Safer and Faster Windows Workstations: Easily remove file and printer sharing and client for MS Networks


Safer and faster Windows Workstations: Easily remove file and printer sharing and client for MS Networks.

When using Novell ZENworks to manage users desktops on Windows machines, File and Printer sharing, and the Client for Microsoft Networks are unnecessary. Not only that, they present a huge security-risk on Windows workstations, and cause unwanted network traffic.

How to easily get rid of these services? Deployment tools like nLite only allow to remove QoS package scheduling (which should give a slight speed bonus), but do not allow removal of forementioned services. There don't seem to be registry-hacks that accomplish the trick, and making a snAPPshot of turning them off has adverse, and hard to restore effects.

However, there is a 12kb piece of software, apparently included in the Windows 2000 DDK (drivers development Kit), and with Windows Preinstall Development kits, called ntcfg.exe or snetcfg_wxp.exe, that can easily uninstall (and reïnstall if necessary) these services from the commandline. That means that you can script this process in an unattended install. We uninstalled a total of 8 superfluous services, using the following commands:

snetcfg_wxp -u ms_msclient
snetcfg_wxp -u ms_swzcsvc
snetcfg_wxp -u ms_server
snetcfg_wxp -u ms_rassrv
snetcfg_wxp -u ms_rascli
snetcfg_wxp -u ms_webclient

These uninstall the MS Client, Wireless Zero Config, File and Printer sharing, Dial-up protocolls, and the MS webclient. These services can be reenabled using the switch -c s -i instead of -u.

After extensive testing we found no adverse effect, a slight increase in speed, and we expect our workstations to be a lot less vulnerable to virus attacks and hack attempts.


How To-Best Practice
Comment List