Exclude VMware Virtual Adapters from Network Awareness

Because the VMware virtual network adapters appear to be in a “Public network”, Windows thinks that the whole machine is exposed to a public network, and it triggers the public profile for Windows Firewall. While in most cases this helps protect the entire computer from external access, sometimes you actually need to have external access, and therefore you need to manually change the setting.

Make this file: network.ps1 edit it and paste in the following:

# see <a href="http://msdn2.microsoft.com/en-us/library/bb201634.aspx">http://msdn2.microsoft.com/en-us/library/bb201634.aspx</a>
#
# *NdisDeviceType
#
# The type of the device. The default value is zero, which indicates a standard
# networking device that connects to a network.
#
# Set *NdisDeviceType to NDIS_DEVICE_TYPE_ENDPOINT (1) if this device is an
# endpoint device and is not a true network interface that connects to a network.
# For example, you must specify NDIS_DEVICE_TYPE_ENDPOINT for devices such as
# smart phones that use a networking infrastructure to communicate to the local
# computer system but do not provide connectivity to an external network.
#
# Usage: run in an elevated shell (vista/longhorn) or as adminstrator (xp/2003).
#
# PS> .\fix-vmnet-adapters.ps1

# boilerplate elevation check

$identity = [Security.Principal.WindowsIdentity]::GetCurrent()
$principal = new-object Security.Principal.WindowsPrincipal $identity
$elevated = $principal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)

if (-not $elevated) {
$error = "Sorry, you need to run this script"
if ([System.Environment]::OSVersion.Version.Major -gt 5) {
$error += " in an elevated shell."
} else {
$error += " as Administrator."
}
throw $error
}

function confirm {
$host.ui.PromptForChoice("Continue", "Process adapter?",
[Management.Automation.Host.ChoiceDescription[]]@("&No", "&Yes"), 0) -eq $true
}

# adapters key
pushd 'hklm:\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}'

# ignore and continue on error
dir -ea 0  | % {
$node = $_.pspath
$desc = gp $node -name driverdesc
if ($desc -like "*vmware*") {
write-host ("Found adapter: {0} " -f $desc.driverdesc)
if (confirm) {
new-itemproperty $node -name '*NdisDeviceType' -propertytype dword -value 1
}
}
}
popd

# disable/enable network adapters
gwmi win32_networkadapter | ? {$_.name -like "*vmware*" } | % {

# disable
write-host -nonew "Disabling $($_.name) ... "
$result = $_.Disable()
if ($result.ReturnValue -eq -0) { write-host " success." } else { write-host " failed." }
# enable
write-host -nonew "Enabling $($_.name) ... "
$result = $_.Enable()
if ($result.ReturnValue -eq -0) { write-host " success." } else { write-host " failed." }
}

Next, open a PowerShell prompt. Note that you need to run it with elevated credentials (i.e. "Run as Administrator").

Navigate to the folder where you've placed the script, and execute it. You can type the first letter of the script's name and press TAB to auto complete the script's name.

If you get an error like this:

File D:\Tools\Admin\Scripts\VMware - VMNET Adapters Triggering Public Profile for Windows Firewall\script.ps1 cannot be loaded because the execution of
scripts is disabled on this system. Please see "get-help about_signing" for more details.

you will have to write the following first:

Set-ExecutionPolicy Unrestricted

And wola! stuff works!

For the original article take a look at www.petri.co.il. He does some GREAT work for all windows server stuff.