Solved

Turning off Windows Firewall on remote computer not on domain

Posted on 2011-02-22
13
444 Views
Last Modified: 2012-05-11
Ok, here's a good one.  Have several remote computers that connect back to our domain through VPN.  These computers are not part of the domain.  They are given a DHCP address through the VPN, and I can reach them on the LAN.  Problem I'm having is this:  I want to disable Windows Firewall on these machines without having to remote in with VNC and do it manually.  I have tried using gpedit.msc gpcomputer from the command line, but I don't have the correct login credentials for it to work on that machine (local users on these machines have different logins than our domain).  What's the solution here?
0
Comment
Question by:lflorence
  • 3
  • 2
  • 2
  • +5
13 Comments
 
LVL 21

Accepted Solution

by:
Joseph Moody earned 250 total points
Comment Utility
Use PSexecute and remotely run "net stop MpsSvc"
0
 
LVL 3

Expert Comment

by:pitchford
Comment Utility
Our guys use Computer Manager to remotely manage Windows XP computers. They can disable the firewall services that way.
0
 
LVL 10

Expert Comment

by:akhalighi
Comment Utility
From computer manager on your PC , use "connect to" option and connect to remote computer. you can stop and disable firewall service from "services" section.
0
 
LVL 10

Expert Comment

by:akhalighi
Comment Utility
look at this :) pitchford said the same thing just one second before me :)
0
 

Author Comment

by:lflorence
Comment Utility
Using PSExec returns "Couldn't Access (IP)"  Computer Manager gives me an access denied message when trying to open services.
0
 
LVL 21

Expert Comment

by:Joseph Moody
Comment Utility
With computer manager, you will need to run it as a admin of that remote machine. When running psexec, are you connecting as an admin of the remote machine? Are you using the computer name or IP to connect.
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 

Author Comment

by:lflorence
Comment Utility
How do I run computer manager as an admin of that machine if that machine is not in the domain and does not have the same login as a domain account?

Having to use IP in PsExec because I cannot reach computer by name.
0
 
LVL 22

Assisted Solution

by:Adam Leinss
Adam Leinss earned 250 total points
Comment Utility
Make sure the local administrator password is the same on both PCs (yours and the remote one not on the domain).  Then, login as local administator on your machine and then you should be able to remotely manage the manage, assuming of course that Remote Registry is not turned off/firewalled.
0
 
LVL 22

Expert Comment

by:Adam Leinss
Comment Utility
remotely manage the PC*
0
 
LVL 10

Expert Comment

by:akhalighi
Comment Utility
well . managing computers remotely is difficult when they are not in a domain. why don't you add them to the domain ? that gives you a lot more management capabilities...
0
 
LVL 76

Expert Comment

by:arnold
Comment Utility
Unless you have the necessary credentials and the remote systems have exemption in the  firewall for the inbound 139,445 you can not.

Why would you want to take the step to disable something the owner of the computer choose to enable or not to disable.
0
 
LVL 25

Expert Comment

by:RobMobility
Comment Utility
Hi,

Disabling firewalls is never a recommended approach as this is providing protection for the machine?

If you need to access the machine, then create an exception and configure the scope to include your subnet etc?

Regards,


RobMobility.
0
 
LVL 15

Expert Comment

by:Russell_Venable
Comment Utility
Why not use a batch file to access there shares and use the Netsh command.

Example:
@echo off
REM Take Host names from shares.txt file and connect and disable windows firewall.
for /f "tokens=* delims= " %%a in (shares.txt) do ( if not errorlevel 1 set str=%%a )
for /f "tokens=2 delims==" %%a in ('echo !str!') do ( 
set host=%%a
net use a: !host! /user: user password
a:
netsh firewall set opmode disable
net session !host! /delete
)

Open in new window

0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
Synchronize a new Active Directory domain with an existing Office 365 tenant
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now