How to use GPO to update an existing firewall rule?
I used the guidance found here to add a set of firewall rules to my GPO. I performed these steps:
- Exported all rules from my DC
- Imported them into my GPO
- Deleted the ones I didn't want
- Applied the GPO to a LAN computer (gpupdate)
Unfortunately, instead of the existing rules being updated/enabled, I ended up with duplicate rules.
This Q&A proposes the same question, but the linked document in the answer doesn't explain how to update an existing rule—only how to create a new one. Nor am I finding anything for this in searches. The creation of new rules seems to be everyone's interest. But not in this case.
How can I use GPO to enable an existing predefined/stock rule, rather than create a duplicate?
This might be a limitation of this particular GPO integration with the firewall because potentially you are trying to modify built in firewall rules (speculation here).
I think you could be better server by using a PowerShell Script executed by GPO to update the rule this would also probably work better across different operating systems. You could do this in a scheduled task running as the System Account. You might also consider filtering by something other than the DisplayName as its possible this could be different. You can accomplish most of this in a one-liner.
Name Search with the Result Disabling the Rule Set
Get-NetFirewallRule -DisplayName 'Cortana' | Set-NetFirewallRule -Enabled False
Documentation for Get-NetFirewallRule
https://docs.microsoft.com/en-us/powershell/module/netsecurity/get-netfirewallrule?view=windowsserver2019-ps
Documentation for Set-NetFirewallRule
https://docs.microsoft.com/en-us/powershell/module/netsecurity/set-netfirewallrule?view=windowsserver2019-ps
The other idea is if you don't want to do this with PowerShell you should simply disable the Built In Rule and Create a new one.