Avatar of windylad
windylad
Flag for Ireland asked on

GPO to enable DEP and file & print sharing

Hello,

Is it possible to create a GPO that will do the following 2 tasks for computers in my domain:
1) Turn DEP on for all programs.
2) Enable file and print sharing.

Thanks,
/wl
Windows Server 2003

Avatar of undefined
Last Comment
Evolutis

8/22/2022 - Mon
Brian

There are not Group Policies currently for those settings.  There are a couple for File and Print Sharing but only to allow it through the Windows Firewall.

Brian
windylad

ASKER
Here's my haked solution for turning on FAPS.  I'll have a different script to turn on DEP shortly.

/wl

----
:: Turn on FAPS (kind of).  Script actually uninstalls FAPS and then re-installs.  The default for a new install of FAPS is ON.
:: This script is run as part of the computer startup scripts and has been test in WXP SP2
@echo off
set srcapp=\\domain\netlogon\snetcfg_wxp.exe
set app=%SYSTEMROOT%\system32\snetcfg_wxp.exe
set log=%SYSTEMDRIVE%\faps.log

:: test if app exists
if not exist %app% (
    copy "%srcapp%" "%app%"
)

:: test if fps has been uninstalled and reinstalled already
if exist %log% goto end

%app% -u MS_Server
%app% -c s -i MS_Server

%app% -s n | find /i "ms_server" > nul
if not errorlevel 1 (
    echo SUCCESS, %date% %time%, %computername% >> %log%
)

:end

@echo on
----

Brian

Nice workaround.

Brian
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
windylad

ASKER
Here's the script to turn on DEP, which works in my domain.  This isn't the ideal solution for all as the script doesn't cater for multiboot systems with different operating systems mixed with Windows XP Pro.

/wl

----
@echo off
set app=%SYSTEMROOT%\system32\bootcfg.exe
set tout=5

:: test if app exists
if not exist %app% goto end

%app% | find /i "/fastdetect /noexecute=optout" > nul
if not errorlevel 1 (
    goto end
) else (
    goto configboot
)

:configboot
%app% | find /c /i "Boot entry ID" | find /i "1" > nul
if not errorlevel 1 (
    %app% | find /i "Microsoft Windows XP Professional" > nul
    if not errorlevel 1 (
        %app% /raw "/fastdetect /NoExecute=OptOut" /id 1
        %app% /timeout %tout%    
    )
)

:end

@echo on
----
ASKER CERTIFIED SOLUTION
CetusMOD

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
csilvio

Hi!

I have been searching for snetcfg_wxp.exe and I can't find it anywehre.

Can Someone please tell me where I can get it from!

Thanks
Evolutis

I have found a link for snetcfg_wxp.exe http://winpesoft.hp.infoseek.co.jp/winpe/arc/snetcfg_wxp.zip
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.