0

I have a virtual machine with Windows Server R2 Ent. In this machine runned domain controler test.local. I have admin(doamin and local) account on this machine. I want to get access to event log of this machine from my dev machine which is on my corporate domain(these domains doesn't know about each other). I could connect to VM through RDP by using its IP, but when I try to Connect in eventViewer to VM by using IP and using admin credantials it says that "The RPC service is not available". I gues that some security policy has been applied, but may I wrong.

So the question is, how to connect to event log on remote machine if I have: machine IP, machine domain name, machine domain admin credentials, I connect from other domain?

If it possible maybe someone can point me how to do this. (If it will be Powershell sniplet it would be great).

Stoune
  • 101

1 Answers1

0

It is certainly possible, given the right credentials.

However, it sounds like there is a firewall in place between your dev machine and the destination machine that is blocking the RPC ports for remote event viewer access.

Take a look at this TechNet article regarding allowing dynamic RPC network traffic through Windows Firewall, if that is what the remote machine is using.

If you have a hardware or other firewall that is blocking the traffic, you'll need to open up port 135 as well as some portion of the dynamic RPC port range (49152-65535 in Server 2008). You can restrict the dynamic port range and find further info in this Microsoft KB article. If I recall correctly, the minimum range size is 255 ports, but that may no longer be accurate. This KB article is a great reference for port ranges for Windows services and applications.

phoebus
  • 8,380
  • 1
  • 31
  • 30