Kaseya Community

Check Windows Firewall Status

  • I just spent all my free time today developing this script so I thought I would share it. (its like my 2nd Kaseya script...ever...)

    The reason I made it is because my workstations on a network were getting boatloads of these:

    log: application
    Type: error
    event: 15
    Agent Time: 11:30:13 pm 8-Sep-09
    event Time: 6:30:13 am 9-Sep-09 UTC
    Source: AutoEnrollment
    Category: None
    Username: N/A
    Computer: *********
    Description: Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b). The specified domain either does not exist or could not be contacted.
    Enrollment will not be performed.

    I wanted to rule out the Windows Firewall as the cause for these errors but didn't want to connect to 12 desktops just to find out if the Windows Firewall was on. I am not aware of a WMI interface that will indicate the status of the Windows Firewall remotely (the very premise of that idea is opposite that of a sound firewall), but welcome any other suggestions in that way as well as on the construction of this script.

    Anyways, here’s the script (please note that you have to change the destination email address to your preferred email recipient--replace PUTYOUREMAILL@ADDRESSHERE.com):

    Script Name: WindowsFirewallStatus
    Script Description: This script uses netsh to gather the Windows Firewall status and email it to a preconfigured email address. Be sure to modify Step 5 to set the desired email address.


    IF True
    THEN
    Get Variable
    Parameter 1 : 4
    Parameter 2 :
    Parameter 3 : path
    OS Type : 1
    Execute Shell Command
    Parameter 1 : netsh firewall show state >> #path#temp\FirewallStatusWorking.txt
    Parameter 2 : 1
    OS Type : 1
    Execute Shell Command
    Parameter 1 : find "Operational mode" #path#FirewallStatusWorking.txt >> #path#FirewallStatus.txt
    Parameter 2 : 1
    OS Type : 1
    Get Variable
    Parameter 1 : 1
    Parameter 2 : #path#temp\FirewallStatus.txt
    Parameter 3 : attachme
    OS Type : 1
    Send Email
    Parameter 1 : PUTYOUREMAILL@ADDRESSHERE.com
    Parameter 2 : Windows Firewall Status
    Parameter 3 : #attachme#
    OS Type : 1
    Delete File
    Parameter 1 : #path#temp\FirewallStatus.txt
    OS Type : 1
    Delete File
    Parameter 1 : #path#temp\FirewallStatusWorking.txt
    OS Type : 1
    Write Script Log Entry
    Parameter 1 : FirewallStatus.txt written successfully. Email Sent to PUTYOUREMAILL@ADDRESSHERE.com
    OS Type : 1
    ELSE
    Write Script Log Entry
    Parameter 1 : WindowsFirewallStatus Script failed.
    OS Type : 0

    Legacy Forum Name: Check Windows Firewall Status,
    Legacy Posted By Username: ssplinter
  • I left out the "temp\" in a couple parts of the script. I also have no mention of the machine name or group so I revised the scirpt...
    (be sure to replace for PUTYOUREMAIL@ADDRESSHERE.com):



    Script Name: WindowsFirewallStatus
    Script Description: This script uses netsh to gather the Windows Firewall status and email it to a preconfigured email address. Be sure to modify steps 6 and 9 to set the desired email address.

    IF True
    THEN
    Get Variable
    Parameter 1 : 4
    Parameter 2 :
    Parameter 3 : path
    OS Type : 1
    Execute Shell Command
    Parameter 1 : netsh firewall show state >> #path#temp\FirewallStatusWorking.txt
    Parameter 2 : 1
    OS Type : 1
    Execute Shell Command
    Parameter 1 : find "Operational mode" #path#temp\FirewallStatusWorking.txt >> #path#temp\FirewallStatus.txt
    Parameter 2 : 1
    OS Type : 1
    Get Variable
    Parameter 1 : 1
    Parameter 2 : #path#temp\FirewallStatus.txt
    Parameter 3 : attachme
    OS Type : 1
    Get Variable
    Parameter 1 : 6
    Parameter 2 :
    Parameter 3 : MachineID
    OS Type : 1
    Send Email
    Parameter 1 : PUTYOUREMAIL@ADDRESSHERE.com
    Parameter 2 : Windows Firewall Status for #MachineID#
    Parameter 3 : #attachme#
    OS Type : 1
    Delete File
    Parameter 1 : #path#temp\FirewallStatus.txt
    OS Type : 1
    Delete File
    Parameter 1 : #path#temp\FirewallStatusWorking.txt
    OS Type : 1
    Write Script Log Entry
    Parameter 1 : FirewallStatus.txt written successfully. Email Sent to PUTYOUREMAIL@ADDRESSHERE.com.
    OS Type : 1
    ELSE
    Write Script Log Entry
    Parameter 1 : WindowsFirewallStatus Script failed.
    OS Type : 0

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: ssplinter
  • Did you ever figure out what was causing your Error: 15? I have started to see these all of the sudden as well.

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: Gbirk
  • Gbirk
    Did you ever figure out what was causing your Error: 15? I have started to see these all of the sudden as well.


    Usually caused by automatic update not being able contact microsoft update servers.

    Occurrs mainly in networks where proxy connections to the internet are the norm, and or authenticated web access.

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: Commander