the Get-NetFirewallProfile cmdlet has the option -PolicyStore ActiveStore which is the sum of all policies on that computer. When I run it I get the firewall profile state with GPO taken under consideration.
Alternatively I can get the CIM instance with Get-CimInstance -Namespace Root\StandardCimv2 -ClassName MSFT_NetFirewallProfile or Get-WmiObject -Namespace "Root\StandardCimv2" -Query "SELECT * FROM MSFT_NetFirewallProfile", BUT the GPO value are discarded.
How can I set the policy store in the Get-WmiObject -Namespace "Root\StandardCimv2" -Query "SELECT * FROM MSFT_NetFirewallProfile"?
In the end I'm going to implement the query in c++ with the wbemcli api
You can specify PolicyStore parameter using IWbemContext. Here are the code samples illustrating its use:
$CimSession = New-CimSession
$options = New-Object Microsoft.Management.Infrastructure.Options.CimOperationOptions
$options.SetCustomOption("PolicyStore", "ActiveStore", $true)
$CimSession.EnumerateInstances("Root\StandardCimv2", "MSFT_NetFirewallProfile", $options)
strComputer = "."
Set objSWbemServices = GetObject("winmgmts:\\" & strComputer & "\root\StandardCimv2")
Set objCtx = CreateObject("WbemScripting.SWbemNamedValueSet")
objCtx.Add "PolicyStore", "ActiveStore"
Set colSWbemObjectSet = objSWbemServices.InstancesOf("MSFT_NetFirewallProfile",,objCtx)
For Each objSWbemObject In colSWbemObjectSet
Wscript.Echo "Enabled: " & objSWbemObject.Enabled
Next