Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • EnableDCOMnWMI-v1 4

    Încărcat de

    alaaalii
    178 vizualizări12 pagini
    This script was created for a very specific purpose to a customer. It configures Windows DCOM and WMI settings with certain permissions that are needed for IBM Security QRadar SIEM to be able to pull logs. This script has been uploaded to my LinkedIn profile to showcase my work. It is by no means in its best structure, but I wanted to upload it anyways. The script won't run unless there are two executables in its same directory: DComPerm.exe - used to change the DCOM permissions on Windows WmiSecurity.exe - used to change WMI security settings on Windows Here is what the script will do: - It will log everything to a file called "WMI-script-log_%LF%_%TT%.txt" in the same directory you are running the script from. - It will add a specified user (see SET USER=DOMAIN\USER) to the local administrators group. - It will check if the "Remote Registry", "Server", and "Windows Management Instrumentation" services are running, and will prompt you to enable them if they are not running. - It will check to see if the Start option for the above services is set to "Automatic". If it isn't, it will prompt you to configure them to automatically start. - It will check if DCOM is enabled, and will prompt you to enable it if it's not. - It will check if the DCOM Default Authentication Level is set to "Connect", and will prompt you to set it to that if it's not. - It will check if the DCOM Default Impersonation Level is set to "Identify", and will prompt you to set it to that if it's not. - It will check if the DCOM Default Protocols includes "Connection-oriented TCP/IP", and will prompt you to set it to that if it's not. - It will give DCOM permissions to the Administrators group. - It will give WMI permissions to the Administrators group.

    Titlu original

    EnableDCOMnWMI-v1.4

    Drepturi de autor

    © Attribution Non-Commercial (BY-NC)

    Formate disponibile

    TXT, PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document
    This script was created for a very specific purpose to a customer. It configures Windows DCOM and WMI settings with certain permissions that are needed for IBM Security QRadar SIEM to be able to pull logs. This script has been uploaded to my LinkedIn profile to showcase my work. It is by no means in its best structure, but I wanted to upload it anyways. The script won't run unless there are two executables in its same directory: DComPerm.exe - used to change the DCOM permissions on Windows WmiSecurity.exe - used to change WMI security settings on Windows Here is what the script will do: - It will log everything to a file called "WMI-script-log_%LF%_%TT%.txt" in the same directory you are running the script from. - It will add a specified user (see SET USER=DOMAIN\USER) to the local administrators group. - It will check if the "Remote Registry", "Server", and "Windows Management Instrumentation" services are running, and will prompt you to enable them if they are not running. - It will check to see if the Start option for the above services is set to "Automatic". If it isn't, it will prompt you to configure them to automatically start. - It will check if DCOM is enabled, and will prompt you to enable it if it's not. - It will check if the DCOM Default Authentication Level is set to "Connect", and will prompt you to set it to that if it's not. - It will check if the DCOM Default Impersonation Level is set to "Identify", and will prompt you to set it to that if it's not. - It will check if the DCOM Default Protocols includes "Connection-oriented TCP/IP", and will prompt you to set it to that if it's not. - It will give DCOM permissions to the Administrators group. - It will give WMI permissions to the Administrators group.

    Drepturi de autor:

    Attribution Non-Commercial (BY-NC)
    Descărcați ca TXT, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    178 vizualizări12 pagini

    EnableDCOMnWMI-v1 4

    Încărcat de

    alaaalii
    This script was created for a very specific purpose to a customer. It configures Windows DCOM and WMI settings with certain permissions that are needed for IBM Security QRadar SIEM to be able to pull logs. This script has been uploaded to my LinkedIn profile to showcase my work. It is by no means in its best structure, but I wanted to upload it anyways. The script won't run unless there are two executables in its same directory: DComPerm.exe - used to change the DCOM permissions on Windows WmiSecurity.exe - used to change WMI security settings on Windows Here is what the script will do: - It will log everything to a file called "WMI-script-log_%LF%_%TT%.txt" in the same directory you are running the script from. - It will add a specified user (see SET USER=DOMAIN\USER) to the local administrators group. - It will check if the "Remote Registry", "Server", and "Windows Management Instrumentation" services are running, and will prompt you to enable them if they are not running. - It will check to see if the Start option for the above services is set to "Automatic". If it isn't, it will prompt you to configure them to automatically start. - It will check if DCOM is enabled, and will prompt you to enable it if it's not. - It will check if the DCOM Default Authentication Level is set to "Connect", and will prompt you to set it to that if it's not. - It will check if the DCOM Default Impersonation Level is set to "Identify", and will prompt you to set it to that if it's not. - It will check if the DCOM Default Protocols includes "Connection-oriented TCP/IP", and will prompt you to set it to that if it's not. - It will give DCOM permissions to the Administrators group. - It will give WMI permissions to the Administrators group.

    Drepturi de autor:

    Attribution Non-Commercial (BY-NC)
    Descărcați ca TXT, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 12

    @echo off SET SET SET SET LF=%date% LF=%LF:/=-% TT=%Time::=-% LF=WMI-script-log_%LF%_%TT%.

    txt

    :: EnableDCOMnWMI-v1.4.bat :: :: Created by Alaa Ali (contact.alaa@gmail.com) www.linkedin.com/in/alaaalii :: :: DO NOT run this script unless you have read it through completely and know ex actly what it does. :: Run it at your own risk. :: :: This script was created for a very specific purpose to a customer. It configu res Windows DCOM and WMI :: settings with certain permissions that are needed for IBM Security QRadar SIE M to be able to pull logs. :: :: This script has been uploaded to my LinkedIn profile to showcase my work. :: It is by no means in its best structure, but I wanted to upload it anyways. :: :: The script won't run unless there are two executables in its same directory: :: DComPerm.exe - used to change the DCOM permissions on Windows :: WmiSecurity.exe - used to change WMI security settings on Windows :: :: Here is what the script will do: :: - It will log everything to a file called "WMI-script-log_%LF%_% TT%.txt" in the same directory you :: are running the script from. :: - It will add a specified user (see SET USER=DOMAIN\USER) to the local a dministrators group. :: - It will check if the "Remote Registry", "Server", and "Windows Managem ent Instrumentation" :: services are running, and will prompt you to enable them if they are not running. :: - It will check to see if the Start option for the above service s is set to "Automatic". If it isn't, :: it will prompt you to configure them to automatically start. :: - It will check if DCOM is enabled, and will prompt you to enable it if it's not. :: - It will check if the DCOM Default Authentication Level is set to "Conn ect", and will prompt you to :: set it to that if it's not. :: - It will check if the DCOM Default Impersonation Level is set to "Ident ify", and will prompt you to :: set it to that if it's not. :: - It will check if the DCOM Default Protocols includes "Connection-orien ted TCP/IP", and will prompt you to :: set it to that if it's not. :: - It will give DCOM permissions to the Administrators group. :: - It will give WMI permissions to the Administrators group. :: :: echo Created by Alaa Ali (contact.alaa@gmail.com) www.linkedin.com/in/alaaalii echo. echo EnableDCOMnWMI-v1.4.bat echo. echo DO NOT run this script unless you have read it through completely and know

    exactly what it does. echo Run it at your own risk. echo. echo Please open up the script in an editor and read the description before runn ing it. echo. echo.%Date% >>"%LF%" echo.%Time% >>"%LF%" echo. >>"%LF%" call :starthere >>"%LF%" 2>&1 exit /b 0 :starthere echo Enter "Y" to continue: > CON echo. set /p firstinput="Enter "Y" to continue: " echo %firstinput% IF '%firstinput%'=='Y' goto firstcontinue IF not '%firstinput%'=='Y' goto quitscript :firstcontinue echo. :: set the user here. Syntax: DOMAIN\USER SET USER=DOMAIN\USER SET ADMINGROUP=%computername%\Administrators :: Checking if %USER% is in the administrators group. echo Checking if %USER% is in the administrators group: echo -----------------------------------------------------------net localgroup administrators | find "%USER%" > NUL IF ERRORLEVEL 1 goto admin-prompt IF ERRORLEVEL 0 goto admin-done :admin-prompt echo %USER% is not in the local administrators group. Enter "Y" to add the user to the local administrators group: > CON echo. > CON set /p admininp="%USER% is not in the local administrators group. Enter "Y" to a dd the user to the local administrators group: " echo %admininp% IF '%admininp%'=='Y' goto admininpY IF not '%admininp%'=='Y' goto quitscript :admininpY :: Adding the user to the administrators group. echo Adding the user to the administrators group: net localgroup administrators "%USER%" /add > NUL net localgroup administrators | find "%USER%" > NUL IF ERRORLEVEL 1 goto notinadmin echo "%USER%" has been successfully added to the local administrators group. [OK ] echo. > CON echo "%USER%" has been successfully added to the local administrators group. [OK ] > CON echo. > CON

