1

Update: My use-case requires me to automate deployment of Windows Server VMs for test environment. While I've managed to find ways to automate the process via powershell in 90% of tasks, I'm now stuck on how to re-create predefined firewall rules in domain GPO via powershell. :End of Update

I'm out of clues how (and if) it's possible to add the pre-defined firewall rules (in my specific case, I need inbound rules) to a domain GPO using powershell.

By pre-defined rules I mean the ones found in GUI:gui method of adding pre-defined firewall rules to a GPO

I've found a succinct explanation how to add rules to a gpo here: https://davidcbird.wordpress.com/2020/06/18/how-to-modify-windows-firewall-policy-in-group-policy-using-powershell/

and I tried doing something silly like this to add, for example "File and Printer Sharing (SMB-In)"

new-NetFirewallRule -GPOSession $GpoSession -Group "@FirewallAPI.dll,-28502"

If there is no way of "bluntly" repeating the effects of GUI way, would it be true to say that alternative way would be adding such rules via new-NetFirewallRule cmdlet and repeating whatever is provided in columns of the GUI for each rule I'd like to add, like these:

enter image description here

Thank you in advance!

renice
  • 31
  • 6

1 Answers1

0

OK, so considering my use-case, I've found a "solution" in first manually adding the pre-defined rules via GUI. Then I used source code of the powershell module "Firewall-Manager" (slightly modified it) to export the rules of my GPO: https://www.powershellgallery.com/packages/Firewall-Manager/1.1.1

Now with exported rules in form of a json file ready, I can use the import part of the (slightly modified) code of the powershell module, and implement it in my automation scripts to apply those rules to GPO for new test VM machines.

renice
  • 31
  • 6