Solved

Disabling "Windows Firewall" via psservice

Posted on 2007-11-27
19
1,399 Views
Last Modified: 2012-08-13
Hello, we have about 500 pc's at work. Most of them have windows firewall disabled. But because alot of the users have admin rights (I know, but it's not my decision), they can enable it. Now I thought there was a way to disabling it remotely using the psservice tool. Is this true, and if so, how, should I do it?
0
Comment
Question by:jvuz
  • 9
  • 7
  • 2
  • +1
19 Comments
 
LVL 31

Accepted Solution

by:
merowinger earned 167 total points
ID: 20356878
i would use a group policy to disable the windows firewall when the pc is connected to your company lan...
and enable it when the pc is out of the office....
Here are some informations!
http://www.utexas.edu/its/support/topics/disable-wfw.php

So google for "group policy" + "windows xp" + firewall
0
 
LVL 70

Assisted Solution

by:KCTS
KCTS earned 167 total points
ID: 20356887
You probabluy can do it with PSservice - but why not use group policy instead - see http://www.microsoft.com/technet/abouttn/flash/tips/tips_083105.mspx
0
 
LVL 21

Author Comment

by:jvuz
ID: 20356889
I know it's possible without group policies, ecause I've done it in the past. I just can't remember anymore how :(
0
 
LVL 31

Expert Comment

by:merowinger
ID: 20356909
yes this is possible....
psservice.exe \\pcname -u username -p password stop sharedaccess
0
 
LVL 31

Expert Comment

by:merowinger
ID: 20356912
also with psexec and the remote command "net stop sharedaccess"
0
 
LVL 21

Author Comment

by:jvuz
ID: 20357238
Neither of them work, because both times I get "the network path was not found". Now, I cannot ping either. If I disable the firewall locally on the pc, then I can ping.
0
 
LVL 31

Expert Comment

by:merowinger
ID: 20357261
ok the problem is that the windows firewall denies the commands.....
as i said the best solution is to solve this via group policy!
0
 
LVL 12

Assisted Solution

by:opie6373
opie6373 earned 166 total points
ID: 20357821
as mentioned above, group policy is definitely the best way to go.  

the firewall is probably blocking it unless the group policy specifies to allow remote administration in the firewall settings section (which it sounds like you aren't using but...) if it isn't blocked you could use the computer management console and connect to the remote computer and in the services list, disable the firewall.  

my only other thought is putting a command in their login script to disable it....net stop ....
0
 
LVL 21

Author Comment

by:jvuz
ID: 20357826
No other way?
Thanks for helping. I'll close this question. If they wouldn't allow admin rights for ordinary users, it would make my world alot easier and happier. Thanks everyone.
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 
LVL 31

Expert Comment

by:merowinger
ID: 20357859
let the question open...there's maybe another solution i dont know...
0
 
LVL 31

Expert Comment

by:merowinger
ID: 20357865
:/ 2 late
0
 
LVL 21

Author Comment

by:jvuz
ID: 20357923
If you want, I'll ask to reopen it.
0
 
LVL 31

Expert Comment

by:merowinger
ID: 20357944
:) u have to want this.....its your problem....maybe somebody has another solution!
Its your choice
0
 
LVL 21

Author Comment

by:jvuz
ID: 20357982
No, it's ok. I know group policy is the best solution, but like I said, if those users keep having admin rights, security will never be optimized.
0
 
LVL 31

Expert Comment

by:merowinger
ID: 20358015
yeah that right! Dont u have the "real life permissions" to change this state?
0
 
LVL 21

Author Comment

by:jvuz
ID: 20358083
Even my chief says that they just have to ask, and we cannot deny them the right. This is really demotivating if even your chief (chief of IT-department) forces you to give admin rights. I'm making statistics of the last couple of months and I think more then 75 % of the helpdesk tickets are from users with admin rights. Hopefully this can change something.
0
 
LVL 31

Expert Comment

by:merowinger
ID: 20358121
all the best :)
0
 
LVL 21

Author Comment

by:jvuz
ID: 20358156
Thanx.
0
 
LVL 12

Expert Comment

by:opie6373
ID: 20358401
Even if the user has local admin rights you can limit what they are able to do via group policy.  
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Toshiba Satellite 5 148
Incredibly nasty malware/adware 15 65
XP driver for Dell Color MFP H625cdw printer needed 7 155
Windows print sharing 1 63
Ok I have been working on this for some time having learned and gained certification in XenDesktop 4 along came version 5 which was released last month. Since then I have been working to deploy XenDesktop 5 in a small environment with only 2 virt…
It is only natural that we all want our PCs to be in good working order, improved system performance, so that is exactly how programs are advertised to entice. They say things like:            •      PC crashes? Get registry cleaner to repair it!    …
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now