    echo Continuing script... > CON echo. > CON goto continue1 :admin-done echo "%USER%" is in the admin group. [OK] :continue1 echo. :: Checking if services are running. echo Checking if required services are running: echo -----------------------------------------sc query RemoteRegistry | find "STATE" | find "RUNNING" > NUL IF ERRORLEVEL 1 goto remotereg-prompt IF ERRORLEVEL 0 goto remotereg-done :remotereg-prompt echo Remote Registry service is not enabled. Enter "Y" to enable it: > CON echo. > CON set /p remotereginp="Remote Registry service is not enabled. Enter "Y" to enable it: " echo %remotereginp% IF '%remotereginp%'=='Y' goto remotereginpY IF not '%remotereginp%'=='Y' goto quitscript :remotereginpY :: Starting "Remote Registry" service, and setting it to auto start. echo Starting "Remote Registry" service: sc start RemoteRegistry > NUL IF ERRORLEVEL 1 goto remotereg-nr echo "Remote Registry" service has been successfully started. [OK] echo. > CON echo "Remote Registry" service has been successfully started. [OK] > CON echo. > CON echo Continuing script... > CON echo. > CON goto continue2 :remotereg-done echo "Remote Registry" service is running. [OK] :continue2 echo. sc query LanmanServer | find "STATE" | find "RUNNING" > NUL IF ERRORLEVEL 1 goto server-prompt IF ERRORLEVEL 0 goto server-done :server-prompt echo Server service is not enabled. Enter "Y" to enable it: > CON echo. > CON set /p serverinp="Server service is not enabled. Enter "Y" to enable it: " echo %serverinp% IF '%serverinp%'=='Y' goto serverinpY IF not '%serverinp%'=='Y' goto quitscript

    :serverinpY :: Starting "Server" service, and setting it to auto start. echo Starting "Server" service: sc start LanmanServer > NUL IF ERRORLEVEL 1 goto server-nr echo "Server" service has been successfully started. [OK] echo. > CON echo "Server" service has been successfully started. [OK] > CON echo. > CON echo Continuing script... > CON echo. > CON goto continue3 :server-done echo "Server" service is running. [OK] :continue3 echo. sc query Winmgmt | find "STATE" | find "RUNNING" > NUL IF ERRORLEVEL 1 goto wmi-prompt IF ERRORLEVEL 0 goto wmi-done :wmi-prompt echo WMI service is not enabled. Enter "Y" to enable it: > CON echo. > CON set /p wmiinp="WMI service is not enabled. Enter "Y" to enable it: " echo %wmiinp% IF '%wmiinp%'=='Y' goto wmiinpY IF not '%wmiinp%'=='Y' goto quitscript :wmiinpY :: Starting "Windows Management Instrumentation (WMI)" service, and setting it t o auto start. echo Starting "WMI" service: sc start Winmgmt > NUL IF ERRORLEVEL 1 goto wmi-nr echo "WMI" service has been successfully started. [OK] echo. > CON echo "WMI" service has been successfully started. [OK] > CON echo. > CON echo Continuing script... > CON echo. > CON goto continue4 :wmi-done echo "Windows Management Instrumentation (WMI)" service is running. [OK] :continue4 echo. :: Checking if services are set to automatically start. echo Checking if required services are set to automatically start: echo -------------------------------------------------------------

    reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteRegistry /v Start | find "0x2" > NUL IF ERRORLEVEL 1 goto remoteregstart-prompt IF ERRORLEVEL 0 goto remoteregstart-done :remoteregstart-prompt echo Remote Registry service is not set to automatically start. Enter "Y" to ena ble it: > CON echo. > CON set /p remoteregstartinp="Remote Registry service is not set to automatically st art. Enter "Y" to enable it: " echo %remoteregstartinp% IF '%remoteregstartinp%'=='Y' goto remoteregstartinpY IF not '%remoteregstartinp%'=='Y' goto quitscript :remoteregstartinpY :: Setting "Remote Registry" service to auto start. echo Setting "Remote Registry" service to auto start: sc config RemoteRegistry start= auto > NUL IF ERRORLEVEL 1 goto remoteregstart-nac echo "Remote Registry" service has been successfully set to autostart. [OK] echo. > CON echo "Remote Registry" service has been successfully set to autostart. [OK] > CO N echo. > CON echo Continuing script... > CON echo. > CON goto continue5 :remoteregstart-done echo "Remote Registry" service is set to automatically start. [OK] :continue5 echo. reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanServer /v S tart | find "0x2" > NUL IF ERRORLEVEL 1 goto serverstart-prompt IF ERRORLEVEL 0 goto serverstart-done :serverstart-prompt echo Server service is not set to automatically start. Enter "Y" to enable it: > CON echo. > CON set /p serverstartinp="Server service is not set to automatically start. Enter " Y" to enable it: " echo %serverstartinp% IF '%serverstartinp%'=='Y' goto serverstartinpY IF not '%serverstartinp%'=='Y' goto quitscript :serverstartinpY :: Setting "Server" service to auto start. echo Setting "Server" service to auto start: sc config LanmanServer start= auto > NUL IF ERRORLEVEL 1 goto serverstart-nac echo "Server" service has been successfully set to autostart. [OK]

    echo. > CON echo "Server" service has been successfully set to autostart. [OK] > CON echo. > CON echo Continuing script... > CON echo. > CON goto continue6 :serverstart-done echo "Server" service is set to automatically start. [OK] :continue6 echo. reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Winmgmt /v Start | find "0x2" > NUL IF ERRORLEVEL 1 goto wmistart-prompt IF ERRORLEVEL 0 goto wmistart-done :wmistart-prompt echo WMI service is not set to automatically start. Enter "Y" to enable it: > CO N echo. > CON set /p wmistartinp="WMI service is not set to automatically start. Enter "Y" to enable it: " echo %wmistartinp% IF '%wmistartinp%'=='Y' goto wmistartinpY IF not '%wmistartinp%'=='Y' goto quitscript :wmistartinpY :: Setting "WMI" service to auto start. echo Setting "WMI" service to auto start: sc config Winmgmt start= auto > NUL IF ERRORLEVEL 1 goto wmistart-nac echo "WMI" service has been successfully set to autostart. [OK] echo. > CON echo "WMI" service has been successfully set to autostart. [OK] > CON echo. > CON echo Continuing script... > CON echo. > CON goto continue7 :wmistart-done echo "WMI" service is set to automatically start. [OK] :continue7 echo. :: Checking DCOM settings echo Checking DCOM settings: echo ----------------------reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole /v EnableDCOM | find "Enable DCOM" | find "Y" > NUL IF ERRORLEVEL 1 goto enabledcom-prompt IF ERRORLEVEL 0 goto enabledcom-done :enabledcom-prompt

    echo DCOM is not enabled. Enter "Y" to enable it: > CON echo. > CON set /p enabledcominp="DCOM is not enabled. Enter "Y" to enable it: " echo %enabledcominp% IF '%enabledcominp%'=='Y' goto enabledcominpY IF not '%enabledcominp%'=='Y' goto quitscript :enabledcominpY :: Enabling DCOM. echo Enabling DCOM: reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole /v EnableDCOM /t REG_SZ /d Y / f > NUL IF ERRORLEVEL 1 goto dcom-ne echo DCOM has been enabled. [OK] echo. > CON echo DCOM has been enabled. [OK] > CON echo. > CON echo Continuing script... > CON echo. > CON goto continue8 :enabledcom-done echo DCOM is enabled. [OK] :continue8 echo. reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole /v LegacyAuthenticationLevel | find "0x2" > NUL IF ERRORLEVEL 1 goto dcomauthlev-prompt IF ERRORLEVEL 0 goto dcomauthlev-done :dcomauthlev-prompt echo DCOM Authentication Level is not correctly set. Enter "Y" to set it correct ly: > CON echo. > CON set /p dcomauthlevinp="DCOM Authentication Level is not correctly set. Enter "Y" to set it correctly: " echo %dcomauthlevinp% IF '%dcomauthlevinp%'=='Y' goto dcomauthlevinpY IF not '%dcomauthlevinp%'=='Y' goto quitscript :dcomauthlevinpY :: Setting DCOM Authentication Level. echo Setting DCOM Authentication Level: reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole /v LegacyAuthenticationLevel / t REG_DWORD /d 2 /f > NUL IF ERRORLEVEL 1 goto auth-nc echo DCOM Authentication Level has been correctly set to "Connect". [OK] echo. > CON echo DCOM Authentication Level has been correctly set to "Connect". [OK] > CON echo. > CON echo Continuing script... > CON echo. > CON goto continue9

