Solved

WMIC to turn off and WMIC to disabled firewall client

Posted on 2014-04-22
9
2,283 Views
Last Modified: 2014-05-02
Trying to run these commands with a list:
eca@echo off
set /p var= Enter the computer FILE:

WMIC /Node:%var% service where caption="windows Firewall" call stopservice

and

@echo off
set /p var= Enter the computer FILE:


WMIC /Node:%var% service where "caption like 'Windows Firewall%' and  Startmode<>'Disabled'" call ChangeStartmode Disabled

But even though I can ping the machines I'm getting RPC unavailable.  Is there a better way?
I have about 1500 machine that I want to disabled the firewall client.
0
Comment
Question by:WellingtonIS
  • 4
  • 4
9 Comments
 
LVL 28

Expert Comment

by:serialband
ID: 40015616
It might be easier with these other commands.

Windows XP
netsh -r REMOTE_COMP  firewall set opmode disable
netsh -r REMOTE_COMP  firewall set opmode enable
netsh -r REMOTE_COMP  firewall set opmode mode = disable profile = domain

Windows7, 2008
netsh -r REMOTE_COMP  advfirewall set currentprofile state off
netsh -r REMOTE_COMP  advfirewall set currentprofile state on
netsh -r REMOTE_COMP  advfirewall show currentprofile


Powershell

# to see firewall status
get-service -name "Windows Firewall/Internet Connection Sharing (ICS)" -computer
 
# turn on the firewall
set-service -name "SharedAccess" -ComputerName -Status running -startuptype automatic
 
# turn off firewall
set-service -name "SharedAccess" -ComputerName -Status stopped -startuptype disabled


Using sc:
SC [ \\Remote_computer ] Stop SharedAccess
SC [ \\Remote_computer ] Config SharedAccess start= disabled
0
 

Author Comment

by:WellingtonIS
ID: 40015626
Can I substitute the remote computer with a variable and run alist?  I tried running these and it did not stop the service.
0
 
LVL 28

Expert Comment

by:serialband
ID: 40015831
netsh /? or netsh help will give you a command list.  You can put the commands in a for loop to cycle through a list you provide.

Here are DOS command line examples.  You can use your scripting language of choice.
for %i in (Comp1, comp2, comp3) do netsh -r %i advfirewall show currentprofile
for %i in (1,1,99) do netsh -r COMP_NAME_%i advfirewall show currentprofile
0
 

Author Comment

by:WellingtonIS
ID: 40015867
wow strange.  I run the command netsh advfirewall set allprofiles state off
for the remote computer in system 32 so I do a psexec \\computername cmd
then the netsh commands - it says its ok but when I look at the services it's still running?  I also turned it off via GPO and the registry and yet the service is still on in the services???
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 79

Expert Comment

by:David Johnson, CD, MVP
ID: 40015870
Two other methods:
command prompt:
netsh advfirewall set allprofiles state off
Powershell:

Set-NetFirewallProfile -Profile * -Enabled False
0
 
LVL 28

Expert Comment

by:serialband
ID: 40016145
Are you running your commands, such as psexec, as a Local Admin account?  Is your account in the Local Admin Group?

Also try running psexec as the system with psexec -s
0
 

Author Comment

by:WellingtonIS
ID: 40017286
I tried going to the cmd using psexec so psexec \\computer cmd and running it.  But what I was trying to accomplish is using %@var% with a list of PC names and a command.  Everyone has giving me the commands but when I try to run any command from the PC cmd line the service doesn't stop and it's not disabled.  the only way I've been able to accomplish this is with the WMIC command but you have to do it 1 at a time.
0
 
LVL 28

Accepted Solution

by:
serialband earned 500 total points
ID: 40017902
You'll have to double up the percent(%) symbols when it's in a batch file.  That's always been the way it's done to escape the character.  You only do the single percent(%) on the command line.

eca@echo off
set /p var= Enter the computer FILE:

WMIC /Node:%%var%% service where caption="windows Firewall" call stopservice

Open in new window

0
 

Author Closing Comment

by:WellingtonIS
ID: 40038252
Thanks. This did what I needed it to do.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: Lee
Windows 7 Ultimate and Enterprise (and 2008 R2) introduced a new feature you may not be aware of - Boot from VHD.   Boot from VHD (or what Microsoft refers to asNative Boot allows you to install Windows to a VHD (Virtual Hard Disk) file that is t…
OfficeMate Freezes on login or does not load after login credentials are input.
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
This Micro Tutorial will give you a basic overview of Windows Live Photo Gallery and show you various editing filters and touches to photos you can apply. This will be demonstrated using Windows Live Photo Gallery on Windows 7 operating system.

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now