'Script to Configure Scan Settings for ManageEngine Desktop Central and Install's Desktop Central Agent '======================================================================================================= 'WARNING: '******** ' This script Edits Windows Registry to configure the Settings required for scanning through WMI ' It is highly recomended to test the script in a Test Computer before rolling it across a Network 'Section 1: To Configure Basic Remote DCOM Settings '================================================== ' a. ENABLE Remote DCOM ' b. DCOM Authentication Level set as DEFAULT ' c. DCOM Impersonation Level as IMPERSONATE Set WSHShell = WScript.CreateObject("WScript.Shell") 'To Enable Remote DCOM in the computer WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Ole\EnableDCOM","Y","REG_SZ" 'To Enable Remote DCOM via HTTP in the computer WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Ole\EnableDCOMHTTP","Y","REG_SZ" 'To Set Authentication Leval as Default WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Ole\LegacyAuthenticationLevel",0,"REG_DWORD" 'To Set Impersonation level as Impersonate WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Ole\LegacyImpersonationLevel",3,"REG_DWORD" 'Section 2: To Configure Windows XP (SP2) Settings '================================================= ' a. DISABLE Simple File Sharing ' b. ENABLE RemoteAdmin in Firewall for Standard and Current Profile ' (RemoteAdmin will take care of Ports required by WMI for scanning) 'To Configure Windows XP Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2") Set colServiceList = objWMIService.ExecQuery("Select * from Win32_OperatingSystem") For Each objService in colServiceList osName = objService.Caption Next Set colServiceList = objWMIService.ExecQuery("Select * from Win32_Service where Name = 'SharedAccess'") For Each objService in colServiceList State=objService.State Next 'To configure only for Windows XP Workstations if osName="Microsoft Windows XP Professional" Then 'To Disable Simple File Sharing Security WshShell.RegWrite "HKLM\SYSTEM\CurrentControlSet\Control\Lsa\forceguest",0,"REG_DWORD" if State="Running" Then 'To Enable Remote Admin in Firewall Set objFirewall = CreateObject("HNetCfg.FwMgr") 'For Current Profile Set objPolicy = objFirewall.LocalPolicy.CurrentProfile Set objAdminSettings = objPolicy.RemoteAdminSettings objAdminSettings.Enabled = TRUE 'For Standard Profile set objPolicyStdProfile = objFirewall.LocalPolicy.GetProfileByType(1) Set objAdminSettingsStdProfile = objPolicy.RemoteAdminSettings objAdminSettingsStdProfile.Enabled = TRUE end If end If 'Section 3: To add File and Printer Sharing in Windows Firewall Exception '========================================================================= WshShell.Run "netsh firewall set service type = FILEANDPRINT mode = ENABLE scope = ALL profile = ALL", 0 '****************************************************************************************************** 'Section 4 : To install agent with the share path given as argument '==================================================================== On Error Resume Next ' Get Location and arguments of the script currdir = WSCript.Arguments.Item(0) agentVersion = WshShell.RegRead("HKEY_LOCAL_MACHINE\Software\AdventNet\DesktopCentral\DCAgent\DCAgentVersion") if Err Then Err.Clear wshshell.Run "msiexec.exe /i """&currdir&""" ENABLESILENT=yes REBOOT=ReallySuppress /qn",0,True End If '*******************************************************************************************************************