G
Guest
I'm trying open certain ports in the XP SP2 firewall using a script at user
login. The opened ports will allow use of the Diskeeper Corp. Sitekeeper
program to inventory/install software on the target machines. Sitekeepers
tech support provides a script to do this, however, when run by a
non-privileged user, the script does not function/returns access denied. I
have over a hundred machines that need this, so
"application-by-walking-around" is not desired.. Is there a way to allow the
script to run using the system credentials? or a run-as workaround??
Sitekeeper's tech support basically said "we provide the script as-is, don't
ask us how to use it...".. Since these machines are members of an old-style
NT4 domain, not AD, I can't (as far as I know) use a policy to make the f/w
mods... Any assistance/pointers to assistance would be appreciated...
Thanks
Dave Frandin
dave[AT]frandin[.]org
The script is as follows:
@echo off
SETLOCAL
rem If SP1 the following returns 1
netsh firewall ""
if ERRORLEVEL 1 GOTO Exit
netsh firewall set service type = FILEANDPRINT mode = ENABLE scope = ALL
netsh firewall set service type = REMOTEADMIN mode = ENABLE scope = ALL
netsh firewall set portopening protocol = TCP port = 31041 name =
SitekeeperRPC mode = ENABLE scope = ALL
netsh firewall set portopening protocol = TCP port = 31040 name =
PIServerRPC mode = ENABLE scope = ALL
netsh firewall set portopening protocol = TCP port = 31042 name = SKAgentRPC
mode = ENABLE scope = ALL
netsh firewall set portopening protocol = UDP port = 4500 name = SKIPSec4500
mode = ENABLE scope = ALL
netsh firewall set portopening protocol = UDP port = 500 name = SKIPSec500
mode = ENABLE scope = ALL
netsh firewall set allowedprogram program = "SKAgent.exe" name = SKAgent
mode = ENABLE scope = ALL
:Exit
ENDLOCAL
login. The opened ports will allow use of the Diskeeper Corp. Sitekeeper
program to inventory/install software on the target machines. Sitekeepers
tech support provides a script to do this, however, when run by a
non-privileged user, the script does not function/returns access denied. I
have over a hundred machines that need this, so
"application-by-walking-around" is not desired.. Is there a way to allow the
script to run using the system credentials? or a run-as workaround??
Sitekeeper's tech support basically said "we provide the script as-is, don't
ask us how to use it...".. Since these machines are members of an old-style
NT4 domain, not AD, I can't (as far as I know) use a policy to make the f/w
mods... Any assistance/pointers to assistance would be appreciated...
Thanks
Dave Frandin
dave[AT]frandin[.]org
The script is as follows:
@echo off
SETLOCAL
rem If SP1 the following returns 1
netsh firewall ""
if ERRORLEVEL 1 GOTO Exit
netsh firewall set service type = FILEANDPRINT mode = ENABLE scope = ALL
netsh firewall set service type = REMOTEADMIN mode = ENABLE scope = ALL
netsh firewall set portopening protocol = TCP port = 31041 name =
SitekeeperRPC mode = ENABLE scope = ALL
netsh firewall set portopening protocol = TCP port = 31040 name =
PIServerRPC mode = ENABLE scope = ALL
netsh firewall set portopening protocol = TCP port = 31042 name = SKAgentRPC
mode = ENABLE scope = ALL
netsh firewall set portopening protocol = UDP port = 4500 name = SKIPSec4500
mode = ENABLE scope = ALL
netsh firewall set portopening protocol = UDP port = 500 name = SKIPSec500
mode = ENABLE scope = ALL
netsh firewall set allowedprogram program = "SKAgent.exe" name = SKAgent
mode = ENABLE scope = ALL
:Exit
ENDLOCAL