Windows XP & Service Pack 2


In order for the DWExporter to be able to contact a remote machine, File & Printer Sharing must be enabled on the remote machine, and the correct Scope will have to be defined and Open for all the "File & Printer Sharing" ports as well (137-139/445) in any Firewall (or Firewall Software) between the local and remote machines.

Please also make sure to configure the Scope properly for each port defined in the SP2 firewall (i.e. ALL, Same Subnet, or Custom Subnet).  This is extremely important, and if it is not configured properly, no connection will be possible.

Also, according to Microsoft, configuring the SP2 firewall can be accomplished in many different ways, including pushing out an INF file, via Group Policies, or even via the Command Line.  You may also be able to connect to the remote machine using the Mini Remote Control program's RDP (Remote Desktop) functionality, and then make the necessary changes to the Windows Firewall settings, to allow the MRC program to connect.  By default when you install SP2, the Remote Desktop ports are already open in the Windows Firewall settings.

Using DameWare Development products in conjunction with XP SP2



With regard to retrieving WMI (Windows Management Instrumentation) information from a remote machine, creating the Port Exceptions and adjusting the Scope for those ports is not enough.  There is an additional configuration that you must make in the Windows Firewall in order to retrieve this information.

After doing extensive research, it was determined that in addition to opening the File & Printer Sharing Ports and configuring the Scope properly in the SP2 firewall, there are some additional Group Policy settings that are not configurable via the SP2 firewall GUI in the Control Panel.  The can be configured via the netsh.exe command line utility or via the GPEDIT.MSC Group Policy Editor snap-in.

The netsh.exe syntax is documented in Microsoft's WF_XPSP2.doc (see below), but here is an example:

netsh.exe firewall set service type=remoteadmin mode=enable scope=<scope> profile=<profile>

<scope> = subnet or custom
<profile> = domain or standard


If this computer is a member of a Domain, then use "profile=domain" (do not use the actual DomainName).  If it's not a domain computer, you need to change to "profile=standard." Scope can also be set to 'custom' and then custom IP ranges can be added to the command line as well.

WF_XPSP2.doc "Deploying Windows Firewall Settings for Microsoft Windows XP with Service Pack 2" is downloadable from:

To configure this policy via the GPEDIT.MSC policy editor, it is located under:

Computer Configuration\Administrative Templates\Network\Network Connections\Windows Firewall\<select either Domain or Standard> Profile Windows Firewall: Allow remote administration exception