How do i test machines on the domain to make sure the windows firewall is on and log the ones that arnt

I have set up the GPO to control the windows firewall on and off the domain.  I am finding that because of policies that were assigned before SP2 was installed that on some machines in the domain are not starting their windows firewall(KB892199).

what i am looking to do is to add to the bottom of my logon . bat script to check that the windows firewall is started and if it is not to log it to a log.txt file on a shared folder on a server.

the current logon bat is as follows
login.bat

net use /y x: \\mydomain\shared

if this can be easily done by adding VB code into the logon bat, exactly what code would need to be added( i have no VBscript knowledge at all)
knightdogsAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

forrestoffCommented:
This should work.  It uses netsh to see if the firewall is on, parses the output of the command, and returns (or logs) based on the output.
@echo off
for /f "skip=4 delims== tokens=1,2 usebackq" %%i in (`netsh firewall show state`) do if "%%j"==" Enable" (
        @echo Firewall is on.
        goto return
        ) Else (
        echo Firewall is off.
        echo Logging to file.txt
        echo Firewall off at %date% %time%>>file.txt
        exit
        )
 
:return

Open in new window

0
forrestoffCommented:
The location of the server you may edit line 8 to append (>>) to something like

  echo Firewall off at %date% %time%>>\\server\share\file.txt

...and for neatness, the code should include your original desire (that is, net use etc..) so below is my "final answer" (note the change in the exit sequence in line 9 above)
@echo off
 
net use /y x: \\mydomain\shared
 
for /f "skip=4 delims== tokens=1,2 usebackq" %%i in (`netsh firewall show state`) do if "%%j"==" Enable" (
        @echo Firewall is on.
        goto return
        ) Else (
        echo Firewall is off.
        echo Logging to file.txt
        echo Firewall off at %date% %time%>>\\server\file.txt
        goto return
        )
 
:return

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
System Utilities

From novice to tech pro — start learning today.