Computer step by step
 Make your Pc better
Description:  

Allows you to view and change the program exceptions list defined by Group Policy. Windows Firewall uses
two program exception lists: one is defined by Group Policy settings and the other is defined by the Windows
Firewall component in Control Panel.

If you enable this policy setting, you can view and change the program exceptions list defined by Group
Policy. If you add a program to this list and set its status to Enabled, that program can receive unsolicited
incoming messages on any port that it asks Windows Firewall to open, even if that port is blocked by another
policy setting, such as the "Windows Firewall: Define inbound port exceptions" policy setting. To view the
program list, enable the policy setting and then click the Show button. To add a program, enable the policy
setting, note the syntax, click the Show button. In the Show Contents dialog box type a definition string that
uses the syntax format. To remove a program, click its definition, and then press the DELETE key. To edit
a definition, remove the current definition from the list and add a new one with different parameters. To allow
administrators to add programs to the local program exceptions list that is defined by the Windows Firewall
component in Control Panel, also enable the "Windows Firewall: Allow local program exceptions" policy
setting.

If you disable this policy setting, the program exceptions list defined by Group Policy is deleted. If a local
program exceptions list exists, it is ignored unless you enable the "Windows Firewall: Allow local program
exceptions" policy setting.

If you do not configure this policy setting, Windows Firewall uses only the local program exceptions list that
administrators define by using the Windows Firewall component in Control Panel.

Note: If you type an invalid definition string, Windows Firewall adds it to the list without checking for errors.
This allows you to add programs that you have not installed yet, but be aware that you can accidentally
create multiple entries for the same program with conflicting Scope or Status values. Scope parameters are
combined for multiple entries.

Note: If you set the Status parameter of a definition string to "disabled," Windows Firewall ignores port
requests made by that program and ignores other definitions that set the Status of that program to
"enabled." Therefore, if you set the Status to "disabled," you prevent administrators from allowing the
program to ask Windows Firewall to open additional ports. However, even if the Status is "disabled," the
program can still receive unsolicited incoming messages through a port if another policy setting opens that
port.

Note: Windows Firewall opens ports for the program only when the program is running and "listening" for
incoming messages. If the program is not running, or is running but not listening for those messages,
Windows Firewall does not open its ports.

Supported on: At least Windows XP Professional with SP2.
Windows Firewall: Define inbound program
exceptions
Description Gpedit Regedit CMD Back VBScript PowerShell Script
Gpedit:   

Please perform the following steps:

Please go to Pearl button (Start) and click on the Search programs and files
For more information about the change from Start to Pearl button click here
Type gpedit.msc and press Enter
In the Group Policy window please navigate to Computer Configuration -> Administrative Templates ->
Network -> Network Connections -> Windows Firewall -> Domain Profile and open Windows Firewall:
Define inbound program exceptions
.
Not Configured -> is the Default state
Enabled -> apply this GPO
Disabled -> this GPO will not be applied

To finish press ok button and close Group Policy window.
Description Gpedit Regedit CMD Up Back VBScript
Type regedit and press ok
Please confirm User Account Control pop-up
Microsoft official disclaimer

Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by
using another method. These problems might require that you reinstall the operating system. Microsoft
cannot guarantee that these problems can be solved. Modify the registry at your own risk.

Note: This registry key is created by Group Policy when this GPO is Enable or Disable. The GPO Default state
is Not Configured -> this registry entry is not present.

Please navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall
\DomainProfile\AuthorizedApplications
and locate
Enabled registry key
test1:10.0.0.1,10.3.4.0/24:enabled:Test1 program registry key
test2:10.0.0.1,10.3.4.0/24:disabled:Test2 program registry key
Regedit:          

Please perform the following steps:

Please go to Pearl button (Start) and click on the Search programs and files
For more information about the change from Start to Pearl button click here
Description Gpedit Regedit CMD Up Back VBScript PowerShell Script PowerShell Script
   
   
Double click on SearchOnly and edit the value:

To Enable:
Change the data value with:
Enabled = 1
\List
test1:10.0.0.1,10.3.4.0/24:enabled:Test1 program = "%programfiles%\test1:10.0.0.1,10.3.4.0/24:enabled:Test1 program"
test2:10.0.0.1,10.3.4.0/24:disabled:Test2 program = "%programfiles%\test2:10.0.0.1,10.3.4.0/24:disabled:Test2 program"

To Disable:
Change the data value with:
Enabled= 0

To finish press ok button and close Registry Editor window

Note: Manual editing of this registry key will not be reflected in Group Policy. If you modify this GPO from
Group Policy this registry key will be rewritten.
Description Gpedit Regedit Back CMD VBScript Up
Type cmd, right click on cmd icon under the Programs and click on Run as administrator
Please confirm User Account Control pop-up
Please select, right and copy a registry key from below, then right click on command prompt window
, select Paste and press Enter

