enable Firewall Exceptions on Windows Server 2012

You’re attempting to view the event logs of a couple of remote Windows Server 2012 servers that have been installed with the default installation type of server core  (No GUI).

You receive the following error when attempting to connect to these servers using the Event Viewer snapin in an MMC console:


“Computer ‘DC01.MIKEFROBBINS.COM’ cannot be connected. Verify
that the network path is correct, the computer is available on the
network, and that the appropriate Windows Firewall rules are enabled
on the target computer.
To enable the appropriate Windows Firewall rules on the remote
computer, open the Windows Firewall with Advanced Security snap-in
and enable the following inbound rules:
COM+ Network Access (DCOM-In)
All rules in the Remote Event Log Management group
You can also enable these rules by using Group Policy settings for
Windows Firewall with Advanced Security. For servers that are running
the Server Core installation option, run the Netsh AdvFirewall
command, or the Windows PowerShell NetSecurity module.”

One of the things that the error message in the previous image states is to enable “All rules in the Remote Event Log Management group”. Well, we’re in luck because it’s almost like not having rights to something but having the rights to give yourself rights. Even though this firewall exception is not enabled on the remote server, PowerShell remoting is enabled by default on Windows Server 2012 so we’re going to run a PowerShell script which will remotely enable all of the firewall exceptions in that rule group on the two servers.


The script starts out by using the PowerShell remoting Invoke-Command cmdlet and specifies the two server names we want to change the firewall settings on. Next, it uses the Set-NetFirewallRule cmdlet to enable all of the firewall exceptions that are part of the “Remote Event Log Management” display group, specifying the -PassThru parameter because by default the Set-NetFirewallRule cmdlet doesn’t return any results (no objects). By returning results (objects) using the -PassThru parameter, we can then work with the results and pipe them to the Select-Object cmdlet to specify what properties we want returned in our final results. Finally, I’ve specified the -Credential parameter so alternate credentials could be specified that have the necessary permissions to make the firewall changes on the remote servers since I’m not running PowerShell as a user who has the necessary permissions.

The following image is an example of what the prompt looks like that you’ll receive when using the -Credential parameter:


The event logs of the remote servers that we’ve enabled the firewall exceptions on can now be opened without error using the Event Viewer GUI tool:




  1. jf

    Thanks, worked like a (4 actually) charmes 😉

  2. paul drumm

    Change the title to include nanoserver aka windows server 2016 core. it works to get mmc’s running

  3. JACKie


  4. Patrick

    Ran the PS script, prompted me for credentials, I entered credentials, and seeing following error :

    [Local computer name] Connecting to remote server (local computer name) failed with the following error message : the WinRM client cannot process the request. If the authentication scheme is different from Kerberos, or if the client computer is not joined to a domain, then HTTPS transport must be used or the destination machine must be added to the TrustedHosts configuration setting. Use winrm.cmd to configure TrustedHosts. Note that computers in the TrustedHosts list might not be authenticated. You can get more information about that by running the following command: winrm help config. For more information, see the about_Remote_Troubleshooting Help topic.
    + CategoryInfo : OpenError: (local computer name:String) [], PSRemotingTransportException
    + FullyQualfiedErrorID : ServerNotTrusted, PSSessionStateBroken

    NOTE – I am trying to connect to a client Windows 10 machine.


  5. RHartes

    Thanks, worked for me on Server Core 2019. Better than MS documentation at least.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: