Change network connection category using PowerShell

Note: This blogpost is also posted on the peppercrew website.

refwin-advfirewall-img4

I recently came across an issue with PSRemoting to a Windows 7 XenDesktop VM. I discovered remoting was disabled on the remote system because one of the network connections was a Public connection (it was the PVS connection). To change this using PowerShell is quite easy in Windows 8 or higher: the Set-NetConnectionProfile command is available to do just that. However, in Windows 7 this is not so easy. Even though PowerShell 4 was installed, the command was absent. So I decided to create my own functions to facilitate this, based on this script by Microsoft: LINK. This script utilizes the Network List Manager to make the change. 

I created two functions named after the ones in Windows 8 and higher:

  • Get-NetConnectionProfile
  • Set-NetConnectionProfile

Here are some examples of how to use these (also included in the help):

# This will get the category for all network connections:
PS\> Get-NetConnectionProfile

IsConnectedToInternet : False
Category              : Public
Description           : Unknown network
Name                  : Unknown network
IsConnected           : True

IsConnectedToInternet : True
Category              : Domain
Description           : DOMAIN.LOCAL
Name                  : DOMAIN
IsConnected           : True

# This will get the category for all public network connections:
PS\> Get-NetConnectionProfile -NetworkCategory Public

IsConnectedToInternet : False
Category              : Public
Description           : Unknown network
Name                  : Unknown network
IsConnected           : True

# This sets the network category of the 'LAN1' connection to Private:
PS\> Set-NetConnectionProfile -Name 'LAN1' -NetworkCategory Private

IsConnectedToInternet : True
Category              : Private
Description           : LAN1
Name                  : LAN1
IsConnected           : True

# This sets the network category for all Public connections to Private
PS\> Get-NetConnectionProfile -NetworkCategory Public | Set-NetConnectionProfile -NetworkCategory Private

IsConnectedToInternet : False
Category              : Private
Description           : Unknown network
Name                  : Unknown network
IsConnected           : True

You can download or view the functions here: LINK

Hope it helps!

MicaH

Advertisements

About MicaH

I'm a Technical Specialist at PepperByte BV (the Netherlands).
This entry was posted in Powershell and tagged , , , , , , , , , . Bookmark the permalink.

10 Responses to Change network connection category using PowerShell

  1. Adam Mnich says:

    Great job!
    One problem I had is that your functions show by default only active (connected) profiles.
    I made a small modification by changing in Set-NetConnectionProfile
    from :
    $AllNetworks = $NetworkListManager.GetNetworks(1)
    to:
    $AllNetworks = $NetworkListManager.GetNetworks(3)
    so you can modify all profiles regardless of the connection state.

    I added a parameter to Get-NetConnectionProfile
    [ValidateSet(‘All’,’Connected’,’Disconnected’)]
    $ConnectionState = “All”
    some code in script
    added hash table with values
    $ConnectedType = @{
    ‘Connected’ = 1
    ‘Disconnected’ = 2
    ‘All’ = 3
    }

    and changed
    from:
    $Networks = $NetworkListManager.GetNetworks(1)
    to:
    $Networks = $NetworkListManager.GetNetworks($ConnectedType[$ConnectionState])

    Now you can also display not connected profiles and change them.

    • MicaH says:

      Nice! I hadn’t considered there could be a need for this functionality, so nice catch! With your permission I’d like to incorporate your solution into my script.

  2. Hoang says:

    Is it possible to run this for remote computer?

    • MicaH says:

      Not directly. You’d have to use Invoke-Command and include the function(s) to the scriptblock. Like so:

      Invoke-Command -ComputerName PC001,PC002 -ScriptBlock {
         function Get-NetConnectionProfile
         {...}
         function Set-NetConnectionProfile
         {...}
      
         Get-NetConnectionProfile -NetworkCategory Public | Set-NetConnectionProfile -NetworkCategory Private
      }
      
      • The Imposter says:

        Sorry I dont understand something, Can you run Invoke-command if you cant connect to the computer in the 1st place, If you cant connect to the remote computer because the Network Category is set to Public then how can you use Invoke-command, otherwise I would just be using invoke-command for all my remote command work.
        Thanks for your help.
        ps. I did try the solution but it failed because I cant get access to the remote machine

      • MicaH says:

        You’re right off course. Invoke-command won’t work if PSRemoting is not working. If it is and you have to change the connection profile for some other reason, this is how you’d do it.

        In your case you’d have to find some other way of running this script on the remote machines. Maybe PsExec or if you have Remote Management tools like Ivanti Automation or SCCM.

      • The Imposter says:

        That’s great cos I was worried i was missing the point 🙂
        I am using PSEXEC and that is what highlighted the issue, I never thought of Using SCCM thats a great idea. Thank you for your prompt and helpful response.

      • MicaH says:

        No problem. Glad I could help.

  3. Jimmy says:

    Excellent! Thank you for sharing.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s