none
Compmgmt.msc, PSEXEC access, Admin$ access denied --- all related?

    Question

  • We have a windows domain -- domain controller is Windows Server 2012 Standard. All domain computers are Windows 7 or 8.

    1. What Group Policy Object can I create to make sure I can access ALL domain computers via \\computername\c$?

    2. What Group Policy Object can I create to turn off firewall for DOMAIN profiles? --> When I use Computer Management to connect to another computer, I get "Computer "computername" cannot be managed. Verify that the network path is correct, the computer is available on the network, and that the appropriate Windows Firewall rules are enabled on the target computer". ---- it tells me to enable: COM+ Network Access (DCOM-in) and "All rules in the Remote Event Log Management group".

    3. What Group Policy Object can I create to make sure I can access ALL domain computers via PSEXEC with the following command: psexec \\computername cmd? Currently it's hit-or-miss whether I can access a computer or not. On some computers, even though I can PING them, I get:

    Couldn't access computername:
    The network path was not found
    Make sure that the default admin$ share is enabled on computername.

    Yet, I swear when I go to add a new share and call it admin$, it tells me that share already exists. All of these random access denied things have been happening for quite some time but not it's time to get to the bottom of it all!

    Thank you!!!

    Being that all computers are on the domain, and that I'm RDP'd to the domain controller as a domain admin, I am a little flustered that I'm unable to do most things a normal domain admin should be able to do without running into all these snags... I feel like I'm trying to manage a workgroup!







    Tuesday, August 11, 2015 7:44 PM

All replies