Starting with Windows Server 2008 R2/2012, the fancy remote management feature may return the following error when adding to your centralized Server Manager console :
Computer <NAME> cannot be managed. Verify that the network path is correct, the computer is available on the network and that the appropriate Windows Firewall rules are enabled on the target computer.
With Windows Server 2008, make sure first that you have WinRM feature installed.
Then make sure you have the following incoming rules enabled/allowed in the Windows Firewall (firewall.cpl) :
COM+ Network Access (DCOM-In)
COM+ Remote Administration (DCOM-In)
File and Printer Sharing (Spooler Service – RPC)
File and Printer Sharing (Spooler Service – RPC-EPMAP)
Remote Event Log Management (NP-In)
Remote Event Log Management (RPC)
Remote Event Log Management (RPC-EPMAP)
Remote Event Monitor (RPC)
Remote Event Monitor (RPC-EPMAP)
Remote Scheduled Task Management (RPC)
Remote Scheduled Task Management (RPC-EPMAP)
Remote Service Management (NP-In)
Remote Service Management (RPC)
Remote Service Management (RPC-EPMAP)
Remote Rule for Remote Shutdown (RPC-EP-In)
Remote Rule for Remote Shutdown (TCP-In)
Remote Volume Management – Virtual Disk Service (RPC)
Remote Volume Management – Virtual Disk Service Loader (RPC)
Remote Volume Management (RPC-EPMAP)
Even though your Active Directory environment is behind NAT/firewall (I hope you do!), I suggest you restrict access to these services to your management/local subnet or management console server IP(s).
For every rules, do :
Properties > Scope > Remote IP Address > These IP addresses
Then add your subnet or management server IP address.