Port requirements for remote shutdown using 'shutdown -s -m \\servername'

Discussion in 'Server Security' started by Joe, Jun 24, 2006.

  1. Joe

    Joe Guest

    I am trying to figure out what ports need to be open in Windows Firewall for
    the shutdown command to work. it would be helpful to have the ability to
    remotely shutdown servers that dont have monitors or kvms.

    If I disable Windows Firewall completely, the shutdown command works as
    expected, but that is a less then optimal solution :)

    Joe, Jun 24, 2006
    1. Advertisements

  2. It is using RPC calls. So unless you have tunneled RPC through or fixed
    the RPC ports you need several well known ports plus the range of 1024-*
    open which is not worth doing really.

    Joe Richards Microsoft MVP Windows Server Directory Services
    Author of O'Reilly Active Directory Third Edition

    ---O'Reilly Active Directory Third Edition now available---

    Joe Richards [MVP], Jun 24, 2006
    1. Advertisements

  3. In group policy under the adm templates for networking you will find
    the adm template for the firewall, and in there an exemption for "remote
    management". If you enable this, and scope it down to only the needed
    origin IPs, then you can use WMI and other for remote management
    from those IPs. You should be able to find WMI based shutdown
    scripts, if what you are trying is itself not enabled by this exception.
    Roger Abell [MVP], Jun 25, 2006
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.