Windows XP & Service Pack 2


ALL versions of our software are compatible with XP-SP2 or any other firewall (hardware or software), however, you will have to properly configure the firewall to allow the necessary traffic to pass through.

Also, adding the program (DNTU.exe or DWRCC.EXE) to the exceptions list will not work. You must add exceptions for the ports used by the software, and also configure the Scope of each individual port properly in order to connect through the SP2 firewall. Once you properly configured the SP2 firewall, you won't have any problems connecting.

When a remote machine is running XP SP2 (or even SP1 with the ICF Firewall enabled or ANY type of firewall software), then by default this is more than likely blocking the necessary ports required by our software. In order to resolve this issue, you don't have to disable the firewall, however, you will need to modify the default firewall settings.

Basically, all you should have to do is open which ever TCP port that you choose for the Client Agent Service to listen on, and then adjust the Scope in the SP2 firewall to match your network topology (i.e. all Computers, Local Subnet only, or define a custom Scope). The default TCP port used by the software is 6129, however, you can configure the Mini Remote Control program & Mini Remote Client Agent to use any one of the valid 65,000 TCP ports. In the knowledgebase article below we use TCP 11111 just as an example.

Additionally, if you want the ability to remotely install, start, stop, or remove the Mini Remote Client Agent Service, or for the ability for any of DNTU's Views to work properly, then you will also have to Open and define the correct Scope for all the "File & Printer Sharing" ports as well (137-139/445).

Please also make sure to configure the Scope properly for each port you define in the SP2 firewall (i.e. ALL, Same Subnet, or Custom Subnet). This is extremely important, and if you do not configure it properly, then you will not be able to connect.

Also, according to Microsoft configuring the SP2 firewall can be accomplished in many different ways, including pushing out an INF file, via Group Policies, or even via the Command Line. You may also be able to connect to the remote machine using the Mini Remote Control program's RDP (Remote Desktop) functionality, and then make the necessary changes to the Windows Firewall settings, to allow the MRC program to connect. By default when you install SP2, I believe the Remote Desktop ports are already open in the Windows Firewall settings.

Using DameWare Development products in conjunction with XP SP2



However, with regard to retrieving WMI (Windows Management Instrumentation) information from a remote machine, creating the Port Exceptions and adjusting the Scope for those ports is not enough, and there is an additional configuration that you must make in the Windows Firewall in order to retrieve this information. For example, on DNTU’s Properties View, at the bottom of the System Tab, the Bios, System, and Enclosure information is obtained directly from WMI. Also, v5 of the DNTU Exporter now has the ability to retrieve WMI information from remote machines as well.

After doing extensive research, we found that in addition to opening the File & Printer Sharing Port and configuring the Scope properly in the SP2 firewall, there are some additional Group Policy settings that are not configurable via the SP2 firewall GUI in the Control Panel, but you can configure it via the netsh.exe command line utility or via the GPEDIT.MSC Group Policy Editor snap-in.

The netsh.exe syntax is documented in Microsoft's WF_XPSP2.doc (see below), but here is an example:

netsh.exe firewall set service type=remoteadmin mode=enable scope=<scope> profile=<profile>

<scope> = subnet or custom

<profile> = domain or standard


If this computer is a member of a Domain, then use "profile=domain" (do not use the actual DomainName). If it's not a domain computer, you need to change to "profile=standard". Scope can also be set to 'custom' and then you can add custom ip ranges to the command line as well.

WF_XPSP2.doc "Deploying Windows Firewall Settings for Microsoft Windows XP with Service Pack 2" is downloadable from:

If you decide to configure this policy via the GPEDIT.MSC policy editor, it under:

Computer Configuration\Administrative Templates\Network\Network Connections\Windows Firewall\<select either Domain or Standard> Profile Windows Firewall: Allow remote administration exception