    :dcomauthlev-done echo DCOM Authentication Level is correctly set to "Connect". [OK] :continue9 echo. reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole /v LegacyImpersonationLevel | find "0x2" > NUL IF ERRORLEVEL 1 goto dcomimplev-prompt IF ERRORLEVEL 0 goto dcomimplev-done :dcomimplev-prompt echo DCOM Impersonation Level is not correctly set. Enter "Y" to set it correctl y: > CON echo. > CON set /p dcomimplevinp="DCOM Impersonation Level is not correctly set. Enter "Y" t o set it correctly: " echo %dcomimplevinp% IF '%dcomimplevinp%'=='Y' goto dcomimplevinpY IF not '%dcomimplevinp%'=='Y' goto quitscript :dcomimplevinpY :: Setting DCOM Impersonation Level. echo Setting DCOM Impersonation Level: reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole /v LegacyImpersonationLevel /t REG_DWORD /d 2 /f > NUL IF ERRORLEVEL 1 goto imp-nc echo DCOMImpersonation Level has been correctly set to "Identify". [OK] echo. > CON echo DCOM Impersonation Level has been correctly set to "Identify". [OK] > CON echo. > CON echo Continuing script... > CON echo. > CON goto continue10 :dcomimplev-done echo DCOM Impersonation Level is correctly set to "Identify". [OK] :continue10 echo. reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc /v "DCOM Protocols" | find " ncacn_ip_tcp" > NUL IF ERRORLEVEL 1 goto dcomdefproto-prompt IF ERRORLEVEL 0 goto dcomdefproto-done :dcomdefproto-prompt echo DCOM Protocols is not correctly set. Enter "Y" to set it correctly: > CON echo. > CON set /p dcomdefprotoinp="DCOM Protocols is not correctly set. Enter "Y" to set it correctly: " echo %dcomdefprotoinp% IF '%dcomdefprotoinp%'=='Y' goto dcomdefprotoinpY IF not '%dcomdefprotoinp%'=='Y' goto quitscript :dcomdefprotoinpY :: Setting DCOM Default Protocols. echo Setting DCOM Default Protocols:

    reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc /v "DCOM Protocols" /t REG_MUL TI_SZ /d ncacn_ip_tcp /f > NUL IF ERRORLEVEL 1 goto dcomdefproto-nc echo DCOM Protocols has been correctly set to include "Connection-oriented TCP/I P". [OK] echo. > CON echo DCOM Protocols has been correctly set to include "Connection-oriented TCP/I P". [OK] > CON echo. > CON echo Continuing script... > CON echo. > CON goto continue11 :dcomdefproto-done echo DCOM Protocols correctly includes "Connection-oriented TCP/IP". [OK] :continue11 echo. :: Checking DCOM permissions for administrators. echo Checking DCOM permissions for the administrators group: echo ------------------------------------------------------::DComPerm.exe -da list | find "Remote and Local access permitted to BUILTIN\Adm inistrators." > NUL ::IF ERRORLEVEL 1 goto dcomperm-prompt ::IF ERRORLEVEL 0 goto next1 :next1 DComPerm.exe -dl list | find "Remote and Local launch permitted to BUILTIN\Admin istrators." > NUL IF ERRORLEVEL 1 goto dcomperm-prompt IF ERRORLEVEL 0 goto next2 :next2 DComPerm.exe -dl list | find "Remote and Local activation permitted to BUILTIN\A dministrators." > NUL IF ERRORLEVEL 1 goto dcomperm-prompt IF ERRORLEVEL 0 goto dcomperm-done :dcomperm-prompt echo DCOM permissions for the Administrators group is not set correctly. Enter " Y" to set it correctly: > CON echo. > CON set /p dcomperminp="DCOM permissions for the Administrators group is not set cor rectly. Enter "Y" to set it correctly: " echo %dcomperminp% IF '%dcomperminp%'=='Y' goto dcomperminpY IF not '%dcomperminp%'=='Y' goto quitscript :dcomperminpY :: Setting DCOM permissions. echo Setting DCOM permissions: DComPerm.exe -dl set "BUILTIN\Administrators" permit level:ll,la,rl,ra > NUL IF ERRORLEVEL 1 goto dcomperm-nc DComPerm.exe -da set "BUILTIN\Administrators" permit level:l,r > NUL