Enabled:
REG add "HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications" /v Enabled /t REG_DWORD /d 1 /f
REG add "HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\List" /v "%programfiles%\test1:10.0.0.1,10.3.4.0/24:enabled:Test1 program" /t REG_SZ /d "%programfiles%\test1:10.0.0.1,10.3.4.0/24:enabled:Test1 program" /f
REG add "HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\List" /v "%programfiles%\test2:10.0.0.1,10.3.4.0/24:disabled:Test2 program" /t REG_SZ /d "%programfiles%\test2:10.0.0.1,10.3.4.0/24:disabled:Test2 program" /f

Disabled:
REG add "HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications" /v Enabled /t REG_DWORD /d 0 /f

Not Configured:
REG DELETE "HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications" /v Enabled /f
REG DELETE "HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\List" /v "%programfiles%\test1:10.0.0.1,10.3.4.0/24:enabled:Test1 program" /f
REG DELETE "HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\List" /v "%programfiles%\test2:10.0.0.1,10.3.4.0/24:enabled:Test2 program" /f


Note: Manual editing of this registry key will not be reflected in Group Policy. If you modify this GPO from
Group Policy this registry key will be rewritten.
CMD:          

Please perform the following steps:

Please go to Pearl button (Start) and click on the Search programs and files
For more information about the change from Start to Pearl button click here
PowerShell Script
   
Description Gpedit Regedit Back CMD VBScript Up
VBScript:          

Const HKEY_LOCAL_MACHINE = &H80000002
strComputer = "."
Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & _
strComputer & "\root\default:StdRegProv")

strKeyPath1 = "SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications"
strKeyPath2 = "SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\List"
oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath1
oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath2
strValueName1 = "Enabled"
strValueName2 = "%programfiles%\test1:10.0.0.1,10.3.4.0/24:enabled:Test1 program"
strValueName3 = "%programfiles%\test2:10.0.0.1,10.3.4.0/24:disabled:Test2 program"
'Enabled
dwValue = 1
strValue1 = cstr("%programfiles%\test1:10.0.0.1,10.3.4.0/24:enabled:Test1 program")
strValue2 = cstr("%programfiles%\test2:10.0.0.1,10.3.4.0/24:disabled:Test2 program")
'Disabled
'dwValue = 0
oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath1,strValueName1,dwValue
oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath2,strValueName2,strValue1
oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath2,strValueName3,strValue2
'Not Configured
'oReg.DeleteValue HKEY_LOCAL_MACHINE,strKeyPath1,strValueName1
'oReg.DeleteValue HKEY_LOCAL_MACHINE,strKeyPath2,strValueName2
'oReg.DeleteValue HKEY_LOCAL_MACHINE,strKeyPath2,strValueName3
PowerShell Script
   
Description Gpedit Regedit Back CMD VBScript Up
PowerShell Script :          

