[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

WMIC to turn off and WMIC to disabled firewall client

Posted on 2014-04-22
9
Medium Priority
?
3,929 Views
Last Modified: 2014-05-02
Trying to run these commands with a list:
eca@echo off
set /p var= Enter the computer FILE:

WMIC /Node:%var% service where caption="windows Firewall" call stopservice

and

@echo off
set /p var= Enter the computer FILE:


WMIC /Node:%var% service where "caption like 'Windows Firewall%' and  Startmode<>'Disabled'" call ChangeStartmode Disabled

But even though I can ping the machines I'm getting RPC unavailable.  Is there a better way?
I have about 1500 machine that I want to disabled the firewall client.
0
Comment
Question by:WellingtonIS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
9 Comments
 
LVL 30

Expert Comment

by:serialband
ID: 40015616
It might be easier with these other commands.

Windows XP
netsh -r REMOTE_COMP  firewall set opmode disable
netsh -r REMOTE_COMP  firewall set opmode enable
netsh -r REMOTE_COMP  firewall set opmode mode = disable profile = domain

Windows7, 2008
netsh -r REMOTE_COMP  advfirewall set currentprofile state off
netsh -r REMOTE_COMP  advfirewall set currentprofile state on
netsh -r REMOTE_COMP  advfirewall show currentprofile


Powershell

# to see firewall status
get-service -name "Windows Firewall/Internet Connection Sharing (ICS)" -computer
 
# turn on the firewall
set-service -name "SharedAccess" -ComputerName -Status running -startuptype automatic
 
# turn off firewall
set-service -name "SharedAccess" -ComputerName -Status stopped -startuptype disabled


Using sc:
SC [ \\Remote_computer ] Stop SharedAccess
SC [ \\Remote_computer ] Config SharedAccess start= disabled
0
 

Author Comment

by:WellingtonIS
ID: 40015626
Can I substitute the remote computer with a variable and run alist?  I tried running these and it did not stop the service.
0
 
LVL 30

Expert Comment

by:serialband
ID: 40015831
netsh /? or netsh help will give you a command list.  You can put the commands in a for loop to cycle through a list you provide.

Here are DOS command line examples.  You can use your scripting language of choice.
for %i in (Comp1, comp2, comp3) do netsh -r %i advfirewall show currentprofile
for %i in (1,1,99) do netsh -r COMP_NAME_%i advfirewall show currentprofile
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:WellingtonIS
ID: 40015867
wow strange.  I run the command netsh advfirewall set allprofiles state off
for the remote computer in system 32 so I do a psexec \\computername cmd
then the netsh commands - it says its ok but when I look at the services it's still running?  I also turned it off via GPO and the registry and yet the service is still on in the services???
0
 
LVL 83

Expert Comment

by:David Johnson, CD, MVP
ID: 40015870
Two other methods:
command prompt:
netsh advfirewall set allprofiles state off
Powershell:

Set-NetFirewallProfile -Profile * -Enabled False
0
 
LVL 30

Expert Comment

by:serialband
ID: 40016145
Are you running your commands, such as psexec, as a Local Admin account?  Is your account in the Local Admin Group?

Also try running psexec as the system with psexec -s
0
 

Author Comment

by:WellingtonIS
ID: 40017286
I tried going to the cmd using psexec so psexec \\computer cmd and running it.  But what I was trying to accomplish is using %@var% with a list of PC names and a command.  Everyone has giving me the commands but when I try to run any command from the PC cmd line the service doesn't stop and it's not disabled.  the only way I've been able to accomplish this is with the WMIC command but you have to do it 1 at a time.
0
 
LVL 30

Accepted Solution

by:
serialband earned 2000 total points
ID: 40017902
You'll have to double up the percent(%) symbols when it's in a batch file.  That's always been the way it's done to escape the character.  You only do the single percent(%) on the command line.

eca@echo off
set /p var= Enter the computer FILE:

WMIC /Node:%%var%% service where caption="windows Firewall" call stopservice

Open in new window

0
 

Author Closing Comment

by:WellingtonIS
ID: 40038252
Thanks. This did what I needed it to do.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

First some basics on Windows 7 Backup.  It has 2 components one is a file based backup which is stored in .zip files each zip is split at around 200 Megabytes and there is the Image Backup which is as the name implies a total image of the partition …
OfficeMate Freezes on login or does not load after login credentials are input.
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question