Change network connection category using PowerShell

Note: This blogpost is also posted on the peppercrew website.

refwin-advfirewall-img4

I recently came across an issue with PSRemoting to a Windows 7 XenDesktop VM. I discovered remoting was disabled on the remote system because one of the network connections was a Public connection (it was the PVS connection). To change this using PowerShell is quite easy in Windows 8 or higher: the Set-NetConnectionProfile command is available to do just that. However, in Windows 7 this is not so easy. Even though PowerShell 4 was installed, the command was absent. So I decided to create my own functions to facilitate this, based on this script by Microsoft: LINK. This script utilizes the Network List Manager to make the change. 

I created two functions named after the ones in Windows 8 and higher:

  • Get-NetConnectionProfile
  • Set-NetConnectionProfile

Here are some examples of how to use these (also included in the help):

# This will get the category for all network connections:
PS\> Get-NetConnectionProfile

IsConnectedToInternet : False
Category              : Public
Description           : Unknown network
Name                  : Unknown network
IsConnected           : True

IsConnectedToInternet : True
Category              : Domain
Description           : DOMAIN.LOCAL
Name                  : DOMAIN
IsConnected           : True

# This will get the category for all public network connections:
PS\> Get-NetConnectionProfile -NetworkCategory Public

IsConnectedToInternet : False
Category              : Public
Description           : Unknown network
Name                  : Unknown network
IsConnected           : True

# This sets the network category of the 'LAN1' connection to Private:
PS\> Set-NetConnectionProfile -Name 'LAN1' -NetworkCategory Private

IsConnectedToInternet : True
Category              : Private
Description           : LAN1
Name                  : LAN1
IsConnected           : True

# This sets the network category for all Public connections to Private
PS\> Get-NetConnectionProfile -NetworkCategory Public | Set-NetConnectionProfile -NetworkCategory Private

IsConnectedToInternet : False
Category              : Private
Description           : Unknown network
Name                  : Unknown network
IsConnected           : True

You can download or view the functions here: LINK

Hope it helps!

MicaH

About MicaH

I'm a Senior Technical Specialist at PepperByte BV (the Netherlands).
This entry was posted in Powershell and tagged , , , , , , , , , . Bookmark the permalink.

12 Responses to Change network connection category using PowerShell

  1. Adam Mnich says:

    Great job!
    One problem I had is that your functions show by default only active (connected) profiles.
    I made a small modification by changing in Set-NetConnectionProfile
    from :
    $AllNetworks = $NetworkListManager.GetNetworks(1)
    to:
    $AllNetworks = $NetworkListManager.GetNetworks(3)
    so you can modify all profiles regardless of the connection state.

    I added a parameter to Get-NetConnectionProfile
    [ValidateSet(‘All’,’Connected’,’Disconnected’)]
    $ConnectionState = “All”
    some code in script
    added hash table with values
    $ConnectedType = @{
    ‘Connected’ = 1
    ‘Disconnected’ = 2
    ‘All’ = 3
    }

    and changed
    from:
    $Networks = $NetworkListManager.GetNetworks(1)
    to:
    $Networks = $NetworkListManager.GetNetworks($ConnectedType[$ConnectionState])

    Now you can also display not connected profiles and change them.

    • MicaH says:

      Nice! I hadn’t considered there could be a need for this functionality, so nice catch! With your permission I’d like to incorporate your solution into my script.

  2. Hoang says:

    Is it possible to run this for remote computer?

    • MicaH says:

      Not directly. You’d have to use Invoke-Command and include the function(s) to the scriptblock. Like so:

      Invoke-Command -ComputerName PC001,PC002 -ScriptBlock {
         function Get-NetConnectionProfile
         {...}
         function Set-NetConnectionProfile
         {...}
      
         Get-NetConnectionProfile -NetworkCategory Public | Set-NetConnectionProfile -NetworkCategory Private
      }
      
      • The Imposter says:

        Sorry I dont understand something, Can you run Invoke-command if you cant connect to the computer in the 1st place, If you cant connect to the remote computer because the Network Category is set to Public then how can you use Invoke-command, otherwise I would just be using invoke-command for all my remote command work.
        Thanks for your help.
        ps. I did try the solution but it failed because I cant get access to the remote machine

      • MicaH says:

        You’re right off course. Invoke-command won’t work if PSRemoting is not working. If it is and you have to change the connection profile for some other reason, this is how you’d do it.

        In your case you’d have to find some other way of running this script on the remote machines. Maybe PsExec or if you have Remote Management tools like Ivanti Automation or SCCM.

      • The Imposter says:

        That’s great cos I was worried i was missing the point 🙂
        I am using PSEXEC and that is what highlighted the issue, I never thought of Using SCCM thats a great idea. Thank you for your prompt and helpful response.

      • MicaH says:

        No problem. Glad I could help.

  3. Jimmy says:

    Excellent! Thank you for sharing.

  4. Willians Rodriguez says:

    Hi, i missed or i don’t understand the install part, where i have to put this file to be used later in the powershell console?

    • MicaH says:

      It’s a powershell function, so if you to use it in a script you can paste it in there and use it like a command. If you want to want to use it in the console you have multiple options:

      1. You can dot-source the scriptfile the function is in: Say you save the function in a file called ChangeNetwork.ps1. In order to load the function in the console you would enter this:

      . <Path To File>\ChangeNetwork.ps1

      So that’s a dot followed by a space and the path to the file.
      2. You can save the function in the consoles profile: if you are using a powershell profile you can paste the function in there and it will be available whenever you start the console. Check out about_Profiles for more info on this.
      3. You can remove the function Get-NetConnectionProfile line and the opening and closing curly brackets and run the file as a script with parameters.
      4. You can create a module file (.ps1m) with all your favorite functions and load the module in the console.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s