服务器开启共享功能
技术问题
服务器开启共享功能
2024-09-10 09:29
服务器开启共享功能
开启共享要确保“Server”“TCP/IP NetBIOS Helper”“Workstation”服务是启动状态
一键开启共享功能,将下面的保存为bat执行即可:
| @echo off :wwwpiiscn cls mode 76, 32 title 开启或关闭共享、Windows更新等功能 echo: echo: echo: echo 【注意:开启共享会存在安全问题,用不上共享或不是域环境请关闭共享】 echo ____________________________________________________________ echo: echo [1] 开启系统共享功能【可能需重启后生效】 echo: echo [2] 关闭系统共享功能【域环境中不要关闭】 echo ____________________________________________ echo: echo [3] 开启或关闭系统更新功能 echo ____________________________________________ echo: echo [4] 开启或关闭系统显示缩略图【重启后生效】 echo ____________________________________________ echo: echo [5] 开启打印机服务 [6] 关闭打印机服务 echo: echo [7] 打开打印机共享端口[打印机不共享请勿打开] echo ____________________________________________ echo: echo [8] 安装Active Directory域控制器 echo: echo [9] 作为客户机加入域开放端口[无需装域控] echo ____________________________________________ echo: echo [0] 退出 echo ____________________________________________________________ echo: echo 请在键盘中输入菜单选项[1,2,3,4,5,6,7,8,9,0] choice /C:1234567890 /N if errorlevel==10 exit /b if errorlevel==9 goto :ActiveDirectoryPort if errorlevel==8 goto :openActiveDirectory if errorlevel==7 goto :openPrintPort if errorlevel==6 goto :closePrint if errorlevel==5 goto :openPrint if errorlevel==4 goto :thumbnail if errorlevel==3 goto :windowsupdate if errorlevel==2 goto :closeSharing if errorlevel==1 goto :openSharing :openSharing cls mode 110, 34 title 开启共享功能[可能需要重启服务器] echo: echo 开启共享会使得系统不安全,用不上共享或非域环境请关闭共享 echo ____________________________________________________________ echo: echo [1] 开启SMBv2/SMBv3共享功能【Win10-Win2025】 echo: echo [2] 关闭系统共享功能【域环境中不要关闭】 echo: echo [3] 开启SMBv1共享功能【旧的共享模式,很不安全】 echo ____________________________________________ echo: echo [0] 返回 echo ____________________________________________________________ echo: echo 请在键盘中输入菜单选项[1,2,3,0] choice /C:1230 /N if errorlevel==4 goto :wwwpiiscn if errorlevel==3 goto :openSharing3 if errorlevel==2 goto :closeSharing if errorlevel==1 goto :openSharing2 :openSharing2 cls mode 110, 34 title 开启SMBv2/SMBv3共享功能 echo 开启Server,TCP/IP NetBIOS Helper,Workstation三个服务 sc config LanmanServer start= auto net start LanmanServer sc config lmhosts start= auto net start lmhosts sc config LanmanWorkstation start= auto net start LanmanWorkstation netsh advfirewall set allprofiles state on rem 开启Windows系统自带的防火墙,on为开启,而off为关闭 netsh advfirewall firewall delete rule name="开放共享和域的TCP端口" netsh advfirewall firewall delete rule name="开放共享和域的UDP端口" netsh advfirewall firewall delete rule name="开放打印机TCP端口" netsh advfirewall firewall delete rule name="开放打印机UDP端口" netsh advfirewall firewall delete rule name="关闭高危险TCP端口" netsh advfirewall firewall delete rule name="关闭高危险UDP端口" netsh advfirewall firewall delete rule name="关闭危险TCP端口" netsh advfirewall firewall delete rule name="关闭危险UDP端口" netsh advfirewall firewall delete rule name="关闭TCP1025端口" netsh advfirewall firewall delete rule name="关闭TCP1211端口" netsh advfirewall firewall delete rule name="关闭TCP135端口" netsh advfirewall firewall delete rule name="关闭TCP137-139端口" netsh advfirewall firewall delete rule name="关闭TCP1720端口" netsh advfirewall firewall delete rule name="关闭TCP3001-3003端口" netsh advfirewall firewall delete rule name="关闭TCP3095-3097端口" netsh advfirewall firewall delete rule name="关闭TCP389端口" netsh advfirewall firewall delete rule name="关闭TCP445端口" netsh advfirewall firewall delete rule name="关闭TCP464端口" netsh advfirewall firewall delete rule name="关闭TCP593端口" netsh advfirewall firewall delete rule name="关闭TCP636端口" netsh advfirewall firewall delete rule name="关闭TCP88端口" netsh advfirewall firewall delete rule name="关闭UDP1211端口" netsh advfirewall firewall delete rule name="关闭UDP135端口" netsh advfirewall firewall delete rule name="关闭UDP137-139端口" netsh advfirewall firewall delete rule