Merge pull request #7874 from tktracker/patch-3

prmerger-automator[bot] · web-flow · commit d53771d55d61 · 2022-08-31T15:33:51.000Z
Update endpoint-security-firewall-rule-tool.md
diff --git a/memdocs/intune/protect/endpoint-security-firewall-rule-tool.md b/memdocs/intune/protect/endpoint-security-firewall-rule-tool.md
@@ -7,7 +7,7 @@ keywords:
 author: brenduns
 ms.author: brenduns
 manager: dougeby
-ms.date: 07/14/2020
+ms.date: 08/31/2022
 ms.topic: overview
 ms.service: microsoft-intune
 ms.subservice: protect
@@ -31,7 +31,7 @@ ms.reviewer: laarrizz
 
 Many organizations are moving their security configuration to Microsoft Endpoint Manager to make use of modern, cloud-based management. Endpoint security in Endpoint Manager offers rich management experiences of Windows Firewall configuration and granular firewall rule management.
 
-Because it can be challenging to move large numbers of existing Group Policies for Windows Firewall rules to Endpoint security policies in Endpoint Manager, we've created the **Endpoint security firewall rule migration tool**.
+Because it can be challenging to move large numbers of existing Group Policies for Windows Firewall rules to Endpoint security policies in Endpoint Manager, we've created the **Endpoint security firewall rule migration tool**, which is a PowerShell script.
 
 When you run the **Endpoint security firewall rule migration tool** on a reference Windows 10/11 client that has firewall rules based on Group Policy applied, the tool can automatically create Endpoint security firewall rule policies in Endpoint Manager. After the endpoint security rules are created, administrators can target the rules to Azure AD groups to configure MDM and co-managed clients.
 
@@ -41,6 +41,9 @@ Download the [Endpoint security firewall rule migration tool](https://aka.ms/End
 
 ## Tool usage
 
+> [!TIP]
+> The tool's PowerShell script looks for endpoint security policies that target **MDM**. When there are no policies that target **MDM**, the script can loop and fail to exit. To work around this condition, either add a policy that targets MDM before running the script, or edit the line 46 of the script to the following: `while(($profileNameExist) -and ($profiles.Count -gt 0))`
+
 Run the tool on a reference machine to migrate that machines current Windows Firewall rule configuration. When run, the tool exports all enabled firewall rules that are present on the device, and automatically creates new Intune policies with the collected rules.
 
 1. Sign in to the reference machine with local administrator privileges.
