Solved

WMIC to turn off and WMIC to disabled firewall client

Posted on 2014-04-22
9
2,582 Views
Last Modified: 2014-05-02
Trying to run these commands with a list:
eca@echo off
set /p var= Enter the computer FILE:

WMIC /Node:%var% service where caption="windows Firewall" call stopservice

and

@echo off
set /p var= Enter the computer FILE:


WMIC /Node:%var% service where "caption like 'Windows Firewall%' and  Startmode<>'Disabled'" call ChangeStartmode Disabled

But even though I can ping the machines I'm getting RPC unavailable.  Is there a better way?
I have about 1500 machine that I want to disabled the firewall client.
0
Comment
Question by:WellingtonIS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
9 Comments
 
LVL 29

Expert Comment

by:serialband
ID: 40015616
It might be easier with these other commands.

Windows XP
netsh -r REMOTE_COMP  firewall set opmode disable
netsh -r REMOTE_COMP  firewall set opmode enable
netsh -r REMOTE_COMP  firewall set opmode mode = disable profile = domain

Windows7, 2008
netsh -r REMOTE_COMP  advfirewall set currentprofile state off
netsh -r REMOTE_COMP  advfirewall set currentprofile state on
netsh -r REMOTE_COMP  advfirewall show currentprofile


Powershell

# to see firewall status
get-service -name "Windows Firewall/Internet Connection Sharing (ICS)" -computer
 
# turn on the firewall
set-service -name "SharedAccess" -ComputerName -Status running -startuptype automatic
 
# turn off firewall
set-service -name "SharedAccess" -ComputerName -Status stopped -startuptype disabled


Using sc:
SC [ \\Remote_computer ] Stop SharedAccess
SC [ \\Remote_computer ] Config SharedAccess start= disabled
0
 

Author Comment

by:WellingtonIS
ID: 40015626
Can I substitute the remote computer with a variable and run alist?  I tried running these and it did not stop the service.
0
 
LVL 29

Expert Comment

by:serialband
ID: 40015831
netsh /? or netsh help will give you a command list.  You can put the commands in a for loop to cycle through a list you provide.

Here are DOS command line examples.  You can use your scripting language of choice.
for %i in (Comp1, comp2, comp3) do netsh -r %i advfirewall show currentprofile
for %i in (1,1,99) do netsh -r COMP_NAME_%i advfirewall show currentprofile
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:WellingtonIS
ID: 40015867
wow strange.  I run the command netsh advfirewall set allprofiles state off
for the remote computer in system 32 so I do a psexec \\computername cmd
then the netsh commands - it says its ok but when I look at the services it's still running?  I also turned it off via GPO and the registry and yet the service is still on in the services???
0
 
LVL 81

Expert Comment

by:David Johnson, CD, MVP
ID: 40015870
Two other methods:
command prompt:
netsh advfirewall set allprofiles state off
Powershell:

Set-NetFirewallProfile -Profile * -Enabled False
0
 
LVL 29

Expert Comment

by:serialband
ID: 40016145
Are you running your commands, such as psexec, as a Local Admin account?  Is your account in the Local Admin Group?

Also try running psexec as the system with psexec -s
0
 

Author Comment

by:WellingtonIS
ID: 40017286
I tried going to the cmd using psexec so psexec \\computer cmd and running it.  But what I was trying to accomplish is using %@var% with a list of PC names and a command.  Everyone has giving me the commands but when I try to run any command from the PC cmd line the service doesn't stop and it's not disabled.  the only way I've been able to accomplish this is with the WMIC command but you have to do it 1 at a time.
0
 
LVL 29

Accepted Solution

by:
serialband earned 500 total points
ID: 40017902
You'll have to double up the percent(%) symbols when it's in a batch file.  That's always been the way it's done to escape the character.  You only do the single percent(%) on the command line.

eca@echo off
set /p var= Enter the computer FILE:

WMIC /Node:%%var%% service where caption="windows Firewall" call stopservice

Open in new window

0
 

Author Closing Comment

by:WellingtonIS
ID: 40038252
Thanks. This did what I needed it to do.
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup" or a blinking cursor with black screen. A loop for Auto repair will start but fix nothing.  You will be panic as there are no backā€¦
By default the complete memory dump option is disabled in windows . If we want to enable the complete memory dump for a diagnostic purpose, we have a solution for it. here we are using the registry method to enable this.
This Micro Tutorial will go in depth within Systems and Security in Windows 7 and will go into detail regarding Action Center, Windows Firewall, System, etc. This will be demonstrated using Windows 7 operating system.
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question