How can I access my Windows 7 to Windows 8 upgraded machines

Good evening  Experts,

I have just completed an inplace upgrade of 24 Windows 7 Pro Machines to Windows 8.1. I love the look and feel of 8.1 but I have lost functionality in terms of my scripts because several components were reverted back to their original state they would have been in with Windows 7. Allow me to elucidate with screen shots and easier explanations.

For me to have complete access to all of my machines in Windows 7 I had to perform the following task manually:

1. Firewall Off


2. Sharing Options and Network Disovery Turned On


3. Additional Settings With Boxes Checked (Reaaaally Necessary)


4. Allow Remote Connections


5. Allow Access to Admin Shares Via Registry


I am not worred about item 5 as I have a script that simply works. However, I don't want to go touch every machine that I upgraded and reset those settings.

What I am asking is for you experts to look a the first four items and suggest to me ways of  programmatically , turn off the firewall, turn on network discovery, turn on file and print sharing, turn on sharing so anyone with network access can read and write files in the public folders, Turn off password protected sharing, use user accounts and passwords to connect to other computers.

I would prefer solutions with a combination of vbscript, Wmi, Wsh, and registry coding, as these are my strong suits.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Olaf De CeusterCommented:
Use group policy:
Example for RDP: HKEY_LOCAL_MACHINE > SYSTEM > CurrentControlSet > Control > Terminal Server > WinStations > RDP-Tcp

Hope that helps,

I saw your question about upgrade options (keep applications - possible?). I am afraid you relied on the wrong advice - not only your settings have vanished, but also all installed applications - see my comment on your other thread.

So this might stop this thread right here: do you want to continue or isn't it better to return to your (hopefully present) win7 backup to perform another upgrade (this time correct: win7->win8->8.1) and keep your applications?
Starting with Angular 5

Learn the essential features and functions of the popular JavaScript framework for building mobile, desktop and web applications.

I knew I would lose the applications. I am not concerned about that. I am concerned only with a solution to changing the aforementioned settings programmatically. I already have a way to re-install all applications within minutes, i.e. , manage engine.

to be clear, I either want registry solutions to change the settings or some combination of wmi, vbs, or wsh.

Regis Hyde

I am not using group policy because my network is purely peer to peer (Workgroup).

My goal is not to touch each machine manually, but to programmatically change the settings above via the programing tools I  mentioned above. I simply want to at my desktop and program a way to get into those machines. Right now I cant, unless I get off my behind and do this all manually. Respectfully , your solutions require me to go to each machine or rdp into them. That defeats the purpose of what I am trying to accomplish. Keep in mind , before I upgraded the machines to windows 8.1 I had complete control via my scripts.

All the machines retained all personal files , which is a god thing ,but all of the security setting were re-established. I should have simply cloned a pristine image via clonezilla , then I would not be in this predicament.

I only need solutions where I don't have to get out of my seat and don't have to use RDP as my main way of  configuring each machine.

I hope I am clear on what I am in need of.


Regis Hyde

all of the machines have the same accounts, member, B&G-Admin, and Administrator.

Same password too.
will netsh do what I want
Regis, your question should be divided into several quetions, it is too big and means quite some effort to sort out those settings/scripts.
It would be very helpful if you would show where you stand, what your scripting abilities are, what steps you need help with. So far it is not clear whether you need help or whether you see this as some kind of paid service that will do the whole work for you. I don't hope so ;)

netsh can configure the firewall per network profile, yes. Also look into the tool regshot in order to create a before-after comparison of the registry.
Happy new year, later on!
Respectfully Mcnife,

I take your advice to heart, but it really is only one question and that is how do  I programmatically check or uncheck those boxes. That's it. Nothing more. it doesn't require breaking it up into several questions. To your point about having someone do the work for me , that is not now , nor has it ever been the case in the years I have been with experts exchange. netsh is a wonderful tool to enable or disable the firewall, but I was only using that as an example ( a bad one albeit) .

For clarity , I only want to be able to check or uncheck the radial buttons above programmatically or with the registry . Done.

Happy New Year,
Don't consume too much eggnog.
Sudeep SharmaTechnical DesignerCommented:
First, use psexec comes with pstools from microsoft so that you can run the scripts from the centralized location, may be your system. The only condition would be, if you don't have the same password for all the systems you would need type that for each system.

As per my knowledge most of the this could be accomplished by the scripts or registry changes.

Remote Desktop:
We can enable remote desktop from windows command line by running the following command.
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f

Open in new window

Disable Firewall on All the Profiles:
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile/EnableFirewall /d 0x0
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile/EnableFirewall /d 0x0
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile/EnableFirewall /d 0x0

Open in new window

Allow Access to Admin Shares Via Registry:
reg add HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccoundTokemFilterPolicy /t REG_DWORD /d 1 /f

Open in new window

Copy all the registry into one bat files and execute it from your system on to the remote computers.

If you need more help running psexec let us know.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Sudeep's advice is correct.
This leaves us with just No. 2 and 3 unsolved.
Have you taken my advice and used regshot yet? It will show you the settings for 2 and 3.
Some will be hard to identify because the firewall settings (yes, netw. discovery and others are firewall settings) are always saved as a whole. Just the sharing security (128 bit) will be easily identified and distributable:
To get hold of the firewall settings, I would tune it on one computer to your likings and then export the whole fw settings from HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules to a regfile and then (with psexec again) import it using
regedit /s regfile.reg

Thank you for the information above. To be clear , psexec has always been my tool of choice in conjunction with vbscript, shell programming  and registry settings. However, I have a entirely different way of modifying the registry that is tried and true , so I am going to try your wonderful suggestions and get back to you when my testing is done. Hopefully no more than a day or two.

To be nosey: how do you modify the registry?
Good afternoon  MckNife,

I use wmi. Very intuitive and easy to use. I have modified literally hundreds of machines using wmi in concert with vbscript.


Const HKEY_LOCAL_MACHINE = &H80000002
Set objShell = WScript.CreateObject("WScript.Shell")
Computers = Array("wks-wnxp-01916")
Set objSWbemLocator = CreateObject _
On Error Resume Next
For Each Computer In Computers

Set oReg = objSWbemLocator.ConnectServer _
(Computer, "root\default:StdRegProv","ADMINISTRATOR", "#@BtOp&vice")
Set StdRegProv = oReg.Get("StdRegProv")
strKeyPath = "SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\"
strEntryName = "LocalAccountTokenFilterPolicy"
dwValue = 1
StdRegProv.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strEntryName,dwValue

Open in new window

I wrap it in a encrypted executable and use the array function to perform registry task on any number of machines.
Ok, an encrypted because you store the password in the script? It gets decrypted on execution to the users temp-folder I guess. Normally that is the case.

How is the testing going?
I have been out of commission with the flu. which is extremely bad for my condition, but I am back among the living ,so I will finish my testing this week and allocate the points accordingly.
Testing completed. I will now allocate the points. You experts are always coming through for me.
Thanks Experts
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 7

From novice to tech pro — start learning today.