How to update defender firewall rules when New Team is updated after initial installation

Gordon O'Donovan 0 Reputation points
2024-02-14T19:50:11.85+00:00

How can the Windows Defender firewall rules be updated when an update to New Teams client is applied after initial installation. User's image

when New Teams is updated the path would need to be updated in the firewall rules. This seems to require admin access and triggers a UAC prompt. Are there any alternatives to update this rule using powershell and Intune ?

Microsoft Teams
Microsoft Teams
A Microsoft customizable chat-based workspace.
10,083 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,049 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Catherine Kyalo 665 Reputation points Microsoft Employee
    2024-02-20T11:11:39.4433333+00:00

    Hi Gordon O'Donovan You can use PowerShell to update Windows Defender Firewall rules. You need to use the Set-NetFirewallRule cmdlet, which modifies the configuration of an existing firewall rule. Here's a sample PowerShell script:

    $ruleName = "Your Firewall Rule Name"
    $newPath = "Path to the updated Teams client"
    
    # Get the current firewall rule
    $rule = Get-NetFirewallRule -DisplayName $ruleName
    
    # Update the rule
    Set-NetFirewallRule -Name $rule.Name -Program $newPath
    

    This script gets the existing firewall rule by its display name, and then updates the program path. Please note that running this script requires administrative privileges, as it involves modification of system-wide firewall settings. If you are using Intune, you can deploy this script using the PowerShell script functionality in Intune. Here's a guide on how to do it: How to use PowerShell scripts in Intune However, this will still require admin rights on the local machine to execute. As for the UAC prompt, there's no straightforward way to bypass it, because it's a security feature designed to prevent unauthorized changes to system settings. If you really need to suppress it, you'll have to modify the local security policies or the Windows Registry, which could potentially expose your system to security risks. It's generally recommended to keep the UAC enabled. You might want to consider using a service account with the necessary permissions to run the PowerShell script. This would allow the script to run with elevated privileges without prompting for credentials

    0 comments No comments

  2. Rudy Ooms 611 Reputation points MVP
    2024-03-28T12:37:40.4366667+00:00

    When using proactive remediations you can run it each hour..

    Get the latest Microsoft Teams folder in Program Files\WindowsApps

    $teamsFolder = Get-ChildItem -Path "C:\Program Files\WindowsApps" -Filter "MicrosoftTeams_*" -Directory | Sort-Object -Property LastWriteTime -Descending | Select-Object -First 1

    Check if Microsoft Teams folder is found

    if ($teamsFolder -ne $null) {

    # Construct path to msteams.exe
    
    $teamsExePath = Join-Path -Path $teamsFolder.FullName -ChildPath "msteams.exe"
    
    
    
    # Check if msteams.exe exists
    
    if (Test-Path $teamsExePath -PathType Leaf) {
    
        # Add inbound rule to Windows Defender Firewall
    
        $ruleName = "Allow_MicrosoftTeams"
    
        $command = "netsh advfirewall firewall add rule name=`"$ruleName`" dir=in action=allow program=`"$teamsExePath`" enable=yes"
    
        Invoke-Expression -Command $command
    
        
    
        Write-Output "Inbound rule added to allow Microsoft Teams through Windows Defender Firewall."
    
    }    else {
    
        Write-Output "msteams.exe not found in the latest Microsoft Teams folder."
    
    }
    

    }else {

    Write-Output "Microsoft Teams folder not found in Program Files\WindowsApps."
    

    }

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.