Skip to content

Commit 6f54fb3

Browse files
BrendunsBrenduns
authored
Updating PR.
Moved message into a Tip in the Tool usage section, and removed callout of the Bug. Reformatted the messaging a bit as well. Also revised earlier text to note tha the tool is in fact a PowerShell script, to help build relevance for the subsequent Tip that notes what it does and how to fix it.
1 parent 35d4fbd commit 6f54fb3

1 file changed

Lines changed: 5 additions & 4 deletions

File tree

memdocs/intune/protect/endpoint-security-firewall-rule-tool.md

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ keywords:
77
author: brenduns
88
ms.author: brenduns
99
manager: dougeby
10-
ms.date: 07/14/2020
10+
ms.date: 08/31/2022
1111
ms.topic: overview
1212
ms.service: microsoft-intune
1313
ms.subservice: protect
@@ -29,11 +29,9 @@ ms.reviewer: laarrizz
2929

3030
# Endpoint security firewall rule migration tool overview
3131

32-
The script has a bug: It is looking if you have Endpoint Security policies that are "Target: MDM". If there is no existing policies like this, then the script will be stuck in an infinite loop. To make it work, you need to add either add a policy of that type or change line 46 to: while(($profileNameExist) -and ($profiles.Count -gt 0))
33-
3432
Many organizations are moving their security configuration to Microsoft Endpoint Manager to make use of modern, cloud-based management. Endpoint security in Endpoint Manager offers rich management experiences of Windows Firewall configuration and granular firewall rule management.
3533

36-
Because it can be challenging to move large numbers of existing Group Policies for Windows Firewall rules to Endpoint security policies in Endpoint Manager, we've created the **Endpoint security firewall rule migration tool**.
34+
Because it can be challenging to move large numbers of existing Group Policies for Windows Firewall rules to Endpoint security policies in Endpoint Manager, we've created the **Endpoint security firewall rule migration tool**, which is a PowerShell script.
3735

3836
When you run the **Endpoint security firewall rule migration tool** on a reference Windows 10/11 client that has firewall rules based on Group Policy applied, the tool can automatically create Endpoint security firewall rule policies in Endpoint Manager. After the endpoint security rules are created, administrators can target the rules to Azure AD groups to configure MDM and co-managed clients.
3937

@@ -43,6 +41,9 @@ Download the [Endpoint security firewall rule migration tool](https://aka.ms/End
4341

4442
## Tool usage
4543

44+
> [!TIP]
45+
> The tool's PowerShell script looks for endpoint security policies that target **MDM**. When there are no policies that target **MDM**, the script can loop and fail to exit. To work around this condition, either add a policy that targets MDM before running the script, or edit the line 46 of the script to the following: `while(($profileNameExist) -and ($profiles.Count -gt 0))`
46+
4647
Run the tool on a reference machine to migrate that machines current Windows Firewall rule configuration. When run, the tool exports all enabled firewall rules that are present on the device, and automatically creates new Intune policies with the collected rules.
4748

4849
1. Sign in to the reference machine with local administrator privileges.

0 commit comments

Comments
 (0)