(201) Microsoft Intune - Network discovery is turned off

A customer reached out to me last night where one of their higher executives were having difficulity connecting to the the mapped drives, and she discovered that 'Network discovery is turned off. Network computers and devices are not visible. Click to change...'

The easiest would to deploy a PowerShell script with the following:

Apply to all network profiles:

Set-NetFirewallRule -Group '*-32752*' -Enabled 'True'

Apply to 'Domain' network profile:

Get-NetFirewallRule -Group '*-32752*' | Where-Object 'Profile' -Match 'Domain' | Set-NetFirewallRule -Enabled 'True'

Apply to 'Private' network profile:

Get-NetFirewallRule -Group '*-32752*' | Where-Object 'Profile' -Match 'Private' | Set-NetFirewallRule -Enabled 'True'​

Apply to 'Public' network profile:

Get-NetFirewallRule -Group '*-32752*' | Where-Object 'Profile' -Match 'Public' | Set-NetFirewallRule -Enabled 'True'

All PowerShell scripts can be found here in my Github repo.

All Remediation scripts can be found here in my Github repo:

• To apply to all network profiles

• To apply to 'Domain network profile'

• To apply to 'Private network profile'

• To apply to 'Public network profile'

With PowerShell scripts, it will take a few triggers from Company Portal or the Intune portal to get that device to run, so I thought why not do a one click option - remediation scripts:

Detect.ps1

# Search for rules matching the specific group pattern
$Rules = Get-NetFirewallRule -Group '*-32752*' -ErrorAction SilentlyContinue

if ($null -eq $Rules) {
    Write-Host "No rules found matching the group pattern."
    exit 1 # Trigger remediation if rules don't exist (optional, depending on your goal)
}

# Check if any of the rules are currently disabled
$DisabledRules = $Rules | Where-Object { $_.Enabled -eq 'False' }

if ($DisabledRules) {
    Write-Host "Found $($DisabledRules.Count) disabled firewall rules."
    exit 1 # Non-compliant, trigger Remediation
} else {
    Write-Host "All relevant firewall rules are enabled."
    exit 0 # Compliant, do nothing
}

Remediate.ps1

try {
    # Attempt to enable the rules
    Set-NetFirewallRule -Group '*-32752*' -Enabled 'True' -ErrorAction Stop
    Write-Host "Successfully enabled firewall rules for group: *-32752*"
    exit 0
}
catch {
    Write-Error "Failed to enable firewall rules: $($_.Exception.Message)"
    exit 1
}

Once you trigger it from Intune to run the newly added remediation script - it will show as succeeded

Now that message no longer appears and is enabled: