SQL Error – Cannot connect to xyz_sql_instance, due to remote firewall issue

After creating a new Azure Windows Server VM with SQL Server installed, I was not able to connect it from my PC via SSMS. Everytime I tried to connect I was getting following error:

Cannot connect to xyz_sql_instance.
A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provier, error: 40 – Could not open a connection to SQL Server) (Microsoft SQL Server, Error: 53)
The network path was not found


–> I checked online and found following command to enable the port, but it ran into error:

C:\windows\system32>netsh firewall set portopening TCP 1433 “SQLServer”

“… netsh firewall” is deprecated; use “netsh advfirewall firewall” instead.


–> So, lets execute the new netsh advfirewall firewall command and see what options it has:

C:\windows\system32>netsh advfirewall firewall /?

The following commands are available:

Commands in this context:
? – Displays a list of commands.
add – Adds a new inbound or outbound firewall rule.
delete – Deletes all matching firewall rules.
dump – Displays a configuration script.
help – Displays a list of commands.
set – Sets new values for properties of a existing rule.
show – Displays a specified firewall rule.

To view help for a command, type the command, followed by a space, and then type ?.


–> Now with above options we are clear that we have to add a new inbound firewall rule, so we will check how can we use the add option:

C:\windows\system32>netsh advfirewall firewall add /?

The following commands are available:

Commands in this context:
add rule – Adds a new inbound or outbound firewall rule.


–> Let’s apply the add rule option and see more options:

C:\windows\system32>netsh advfirewall firewall add rule /?

Usage: add rule name=
[enable=yes|no (default=yes)]
[localport=0-65535|[,…]|RPC|RPC-EPMap|IPHTTPS|any (default=any)]
[remoteport=0-65535|[,…]|any (default=any)]
tcp|udp|any (default=any)]
[edge=yes|deferapp|deferuser|no (default=no)]


– Add a new inbound or outbound rule to the firewall policy.
– Rule name should be unique and cannot be “all”.
– If a remote computer or user group is specified, security must be
authenticate, authenc, authdynenc, or authnoencap.
– Setting security to authdynenc allows systems to dynamically
negotiate the use of encryption for traffic that matches
a given Windows Firewall rule. Encryption is negotiated based on
existing connection security rule properties. This option
enables the ability of a machine to accept the first TCP
or UDP packet of an inbound IPsec connection as long as
it is secured, but not encrypted, using IPsec.
Once the first packet is processed, the server will
re-negotiate the connection and upgrade it so that
all subsequent communications are fully encrypted.
– If action=bypass, the remote computer group must be specified when dir=in.
– If service=any, the rule applies only to services.
– ICMP type or code can be “any”.
– Edge can only be specified for inbound rules.
– AuthEnc and authnoencap cannot be used together.
– Authdynenc is valid only when dir=in.
– When authnoencap is set, the security=authenticate option becomes an
optional parameter.


Add an inbound rule with no encapsulation security for browser.exe:
netsh advfirewall firewall add rule name=”allow browser”
dir=in program=”c:\programfiles\browser\browser.exe”
security=authnoencap action=allow

Add an outbound rule for port 80:
netsh advfirewall firewall add rule name=”allow80″
protocol=TCP dir=out localport=80 action=block

Add an inbound rule requiring security and encryption
for TCP port 80 traffic:
netsh advfirewall firewall add rule
name=”Require Encryption for Inbound TCP/80″
protocol=TCP dir=in localport=80 security=authdynenc

Add an inbound rule for browser.exe and require security
netsh advfirewall firewall add rule name=”allow browser”
dir=in program=”c:\program files\browser\browser.exe”
security=authenticate action=allow

Add an authenticated firewall bypass rule for group
acmedomain\scanners identified by a SDDL string:
netsh advfirewall firewall add rule name=”allow scanners”
dir=in rmtcomputergrp= action=bypass

Add an outbound allow rule for local ports 5000-5010 for udp-
Add rule name=”Allow port range” dir=out protocol=udp localport=5000-5010 action=allow


–> OK, so this gives us more options and also samples at the end to construct our command. So we will us the above highlighted command to add port for our SQL Server, as shown below:

C:\windows\system32>netsh advfirewall firewall add rule name=”SQL Server Engine” protocol=TCP dir=in localport=1433 action=allow

C:\windows\system32>netsh advfirewall firewall add rule name=”SQL Server Browser” protocol=UDP dir=in localport=1434 action=allow

Now, I am able to connect remotely without any issues.

Categories: SQL Errors

SSMS error – The Visual Studio component cache is out of date. Please restart Visual Studio.

Yesterday while opening SSMS I got an error message popup which mentions:

The Visual Studio component cache is out of date. Please restart Visual Studio.


On checking in internet I found a similar issue logged in MS Connect, and the workaround was to cleanup the application folder in the Windows-Temp folder, which is located at following folder location:



This issue vanished after deleting the SSMS folder. This could be due to the Visual Studio component cache can’t be written or can’t be wiped while in use.