name="关闭UDP445端口" netsh advfirewall firewall add rule name="开放共享和域的TCP端口" dir=in action=allow protocol=TCP localport="53,88,135-139,389,445,464,593,636,860,1026,1392,1760,3260-3269,3343,3407,5985-5986,6301,6600,9389,49152-65535" netsh advfirewall firewall add rule name="开放共享和域的UDP端口" dir=in action=allow protocol=UDP localport="53,88,123,135-139,389,445,464,500,636,860,1372,1382,1760,3260-3269,3343,3407,4500,6301" netsh advfirewall firewall add rule name="关闭危险TCP端口" dir=in action=block protocol=TCP localport="1025,1720,3001-3003,3095-3097,11211" netsh advfirewall firewall add rule name="关闭危险UDP端口" dir=in action=block protocol=UDP localport="11211" netsh ipsec static delete all rem 删除IP安全策略中的所有的策略、规则、筛选器列表、筛选器、筛选器动作等 netsh ipsec static add policy name=IDC数据中心安全策略 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=88 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=UDP mirrored=yes srcport=0 dstport=88 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=389 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=UDP mirrored=yes srcport=0 dstport=389 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=464 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=UDP mirrored=yes srcport=0 dstport=464 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=593 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=636 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=UDP mirrored=yes srcport=0 dstport=636 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=1025 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=1720 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=3001 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=3002 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=3003 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=3095 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=3096 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=3097 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=11211 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=UDP mirrored=yes srcport=0 dstport=11211 netsh ipsec static add filteraction name=阻止 action=block netsh ipsec static add rule name=关闭端口 policy=IDC数据中心安全策略 filterlist=关闭端口 filteraction=阻止 netsh ipsec static set policy name=IDC数据中心安全策略 assign=y echo 恢复文件夹右键共享功能菜单 reg add "HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Sharing" /ve /t REG_SZ /d "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}" /f reg add "HKEY_CLASSES_ROOT\Directory\background\shellex\ContextMenuHandlers\Sharing" /ve /t REG_SZ /d "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}" /f reg add "HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers\Sharing" /ve /t REG_SZ /d "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}" /f reg add "HKEY_CLASSES_ROOT\Directory\shellex\PropertySheetHandlers\Sharing" /ve /t REG_SZ /d "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}" /f reg add "HKEY_CLASSES_ROOT\Drive\shellex\ContextMenuHandlers\Sharing" /ve /t REG_SZ /d "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}" /f reg add "HKEY_CLASSES_ROOT\Drive\shellex\PropertySheetHandlers\Sharing" /ve /t REG_SZ /d "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}" /f reg add "HKEY_CLASSES_ROOT\LibraryFolder\background\shellex\ContextMenuHandlers\Sharing" /ve /t REG_SZ /d "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}" /f reg add "HKEY_CLASSES_ROOT\UserLibraryFolder\shellex\ContextMenuHandlers\Sharing" /ve /t REG_SZ /d "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}" /f reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Sharing" /ve /t REG_SZ /d "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}" /f echo 请耐心等待开启SMB2/SMB3功能… powershell Set-SmbServerConfiguration -EnableSMB2Protocol $true -Confirm:$false rem 