Turning off Windows Firewall on remote computer not on domain
Ok, here's a good one. Have several remote computers that connect back to our domain through VPN. These computers are not part of the domain. They are given a DHCP address through the VPN, and I can reach them on the LAN. Problem I'm having is this: I want to disable Windows Firewall on these machines without having to remote in with VNC and do it manually. I have tried using gpedit.msc gpcomputer from the command line, but I don't have the correct login credentials for it to work on that machine (local users on these machines have different logins than our domain). What's the solution here?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Our guys use Computer Manager to remotely manage Windows XP computers. They can disable the firewall services that way.
From computer manager on your PC , use "connect to" option and connect to remote computer. you can stop and disable firewall service from "services" section.
look at this :) pitchford said the same thing just one second before me :)
ASKER
Using PSExec returns "Couldn't Access (IP)" Computer Manager gives me an access denied message when trying to open services.
With computer manager, you will need to run it as a admin of that remote machine. When running psexec, are you connecting as an admin of the remote machine? Are you using the computer name or IP to connect.
ASKER
How do I run computer manager as an admin of that machine if that machine is not in the domain and does not have the same login as a domain account?
Having to use IP in PsExec because I cannot reach computer by name.
Having to use IP in PsExec because I cannot reach computer by name.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
remotely manage the PC*
well . managing computers remotely is difficult when they are not in a domain. why don't you add them to the domain ? that gives you a lot more management capabilities...
Unless you have the necessary credentials and the remote systems have exemption in the firewall for the inbound 139,445 you can not.
Why would you want to take the step to disable something the owner of the computer choose to enable or not to disable.
Why would you want to take the step to disable something the owner of the computer choose to enable or not to disable.
Hi,
Disabling firewalls is never a recommended approach as this is providing protection for the machine?
If you need to access the machine, then create an exception and configure the scope to include your subnet etc?
Regards,
RobMobility.
Disabling firewalls is never a recommended approach as this is providing protection for the machine?
If you need to access the machine, then create an exception and configure the scope to include your subnet etc?
Regards,
RobMobility.
Why not use a batch file to access there shares and use the Netsh command.
Example:
Example:
@echo off
REM Take Host names from shares.txt file and connect and disable windows firewall.
for /f "tokens=* delims= " %%a in (shares.txt) do ( if not errorlevel 1 set str=%%a )
for /f "tokens=2 delims==" %%a in ('echo !str!') do (
set host=%%a
net use a: !host! /user: user password
a:
netsh firewall set opmode disable
net session !host! /delete
)