How to add servers to Windows 2012 Server Manager in a workgroup
With Windows Server 2012 you can manage multiple remote servers by using a single Server Manager console. Servers that you want to manage by using Server Manager can be running Windows Server 2012, Windows Server 2008 R2, Windows Server 2008, or Windows Server 2003. Server Manager can receive only online or offline status from servers that are running Windows Server 2003. Although you can use Server Manager to perform management tasks on servers that are running Windows Server 2008 R2 or Windows Server 2008, you cannot add roles and features to servers that are running Windows Server 2008 R2, Windows Server 2008 or Windows Server 2003.
This post describes how to add servers to the Server Manager server pool in a workgroup (non-domain) environment. If you tried just adding the server to Server Manager, you have most likely already encountered one of the following manageability status errors:
- Kerberos target resolution error
- Kerberos authentication error
- Online – Access denied
If two computers are not in the same subnet, or if the workgroup computer’s network profile is not set to Private, on the workgroup computer that is running Server Manager, change the inbound Windows Remote Management (HTTP-In) setting in Windows Firewall to explicitly allow connections from remote computers by adding the computer names on the Computers tab of the setting’s Properties dialog box.
On the computer that is running Server Manager, add the workgroup server name to the TrustedHosts list. This is a requirement of NTLM authentication. To add a computer name to an existing list of trusted hosts, add the Concatenate parameter to the command. For example, to add the Server01 computer to an existing list of trusted hosts, use the following PowerShell command.
Set-Item wsman:\localhost\Client\TrustedHosts Server01 -Concatenate -Force
To override UAC restrictions on running elevated processes on workgroup computers, create a registry entry called LocalAccountTokenFilterPolicy on the workgroup server by running the following PowerShell cmdlet.
New-ItemProperty -Name LocalAccountTokenFilterPolicy -path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System -propertyType DWord -value 1
At this point you should be able to add the servers specified in TrustedHosts to the Server Manager pool. As you add remote servers to Server Manager, some of the servers that you add might require different user account credentials to access or manage them. To specify credentials for a managed server that are different from those you use to log on to the computer on which you are running Server Manager, use the Manage As command after you add a server to Server Manager, which is accessible by right-clicking the entry for a managed server in the Servers tile of a role or group home page.
Based on tests conducted by Microsoft, Server Manager in Windows Server 2012 can be used to manage up to 100 servers that are configured with a typical workload. The number of servers that you can manage by using a single Server Manager console can vary depending on the amount of data that you request from managed servers, and hardware and network resources available to the computer running Server Manager. As the amount of data you want to display approaches that computer’s resource capacity, you can experience slow responses from Server Manager, and delays in the completion of refreshes. To help increase the number of servers that you can manage by using Server Manager, Microsoft recommends limiting the event data that Server Manager gets from your managed servers, by using settings in the Configure Event Data dialog box. Configure Event Data can be opened from the Tasks menu in the Events tile.