Solved

Turning off Windows Firewall on remote computer not on domain

Posted on 2011-02-22
13
469 Views
Last Modified: 2012-05-11
Ok, here's a good one.  Have several remote computers that connect back to our domain through VPN.  These computers are not part of the domain.  They are given a DHCP address through the VPN, and I can reach them on the LAN.  Problem I'm having is this:  I want to disable Windows Firewall on these machines without having to remote in with VNC and do it manually.  I have tried using gpedit.msc gpcomputer from the command line, but I don't have the correct login credentials for it to work on that machine (local users on these machines have different logins than our domain).  What's the solution here?
0
Comment
Question by:lflorence
  • 3
  • 2
  • 2
  • +5
13 Comments
 
LVL 22

Accepted Solution

by:
Joseph Moody earned 250 total points
ID: 34951895
Use PSexecute and remotely run "net stop MpsSvc"
0
 
LVL 3

Expert Comment

by:pitchford
ID: 34951898
Our guys use Computer Manager to remotely manage Windows XP computers. They can disable the firewall services that way.
0
 
LVL 10

Expert Comment

by:akhalighi
ID: 34951920
From computer manager on your PC , use "connect to" option and connect to remote computer. you can stop and disable firewall service from "services" section.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 10

Expert Comment

by:akhalighi
ID: 34951928
look at this :) pitchford said the same thing just one second before me :)
0
 

Author Comment

by:lflorence
ID: 34952179
Using PSExec returns "Couldn't Access (IP)"  Computer Manager gives me an access denied message when trying to open services.
0
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 34952192
With computer manager, you will need to run it as a admin of that remote machine. When running psexec, are you connecting as an admin of the remote machine? Are you using the computer name or IP to connect.
0
 

Author Comment

by:lflorence
ID: 34952252
How do I run computer manager as an admin of that machine if that machine is not in the domain and does not have the same login as a domain account?

Having to use IP in PsExec because I cannot reach computer by name.
0
 
LVL 22

Assisted Solution

by:Adam Leinss
Adam Leinss earned 250 total points
ID: 34952272
Make sure the local administrator password is the same on both PCs (yours and the remote one not on the domain).  Then, login as local administator on your machine and then you should be able to remotely manage the manage, assuming of course that Remote Registry is not turned off/firewalled.
0
 
LVL 22

Expert Comment

by:Adam Leinss
ID: 34952278
remotely manage the PC*
0
 
LVL 10

Expert Comment

by:akhalighi
ID: 34952857
well . managing computers remotely is difficult when they are not in a domain. why don't you add them to the domain ? that gives you a lot more management capabilities...
0
 
LVL 78

Expert Comment

by:arnold
ID: 34955063
Unless you have the necessary credentials and the remote systems have exemption in the  firewall for the inbound 139,445 you can not.

Why would you want to take the step to disable something the owner of the computer choose to enable or not to disable.
0
 
LVL 25

Expert Comment

by:RobMobility
ID: 34959364
Hi,

Disabling firewalls is never a recommended approach as this is providing protection for the machine?

If you need to access the machine, then create an exception and configure the scope to include your subnet etc?

Regards,


RobMobility.
0
 
LVL 15

Expert Comment

by:Russell_Venable
ID: 34965937
Why not use a batch file to access there shares and use the Netsh command.

Example:
@echo off
REM Take Host names from shares.txt file and connect and disable windows firewall.
for /f "tokens=* delims= " %%a in (shares.txt) do ( if not errorlevel 1 set str=%%a )
for /f "tokens=2 delims==" %%a in ('echo !str!') do ( 
set host=%%a
net use a: !host! /user: user password
a:
netsh firewall set opmode disable
net session !host! /delete
)

Open in new window

0

Featured Post

Create the perfect environment for any meeting

You might have a modern environment with all sorts of high-tech equipment, but what makes it worthwhile is how you seamlessly bring together the presentation with audio, video and lighting. The ATEN Control System provides integrated control and system automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question