I need to administer machines remotely where XP SP2 needs to be
installed. Problem: once SP2 is installed, the firewall by default is
enabled and I can't reconnect to them with Dameware / Terminal Server
to continue patching on these systems. With no on-site support
available, does anyone know how I can tweak the SP2 install so the
firewall is disabled, post-install?
Hi,
To disable the firewall, you can just set two registry settings before
the SP2 installation. The FW disables itself when it finds those
registry settings.
The registry settings are:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile
\EnableFirewall=0 (DWORD data type)
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile
\EnableFirewall=0 (DWORD data type)
(adding the registry values after SP2 is installed will also disable
the firewall at next startup)
The registry settings are documented here:
WF_XPSP2.doc "Deploying Windows Firewall Settings for Microsoft
Windows XP with Service Pack 2" is downloadable from
http://www.microsoft.com/downloads/details.aspx?familyid=4454e0e1-61fa-447a-bdcd-499f73a637d1
The VBScript below sets the two registry values needed to disable
the WinXP SP2 firewall, and then it install SP2 in unattended mode.
'--------------------8<----------------------
Set oShell = CreateObject("WScript.Shell")
oShell.RegWrite "HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall" _
& "\DomainProfile\EnableFirewall", 0, "REG_DWORD"
oShell.RegWrite "HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall" _
& "\StandardProfile\EnableFirewall", 0, "REG_DWORD"
sLaunchCmd = "SP2WindowsXP-KB835935-SP2-ENU.exe /quiet /passive /norestart"
iRetVal = oShell.Run(sLaunchCmd, 1, True)
If iRetVal <> 3010 And iRetVal <> 0 Then
MsgBox "Installation was NOT successful, error code returned: " & iRetVal
End If
'--------------------8<----------------------
