ge-aerospace/powershell-scripts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
62c0c7bb06fa5cf497b782979b9a329ef58afcd1
powershell-scripts/winrm-https/winrm-ca-scripts/Set-NetworkPrivate.ps1
cproudlock 62c0c7bb06 Initial commit: Organized PowerShell scripts for ShopDB asset collection 
Structure:
- asset-collection/: Local PC data collection scripts
- remote-execution/: WinRM remote execution scripts
- setup-utilities/: Configuration and testing utilities
- registry-backup/: GE registry backup scripts
- winrm-https/: WinRM HTTPS certificate setup
- docs/: Complete documentation

Each folder includes a README with detailed documentation.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-10 10:57:54 -05:00

110 lines
4.0 KiB
PowerShell
Raw Blame History

#Requires -RunAsAdministrator
<#
.SYNOPSIS
Sets network profile to Private for WinRM HTTPS connectivity
.DESCRIPTION
Changes the network connection profile from Public to Private.
This allows firewall rules to work more reliably for WinRM HTTPS.
Public profiles often have more restrictive firewall settings.
.EXAMPLE
.\Set-NetworkPrivate.ps1
.NOTES
Author: System Administrator
Date: 2025-10-17
Run this script ON THE TARGET PC as Administrator
#>
Write-Host ""
Write-Host "========================================" -ForegroundColor Cyan
Write-Host " Set Network Profile to Private" -ForegroundColor Cyan
Write-Host "========================================" -ForegroundColor Cyan
Write-Host ""
$hostname = $env:COMPUTERNAME
Write-Host "Computer: $hostname" -ForegroundColor White
Write-Host ""
# Get current network profiles
Write-Host "Current Network Profiles:" -ForegroundColor Yellow
$profiles = Get-NetConnectionProfile
$profiles | Format-Table Name, InterfaceAlias, NetworkCategory, IPv4Connectivity -AutoSize
Write-Host ""
# Change all profiles to Private
Write-Host "Changing network profiles to Private..." -ForegroundColor Yellow
Write-Host ""
$changed = 0
foreach ($profile in $profiles) {
if ($profile.NetworkCategory -eq 'Public') {
try {
Write-Host " Changing '$($profile.Name)' from Public to Private..." -ForegroundColor Gray
Set-NetConnectionProfile -InterfaceIndex $profile.InterfaceIndex -NetworkCategory Private
Write-Host " [OK] Changed to Private" -ForegroundColor Green
$changed++
} catch {
Write-Host " [ERROR] Failed: $($_.Exception.Message)" -ForegroundColor Red
}
} elseif ($profile.NetworkCategory -eq 'Private') {
Write-Host " '$($profile.Name)' is already Private" -ForegroundColor Green
} elseif ($profile.NetworkCategory -eq 'DomainAuthenticated') {
Write-Host " '$($profile.Name)' is Domain (optimal)" -ForegroundColor Green
}
}
Write-Host ""
# Show updated profiles
Write-Host "Updated Network Profiles:" -ForegroundColor Yellow
Get-NetConnectionProfile | Format-Table Name, InterfaceAlias, NetworkCategory, IPv4Connectivity -AutoSize
Write-Host ""
# Update firewall rule to ensure it works with Private profile
Write-Host "Updating WinRM HTTPS firewall rule for Private profile..." -ForegroundColor Yellow
$ruleName = "WinRM HTTPS-In"
$rule = Get-NetFirewallRule -DisplayName $ruleName -ErrorAction SilentlyContinue
if ($rule) {
try {
Set-NetFirewallRule -DisplayName $ruleName -Profile Any -Enabled True
Write-Host "[OK] Firewall rule updated for all profiles" -ForegroundColor Green
} catch {
Write-Host "[WARN] Could not update firewall rule: $($_.Exception.Message)" -ForegroundColor Yellow
}
} else {
Write-Host "[WARN] WinRM HTTPS-In firewall rule not found" -ForegroundColor Yellow
}
Write-Host ""
# Restart WinRM service to apply changes
Write-Host "Restarting WinRM service..." -ForegroundColor Yellow
try {
Restart-Service WinRM -Force
Write-Host "[OK] WinRM service restarted" -ForegroundColor Green
} catch {
Write-Host "[WARN] Could not restart WinRM: $($_.Exception.Message)" -ForegroundColor Yellow
}
Write-Host ""
Write-Host "========================================" -ForegroundColor Green
Write-Host " NETWORK PROFILE UPDATED" -ForegroundColor Green
Write-Host "========================================" -ForegroundColor Green
Write-Host ""
if ($changed -gt 0) {
Write-Host "[OK] Changed $changed network profile(s) to Private" -ForegroundColor Green
} else {
Write-Host "[OK] All network profiles already configured" -ForegroundColor Green
}
Write-Host ""
Write-Host "Test connection from management computer:" -ForegroundColor Yellow
Write-Host " Test-NetConnection $hostname.logon.ds.ge.com -Port 5986" -ForegroundColor White
Write-Host ""
Write-Host " Test-WSMan -ComputerName $hostname.logon.ds.ge.com -UseSSL -Port 5986" -ForegroundColor White
Write-Host ""
Reference in New Issue View Git Blame Copy Permalink