Solved

Group Policy and WMI and Windows Firewall

Posted on 2008-06-12
5
15,143 Views
Last Modified: 2013-12-04
I need to be able to enable WMI on all domain computers through Group Policy and also to disable Windows Firewall.  What are the steps to do this?
0
Comment
Question by:dslivingston
5 Comments
 
LVL 58

Accepted Solution

by:
tigermatt earned 250 total points
ID: 21772321
To enable the WMI service you can open a Group Policy object, go to Computer Config, Windows Settings, System Services, Windows Management Instruction, view the properties on that entry where you can set it to start Automatically.

For disabling Windows Firewall, you want to disable the setting: Computer Config, Administrative Templates, Network, Network Connections, Windows Firewall, Domain Profile, Protect all Network Connections: Set this policy to 'Disabled'.

-tigermatt
0
 
LVL 77

Assisted Solution

by:arnold
arnold earned 250 total points
ID: 21772368
If you do not have GPMC, get it at: http://www.microsoft.com/windowsserver2003/gpmc/default.mspx
Using the GPMC create a new GPO Disable Firewall.
Then Go through computer configuration\Administrative templates\network\network connections\
Here you will have domain profile and standard profile.  Disable the windows firewall: protect all network connectsion.


What do you mean you want to enable WMI on all, Are you referring to the service?
if so it is also under computer configuration\windows settings\security settings\system services\wmi performance enable it and set it to auto.

Once done, you apply these to the OU or to the entire domain.  Note applying to the entire domain will set this policy on the servers as well as on the workstations.
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 21778249
WMI is enabled by default on win2k and up, unless a GP was in place to disable it. You could also, just open certain ports in the firewalls on the lan to allow WMI queries.
There are also some caveats for connecting to wmi, you have to be an admin, and the password cannot be blank. Ports 135 and 445 are all you should need to connect to WMI remotely
http://msdn.microsoft.com/en-us/library/aa389290(VS.85).aspx
http://support.microsoft.com/kb/875605
-rich
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 21780009
Agreed, I guess enabling the service in Group Policy just makes sure it's actually there and running, and more importantly, users cannot disable it.
0
 
LVL 41

Expert Comment

by:graye
ID: 21794663
Are you really asking how to configure the firewall to allow remote WMI sessions?

Or am I "reading between the lines" a too much  :)
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now