Changing network location awareness service with Powershell

My infrastructure currently uses Mcafee VirusScan Enterprise 8.7i as our AV solution

Since upgrading to 8.7i we have experienced slow login times. Turns out there is a problem with the NLA service when it is set to Manual. Here is an explanation from Mcafee

Problem
A computer running VirusScan Enterprise 8.7i is slow in starting up due to mfevtps.exe certification authenticity checks.
McShield
and the Network Location Awareness service contribute to slow computer startup times (between one and three minutes). If either of these is removed, startup is much faster.
Cause
To increase security, the McAfee Validation Trust Protection Service ( Mfevtps.exe) utilizes APIs from Microsoft’s Crypt32.dll. Some of the APIs in this library make network calls as part of their routine procedures and so, when the Network Location Awareness service is not yet started, a delay occurs each time Mfevtps.exe attempts to use these functions . When the Network Location Awareness service is already running, no delay is experienced.
Solution
McAfee is investigating this issue. As a temporary measure, implement the workaround shown below.
Workaround

  1. Click Start, Run, type services.msc and press ENTER.
  2. Right-click Network Location Awareness.
  3. Modify the Start type to Automatic.
  4. Restart the computer.
  5. ___________________________________________________________________________

    SO the workaround is to set NLA to Automatic.
    Now how do we do this in Powershell?
    By using a couple of different Cmdlets we can find a service, and change its startup type in one line.

get-wmiobject –class win32_service -Filter “name = ‘NlaSvc'”|Where-Object {$_.startmode -eq ‘Manual’}|Set-Service -StartupType Automatic

 

This line will find the NlaSvc service using Get-Wmiobject – Pipe to

Where object to find if the objects startmode is set to Manual – then Pipe to

Set-Service to set the startuptype to Automatic

How to run this remotely on many machines

To find the Nla service and change the startup type on multiple machines. I would use the following command:

Note the –asjob and –throttlelimit parameters, these parameters are very handy when dealing with remote wmi queries against multiple machines.

$job = gwmi win32_service –ComputerName (Get-Content C:servers.txt) -ThrottleLimit 10 –AsJob -Filter “name = ‘NlaSvc'”|Where-Object {$_.startmode -eq ‘Manual’}|Set-Service -StartupType Automatic

A bit of a mouth full, but gets the job done. And anyway, try manually setting the start up type of a service on a few thousand machines.

You will soon turn to Powershell

    As usual, hope this helps somebody. Any comments would be grateful.
Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: