Disable Windows Firewall, Windows Defender, Action Center, and Windows Updates via Registry, Script, MDT?
-
14 April 2012 2:01
I've been deploying windows 7 x86 images via MDT 2010 Update 1 which is working great!
Question.. I need to disable as much as possible for our users in our environment. I need to disable Windows Firewall, Windows Defender, the Action Center, and Windows Updates.. Im pretty confident in separate registry keys to disable all of the above, but wanted some experts opinions in how to disable all via MDT, scripts, registry, etc.... I already have my wim, applications, and task sequences set up and successfully deploying to computers...
Any help would be appreciated.
Semua Balasan
-
14 April 2012 3:49
Use Group Policies.
/ Johan
Regards / Johan Arwidmark Twitter: @jarwidmark Blog: http://www.deploymentresearch.com FB: www.facebook.com/deploymentresearch
-
14 April 2012 5:20
To expand on Johan's straight to the point answer, doing it from the GPO provides you with a centralized point of view with the ability to quickly modify your settings. that said, the firewall may become an issue under specific deployment scenarios, you can disable it with a simple command line in the State restore section, somewhere after the Tattoo: SC CONFIG SHAREDACCESS Start= disabled
-
14 April 2012 19:45
To further append some information.
All three tasks you specify are Windows Services
So you could disable these services through: a script/local group policy/group policy.
Note; when disabling the Action Center, you will be prompted in the System Tray, by the white flag with a red cross in it that the Action Center is disabled and should be turned on. To disable this message you should configure the GP located at : User Config \ Admin Templates \ Start Menu and Task Bar => Remove the Action Center Icon.
Considering all these changes are actually registry changes, it's up to you how to configure them. However I'd personally opt with GP's just like Johan said, simply for the sake of easy management.
Kind regards,
Stephan Schwarz.
If one of these posts answered your question or issue, please click on "Mark as answer".
My Blog | Twitter: @Schwarz_Stephan | MCTS, MCITP, MCC.
How to configure Windows RE/OEM Recovery Partition with MDT -
17 April 2012 13:54
Thank you. I was using this command to disable the firewall.
netsh advfirewall set allprofiles state off
I placed it under my custom tasks. Will this work as well?
I am still looking for a way to disable the action center completely so that the user does not notice it via a command line or reg key I can place in my MDT task sequence. Any help here??
-
17 April 2012 14:23
Yes that command would work as well for disabling the firewall.
The following would disable the security center: sc config wscsvc start= disabled
note the space between start= and disabled, it needs to be there.
sc config WinDefend= disabled, this would disable Windows Defender.
If one of these posts answered your question or issue, please click on "Mark as answer".
My Blog | Twitter: @Schwarz_Stephan | MCTS, MCITP, MCC.
How to configure Windows RE/OEM Recovery Partition with MDT- Ditandai sebagai Jawaban oleh heid4055 18 April 2012 1:10
-
17 April 2012 14:27Im going to implement these in my task sequence. This will work for the local admin. When I join it to the domain, will the settings stick for all users?
-
17 April 2012 16:08
Im going to implement these in my task sequence. This will work for the local admin. When I join it to the domain, will the settings stick for all users?
YesIf one of these posts answered your question or issue, please click on "Mark as answer".
My Blog | Twitter: @Schwarz_Stephan | MCTS, MCITP, MCC.
How to configure Windows RE/OEM Recovery Partition with MDT
.png)
