Windows 2012 (RTM/R2) Set Network Location
Thursday, November 14, 2013 at 10:34AM Ref: http://blogs.msdn.com/b/powershell/archive/2009/04/03/setting-network-location-to-private.aspx
In my hyper-v lab I use Non-Domain bound Hosts with a wired and wireless network setup - I place wired in private and wireless in public.
This attribute is not a property of the adapter or interface. Adapter or interface can be connected to different networks, this is obvious for Wi-Fi but is also true for wired Ethernet (just plug the cable to the hotel room socket to experience this).
This attribute is a property of the "network signature", which is managed by the Network Location Awareness service. It identifies networks by things like the default gateway's MAC address and the DNS suffix provided by the DHCP server, creates a unique record for each such network and allows the user to set whether it is Public or Private. Then NLA pushes this setting down to the firewall.
Now the solutions
Powershell:
# Skip network location setting for pre-Vista operating systems
if([environment]::OSVersion.version.Major -lt 6) { return }
# Skip network location setting if local machine is joined to a domain.
if(1,3,4,5 -contains (Get-WmiObject win32_computersystem).DomainRole) { return }
# Get network connections
$networkListManager = [Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]"{DCB00C01-570F-4A9B-8D69-199FDBA5723B}"))
$connections = $networkListManager.GetNetworkConnections()
# Set network location to Private for all networks
$connections | % {$_.GetNetwork().SetCategory(1)}
Using NetSH
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\Unmanaged
scan all subkeys here, and look at DefaultGatewayMac to find the proper one (Wi-Fi networks can have some other fields there, but I have some doubts in Wi-Fi on Server Core).
In the proper subkey, find ProfileGuid.
Then:
net stop nlasvc
(this also stops netprofm)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\NetworkList\Profiles\{profile guid}
Category REG_DWORD 0 - public, 1 - private, edit this dword
net start netprofm
(this also starts nlasvc)
To check the tweak was actually applied:
netsh adv sh cur
(should be Public before, Private after)
Reader Comments