Want to really remotely manage Windows 2008, Server Core?

Following my last post - I wanted to track down when the Administrator password for my domain was changed. Realising that Windows 2008, Server Core would not have a GUI for the Event Log, I assumed the easiest way to access the Security event logs of my Domain Controller would be to use another Windows 2008 server (Standard), open Event Viewer and remotely connect to my Windows 2008, Server Core Domain Controller. However, I was presented with the error message;

"Event Viewer cannot connect to computer DC01. The error reported is: The RPC server is unavailable"

My first thoughts were whether this was related to another Server Core feature or whether my POC network had issues due to being neglected for so long after being moved to a different ESX host. It turns out that the Windows Firewall in Windows 2008 Server Core is not configured to allow remote management. The following commands needed to be run on all my Windows 2008, Server Core Domain Controllers;

Netsh advfirewall firewall set rule group=”Windows Firewall Remote Management” new enable =yes

Netsh advfirewall firewall set rule group=”remote administration” new enable=yes

Some Links
Using the Netsh Advfirewall Command-Line Tool

Netsh Commands for Windows Firewall with Advanced Security

There are other Firewall Rule Groups available (taken from Technet)

Event Viewer = "Remote Event Log Management"
Services = "Remote Services Management"
Shared Folders = "File and Printer Sharing"
Task Scheduler = "Remote Scheduled Tasks Management"
Reliability and Performance = "Performance Logs and Alerts" and "File and Printer Sharing"
Disk Management = "Remote Volume Management"
Windows Firewall with Advanced Security = "Windows Firewall Remote Management"

To allow only specific MMC snap-ins to connect, at a command prompt, type:

Netsh advfirewall firewall set rule group=“%Rule Group%” new enable=yes