How-to use Powershell to change the Network location type (to Private or Public)

  • Article

 

Here is how to change the Network type of a specific network (or networks) to Private or Public, to help you better master Firewall policies.

This is especially useful if you have a bunch of Windows 2008 servers on a DMZ as it’s more and more the case, which are not controlled by GPOs then.

Credits goes to Vladimir Averkin’s great Powershell post, that I slightly modified to  be a little bit more precise regarding the settings. I added the $PrivateNetwork and $PublicNetwork variables to better understand the use of the SetCategory() .Net method.

 

 

#Static variables definition (never change them)

$PrivateNetwork=1

$PublicNetwork=3

 

#####################################

##### CHANGES TO CUSTOMIZE ": #####

##### - Network name(s) #####

##### - Set to Private or Public#####

#####################################

#Change the network name on the line below to the network name you want to change:

$NetworkNameFilter1 = "Partial name with wildcard or full network name"

#Change the type you want to assign to the above named network :

$NetworkTypeAssignment = $PrivateNetwork

#######################################

##### End of changes customization#####

#######################################

# Better for error control - Script is working from Vista to upper OS versions, including server OS

# => skip network location setting for pre-Vista operating systems

if([environment]::OSVersion.version.Major -lt 6) { return }

# Optionnal - skip network location setting if local machine is joined to a domain.

#if(1,3,4,5 -contains (Get-WmiObject win32_computersystem).DomainRole) { return }

# Get network connections

$networkListManager = [Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]"{DCB00C01-570F-4A9B-8D69-199FDBA5723B}"))

$connections = $networkListManager.GetNetworkConnections()

# Set network location to Private for all networks :

#$connections | % {$_.GetNetwork().SetCategory(1)}

#Set network location for networks matching the $NetworkNameFilter1 filter :

$connections | % `

{

#Change the $NetworkNameFilter1 string variable earlier in the script to identify which network you want to set to public or private :

If ($_.GetNetwork().GetName() -like $NetworkNameFilter1)

{

Write-Host "Network category of "$_.GetNetwork().GetName()"was perviously set to "$_.GetNetwork().GetCategory()

$_.GetNetwork().SetCategory($NetworkTypeAssignment) #Category "1" is meant for Private Network, and Category "3" is for Public Network

Write-Host "Network category of "$_.GetNetwork().GetName()"network changed to "$_.GetNetwork().GetCategory()

}

}