上面的参数-Confirm:$false是关闭交互确认提示 echo 已经开启SMB2/SMB3共享功能 pause goto :openSharing :openSharing3 cls mode 110, 34 title 开启旧版SMBv1功能[可能需要重启服务器] echo: echo 开启旧版SMBv1功能会使得服务器非常不安全 echo ____________________________________________________________ echo: echo [1] 开启旧版SMBv1共享功能【非常不安全】 echo: echo 说明:SMBv1主要是给Win10以下系统的客户机连接 echo: echo 局域网中没Win7等电脑连接本机共享勿开启 echo ____________________________________________ echo: echo [0] 返回 echo ____________________________________________________________ echo: echo 请在键盘中输入菜单选项[1,0] choice /C:10 /N if errorlevel==2 goto :openSharing if errorlevel==1 goto :openSharing4 :openSharing4 echo 安装SMB1.0功能,可能需要重启服务器 echo 如果没有提示重启服务器,请勿重启 echo 请耐心等待安装SMB1.0功能… powershell Enable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol pause goto :wwwpiiscn :closeSharing cls mode 110, 34 title 关闭共享功能[可能需要重启服务器] echo: echo 关闭共享功能[可能需要重启服务器] echo ____________________________________________________________ echo: echo [1] 关闭系统共享功能【域环境中不要关闭】 echo ____________________________________________ echo: echo [0] 返回 echo ____________________________________________________________ echo: echo 请在键盘中输入菜单选项[1,0] choice /C:10 /N if errorlevel==2 goto :wwwpiiscn if errorlevel==1 goto :closeSharing2 :closeSharing2 cls mode 110, 34 title 关闭共享功能[可能需要重启服务器] echo 关闭Server和TCP/IP NetBIOS Helper服务 net stop LanmanServer /y sc config LanmanServer start= disabled net stop lmhosts /y sc config lmhosts start= disabled netsh advfirewall set allprofiles state on rem 开启Windows系统自带的防火墙 netsh advfirewall firewall delete rule name="开放共享和域的TCP端口" netsh advfirewall firewall delete rule name="开放共享和域的UDP端口" netsh advfirewall firewall delete rule name="开放打印机TCP端口" netsh advfirewall firewall delete rule name="开放打印机UDP端口" netsh advfirewall firewall delete rule name="关闭高危险TCP端口" netsh advfirewall firewall delete rule name="关闭高危险UDP端口" netsh advfirewall firewall delete rule name="关闭危险TCP端口" netsh advfirewall firewall delete rule name="关闭危险UDP端口" netsh advfirewall firewall delete rule name="关闭TCP1025端口" netsh advfirewall firewall delete rule name="关闭TCP1211端口" netsh advfirewall firewall delete rule name="关闭TCP135端口" netsh advfirewall firewall delete rule name="关闭TCP137-139端口" netsh advfirewall firewall delete rule name="关闭TCP1720端口" netsh advfirewall firewall delete rule name="关闭TCP3001-3003端口" netsh advfirewall firewall delete rule name="关闭TCP3095-3097端口" netsh advfirewall firewall delete rule name="关闭TCP389端口" netsh advfirewall firewall delete rule name="关闭TCP445端口" netsh advfirewall firewall delete rule name="关闭TCP464端口" netsh advfirewall firewall delete rule name="关闭TCP593端口" netsh advfirewall firewall delete rule name="关闭TCP636端口" netsh advfirewall firewall delete rule name="关闭TCP88端口" netsh advfirewall firewall delete rule name="关闭UDP1211端口" netsh advfirewall firewall delete rule name="关闭UDP135端口" netsh advfirewall firewall delete rule name="关闭UDP137-139端口" netsh advfirewall firewall delete rule name="关闭UDP445端口" netsh advfirewall firewall add rule name="关闭危险TCP端口" dir=in action=block protocol=TCP localport="1025,1720,3001-3003,3095-3097,11211" netsh advfirewall firewall add rule name="关闭危险UDP端口" dir=in action=block protocol=UDP localport="11211" netsh advfirewall firewall add rule name="关闭高危险TCP端口" dir=in action=block protocol=TCP localport="88,135-139,389,445,464,593,636" netsh advfirewall firewall add rule name="关闭高危险UDP端口" dir=in action=block protocol=UDP localport="88,135-139,389,445,464,593,636" netsh ipsec static delete all rem 删除IP安全策略中的所有的策略、规则、筛选器列表、筛选器、筛选器动作等 netsh ipsec static add policy name=IDC数据中心安全策略 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=88 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=UDP mirrored=yes srcport=0 dstport=88 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=135 