Applying outbound connection rules PER USER in Windows Firewall with Advanced Security
This just isn't a feature that's available. If you want to do something like this, you might look at using Microsoft TMG as an outbound proxy. It can do user/group based access to Internet resources.
This is doable, I just did it for my kid's computers. Just create the entries below in Task Scheduler. Note that this is not super-secure, since it doesn't account for things like multiple sessions from remote desktops, etc. That said, hopefully it will help a lot of people viewing this topic. Also, note the 30-second delay in Step 2 before the firewall is turned off for registered users. Not sure if that can be made quicker somehow, 5-10 seconds would be more than enough for my computers.
Step 1) Create a Task that turns ON the firewall when anyone logs on:
Task Scheduler -> Action -> "Create Task"
General:
Name:TurnOnWindowsFirewall
Security Options:"Run whether user is logged on or not" checked
Security Options:"Run with highest privileges" checked
Triggers: (click 'New...')
BeginTheTask:"At log on"
Settings:"Any User" checked
Advanced Settings:"Stop if task runs longer than:" checked; "30 minutes" selected
Advanced Settings:"Enabled" checked
Actions: (click 'New...')
Action:"Start a program"
Program/script:"netsh"
Add Aruments:"advfirewall set allprofiles state on"
Conditions:
Uncheck everything on this tab
Settings:
AllowOnDemand: checked
RunTaskAsSoonAsPossible: checked
IfTheTaskFails: unchecked
StopTheTaskIfItRunsLonger: checked; "1 hour" selected
IfTheRunningTaskDoesNotEndForceIt: checked
IfTheTaskIsNotSchedAgainDeleteIt: unchecked
IfTheTaskIsAlreadyRunning: "Do not start a new instance" selected
Step 2) Create a Task that turns OFF the firewall when a certain user logs on:
Task Scheduler -> Action -> "Create Task"
General:
Name:TurnOffWindowsFirewall
Security Options:"Run whether user is logged on or not" checked
Security Options:"Do not store password" checked
Security Options:"Run with highest privileges" checked
Triggers: (click 'New...')
BeginTheTask:"At log on"
Settings:"Specific User" checked (select user that should have OPEN internet access.)
Advanced Settings:"Delay task for:" checked; "30 seconds" selected
Advanced Settings:"Stop if task runs longer than:" checked; "30 minutes" selected
Advanced Settings:"Enabled" checked
Actions: (click 'New...')
Action:"Start a program"
Program/script:"netsh"
Add Aruments:"advfirewall set allprofiles state on"
Conditions:
Uncheck everything on this tab
Settings:
AllowOnDemand: checked
RunTaskAsSoonAsPossible: checked
IfTheTaskFails: unchecked
StopTheTaskIfItRunsLonger: checked; "1 hour" selected
IfTheRunningTaskDoesNotEndForceIt: checked
IfTheTaskIsNotSchedAgainDeleteIt: unchecked
IfTheTaskIsAlreadyRunning: "Do not start a new instance" selected
Good Luck!