Named Pipes and SQL Server

The Named Pipes protocol is an optional endpoint for SQL Server, i.e. it’s a possible connection method for clients. When enabled, it has an advantage – from a user’s point-of-view – over the default TCP/IP endpoint: it allows connections from outside a domain boundary. The TCP/IP endpoint doesn’t allow connections to a SQL Server instance unless the client is on the same domain as the server. For example, if the server is in another domain (without a domain trust) or on a workgroup server, SQL Server Management Studio presents:

SSMS connection error

Login failed. The login is from an untrusted domain and cannot be used with Windows authentication.

As long as the credentials are available to the client, usually in the Credential Manager, Named Pipes can be used to bypass this problem. I presume – though it’s only a guess – that this is because the TCP/IP endpoint uses Kerberos, and Named Pipes is content with using NTLM.

Some clients allow Named Pipes to be selected manually; e.g. in versions of SQL Server Management Studio prior to 2016, the protocol can be selected in the connection dialog under Options > Connection Properties > Network protocol. Where the protocol can’t be manually selected, prepending np: to the connection string indicates that Named Pipes is to be used. This works in web.config connection strings, third-party applications and SQL Server Management Studio. For example, to connect to ServerA.domain.com with Named Pipes in SQL Server Management Studio, enter the server name as:

np:ServerA.domain.com

SSMS Named Pipes connection

“No Response Ping” during network discovery on Server Core

No Response Ping

When running a discovery for network devices in SCOM 2012 R2 from a server running Server 2012 R2 Core, the discovery may fail with the above error message. This doesn’t seem to occur with a full installation of Server 2012 R2. The solution, as per this guide is to enable the pre-defined firewall rules. To do this in PowerShell:

Get-NetFirewallRule | ? { $_.DisplayName -match "operations" -and $_.Enabled -ne "True" } | Set-NetFirewallRule -Enabled "True"

I know that querying and setting the Enabled property in this way seems odd, but this property is an enum rather than a Boolean.

After setting the above rules, run the discovery again and the devices should be detected.

Reduce Server image size

A useful feature of Server 2012 R2, to reduce the size of an image (such as a template), is to compress the manifest files and inactive payloads, i.e. uninstallation data for updates. Reducing the size of an image can be useful, especially on Server Core, where Disk Cleanup isn’t readily available, as this reduces the time needed to deploy a VM. Having tested this recently, the image size was reduced by 10 %. Be warned that this command can take several hours to run.

dism /Online /Cleanup-Image /StartComponentCleanup

If you would like to go further, the binaries for disabled features can be removed completely, but this removes both the features and any associated updates, which means that installing the features again will necessitate access to the installation media and the relevant updates.

Get-WindowsFeature | ? { $_.InstallState -eq Available } | Uninstall-WindowsFeature -Remove

Source: TechNet.