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=UDP mirrored=yes srcport=0 dstport=135 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=136 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=UDP mirrored=yes srcport=0 dstport=136 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=137 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=UDP mirrored=yes srcport=0 dstport=137 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=138 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=UDP mirrored=yes srcport=0 dstport=138 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=139 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=UDP mirrored=yes srcport=0 dstport=139 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=389 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=UDP mirrored=yes srcport=0 dstport=389 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=445 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=UDP mirrored=yes srcport=0 dstport=445 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=389 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=UDP mirrored=yes srcport=0 dstport=389 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=464 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=UDP mirrored=yes srcport=0 dstport=464 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=593 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=636 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=UDP mirrored=yes srcport=0 dstport=636 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=1025 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=1720 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=3001 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=3002 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=3003 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=3095 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=3096 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=3097 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=11211 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=UDP mirrored=yes srcport=0 dstport=11211 netsh ipsec static add filteraction name=阻止 action=block netsh ipsec static add rule name=关闭端口 policy=IDC数据中心安全策略 filterlist=关闭端口 filteraction=阻止 netsh ipsec static set policy name=IDC数据中心安全策略 assign=y echo 删除右键共享菜单 reg delete "HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\ModernSharing" /va /f reg delete "HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Sharing" /va /f reg delete "HKEY_CLASSES_ROOT\Directory\background\shellex\ContextMenuHandlers\Sharing" /va /f reg delete "HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers\Sharing" /va /f reg delete "HKEY_CLASSES_ROOT\Directory\shellex\PropertySheetHandlers\Sharing" /va /f reg delete "HKEY_CLASSES_ROOT\Drive\shellex\ContextMenuHandlers\Sharing" /va /f reg delete "HKEY_CLASSES_ROOT\Drive\shellex\PropertySheetHandlers\Sharing" /va /f reg delete "HKEY_CLASSES_ROOT\LibraryFolder\background\shellex\ContextMenuHandlers\Sharing" /va /f reg delete "HKEY_CLASSES_ROOT\UserLibraryFolder\shellex\ContextMenuHandlers\Sharing" /va /f reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Sharing" /va /f rem 下面三是Win11和Win2025另有的共享功能项 reg delete "HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\ModernSharing" /va /f reg delete "HKEY_CLASSES_ROOT\MSGraphDocument\shellex\ContextMenuHandlers\ModernSharing" /va /f reg delete "HKEY_CLASSES_ROOT\MSGraphDocument_38664959\shellex\ContextMenuHandlers\ModernSharing" /va /f echo 禁用SMB共享功能,可能需要重启服务器 echo 如果没有提示重启服务器,请勿重启 echo 请耐心等待禁用SMB1/SMB2/SMB3功能… powershell Set-SmbServerConfiguration -EnableSMB1Protocol $false -Confirm:$false powershell Set-SmbServerConfiguration -EnableSMB2Protocol $false -Confirm:$false rem 