Allow Firewall Action for User profile

How to add a Local Appdata installed Application exe to the firewall allow action?


I got the following script from Microsoft a while back (for adding MS Teams rules) but I’ve used this successfully for other apps, when needed. I include this in my post-installation step.

You can of course create variables for convenience.

# Create a firewall for each existing user if the application path exists.
# In this example 4 rules are created: 2 Inbound rules (TCP and UDP), and 2 Outbound rules (TCP and UDP)

$users = Get-ChildItem (Join-Path -Path $env:SystemDrive -ChildPath 'Users') -Exclude 'Public', 'ADMINI~*'
if ($null -ne $users) {
    foreach ($user in $users) {
        $progPath = Join-Path -Path $user.FullName -ChildPath 'AppData\Local\AppName\Current\appname_native.exe'
        if (Test-Path $progPath) {
            if (-not (Get-NetFirewallApplicationFilter -Program $progPath -ErrorAction SilentlyContinue)) {
                $ruleName = "appname_native.exe for user $($user.Name)"
                "UDP", "TCP" | ForEach-Object { 
					New-NetFirewallRule -DisplayName $ruleName -Direction Inbound -Profile Any -Program $progPath -Action Allow -Protocol $_
					New-NetFirewallRule -DisplayName $ruleName -Direction Outbound -Profile Any -Program $progPath -Action Allow -Protocol $_					
                Clear-Variable ruleName
        Clear-Variable progPath