How-to use Powershell to change the Network location type (to Private or Public)
Here is how to change the Network type of a specific network (or networks) to Private or Public, to help you better master Firewall policies.
This is especially useful if you have a bunch of Windows 2008 servers on a DMZ as it’s more and more the case, which are not controlled by GPOs then.
Credits goes to Vladimir Averkin’s great Powershell post, that I slightly modified to be a little bit more precise regarding the settings. I added the $PrivateNetwork and $PublicNetwork variables to better understand the use of the SetCategory() .Net method.
#Static variables definition (never change them)
$PrivateNetwork=1
$PublicNetwork=3
#####################################
##### CHANGES TO CUSTOMIZE ": #####
##### - Network name(s) #####
##### - Set to Private or Public#####
#####################################
#Change the network name on the line below to the network name you want to change:
$NetworkNameFilter1 = "Partial name with wildcard or full network name"
#Change the type you want to assign to the above named network :
$NetworkTypeAssignment = $PrivateNetwork
#######################################
##### End of changes customization#####
#######################################
# Better for error control - Script is working from Vista to upper OS versions, including server OS
# => skip network location setting for pre-Vista operating systems
if([environment]::OSVersion.version.Major -lt 6) { return }
# Optionnal - skip network location setting if local machine is joined to a domain.
#if(1,3,4,5 -contains (Get-WmiObject win32_computersystem).DomainRole) { return }
# Get network connections
$networkListManager = [Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]"{DCB00C01-570F-4A9B-8D69-199FDBA5723B}"))
$connections = $networkListManager.GetNetworkConnections()
# Set network location to Private for all networks :
#$connections | % {$_.GetNetwork().SetCategory(1)}
#Set network location for networks matching the $NetworkNameFilter1 filter :
$connections | % `
{
#Change the $NetworkNameFilter1 string variable earlier in the script to identify which network you want to set to public or private :
If ($_.GetNetwork().GetName() -like $NetworkNameFilter1)
{
Write-Host "Network category of "$_.GetNetwork().GetName()"was perviously set to "$_.GetNetwork().GetCategory()
$_.GetNetwork().SetCategory($NetworkTypeAssignment) #Category "1" is meant for Private Network, and Category "3" is for Public Network
Write-Host "Network category of "$_.GetNetwork().GetName()"network changed to "$_.GetNetwork().GetCategory()
}
}