My company has rolled out a new softphone service that has been installed successfully through the GPO to each machine. The thing is, the software is installed in the user profile which then asks to be allowed access through windows defender firewall, and I'm having a hard time allowing that access which needs admin credentials. Variables Like %localappdata% or %userprofile% doesn't work in GPO. Startup script doesn't work, because it puts the firewall rule under the admin profile. The Logon script doesn't work because it needs admin privileges to add a new-newfirewallrule.
$username = $env:username
New-NetFirewallRule -Displayname "Five9Softphone" -Direction Inbound -Program C:\Users\$username\appdata\local\Five9\Five9Softphone-10.0\bin\10.2.16\five9softphone.exe
This works when running with any admin users but not my normal users. Please help!
You could run something like the following:
$profiles = Get-ChildItem -Path 'C:\Users' -Directory
Foreach ($profile in $profiles) {
$ExePath = Join-Path -Path $profile.Fullname -ChildPath 'appdata\local\Five9\Five9Softphone-10.0\bin\10.2.16\five9softphone.exe'
if (!(Get-NetFirewallApplicationFilter -Program $ExePath)) {
New-NetFirewallRule -Displayname "Five9Softphone" -Direction Inbound -Program $ExePath
}
}