'Script to Configure Scan Settings for ManageEngine ServiceDeskPlus (or) ManageEngine AssetExplorer
'===================================================================================================


'WARNING:
'********
'	This script Edits Windows Registry to configure the Settings required for scanning through WMI
'	It is highly recomended to test the script in a Test Computer before rolling it across a Network




'Section 1: To Configure Basic Remote DCOM Settings
'==================================================
'	a. ENABLE Remote DCOM 
'	b. DCOM Authentication Level set as DEFAULT
'	c. DCOM Impersonation Level as IMPERSONATE	

Set WSHShell = WScript.CreateObject("WScript.Shell")

'To Enable Remote DCOM in the computer
WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Ole\EnableDCOM","Y","REG_SZ"

'To Enable Remote DCOM via HTTP in the computer
WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Ole\EnableDCOMHTTP","Y","REG_SZ"

'To Set Authentication Leval as Default
WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Ole\LegacyAuthenticationLevel",0,"REG_DWORD"

'To Set Impersonation level as Impersonate
WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Ole\LegacyImpersonationLevel",3,"REG_DWORD"



'Section 2: To Configure Windows XP (SP2) Settings
'=================================================
'	a. DISABLE Simple File Sharing 
'	b. ENABLE RemoteAdmin in Firewall for Standard and Current Profile
'	   (RemoteAdmin will take care of Ports required by WMI for scanning)


'To Configure Windows XP
Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")

Set colServiceList = objWMIService.ExecQuery("Select * from Win32_OperatingSystem")
For Each objService in colServiceList
   osName = objService.Caption
Next

Set colServiceList = objWMIService.ExecQuery("Select * from Win32_Service where Name = 'SharedAccess'")
For Each objService in colServiceList
   State=objService.State
Next

'To configure only for Windows XP Workstations
if osName="Microsoft Windows XP Professional" Then

   'To Disable Simple File Sharing Security
   WshShell.RegWrite "HKLM\SYSTEM\CurrentControlSet\Control\Lsa\forceguest",0,"REG_DWORD"

   if State="Running" Then
         'To Enable Remote Admin in Firewall
         Set objFirewall = CreateObject("HNetCfg.FwMgr")

	 'For Current Profile
         Set objPolicy = objFirewall.LocalPolicy.CurrentProfile
         Set objAdminSettings = objPolicy.RemoteAdminSettings
         objAdminSettings.Enabled = TRUE
	 
	 'For Standard Profile
         set objPolicyStdProfile = objFirewall.LocalPolicy.GetProfileByType(1)
         Set objAdminSettingsStdProfile = objPolicy.RemoteAdminSettings
         objAdminSettingsStdProfile.Enabled = TRUE
   end If

end If