Enabled\Disabled

$RegKey = "HKLM:\SOFTWARE\Policies\Microsoft"
If(Test-Path ($RegKey + "\WindowsFirewall"))
{
$RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall"
If(Test-Path ($RegKey + "\DomainProfile"))
{
  $RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile"
  If(Test-Path ($RegKey + "\AuthorizedApplications"))
  {
    $RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications"
    ##Enabled
    New-ItemProperty -path $RegKey -name Enabled -value 1 -PropertyType DWord -Force
    If(Test-Path ($RegKey + "\List"))
    {
      $RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\List"
       New-ItemProperty -path $RegKey -name "%programfiles%\test1:10.0.0.1,10.3.4.0/24:enabled:Test1 program" -value "%programfiles%\test1:10.0.0.1,10.3.4.0/24:enabled:Test1 program" -PropertyType String -Force
      New-ItemProperty -path $RegKey -name "%programfiles%\test2:10.0.0.1,10.3.4.0/24:disabled:Test2 program" -value "%programfiles%\test2:10.0.0.1,10.3.4.0/24:disabled:Test2 program" -PropertyType String -Force
    }
    else
    {
      New-Item -path $RegKey -name List
      $RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\List"
       New-ItemProperty -path $RegKey -name "%programfiles%\test1:10.0.0.1,10.3.4.0/24:enabled:Test1 program" -value "%programfiles%\test1:10.0.0.1,10.3.4.0/24:enabled:Test1 program" -PropertyType String
      New-ItemProperty -path $RegKey -name "%programfiles%\test2:10.0.0.1,10.3.4.0/24:disabled:Test2 program" -value "%programfiles%\test2:10.0.0.1,10.3.4.0/24:disabled:Test2 program" -PropertyType String
    }
    ##Disabled
    ##New-ItemProperty -path $RegKey -name Enabled -value 0 -PropertyType DWord -Force
  }
  else
  {
    New-Item -path $RegKey -name AuthorizedApplications
    $RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications"
    ##Enabled
    New-ItemProperty -path $RegKey -name Enabled -value 1 -PropertyType DWord
    New-Item -path $RegKey -name List
    $RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\List"
     New-ItemProperty -path $RegKey -name "%programfiles%\test1:10.0.0.1,10.3.4.0/24:enabled:Test1 program" -value "%programfiles%\test1:10.0.0.1,10.3.4.0/24:enabled:Test1 program" -PropertyType String
    New-ItemProperty -path $RegKey -name "%programfiles%\test2:10.0.0.1,10.3.4.0/24:disabled:Test2 program" -value "%programfiles%\test2:10.0.0.1,10.3.4.0/24:disabled:Test2 program" -PropertyType String
    ##Disabled
    ##New-ItemProperty -path $RegKey -name Enabled -value 0 -PropertyType DWord
  }
}
else
{
  New-Item -path $RegKey -name DomainProfile
  $RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile"
  New-Item -path $RegKey -name AuthorizedApplications
  $RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications"
  ##Enabled
  New-ItemProperty -path $RegKey -name Enabled -value 1 -PropertyType DWord
  New-Item -path $RegKey -name List
  $RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\List"
   New-ItemProperty -path $RegKey -name "%programfiles%\test1:10.0.0.1,10.3.4.0/24:enabled:Test1 program" -value "%programfiles%\test1:10.0.0.1,10.3.4.0/24:enabled:Test1 program" -PropertyType String
  New-ItemProperty -path $RegKey -name "%programfiles%\test2:10.0.0.1,10.3.4.0/24:disabled:Test2 program" -value "%programfiles%\test2:10.0.0.1,10.3.4.0/24:disabled:Test2 program" -PropertyType String
  ##Disabled
  ##New-ItemProperty -path $RegKey -name Enabled -value 0 -PropertyType DWord
}
}
else
{
 New-Item -path $RegKey -name WindowsFirewall
 $RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall"
 New-Item -path $RegKey -name DomainProfile
 $RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile"
 New-Item -path $RegKey -name AuthorizedApplications
  $RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications"
 ##Enabled
 New-ItemProperty -path $RegKey -name Enabled -value 1 -PropertyType DWord
 New-Item -path $RegKey -name List
 $RegKey = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\List"
  New-ItemProperty -path $RegKey -name "%programfiles%\test1:10.0.0.1,10.3.4.0/24:enabled:Test1 program" -value "%programfiles%\test1:10.0.0.1,10.3.4.0/24:enabled:Test1 program" -PropertyType String
 New-ItemProperty -path $RegKey -name "%programfiles%\test2:10.0.0.1,10.3.4.0/24:disabled:Test2 program" -value "%programfiles%\test2:10.0.0.1,10.3.4.0/24:disabled:Test2 program" -PropertyType String
 ##Disabled
 ##New-ItemProperty -path $RegKey -name Enabled -value 0 -PropertyType DWord
}

Not Configured

$RegKey = "HKLM:\SOFTWARE\Policies\Microsoft"
Remove-ItemProperty -Path($RegKey + "\WindowsFirewall\DomainProfile\AuthorizedApplications") -name Enabled
Remove-ItemProperty -Path($RegKey + "\WindowsFirewall\DomainProfile\AuthorizedApplications\List") -name "%programfiles%\test1:10.0.0.1,10.3.4.0/24:enabled:Test1 program"
Remove-ItemProperty -Path($RegKey + "\WindowsFirewall\DomainProfile\AuthorizedApplications\List") -name "%programfiles%\test2:10.0.0.1,10.3.4.0/24:disabled:Test2 program"
If( (Get-Item -Path($RegKey + "\WindowsFirewall\DomainProfile\AuthorizedApplications\List")).ValueCount -eq 0 -and (Get-Item -Path($RegKey + "\WindowsFirewall\DomainProfile\AuthorizedApplications\List")).SubKeyCount -eq 0)
{
Remove-Item -Path($RegKey + "\WindowsFirewall\DomainProfile\AuthorizedApplications\List")
If( (Get-Item -Path($RegKey + "\WindowsFirewall\DomainProfile\AuthorizedApplications")).ValueCount -eq 0 -and (Get-Item -Path($RegKey + "\WindowsFirewall\DomainProfile\AuthorizedApplications")).SubKeyCount -eq 0)
{
 Remove-Item -Path($RegKey + "\WindowsFirewall\DomainProfile\AuthorizedApplications")
 If( (Get-Item -Path($RegKey + "\WindowsFirewall\DomainProfile")).ValueCount -eq 0 -and (Get-Item -Path($RegKey + "\WindowsFirewall\DomainProfile")).SubKeyCount -eq 0)
 {
  Remove-Item -Path($RegKey + "\WindowsFirewall\DomainProfile")
  If( (Get-Item -Path($RegKey + "\WindowsFirewall")).ValueCount -eq 0 -and (Get-Item -Path($RegKey + "\WindowsFirewall")).SubKeyCount -eq 0)
  {
   Remove-Item -Path($RegKey + "\WindowsFirewall")
  }
 }
}
}
Up Back PowerShell Script