I'm looking for a way to push out commands to all workstations. The scenario is as follows:
I often go to environments that I am not familiar with to audit the network. Part of that is a network scan, but to use our specific tools we need to configure a couple of things on every workstation (enable wmi access, enable file and printer sharing, etc.). We have a batch file we can run on every computer, but this solution does not scale well as you can imagine. I've included the commands we run below.
Ideally, there would be a way to push out the batch file to run one time on all computers connected to the domain. Alternatively, we could create a new batch file that creates GPO that does the same things, but this is something that I have not done before.
Any help is really appreciated!
rem Allow the device to be pingable through Windows Firewall
netsh firewall set icmpsetting type=ALL mode=enable
netsh advfirewall firewall add rule name="ICMP Allow incoming V4 echo request" protocol=icmpv4:8,any dir=in action=allow
netsh advfirewall firewall add rule name="ICMP Allow incoming V6 echo request" protocol=icmpv6:8,any dir=in action=allow
rem Turn on File and Printer Sharing
netsh advfirewall firewall set rule group="File and Printer Sharing" new enable=Yes
rem Allow WMI access through Windows Firewall
netsh firewall set service type=remoteadmin mode=enable
netsh advfirewall firewall set rule group="windows management instrumentation (wmi)" new enable=yes
rem Add user account
net user [REDACTED] /add
net localgroup Administrators [REDACTED] /add
Rem Set WMI Permissions
sc sdset SCMANAGER D:(A;;CCLCRPRC;;;AU)(A;;CCLCRPWPRC;;;SY)(A;;KA;;;BA)S:(AU;FA;KA;;;WD)(AU;OIIOFA;GA;;;WD)
ECHO End of script
PAUSE