    IF ERRORLEVEL 1 goto dcomperm-nc echo DCOM permissions have been successfully set. [OK] echo. > CON echo DCOM permissions have been successfully set. [OK] > CON echo. > CON echo Continuing script... > CON echo. > CON goto continue12 :dcomperm-done echo DCOM permissions are correctly set. [OK] :continue12 echo. :: Checking WMI access for administrators echo Checking WMI permissions for the administrators group: echo -----------------------------------------------------WmiSecurity.exe /C="%computername%" /N=Root/CIMV2 | find "(A;CIID;CCDCLCSWRPWPRC WD;;;BA)" > NUL IF ERRORLEVEL 1 goto wmiperm-err IF ERRORLEVEL 0 goto wmiperm-done :wmiperm-err ::WmiSecurity.exe /C="%computername%" /A /N=Root/CIMV2 /M="%USER%:FULL" /R echo WMI permissions are not correctly set. Please go to Start > Run and type "w mimgmt.msc". Expand "Root", highlight "CIMV2" and click on the "Security" button . Then, add the Administrators group to this list and give it access to everythi ng except "Special Permissions". echo WMI permissions are not correctly set. Please go to Start > Run and type "w mimgmt.msc". Expand "Root", highlight "CIMV2" and click on the "Security" button . Then, add the Administrators group to this list and give it access to everythi ng except "Special Permissions". > CON goto wmiperm-quit :wmiperm-done echo WMI permissions are correctly set. [OK] :continue13 echo. :continuelast echo. echo Done! echo The script has checked all the settings. echo You are now ready to configure IBM QRadar to pull logs from this machine. echo. > CON echo Done! > CON echo The script has checked all the settings. > CON echo You are now ready to configure IBM Security QRadar to pull logs from this m achine. > CON echo Press any key to end this script and close this window. echo Press any key to end this script and close this window. > CON pause exit

    :notinadmin echo "%USER%" was not added to the local administrators group. echo "%USER%" was not added to the local administrators group. > CON goto end :remotereg-nr echo "Remote Registry" service is not running. echo "Remote Registry" service is not running. > CON goto end :remoteregstart-nas echo "Remote Registry" service is not set to automatically start. echo "Remote Registry" service is not set to automatically start. > CON goto end :server-nr echo "Server" service is not running. echo "Server" service is not running. > CON goto end :serverstart-nas echo "Server" service is not set to automatically start. echo "Server" service is not set to automatically start. > CON goto end :wmi-nr echo "Windows Management Instrumentation (WMI)" service is not running. echo "Windows Management Instrumentation (WMI)" service is not running. > CON goto end :wmistart-nas echo "Windows Management Instrumentation (WMI)" service is not set to automatica lly start. echo "Windows Management Instrumentation (WMI)" service is not set to automatica lly start. > CON goto end :dcom-ne echo DCOM is not enabled. echo DCOM is not enabled. > CON goto end :auth-nc echo The DCOM Default Authentication Level is not set to "Connect". echo The DCOM Default Authentication Level is not set to "Connect". > CON goto end :imp-nc echo The DCOM Default Impersonation Level is not set to "Identify". echo The DCOM Default Impersonation Level is not set to "Identify". > CON goto end :dcomdefproto-nc echo The DCOM Default Protocols setting does not contain "Connection-oriented TC P/IP". echo The DCOM Default Protocols setting does not contain "Connection-oriented TC P/IP". > CON goto end :dcomperm-nc

    echo The DCOM permissions were not set correctly. An error occured. echo The DCOM permissions were not set correctly. An error occured. > CON goto end :regkey-nc echo The ownership of the registry key could not be changed to Administrators. echo The ownership of the registry key could not be changed to Administrators. > CON goto end :regkey2-nc echo The ownership of the registry key could not be changed to Administrators. echo The ownership of the registry key could not be changed to Administrators. > CON goto end :wmiperm-quit echo Quiting script. goto pausing :quitscript echo. echo. > CON echo You did not enter "Y". Quiting script. echo You did not enter "Y". Quiting script. > CON goto end :end echo. echo. > CON echo An error has occured. The script will now exit. Please refer to the log fil e created in the same directory. echo An error has occured. The script will now exit. Please refer to the log fil e created in the same directory. > CON echo Press any key to end! echo Press any key to end! > CON :pausing pause exit

    S-ar putea să vă placă și