Categories: SQL Errors

Powershell error – Import-Module : File AzureRM.psm1 cannot be loaded because running scripts is disabled on this system

After installing the AzureRM module, I tried to import it, but it gave me an error:

Import-Module : File C:\Program Files\WindowsPowerShell\Modules\AzureRM\4.0.2\AzureRM.psm1 cannot
be loaded because running scripts is disabled on this system. For more information, see
about_Execution_Policies at
At line:1 char:1
+ Import-Module AzureRM
+ ~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : SecurityError: (:) [Import-Module], PSSecurityException
+ FullyQualifiedErrorId : UnauthorizedAccess,Microsoft.PowerShell.Commands.ImportModuleComman

This error means that the AzureRM module downloaded from internet must be signed by a trusted publisher before they can be run.

–> Now to fix it you need to change the execution policy by this simple command:

PS c:\> Set-ExecutionPolicy RemoteSigned

If you are on PowerShell Window then it will throw a popup to confirm to change the Execution policy, you can choose “Yes”:

Now try running again the import command, it will run:

PS c:\> Import-Module AzureRM

Powershell error – The term ‘Login-AzureRmAccount’ is not recognized as the name of a cmdlet, function, script file, or operable program

If you are new to PowerShell like me then you would have encountered this ans similar errors.

Recently while executing one PowerShell script to connect to Azure Resource Manager I faced following error:

XyzPSScript.ps1 : The term ‘Login-AzureRmAccount’ is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
+ CategoryInfo : ObjectNotFound: (Login-AzureRmAccount:String) [XyzPSScript.ps1], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException,XyzPSScript.ps1

This error means that you do not have Azure PowerShell module installed on your system or server.

–> So, let’s see how to install the dependent modules.

1. Connect to PowerShell from command prompt (CMD) in Admin mode:

c:\> powershell.exe

Windows PowerShell
Copyright (C) 2016 Microsoft Corporation. All rights reserved.


2. Check the version of PowerShell:

PS c:\> $PSVersionTable.PSVersion

Major Minor Build Revision
—– —– —– ——–
5 1 14409 1005


3. Run the below command to check if you have PowerShellGet installed on your system:

PS c:\> Get-Module PowerShellGet -list | Select-Object Name,Version,Path

Name Version Path
—- ——- —-
PowerShellGet C:\Program Files\WindowsPowerShell\Modules\PowerShellGet\\PowerShellGet.psd1


4. Now we can easily install the Azure PowerShell from the PowerShell Gallery by runnign following command:

PS C:\> Install-Module AzureRM

NuGet provider is required to continue
PowerShellGet requires NuGet provider version ‘’ or newer to interact
with NuGet-based repositories. The NuGet provider must be available in
‘C:\Program Files\PackageManagement\ProviderAssemblies’ or
‘C:\Users\essensed\AppData\Local\PackageManagement\ProviderAssemblies’. You can
also install the NuGet provider by running ‘Install-PackageProvider -Name
NuGet -MinimumVersion -Force’. Do you want PowerShellGet to install
and import the NuGet provider now?
[Y] Yes [N] No [S] Suspend [?] Help (default is “Y”): Y

Untrusted repository
You are installing the modules from an untrusted repository. If you trust this
repository, change its InstallationPolicy value by running the Set-PSRepository
cmdlet. Are you sure you want to install the modules from ‘PSGallery’?
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help
(default is “N”):Y

On every prompt type ‘Y’ to proceed ahead.

While Installing the module you will see this screen:

5. Finally you just need to import the AzureRM module:

PS C:\> Import-Module AzureRM

This import command will not give any output, and you may proceed with the PS prompt.

Error – The following feature couldn’t be installed – .NET Framework 3.5

I got error this message on a pop window while running a new application after installing it on my Windows Server 2012 Azure VM.


This feature can be installed from the “Windows Server Manager”, you will see its icon on the task bar besides the Start button, as shown below. Or you can directly type “servermanager” on CMD or Run prompt.

Click on the “Add Roles and Features”


A new window will open up “Add Roles and Features Wizard”, click Next.
On “Installation Type”, click Next again.
On “Server Selection”, select the current/default server and click Next.
On “Server Roles” click Next.
Now on Features select the “.NET Framework 3.5 Features” option, an click Next.
On Confirmation page you will see “Specify an alternate source path” link, click on that link, and a new window opens up, as shown below:


Here on the highlighted text box you need to specify the “side-by-side (SxS) folder” path of the OS installation media. So, if you have an ISO file you can mount it or if you have a dump of the setup, provide the path form the respective location. Finally click on Install button.

If you are on an Azure Windows VM, you will not have access to the ISO or installation media. In this case you can simply run a Windows Update from Control Panel–> System and Security –> Windows Update.

Categories:, Windows