Question 285214 in Azure Question posted in
The official documentation to get you started can be found here.

Azure – Invoke-AzVMRunCommand does not return the expected value when running Get-NetFirewallProfile

I am trying to use the Invoke-AzVMRunCommand on a VM in my Azure subscription.

My powershell looks like this

Invoke-AzVMRunCommand -VMName $vm.Name -ResourceGroupName $vm.ResourceGroupName -CommandId 'RunPowerShellScript' -ScriptPath $scriptPath

With the script in my $scriptPath looking like this

Get-NetFirewallProfile | ConvertTo-Csv

When running this however, the response seems to tell me that the windows firewall is enabled, even though I know for a fact it is not.

The ConvertTo-Csv is required for other parts of my script to function as needed, as Invoke-AzVMRunCommand returns a string object, which isn’t too useful. Even without this however I still don’t get the correct response

Does anybody know of any reason as to why this might be?

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    So the commands I was running check different areas of the registry from the GUI.

    GUI: HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsFirewallDomainProfile

    CMDLETS: HKLM:SYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile

    This is where the issue came from.

    If you have this issue, but sure to check both registry entries


  2. 0

    Invoke-AzVMRunCommand does not return the expected value when running Get-NetFirewallProfile

    To check the status of the firewall status from remote computer with Invoke-AzVMRunCommand, you can use the below command in your script to show the details in a table format, instead of using Get-NetFirewallProfile | ConvertTo-Csv

    Get-NetFirewallProfile | Select-Object Name, Enabled

    Here is the result of above command.

    enter image description here

    If you want to check all the details of the Windows firewall, you can use the following command:

    $firewall = Get-NetFirewallProfile

    Alternatively, if you only need to check the name and the firewall status, you can use the command above.

    Script path

    $FilePath = "C:UsersVenkatDesktopFirewall.csv"
$firewall = Get-NetFirewallProfile
$firewall | Export-Csv -Path $FilePath -NoTypeInformation

    Here is a script that executes scriptpath on a remote machine.

    Connect-AzAccount
Get-AzVM -name "venaktvm"
$scriptpath = "xxxxxxxxxxFirewall.ps1" 
Invoke-AzVMRunCommand -ResourceGroupName "VM-RG-Name" -Name "VM-NAME"  -CommandId 'RunPowerShellScript' -ScriptPath $scriptpath

    Result:
    enter image description here

    Firewall details have been exported to CSV

    enter image description here

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search