Currently there are some devices in which the client wants the Windows Firewall turned on (not using C1’s firewall). However the computer has no firewall turned on. I need to send a procedure to turn the Windows Firewall on only.
Hello @evoevoevo
There is an available script online called ‘Disable Windows Firewall’. With a simple modification, the script can be utilized to enable the Windows Firewall.
Once you have imported the script, make a copy of it (that is, clone it) and edit one line in the script. It will be on line 14:
OB = Popen('netsh advfirewall set allprofiles state off', shell=True, stdout = PIPE, stderr = PIPE)
You need to change ‘off’ to ‘on’.
You might want to also change the printed log message on line 18:
print 'firewall is turned off successfully'
‘off’ to ‘on’
Make sure to click that ‘Save’ button (and rename the script appropriately so you don’t mistake it for the other one).
tried that prior to posting this… didn’t work, but I’ll try again now that you confirmed it maybe we missed something.
Didn’t work… in troubleshooting this issue— the Dashboard audit logs just show that the command was sent. How can we tell if anything was received, or answered in any way (failing, success)?.. the device logs show nothing.?
thanks
EVO
Did you choose to run the script as a ‘System User’, @evoevoevo ?
The message indicated in line 18 is what should show in the logs if it was successful.
In the procedure that you run, click the ‘Execution Log’ section and check the Log Detail column of the selected endpoint.
I ran it as System User. . . no logs in the Execution Log of the procedure. . I also created a new procedure and tried again - on a windows 2012 machine but it didn’t turn on the windows firewall—and i also do not see any logs either. . . … IS there anywhere on the target client machine I can look to see if anything is even reaching the machine?. I’m sifting through the Comodo client - Security event logs but there’s just too many there I"m not sure what to look for specifically… . .
I just tried on a third machine – this time running the original script of disabling the windows Firewall as system user… nothing happens and no logs whatsoever (except for the dashboard logs which confirmed the action of trying to run the procedure. . .
Hi @evoevoevo
Aside from this script, do you experience the same scenario (no logs) with any other scripts in ITSM? Were you ever able to run a script successfully before?
Looks like procedures are not running again 
Outside of a non R2 2012 server are there any other OS’s/versions not fully supported? I’ve been testing on a 2012/10/7 VM… will test again shortly (and will test another procedure too).
thanks
Here are the supported Server Editions that we provide full compatibility with
Windows Server 2003 R2
Windows Server 2008 R2
Windows Server 2012 R2
Windows Server 2016
You can also view the currently supported platforms on ITSM Portal>Settings>Support
Thanks… so the latest is that the procedures are magically working today, which made me so happy!.. BUT there’s still no logging for the actions -neither in any of the device log sections, nor the Execution logs of the scripts. I’ve tried multiple scripts and multiple devices.
One additional question — is there a place where I can see the status of ComodoOne’s functions such that if something is down i can at least verify it instead of thinking spending the time thinking I’m doing something wrong and changing things in order to troubleshoot?..
thanks
Evo
We will need to further investigate the issue with the scripts. Now we understand that the procedure reaches the machine, however, we will need to analyze as to why the script (if it is designed to show an output) would not produce any logs. We will collect some information via support ticket so we can forward it to our scripts team for investigation
.
Thanks, please let me know if I can do anything further to help. . . .
Also, speaking of scripts… . . I had a few requests that came in which might apply to someone in the future. Such as - please make these list of people local admins on their machines… I found a command line to do this, is there an easy way to wrap this in a script somehow so I can ‘deploy’ it to each machine?.. . . I started learning a little Python, but i don’t think it’s quite helping my cause exactly . . .
The task at hand was to make each domain user a local admin of their machines… After testing a command to do this for example (net localgroup administrators mydomain.local\user1 /add), I was curious how I could include it into a script to send to the endpoint. . . . AND if I that’s possible, then I’m figuring any future requests I get which can be run from command line - I could do the same with . . . . So the bottom line question is how can I insert and/or apply a one line command into a script to be executed on applicable endpoints? .
Hello @evoevoevo,
We will send the request to the development team. In addition, we will also reply to the previous email sent to your registered Comodo One email to keep you updated.
Thank you.
Hi Riley - thanks for sending to the dev team- but Im interested in learning for myself how i can wrap a command or powershell line into a script to be executed (paste into my own procedure) in the event that a procedure needs to be executed immediately (without time to wait for a script to be written from the dev team). . . Is there a ‘template’ I can be given to use for a script so I can simply modified the powershell command?
Here are some of the recommendations we have for PowerShell scripts https://scripts.comodo.com/frontend/web/?search=powershell&sort=order&per-page=10 . Since the nature of your request involves a little bit more customizing than we originally have written, then there’s a big possibility that the script you have in mind is not yet existing in our repository thus scripts team’s aid will be needed.