上面的参数-Confirm:$false是关闭交互确认提示 powershell Disable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol pause goto :wwwpiiscn :windowsupdate cls mode 110, 34 title 开启或关闭Windows更新功能 echo: echo 开启或关闭Windows更新功能 echo ____________________________________________________________ echo: echo [1] 开启Windows更新功能【操作后建议重启服务器】 echo: echo [2] 关闭Windows更新功能 echo ____________________________________________ echo: echo [0] 返回 echo ____________________________________________________________ echo: echo 请在键盘中输入菜单选项[1,2,0] choice /C:120 /N if errorlevel==3 goto :wwwpiiscn if errorlevel==2 goto :closewindowsupdate if errorlevel==1 goto :openwindowsupdate :openwindowsupdate cls mode 110, 34 title 开启Windows更新功能 echo 开启"Windows Update"和"更新Orchestrator服务(Update Orchestrator服务)"2个服务 sc config wuauserv start= auto net start wuauserv sc config UsoSvc start= demand rem 手动demand,禁用disabled,自动auto net start UsoSvc echo: echo: echo 已经开启Windows更新功能,请按任意键返回主菜单… pause>nul goto :wwwpiiscn :closewindowsupdate cls mode 110, 34 title 关闭Windows更新功能 net stop wuauserv /y sc config wuauserv start= disabled net stop UsoSvc /y sc config UsoSvc start= demand net stop BITS /y sc config BITS start= disabled rem 停止并禁用后台智能传输服务"Background Intelligent Transfer Service",不影响手动更新 echo: echo: echo 已经关闭Windows更新功能,请按任意键返回主菜单… pause>nul goto :wwwpiiscn :thumbnail cls mode 110, 34 title 开启或关闭系统缩略图功能 echo: echo 开启或关闭系统显示缩略图功能 echo ____________________________________________________________ echo: echo [1] 开启系统显示缩略图【重启后生效】 echo: echo [2] 关闭系统显示缩略图【重启后生效】 echo ____________________________________________ echo: echo [0] 返回 echo ____________________________________________________________ echo: echo 请在键盘中输入菜单选项[1,2,0] choice /C:120 /N if errorlevel==3 goto :wwwpiiscn if errorlevel==2 goto :closethumbnail if errorlevel==1 goto :openthumbnail :openthumbnail cls mode 110, 34 title 开启系统显示缩略图功能 echo 开启系统显示缩略图【重启后生效】 reg add "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "DisableThumbnails" /t REG_DWORD /d 0 /f rem 或者reg delete "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "DisableThumbnails" /f echo: echo: echo 已开启系统显示缩略图[重启后生效],请按任意键返回主菜单… pause>nul goto :wwwpiiscn :closethumbnail cls mode 110, 34 title 关闭系统显示缩略图功能 echo 关闭系统显示缩略图【重启后生效】 reg add "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "DisableThumbnails" /t REG_DWORD /d 1 /f echo: echo: echo 已关闭系统显示缩略图[重启后生效],请按任意键返回主菜单… pause>nul goto :wwwpiiscn :openPrint cls mode 110, 34 title 开启打印机服务 echo 开启Print Spooler打印机服务 sc config spooler start= auto net start spooler echo: echo: echo 已开启Print Spooler打印机服务,请按任意键返回主菜单… pause>nul goto :wwwpiiscn :closePrint cls mode 110, 34 title 关闭打印机服务 echo 关闭Print Spooler打印机服务 net stop spooler /y sc config spooler start= disabled echo: echo: echo 已关闭Print Spooler打印机服务,请按任意键返回主菜单… pause>nul goto :wwwpiiscn :openPrintPort cls mode 110, 34 title 打开打印机共享端口[打印机不在局域网中共享请勿打开] echo: echo 打印机不在局域网中共享请勿打开 echo ____________________________________________________________ echo: echo [1] 打开打印机共享需要的端口 echo: echo [2] 关闭系统共享功能【含打印机共享】 echo ____________________________________________ echo: echo [0] 返回 echo ____________________________________________________________ echo: echo 请在键盘中输入菜单选项[1,2,0] choice /C:120 /N if errorlevel==3 goto :wwwpiiscn if errorlevel==2 goto :closeSharing if errorlevel==1 goto :openPrintPort2 :openPrintPort2 echo 设置Print Spooler打印机服务为自动 sc config spooler start= auto net start spooler netsh advfirewall set allprofiles state on rem 开启Windows系统自带的防火墙 netsh advfirewall firewall delete rule name="开放共享和域的TCP端口" netsh advfirewall firewall delete rule name="开放共享和域的UDP端口" netsh advfirewall firewall delete rule name="开放打印机TCP端口" netsh advfirewall firewall delete rule name="开放打印机UDP端口" netsh advfirewall firewall delete rule name="关闭高危险TCP端口" netsh advfirewall firewall