- Pip install Boto3 - Thu, Mar 24 2022
- Install Boto3 (AWS SDK for Python) in Visual Studio Code (VS Code) on Windows - Wed, Feb 23 2022
- Automatically mount an NVMe EBS volume in an EC2 Linux instance using fstab - Mon, Feb 21 2022
If you try to enable PowerShell remoting on a PowerShell console with Enable-PSRemoting ‑Force, you will sometimes receive the error message below:
WinRM firewall exception will not work
Set-WSManQuickConfig : ... WinRM firewall exception will not work since one of the network connection types on this machine is set to Public. Change the network connection type to either Domain or Private and try again. ...
The reason is that the computer will allow connections with other devices in the same network if the network connection type is Public. Microsoft considers it as a security risk if you enable PowerShell remoting in a Public network.
You can verify your current connection type settings in the Control Panel: Control Panel\Network and Internet\Network and Sharing Center
Viewing networking connection type in the Control Panel
You can also check your profile settings with the PowerShell cmdlet Get-NetConnectionProfile. The NetworkCategory property corresponds to the network connection type.
Displaying the network connection type with PowerShell
This problem can even occur if your computer is an Active Directory member. If you've previously signed on to the member machine, Windows will cache your credentials, and you can log on without an available domain controller. In that case, Windows will automatically set your connection type to Public.
If a domain controller has authenticated you, it will set the network category to DomainAuthenticated:
NetworkCategory is set to DomainAuthenicated
Skipping the network profile check
In this case, PowerShell won't throw an error if you enable remoting. However, if a domain controller hasn't authenticated your computer, you have two options.
With the SkipNetworkProfileCheck parameter, you can just ignore the warning:
Enable-PSRemoting -SkipNetworkProfileCheck -Force
The Force parameter avoids the confirmation prompt.
Using the SkipNetworkProfileCheck parameter
Changing the network connection type with PowerShell
However, this option poses a security risk because Windows enables network discovery features for your computer. Thus, it is better to change the connection type manually to Private:
Set-NetConnectionProfile -NetworkCategory Private
Changing the network connection type to private
Notice that you can't set the NetworkCategory property to DomainAuthenticated. If you try, PowerShell will return an error:
Set-NetConnectionProfile : Unable to set NetworkCategory to 'DomainAuthenticated'. This NetworkCategory type will be set automatically when authenticated to a domain network.
Notice that if your computer is not a domain member, you have to consider a few other things if you enable PowerShell remoting.
Hi,
Is there any way how can WinRM run on Public profile?
It looks that Enable-PSRemoting -SkipNetworkProfileCheck does not help. After running it says that everything is ok, but “winrm quickconfig” returns WinRM firewall exception will not work since one of the network connection types on this machine is set to Public
Thanks
We have VM with W10.1909, 1 interface DomainAuthenticated, winrm qc returns error 0x80338169.
Enable-PSRemoting -SkipNetworkProfileCheck worked, but why no previously – some explanation?
Thanks.
Because the network connection types on this machine was set to Public?
No, there is only one network connection showing ConnectionType as DomainAuthenticated (Domain Network in NetworkSharingCenter), and still error. Why? (Your solution solved it, but I would know why error when there is no Public Profile).
Thanks. R.H.
If -SkipNetworkProfileCheck worked, then the network connection type most likely was set to Public. Sometimes this happens with domain joined machines if the connection to the domain controllers is lost. Even if the DCs are available again the setting can still be in the cache. Considering how unreliable Microsoft software is these days, it can also be a bug.
Thanks, this command solved my problem
Excellent! Sending you many blessings! Thank you!