• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1558
  • Last Modified:

Disabling "Windows Firewall" via psservice

Hello, we have about 500 pc's at work. Most of them have windows firewall disabled. But because alot of the users have admin rights (I know, but it's not my decision), they can enable it. Now I thought there was a way to disabling it remotely using the psservice tool. Is this true, and if so, how, should I do it?
0
jvuz
Asked:
jvuz
  • 9
  • 7
  • 2
  • +1
3 Solutions
 
merowingerCommented:
i would use a group policy to disable the windows firewall when the pc is connected to your company lan...
and enable it when the pc is out of the office....
Here are some informations!
http://www.utexas.edu/its/support/topics/disable-wfw.php

So google for "group policy" + "windows xp" + firewall
0
 
Brian PiercePhotographerCommented:
You probabluy can do it with PSservice - but why not use group policy instead - see http://www.microsoft.com/technet/abouttn/flash/tips/tips_083105.mspx
0
 
jvuzAuthor Commented:
I know it's possible without group policies, ecause I've done it in the past. I just can't remember anymore how :(
0
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

 
merowingerCommented:
yes this is possible....
psservice.exe \\pcname -u username -p password stop sharedaccess
0
 
merowingerCommented:
also with psexec and the remote command "net stop sharedaccess"
0
 
jvuzAuthor Commented:
Neither of them work, because both times I get "the network path was not found". Now, I cannot ping either. If I disable the firewall locally on the pc, then I can ping.
0
 
merowingerCommented:
ok the problem is that the windows firewall denies the commands.....
as i said the best solution is to solve this via group policy!
0
 
David Scott, MCSENetwork AdministratorCommented:
as mentioned above, group policy is definitely the best way to go.  

the firewall is probably blocking it unless the group policy specifies to allow remote administration in the firewall settings section (which it sounds like you aren't using but...) if it isn't blocked you could use the computer management console and connect to the remote computer and in the services list, disable the firewall.  

my only other thought is putting a command in their login script to disable it....net stop ....
0
 
jvuzAuthor Commented:
No other way?
Thanks for helping. I'll close this question. If they wouldn't allow admin rights for ordinary users, it would make my world alot easier and happier. Thanks everyone.
0
 
merowingerCommented:
let the question open...there's maybe another solution i dont know...
0
 
merowingerCommented:
:/ 2 late
0
 
jvuzAuthor Commented:
If you want, I'll ask to reopen it.
0
 
merowingerCommented:
:) u have to want this.....its your problem....maybe somebody has another solution!
Its your choice
0
 
jvuzAuthor Commented:
No, it's ok. I know group policy is the best solution, but like I said, if those users keep having admin rights, security will never be optimized.
0
 
merowingerCommented:
yeah that right! Dont u have the "real life permissions" to change this state?
0
 
jvuzAuthor Commented:
Even my chief says that they just have to ask, and we cannot deny them the right. This is really demotivating if even your chief (chief of IT-department) forces you to give admin rights. I'm making statistics of the last couple of months and I think more then 75 % of the helpdesk tickets are from users with admin rights. Hopefully this can change something.
0
 
merowingerCommented:
all the best :)
0
 
jvuzAuthor Commented:
Thanx.
0
 
David Scott, MCSENetwork AdministratorCommented:
Even if the user has local admin rights you can limit what they are able to do via group policy.  
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

  • 9
  • 7
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now