In a previous post, I talked about why I couldn’t access any file shares, or connect remotely to some systems. The issue was caused by services, protocols and clients missing from the network adapters. Now that the issue had been identified, I had two choices: manually touch every machine, using the mouse for most of the work, or automate the process. This post describes the latter.
What are these services, protocols and clients you speak of?
In Windows, you can have many services or protocols running through your network - a prime example of a protocol would be Internet Protocol Version 4 (TCP/IPv4). Protocols define the rules for traffic to travel in and out of your computer through the network card. An example of a Service included with Windows is File and Printer Sharing. This service understands how to communicate using the SMB (Server Message Block) protocol, and lets you connect using UNC paths (Universal Naming Convention) with other computers.
Needless to say, just starting the services does not automatically grant your computer the ability to communicate with them. For example, without the File and Printer Sharing service enabled, an administrator cannot connect remotely to the system.
The commands to use
After some deep Google-searching, I finally found a command that looked promising - netcfg.exe. This small utility should be in every recent version of Windows, and controls the network adapters installed. Needless to say, it must be run with the Administrative Command Prompt - you don’t want regular users running this command.
This command is split up into a few different modes. The first command I ran on a known-working system was to find out what services were installed: netcfg -v -s n
. This command lists the short names, long names, and class (or type) of services that were installed. I then wrote down or typed the services and protocols I wanted into a notepad, and know when I go to install them as to what is required.
Once I had the list, I put them into a batch file, such as below:
netcfg.exe -c s -i MS_Server
netcfg.exe -c s -i MS_Pacer
netcfg.exe -c p -i MS_LLTDIO
netcfg.exe -c p -i MS_RSPNDR
netcfg.exe -c c -i MS_MSClient
netsh advfirewall firewall set rule group="windows management instrumentation (wmi)" new enable=yes
netsh advfirewall firewall set rule group="File and Printer Sharing" new enable=yes
netsh firewall set service remoteadmin enable
netsh advfirewall firewall set rule group="remote administration" new enable=yes
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f
The first 5 commands install:
- File and Printer Sharing for Microsoft Networks (service)
- QoS Packet Scheduler (service)
- Link-Layer Topology Discovery Mapper I/O Driver (protocol)
- Link-Layer Topology Discovery Responder (protocol)
- Client for Microsoft Networks (client)
Next, I open the Windows Firewall for 3 services: Windows Management Instrumentation, File and Printer Sharing, and Remote Administration. Finally, I disable Remote UAC by adding a REG_DWORD value of 1. These settings will require a reboot of the workstation.
Although not missing in my environment, you can also manually add IPv4 / IPv6 protocols by installing MS_TCPIP and MS_TCPIP6, using the commands above for Protocols ( netcfg.exe -c p -i { MS_TCPIP | MS_TCPIP6 }
)
How do you deploy it?
Without the ability to push the script, I needed to do something else. I put all those commands into a batch file, and I uploaded it to our server. Since we are still on an NT4-style domain controller (Samba), we use login scripts. Since these commands will only run for an Administrator, I could log in on each computer, and know the command likely completed. After testing it on a few systems, I could remotely manage them. This means it worked! Excellent!
While I don’t need to use the mouse, I can quickly log in to each computer throughout the week, and know the settings got applied. My goal of being able to remotely manage the workstations has been met. This worked for me to remotely manage our Anti-virus Solution, as well as using PDQ products.