Enabling Windows 7 machine
Getting it running in all cases does require some adjustments if the Windows domain has not been configured to allow WMI or remote administration. If a machine doesn't respond to Spiceworks (but most of your domain does), you can run the commands: (see further on for the group policy entries if your entire domain is unresponsive)
netsh advfirewall firewall set rule group="windows management instrumentation (wmi)" new enable=yes
netsh advfirewall firewall set rule group="remote administration" new enable=yes
These enable the WMI and Remote Admin ports. In some cases, Windows 7 won't have the remote administration group set up yet. The easiest way to address this is using the depreciated XP style commands:
netsh firewall set service remoteadmin enable
netsh firewall set service remoteadmin enable subnet
These will enable the remote admin group. Then re-run the first set of commands.
The best way to address the issue once and for all is via group policy. Find the group policy that applies to the desktops to be managed and ensure the following rules are applied:
- In the Administrative Templates (Computer Configuration \ Policies \ Administrative Templates) \ Network \ Network Connections \ Windows Firewall \ Domain Profile \ :
- Allow ICMP Exceptions: Enabled
- Allow Inbound Remote Administration Exceptions: Enabled
- Allow Inbound Remote Desktop: Enabled
- RDP Connections: (Windows Components \ Remote Desktop Services \ Remote Desktop Session Host \ Connections)
- Allow users to connect remotely using Remote Desktop Services: Enabled
- WinRM: (Windows Components \ Windows Remote Management (WinRM) \ WinRM Servcie)
- Allow automatic configuration of listeners: Enabled; IPv4: * (this is a wildcard address)