Computer step by step
 Make your Pc better
Description:  

Allows inbound file and printer sharing. To do this, Windows Firewall opens UDP ports 137 and 138, and TCP
ports 139 and 445.

If you enable this policy setting, Windows Firewall opens these ports so that this computer can receive print
jobs and requests for access to shared files. You must specify the IP addresses or subnets from which these
incoming messages are allowed. In the Windows Firewall component of Control Panel, the "File and Printer
Sharing" check box is selected and administrators cannot clear it.

If you disable this policy setting, Windows Firewall blocks these ports, which prevents this computer from
sharing files and printers. If an administrator attempts to open any of these ports by adding them to a local
port exceptions list, Windows Firewall does not open the port. In the Windows Firewall component of Control
Panel, the "File and Printer Sharing" check box is cleared and administrators cannot select it.

If you do not configure this policy setting, Windows Firewall does not open these ports. Therefore, the
computer cannot share files or printers unless an administrator uses other policy settings to open the
required ports. In the Windows Firewall component of Control Panel, the "File and Printer Sharing" check box
is cleared. Administrators can change this check box.

Note: If any policy setting opens TCP port 445, Windows Firewall allows inbound ICMP echo requests (the
message sent by the Ping utility), even if the "Windows Firewall: Allow ICMP exceptions" policy setting would
block them. Policy settings that can open TCP port 445 include "Windows Firewall: Allow inbound file and
printer sharing exception," "Windows Firewall: Allow inbound remote administration exception," and
"Windows Firewall: Define inbound port exceptions."

Supported on: At least Windows XP Professional with SP2.
Windows Firewall: Allow inbound file and
printer sharing exception
Description Gpedit Regedit CMD Back VBScript PowerShell Script
Gpedit:   

Please perform the following steps:

Please go to Pearl button (Start) and click on the Search programs and files
For more information about the change from Start to Pearl button click here
Type gpedit.msc and press Enter
In the Group Policy window please navigate to Computer Configuration -> Administrative Templates ->
Network -> Network Connections -> Windows Firewall -> Domain Profile and open Windows Firewall:
Allow inbound file and printer sharing exception
.
Not Configured -> is the Default state
Enabled -> apply this GPO
Disabled -> this GPO will not be applied

To finish press ok button and close Group Policy window.
Description Gpedit Regedit CMD Up Back VBScript
Type regedit and press ok
Please confirm User Account Control pop-up
Microsoft official disclaimer

Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by
using another method. These problems might require that you reinstall the operating system. Microsoft
cannot guarantee that these problems can be solved. Modify the registry at your own risk.

Note: This registry key is created by Group Policy when this GPO is Enable or Disable. The GPO Default state
is Not Configured -> this registry entry is not present.

Please navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall
\DomainProfile\Services
and locate:
Enabled registry key
RemoteAddresses registry key
Regedit:          

Please perform the following steps:

Please go to Pearl button (Start) and click on the Search programs and files
For more information about the change from Start to Pearl button click here
Description Gpedit Regedit CMD Up Back VBScript PowerShell Script PowerShell Script
   
   
Double click on Enabled and edit the value:

To Enable:
Change the data value with:
Enabled = 1
RemoteAddresses = "10.0.0.1,10.0.0.2,localsubnet,10.3.4.0/24"

To Disable:
Change the data value with:
Enabled = 0

To finish press ok button and close Registry Editor window

Note: Manual editing of this registry key will not be reflected in Group Policy. If you modify this GPO from
Group Policy this registry key will be rewritten.
Description Gpedit Regedit Back CMD VBScript Up
Type cmd, right click on cmd icon under the Programs and click on Run as administrator
Please confirm User Account Control pop-up
Please select, right and copy a registry key from below, then right click on command prompt window
, select Paste and press Enter

Enabled:
REG add "HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\FileAndPrint" /v Enabled /t REG_DWORD /d 1 /f
REG add "HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\FileAndPrint" /v RemoteAddresses /t REG_SZ /d "10.0.0.1,10.0.0.2,localsubnet,10.3.4.0/24" /f

Disabled:
REG add "HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\FileAndPrint" /v Enabled /t REG_DWORD /d 0 /f

Not Configured:
REG DELETE "HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\FileAndPrint" /v Enabled /f
REG DELETE "HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\FileAndPrint" /v RemoteAddresses /f

Note: Manual editing of this registry key will not be reflected in Group Policy. If you modify this GPO from
Group Policy this registry key will be rewritten.
CMD:          

Please perform the following steps:

Please go to Pearl button (Start) and click on the Search programs and files
For more information about the change from Start to Pearl button click here
PowerShell Script
   
Description Gpedit Regedit Back CMD VBScript Up
VBScript:          

Const HKEY_LOCAL_MACHINE = &H80000002
strComputer = "."
Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & _
strComputer & "\root\default:StdRegProv")

strKeyPath = "SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\FileAndPrint"
oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath
strValueName1 = "Enabled"
strValueName2 = "RemoteAddresses"
'Enabled
dwValue = 1
strValue = cstr("10.0.0.1,10.0.0.2,localsubnet,10.3.4.0/24")
'Disabled
'dwValue = 0
oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName1,dwValue
oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName2,strValue
'Not Configured
'oReg.DeleteValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName1
'oReg.DeleteValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName2
Description Gpedit Regedit Back CMD VBScript Up
PowerShell Script :          