delete rule name="关闭高危险UDP端口" netsh advfirewall firewall delete rule name="关闭危险TCP端口" netsh advfirewall firewall delete rule name="关闭危险UDP端口" netsh advfirewall firewall delete rule name="关闭TCP1025端口" netsh advfirewall firewall delete rule name="关闭TCP1211端口" netsh advfirewall firewall delete rule name="关闭TCP135端口" netsh advfirewall firewall delete rule name="关闭TCP137-139端口" netsh advfirewall firewall delete rule name="关闭TCP1720端口" netsh advfirewall firewall delete rule name="关闭TCP3001-3003端口" netsh advfirewall firewall delete rule name="关闭TCP3095-3097端口" netsh advfirewall firewall delete rule name="关闭TCP389端口" netsh advfirewall firewall delete rule name="关闭TCP445端口" netsh advfirewall firewall delete rule name="关闭TCP464端口" netsh advfirewall firewall delete rule name="关闭TCP593端口" netsh advfirewall firewall delete rule name="关闭TCP636端口" netsh advfirewall firewall delete rule name="关闭TCP88端口" netsh advfirewall firewall delete rule name="关闭UDP1211端口" netsh advfirewall firewall delete rule name="关闭UDP135端口" netsh advfirewall firewall delete rule name="关闭UDP137-139端口" netsh advfirewall firewall delete rule name="关闭UDP445端口" netsh advfirewall firewall add rule name="开放共享和域的TCP端口" dir=in action=allow protocol=TCP localport="53,88,135-139,389,445,464,593,636,860,1026,1392,1760,3260-3269,3343,3407,5985-5986,6301,6600,9389,49152-65535" netsh advfirewall firewall add rule name="开放共享和域的UDP端口" dir=in action=allow protocol=UDP localport="53,88,123,135-139,389,445,464,500,636,860,1372,1382,1760,3260-3269,3343,3407,4500,6301" netsh advfirewall firewall add rule name="开放打印机TCP端口" dir=in action=allow protocol=TCP localport="515,631,721-731,1997,2000,3702,9100-9103,9220-9222,9280-9282,9290-9292" netsh advfirewall firewall add rule name="开放打印机UDP端口" dir=in action=allow protocol=UDP localport="105,161-162,5353,5357-5358,54921-54925" netsh advfirewall firewall add rule name="关闭危险TCP端口" dir=in action=block protocol=TCP localport="1025,1720,3001-3003,3095-3097,11211" netsh advfirewall firewall add rule name="关闭危险UDP端口" dir=in action=block protocol=UDP localport="11211" netsh ipsec static delete all rem 删除IP安全策略中的所有的策略、规则、筛选器列表、筛选器、筛选器动作等 netsh ipsec static add policy name=IDC数据中心安全策略 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=88 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=UDP mirrored=yes srcport=0 dstport=88 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=389 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=UDP mirrored=yes srcport=0 dstport=389 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=464 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=UDP mirrored=yes srcport=0 dstport=464 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=593 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=636 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=UDP mirrored=yes srcport=0 dstport=636 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=1025 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=1720 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=3001 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=3002 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=3003 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=3095 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=3096 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=3097 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=TCP mirrored=yes srcport=0 dstport=11211 netsh ipsec static add filter filterlist=关闭端口 srcaddr=any dstaddr=me protocol=UDP mirrored=yes srcport=0 dstport=11211 netsh ipsec static add filteraction name=阻止 action=block netsh ipsec static add rule name=关闭端口 policy=IDC数据中心安全策略 filterlist=关闭端口 filteraction=阻止 netsh ipsec static set policy name=IDC数据中心安全策略 assign=y echo 恢复文件夹右键共享功能菜单 