Forum Discussion

ajm-b's avatar
ajm-b
Brass Contributor
Aug 21, 2020

Getting to the bottom of it: Remote Computer Management\Storage\Disk Management - SOLVED

I just wanted to share a solution to a challenging, poorly documented issue (as far as my research found).

 

3 parts to allow managing a remote system with Computer Management\Storage\Disk Management:

  1. On both systems (one you are trying to manage, and the one you are on), enable firewall rule group Remote Volume Access (I turned on rules only for Domain profile)
  2. On both systems (again, one you are using and your target system) need to have Virtual Disk Service started (or at least set to Automatic Startup, I believe default is Manual)
  3. On the system YOU (the manager) are on, you probably need to ensure that somehow, someway, the TARGET COMPUTER ACCOUNT (it's DOMAIN computer account) has, on YOUR SYSTEM, the User Logon Right Access this computer from the network. I achieved this by adding the target system to my local system's Remote Desktop Users group, because that and Administrators are the only two groups granted this URA by the "MSFT Windows 10 2020 - Computer" baseline GPO.

BOOM! Totally works to a remote system now. In my case, both systems are Windows 10 2004.

You probably wouldn't want to add "Domain Computers" permanently to all your IT Techs' PCs as Remote Desktop Users, but you could add them temporarily just when you need to remote disk manage something for a ticket, then remove it. Cheers!

 

  • Bitdoctor's avatar
    Bitdoctor
    Copper Contributor
    Feb 27, 2025

    Alternative: Open cmd prompt "as administrator" on the target server and on your local workstation.
    1) Run the entire script on the remote server
    2) Run the 1-line 'Volume" rule also on your workstation.

    If you're in a domain, limit the rule to "domain profile" only, if desired. This script enables remote management of volumes, users/groups, scheduled tasks and event logs. Again: You will likely want to tweak it for just your domain profile; that's beyond the scope here. You easily can add RDP, file sharing, etc., as needed.

    echo off
    rem save this on the server as 'remset.bat' or similar
    rem open cmd prompt with "run as administrator"
    rem 
    rem Allow remote management of a Windows server
    rem On Every server, run this entire script - you can tweak to allow only for Domain profile, as needed.

    rem - sets some remote mgmt abilities
    echo "doing quick config wmi enablement"
    echo.
    call winrm quickconfig
    echo "quick config done"
    echo .

    rem - allows disk / volume mgmt.

    echo "doing remote volume mgmt enablement"

    rem - WARNING, you MUST run 'remote volume management' cmd ALSO on your local computer that will be connecting to the server
    rem     if you do not do this, then 'remote volume management' will not work from your PC to the server.

    netsh advfirewall firewall set rule group="Remote Volume Management" new enable=yes

    echo "volume management done, GO AND RUN the above netsh command also on your local workstation!"
    echo.

    echo "doing additional wmi enablement"

    rem - allows some other pieces of the compmgmt WMI interface to work

    netsh advfirewall firewall set rule group="Windows Management Instrumentation (WMI)" new enable=yes

    echo "additional wmi enablement done."
    echo.

    echo "doing event log management enablement"
    rem - allows event log and related mgmt

    netsh advfirewall firewall set rule group="Remote Event Log Management" new enable=yes

    echo "event log management enablement done"
    echo.

    echo "doing schedule tasks remote management enablement"
    rem - Allows remote mgmt of sched tasks
    Netsh advfirewall firewall set rule group="Remote Scheduled Tasks Management" new enable=yes

    echo "scheduled tasks enablement done.
    echo.
    echo on

    The above script enables some of the most common remote server management features via firewall rules.

  • BrianW365's avatar
    BrianW365
    Copper Contributor
    Dec 12, 2023

    Unfortunately, this does seem to help with Windows Server 2022 Core. 

    Windows Firewall off.

    Virtual Disk started on both systems.

    Target computer account added to Access this computer from the network.

     

    Still no refresh with Disk Management remotely.

  • Demytro's avatar
    Demytro
    Copper Contributor
    Mar 22, 2022

    ajm-bthanks for sharing, never guessed the reverse firewall rule must be enabled too :smile:
    By enabling the following 3 firewall rules on the remote server, the Disk Management service can be started from remote and step 2 is not needed to start the service manually;

    • RVM-VDS-In-TCP Remote Volume Management - Virtual Disk Service (RPC)
    • RVM-VDSLDR-In-TCP Remote Volume Management - Virtual Disk Service Loader (RPC)
    • RVM-RPCSS-In-TCP Remote Volume Management (RPC-EPMAP)
  • ajm-b's avatar
    ajm-b
    Brass Contributor
    Aug 21, 2020

    update: this configuration also made remote Device Manager work again.

Resources