|
STEP1: enable DCOM for remote administration for
Windows XP, Server 2003 and Vista
Create a batch file that contains the following and schedule it to
run at client logon through GPO
@echo off
reg add HKLM\SOFTWARE\Microsoft\Ole /v EnableDCOM /t REG_SZ /d "Y" /f
reg add HKLM\SOFTWARE\Microsoft\Ole /v LegacyAuthenticationLevel /t
REG_DWORD /d "2" /f
reg add HKLM\SOFTWARE\Microsoft\Ole /v LegacyImpersonationLevel /t
REG_DWORD /d "3" /f
exit
STEP 2: Edit the "Default Domain Policy" GPO so that
unsolicited incoming messages from the server are allowed
Computer configuration
----Administrative Templates
------Network
---------Network Connections
-----------Windows Firewall
--------------Domain Profile
---------------Windows Firewall: Allow remote administration exception
------------------Allow unsolicited incoming messages from: IP Address
of SBS server
|