reg add "HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Sharing" /ve /t REG_SZ /d "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}" /f reg add "HKEY_CLASSES_ROOT\Directory\background\shellex\ContextMenuHandlers\Sharing" /ve /t REG_SZ /d "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}" /f reg add "HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers\Sharing" /ve /t REG_SZ /d "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}" /f reg add "HKEY_CLASSES_ROOT\Directory\shellex\PropertySheetHandlers\Sharing" /ve /t REG_SZ /d "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}" /f reg add "HKEY_CLASSES_ROOT\Drive\shellex\ContextMenuHandlers\Sharing" /ve /t REG_SZ /d "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}" /f reg add "HKEY_CLASSES_ROOT\Drive\shellex\PropertySheetHandlers\Sharing" /ve /t REG_SZ /d "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}" /f reg add "HKEY_CLASSES_ROOT\LibraryFolder\background\shellex\ContextMenuHandlers\Sharing" /ve /t REG_SZ /d "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}" /f reg add "HKEY_CLASSES_ROOT\UserLibraryFolder\shellex\ContextMenuHandlers\Sharing" /ve /t REG_SZ /d "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}" /f reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Sharing" /ve /t REG_SZ /d "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}" /f echo 如果系统原来没安装SMB1.0功能,可能需要重启服务器 echo 如果没有提示重启服务器,请勿重启 echo 请耐心等待安装共享需要的SMB1.0功能… powershell Enable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol echo: echo: echo 已打开打印机共享需要的端口,请在共享中手动设置需要共享的打印机 echo 按任意键返回主菜单… pause>nul goto :wwwpiiscn :openActiveDirectory cls mode 110, 34 title 安装Active Directory域控制器 echo: echo 安装Active Directory域控制器 echo ____________________________________________________________ echo: echo [1] 请先开启共享功能[安装AD域前提条件] echo: echo [2] 安装Active Directory域控制器并开放端口 echo: echo [3] AD域控服务器安全加固【执行前2项后再操作】 echo ____________________________________________ echo: echo [0] 返回 echo ____________________________________________________________ echo: echo 请在键盘中输入菜单选项[1,2,3,0] choice /C:1230 /N if errorlevel==4 goto :wwwpiiscn if errorlevel==3 goto :ADacceptip if errorlevel==2 goto :openActiveDirectory2 if errorlevel==1 goto :openSharing2 :openActiveDirectory2 cls mode 110, 34 title 安装Active Directory域控制器 echo 开启Active Directory域控制器需要的服务 sc config LanmanServer start= auto net start LanmanServer sc config RemoteRegistry start= auto net start RemoteRegistry sc config lmhosts start= auto net start lmhosts sc config Browser start= auto net start Browser sc config RpcSs start= auto net start RpcSs sc config LanmanWorkstation start= auto net start LanmanWorkstation sc config VSS start= auto net start VSS netsh advfirewall set allprofiles state on rem 开启Windows系统自带的防火墙 netsh advfirewall firewall delete rule name="开放共享和域的TCP端口" netsh advfirewall firewall delete rule name="开放共享和域的UDP端口" netsh advfirewall firewall delete rule name="开放打印机TCP端口" netsh advfirewall firewall delete rule name="开放打印机UDP端口" netsh advfirewall firewall delete rule name="关闭高危险TCP端口" netsh advfirewall firewall delete rule name="关闭高危险UDP端口" netsh advfirewall firewall delete rule name="关闭危险TCP端口" netsh advfirewall firewall delete rule name="关闭危险UDP端口" netsh advfirewall firewall delete rule name="关闭TCP1025端口" netsh advfirewall firewall delete rule name="关闭TCP1211端口" netsh advfirewall firewall delete rule name="关闭TCP135端口" netsh advfirewall firewall delete rule name="关闭TCP137-139端口" netsh advfirewall firewall delete rule name="关闭TCP1720端口" netsh advfirewall firewall delete rule name="关闭TCP3001-3003端口" netsh advfirewall firewall delete rule name="关闭TCP3095-3097端口" netsh advfirewall firewall delete rule name="关闭TCP389端口" netsh advfirewall firewall delete rule name="关闭TCP445端口" 标签:
|