[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Turning off Windows Firewall on remote computer not on domain

Posted on 2011-02-22
13
Medium Priority
?
592 Views
Last Modified: 2012-05-11
Ok, here's a good one.  Have several remote computers that connect back to our domain through VPN.  These computers are not part of the domain.  They are given a DHCP address through the VPN, and I can reach them on the LAN.  Problem I'm having is this:  I want to disable Windows Firewall on these machines without having to remote in with VNC and do it manually.  I have tried using gpedit.msc gpcomputer from the command line, but I don't have the correct login credentials for it to work on that machine (local users on these machines have different logins than our domain).  What's the solution here?
0
Comment
Question by:lflorence
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +5
13 Comments
 
LVL 22

Accepted Solution

by:
Joseph Moody earned 1000 total points
ID: 34951895
Use PSexecute and remotely run "net stop MpsSvc"
0
 
LVL 3

Expert Comment

by:pitchford
ID: 34951898
Our guys use Computer Manager to remotely manage Windows XP computers. They can disable the firewall services that way.
0
 
LVL 10

Expert Comment

by:akhalighi
ID: 34951920
From computer manager on your PC , use "connect to" option and connect to remote computer. you can stop and disable firewall service from "services" section.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 10

Expert Comment

by:akhalighi
ID: 34951928
look at this :) pitchford said the same thing just one second before me :)
0
 

Author Comment

by:lflorence
ID: 34952179
Using PSExec returns "Couldn't Access (IP)"  Computer Manager gives me an access denied message when trying to open services.
0
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 34952192
With computer manager, you will need to run it as a admin of that remote machine. When running psexec, are you connecting as an admin of the remote machine? Are you using the computer name or IP to connect.
0
 

Author Comment

by:lflorence
ID: 34952252
How do I run computer manager as an admin of that machine if that machine is not in the domain and does not have the same login as a domain account?

Having to use IP in PsExec because I cannot reach computer by name.
0
 
LVL 22

Assisted Solution

by:Adam Leinss
Adam Leinss earned 1000 total points
ID: 34952272
Make sure the local administrator password is the same on both PCs (yours and the remote one not on the domain).  Then, login as local administator on your machine and then you should be able to remotely manage the manage, assuming of course that Remote Registry is not turned off/firewalled.
0
 
LVL 22

Expert Comment

by:Adam Leinss
ID: 34952278
remotely manage the PC*
0
 
LVL 10

Expert Comment

by:akhalighi
ID: 34952857
well . managing computers remotely is difficult when they are not in a domain. why don't you add them to the domain ? that gives you a lot more management capabilities...
0
 
LVL 80

Expert Comment

by:arnold
ID: 34955063
Unless you have the necessary credentials and the remote systems have exemption in the  firewall for the inbound 139,445 you can not.

Why would you want to take the step to disable something the owner of the computer choose to enable or not to disable.
0
 
LVL 25

Expert Comment

by:RobMobility
ID: 34959364
Hi,

Disabling firewalls is never a recommended approach as this is providing protection for the machine?

If you need to access the machine, then create an exception and configure the scope to include your subnet etc?

Regards,


RobMobility.
0
 
LVL 15

Expert Comment

by:Russell_Venable
ID: 34965937
Why not use a batch file to access there shares and use the Netsh command.

Example:
@echo off
REM Take Host names from shares.txt file and connect and disable windows firewall.
for /f "tokens=* delims= " %%a in (shares.txt) do ( if not errorlevel 1 set str=%%a )
for /f "tokens=2 delims==" %%a in ('echo !str!') do ( 
set host=%%a
net use a: !host! /user: user password
a:
netsh firewall set opmode disable
net session !host! /delete
)

Open in new window

0

Featured Post

Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question