Solved

Turning off Windows Firewall on remote computer not on domain

Posted on 2011-02-22
13
460 Views
Last Modified: 2012-05-11
Ok, here's a good one.  Have several remote computers that connect back to our domain through VPN.  These computers are not part of the domain.  They are given a DHCP address through the VPN, and I can reach them on the LAN.  Problem I'm having is this:  I want to disable Windows Firewall on these machines without having to remote in with VNC and do it manually.  I have tried using gpedit.msc gpcomputer from the command line, but I don't have the correct login credentials for it to work on that machine (local users on these machines have different logins than our domain).  What's the solution here?
0
Comment
Question by:lflorence
  • 3
  • 2
  • 2
  • +5
13 Comments
 
LVL 22

Accepted Solution

by:
Joseph Moody earned 250 total points
ID: 34951895
Use PSexecute and remotely run "net stop MpsSvc"
0
 
LVL 3

Expert Comment

by:pitchford
ID: 34951898
Our guys use Computer Manager to remotely manage Windows XP computers. They can disable the firewall services that way.
0
 
LVL 10

Expert Comment

by:akhalighi
ID: 34951920
From computer manager on your PC , use "connect to" option and connect to remote computer. you can stop and disable firewall service from "services" section.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 10

Expert Comment

by:akhalighi
ID: 34951928
look at this :) pitchford said the same thing just one second before me :)
0
 

Author Comment

by:lflorence
ID: 34952179
Using PSExec returns "Couldn't Access (IP)"  Computer Manager gives me an access denied message when trying to open services.
0
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 34952192
With computer manager, you will need to run it as a admin of that remote machine. When running psexec, are you connecting as an admin of the remote machine? Are you using the computer name or IP to connect.
0
 

Author Comment

by:lflorence
ID: 34952252
How do I run computer manager as an admin of that machine if that machine is not in the domain and does not have the same login as a domain account?

Having to use IP in PsExec because I cannot reach computer by name.
0
 
LVL 22

Assisted Solution

by:Adam Leinss
Adam Leinss earned 250 total points
ID: 34952272
Make sure the local administrator password is the same on both PCs (yours and the remote one not on the domain).  Then, login as local administator on your machine and then you should be able to remotely manage the manage, assuming of course that Remote Registry is not turned off/firewalled.
0
 
LVL 22

Expert Comment

by:Adam Leinss
ID: 34952278
remotely manage the PC*
0
 
LVL 10

Expert Comment

by:akhalighi
ID: 34952857
well . managing computers remotely is difficult when they are not in a domain. why don't you add them to the domain ? that gives you a lot more management capabilities...
0
 
LVL 77

Expert Comment

by:arnold
ID: 34955063
Unless you have the necessary credentials and the remote systems have exemption in the  firewall for the inbound 139,445 you can not.

Why would you want to take the step to disable something the owner of the computer choose to enable or not to disable.
0
 
LVL 25

Expert Comment

by:RobMobility
ID: 34959364
Hi,

Disabling firewalls is never a recommended approach as this is providing protection for the machine?

If you need to access the machine, then create an exception and configure the scope to include your subnet etc?

Regards,


RobMobility.
0
 
LVL 15

Expert Comment

by:Russell_Venable
ID: 34965937
Why not use a batch file to access there shares and use the Netsh command.

Example:
@echo off
REM Take Host names from shares.txt file and connect and disable windows firewall.
for /f "tokens=* delims= " %%a in (shares.txt) do ( if not errorlevel 1 set str=%%a )
for /f "tokens=2 delims==" %%a in ('echo !str!') do ( 
set host=%%a
net use a: !host! /user: user password
a:
netsh firewall set opmode disable
net session !host! /delete
)

Open in new window

0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question