Batch file guide
http://www.allenware.com/icsw/icsw000.htm
Batch file guide
http://www.allenware.com/icsw/icsw000.htm
Batch file guide
Created this as was forever doing it on machine where it was decided not to roll it out over AD. So I did it on an individual bases. Annoying having to go to gpedit.msc all the time to set these settings. So created a batch file to put it directly into the registry, just when gpedit puts it.
Stick the following in a cmd window or in a batch file.
REG ADD HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile /v EnableFirewall /t REG_DWORD /d 0
REG ADD HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile /v EnableFirewall /t REG_DWORD /d 0
What it’s doing:
REG ADD = Adds an entry to the registry.
/v is the Value name that appears under the selected key (In the above example it’s EnableFirewall. This will appear under DomainProfile and StandardProfile as in the image)
/t is the RegKey type in this case it’s a DWORD so you put REG_DWORD
/d is the data you want in it. In this case we want it set to 0. Because it’s set to 0 this bit isn’t actually needed. As adding EnableFirewall as a DWORD it appears to automatically default it to no value, 0. I just included it in the batch file so I knew what the batch file was doing.
And that’s it. Disadvantage I’ve found using the batch file instead of gpedit.msc is that after you run it, it won’t take effect until you reboot. Also if you then check gpedit, it will just said Not Configured. If you then want to use gpedit to config it. You have to set the gpedit entry to disabled, maybe doing gpupdate /force (you can get away with not having to do that most times) and then set it back to Not Configured. Then it will remove the reg entries.
Other than that, appears to work fine.
Info on the REG command can be found here. This helped me create the batch.
UPDATE:
Better command is this
REG DELETE HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Security /f
REG DELETE HKLM\SOFTWARE\Classes\AppID\{ce166e40-1e72-45b9-94c9-3b2050e8f180} /f
Stick that in a batch file and run it. It appears to fix the issue totally then. Also referenced on the MS link below.
END UPDATE
You attempt to start the Firewall in control panel and get this.
Then this
Run a CMD as admin and type or paste this into it
SC sdset SharedAccess D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
Then you should see this and it should say, as does here, SUCCESS if it’s worked. Normally fails if you don’t run the CMD as admin
More info on this here
In notepad type
dsadd user “cn=%1, ou=OUName, dc=YourDomain, dc=YourSuffix” -fn %2 -ln %3 -pwd fred -mustchpwd yes
Save as a bat file.
cn = command name (user name)
fn = first name
ln = Last name
Everything in bold you replace with your own info.
Name the file whatever, like adduser.bat
Example:
adduser testdummy Test Dummy
Would add the user Test Dummy