Enabled\Disabled

$RegKey = "HKLM:\SOFTWARE\Policies\Microsoft"
If(Test-Path ($RegKey + "\WindowsFirewall"))
{
$RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall"
If(Test-Path ($RegKey + "\DomainProfile"))
{
 $RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile"
 If(Test-Path ($RegKey + "\Services"))
 {
  $RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services"
  If(Test-Path ($RegKey + "\FileAndPrint"))
  {
   $RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\FileAndPrint"
   ##Enabled
   New-ItemProperty -path $RegKey -name Enabled -value 1 -PropertyType DWord -Force
   New-ItemProperty -path $RegKey -name RemoteAddresses -value "10.0.0.1,10.0.0.2,localsubnet,10.3.4.0/24" -PropertyType String -Force
   ##Disabled
   ##New-ItemProperty -path $RegKey -name Enabled -value 0 -PropertyType DWord -Force
  }
  else
  {
   New-Item -path $RegKey -name FileAndPrint
   $RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\FileAndPrint"
   ##Enabled
   New-ItemProperty -path $RegKey -name Enabled -value 1 -PropertyType DWord -Force
   New-ItemProperty -path $RegKey -name RemoteAddresses -value "10.0.0.1,10.0.0.2,localsubnet,10.3.4.0/24" -PropertyType String
   ##Disabled
   ##New-ItemProperty -path $RegKey -name Enabled -value 0 -PropertyType DWord -Force
  }
 }
 else
 {
  New-Item -path $RegKey -name Services
  $RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services"
  New-Item -path $RegKey -name FileAndPrint
  $RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\FileAndPrint"
  ##Enabled
  New-ItemProperty -path $RegKey -name Enabled -value 1 -PropertyType DWord -Force
  New-ItemProperty -path $RegKey -name RemoteAddresses -value "10.0.0.1,10.0.0.2,localsubnet,10.3.4.0/24" -PropertyType String
  ##Disabled
  ##New-ItemProperty -path $RegKey -name Enabled -value 0 -PropertyType DWord -Force
 }
 }
else
{
 New-Item -path $RegKey -name DomainProfile
 $RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile"
 New-Item -path $RegKey -name Services
 $RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services"
 New-Item -path $RegKey -name FileAndPrint
 $RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\FileAndPrint"
 ##Enabled
 New-ItemProperty -path $RegKey -name Enabled -value 1 -PropertyType DWord -Force
 New-ItemProperty -path $RegKey -name RemoteAddresses -value "10.0.0.1,10.0.0.2,localsubnet,10.3.4.0/24" -PropertyType String
 ##Disabled
 ##New-ItemProperty -path $RegKey -name Enabled -value 0 -PropertyType DWord -Force
}
}
else
{
New-Item -path $RegKey -name WindowsFirewall
$RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall"
New-Item -path $RegKey -name DomainProfile
$RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile"
New-Item -path $RegKey -name Services
$RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services"
New-Item -path $RegKey -name FileAndPrint
$RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\FileAndPrint"
##Enabled
New-ItemProperty -path $RegKey -name Enabled -value 1 -PropertyType DWord -Force
New-ItemProperty -path $RegKey -name RemoteAddresses -value "10.0.0.1,10.0.0.2,localsubnet,10.3.4.0/24" -PropertyType String
##Disabled
##New-ItemProperty -path $RegKey -name Enabled -value 0 -PropertyType DWord -Force
}

Not Configured

$RegKey = "HKLM:\SOFTWARE\Policies\Microsoft"
Remove-ItemProperty -Path($RegKey + "\WindowsFirewall\DomainProfile\Services\FileAndPrint") -name Enabled
Remove-ItemProperty -Path($RegKey + "\WindowsFirewall\DomainProfile\Services\FileAndPrint") -name RemoteAddresses
If( (Get-Item -Path($RegKey + "\WindowsFirewall\DomainProfile\Services\FileAndPrint")).ValueCount -eq 0 -and (Get-Item -Path($RegKey + "\WindowsFirewall\DomainProfile\Services\FileAndPrint")).SubKeyCount -eq 0)
{
Remove-Item -Path($RegKey + "\WindowsFirewall\DomainProfile\Services\FileAndPrint")
If( (Get-Item -Path($RegKey + "\WindowsFirewall\DomainProfile\Services")).ValueCount -eq 0 -and (Get-Item -Path($RegKey + "\WindowsFirewall\DomainProfile\Services")).SubKeyCount -eq 0)
{
 Remove-Item -Path($RegKey + "\WindowsFirewall\DomainProfile\Services")
 If( (Get-Item -Path($RegKey + "\WindowsFirewall\DomainProfile")).ValueCount -eq 0 -and (Get-Item -Path($RegKey + "\WindowsFirewall\DomainProfile")).SubKeyCount -eq 0)
 {
  Remove-Item -Path($RegKey + "\WindowsFirewall\DomainProfile")
  If( (Get-Item -Path($RegKey + "\WindowsFirewall")).ValueCount -eq 0 -and (Get-Item -Path($RegKey + "\WindowsFirewall")).SubKeyCount -eq 0)
  {
   Remove-Item -Path($RegKey + "\WindowsFirewall")
  }
 }
}
}
Up Back PowerShell Script PowerShell Script