Avatar of hypercube
hypercube
Flag for United States of America asked on

Setting Windows Firewall for Windows Management Instrumentation Windows 10 in PS Script

I have a set of instructions that has you check the box in the appropriate profile column in "Allowed Apps" next to "Windows Management Instrumentation" e.g. Private or Domain.

In order to implement these instructions in a Powershell script (my objective), there are a number of firewall rules involved.  These include AT LEAST:
 "Windows Management Instrumentation (ASync-In)"  Public/Private/Domain
"Windows Management Instrumentation (DCOM-In)"  Public/Private/Domain
"Windows Management Instrumentation (WMI-In)"  Public/Private/Domain
I determined this list by researching it and by observing what happens:

If one uses one profile check box in Allowed Apps for the network profile, these seem to be what are enabled.
Also, starting with the box NOT checked, if one enables the firewall rules above individually and "completely" then when you go back to Allowed Apps, you expect the check box to be checked and with no gray shading (which appears to mean "part way").
However, in this case, enabling the rules above manually results in the check box with gray shading which implies something is missing.

What's missing?  It seems either there's another rule or rules that need to be enabled for this OR there are parameter settings within the 3 rules above that need to be changed.
Windows 10Windows OS* Firewal rulesNetwork Management

Avatar of undefined
Last Comment
Dustin Saunders

8/22/2022 - Mon
Dustin Saunders

I see, so if you open the Windows Defender Firewall with Advanced Security you can see all of the rules.  What you can do is sort that list by the 'Group' column.  So for WMI these rules are in the group:



So to grab all the rules, we can use similar code in your previous question and instead grab the objects by group and enable them in a loop.  I'll change the syntax a bit so its easier to understand

#get the rules matching the name
$rules = Get-NetFirewallRule |  Where-Object { $_.DisplayGroup -eq "Windows Management Instrumentation (WMI)" }

#loop through them and enable
foreach($rule in $rules) {
    $rule | Set-NetFirewallRule -Enabled True
}

Open in new window

Now in my list, all the rules are enabled

hypercube

ASKER
Dustin Saunders:  Yes, these would be amongst the rules that I was wanting to set up in the previous question.  So, that part is handled.
In this case, sorting by Name (the usual thing or default I think) gives the same results as sorting by Group because of the similar terms used in each column.

Starting at the Advanced Settings (the list of rules):
Setting all the rules in that group and network profile is easy enough to do manually as well as with the script.
Then, switching to "Allow an app through Windows Firewall":
I observe that the checkbox in "Allow an app through Windows Firewall" is shaded gray.  This usually means: "Yes, some of the rules for this are set, but not all of them".

Starting at Allow an app through the Windows Firewall
(starting with the rules above NOT enabled)
Check the box for Windows Management Instrumentation and Domain.
Now the box is clear / not shaded gray.
Then, switching to Advanced Settings, I see no difference there compared to the first case.
But, it seems that there must be something (I don't see in the list) to change the shade of the check box from gray to clear.

Maybe it's just a quirk but if I'm going to edit the rules in place of originally setting the checkboxes then I'd like to know that the operation on the rules is complete.


ASKER CERTIFIED SOLUTION
Dustin Saunders

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
hypercube

ASKER
Thank you!!  It was the Outgoing that was missing.
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
Dustin Saunders

No worries, happy to help!