Firewall blocking remote commands

Hi,
when I issue the shutdown /i command it does not work for computers that have something in the firewall enabled. I am not sure what it is but when I disable the firewall it will allow me to remotely reboot the pc.
Other comps that have the firewall enabled I am still able to remotely reboot.

Any ideas?

I'll post if I find it first :)

thanks,
`John
LVL 1
tekmouseAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

arnoldCommented:
Port 445 can you telnet to that port?
This is also one of the ports that is part of file sharing.
Likely enabled by GPO to prevent guest systems from sharing.
Identifying the communality between/amongst the systems that have this issue.

Adjusting the rules to allow access from an ip or a range of IPs.
Bryant SchaperCommented:
I think it requires remote registry and maybe WMI as well.  Services may not be running
tekmouseAuthor Commented:
Doing this worked: Not sure if it was the same ports you mentioned but this allowed me to remotely shutdown/manage. Now I just have to deploy this setting via gpol

To enable or disable the Remote administration exception
This procedure can be performed using the command prompt or Group Policy. You cannot perform this procedure using the graphical user interface.
Using the command prompt
To enable or disable the Remote administration exception

Type the following at the command prompt, and press ENTER:
netsh firewall set service type = remoteadmin mode = ENABLE

Substitute values for the placeholder in italics. The following table lists possible values for the placeholder.


thanks

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Powerful Yet Easy-to-Use Network Monitoring

Identify excessive bandwidth utilization or unexpected application traffic with SolarWinds Bandwidth Analyzer Pack.

arnoldCommented:
Remote registry is only needed to access the registry remotely.
The issue was narrowed by the asker: when
firewall is enabled, remote shutdown fails.
Firewall disabled, remote shutdown works.
meaning all relavent service are running, but we're being blocked.
tekmouseAuthor Commented:
this was remote administration that was enabled. not for registry.
arnoldCommented:
Remote administration is tied to ports 135 and 445.

Is there something common to these systems, OU, site?  There you can find the GPO/GPP setting the firewall policy.
tekmouseAuthor Commented:
they are all in the same OU. So I can set that policy within there without having to run this comnmand on a startup script or anything?
tekmouseAuthor Commented:
tekmouseAuthor Commented:
I was unable to apply the gpol since I am server 2003 administering windows 7 pc's. I will have to add this too comps via command line but it does worksy.
arnoldCommented:
As long as you loaded and updated some, installing RSAT, group policy management on the windows 7 to remotely manage/administer the GPO, those options might become available to you.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows OS

From novice to tech pro — start learning today.