Remotely check Windows firewall status

As part of my routine auditing process I wanted to check to ensure that the Windows firewall is enabled and set to use its domain profile on all of our Member servers.

Here’s a script to do just that

' Configuration.
'====================================================================
Dim strFirewallStatus, strComputer, arrComputers
arrComputers = Split("london,brisbane,perth,chicago", ",")

WScript.Echo "-------------------------------------------------------"
WScript.Echo Left("Computer Name" & Space(47),47) & "Status"
WScript.Echo "-------------------------------------------------------"

' Iterate through computers, showing status.
'====================================================================
For Each strComputer in arrComputers

  ' Required so we don't die on permission errors.
  On Error Resume Next

  Set objReg = GetObject( "winmgmts:{impersonationLevel" &_
  "=impersonate}!\\" & strComputer & "\root\default:StdRegProv")

  If err.number = 0 Then
    objReg.GetDWORDValue &H80000002, "SYSTEM\CurrentControlSet\" &_
    "Services\SharedAccess\Parameters\FirewallPolicy\" &_
    "DomainProfile\", "EnableFirewall",dwValue

    If dwValue <> 0 Then
      strFirewallStatus = "Enabled"
    Else
      strFirewallStatus = "Disabled"
    End If

    WScript.Echo Left(strComputer & Space(47),47) & strFirewallStatus

  Else
    WScript.Echo strComputer & " - Error" & err.number & " : " &_
    err.description
    err.clear
  End if
Next

You’ll need to make sure that you’ve got the relevant permissions on the target computers, otherwise you’ll just get errors.

Digg icon StumbleUpon icon del.icio.us icon Facebook icon

Leave a Comment