Microsoft Teams Windows Firewall pop up
Issue : Microsoft Teams client is showing prompt “Windows Firewall has blocked some features of this app” even after adding Windows Firewall Rules. Issue is explained in the article https://docs.microsoft.com/en-us/microsoftteams/get-clients but no resolution.
I actually think I've found the solution.
create a firewall rule that blocks everything, but deactivate it:
New-NetFirewallRule -DisplayName "Teams.exe" -Program "%LocalAppData%\Microsoft\Teams\current\Teams.exe" -Profile Domain,Private,Public -Description "Teams.exe" -Group "Teams" -Direction Inbound -Protocol TCP -Action Block -Enabled false -EdgeTraversalPolicy Block
New-NetFirewallRule -DisplayName "Teams.exe" -Program "%LocalAppData%\Microsoft\Teams\current\Teams.exe" -Profile Domain,Private,Public -Description "Teams.exe" -Group "Teams" -Direction Inbound -Protocol UDP -Action Block -Enabled false -EdgeTraversalPolicy Block
ps: unbelievable what an administrator has to come up with because Microsoft is too stupid to offer a clean software solution :(
our users do not have administrator rights and cannot grant this firewall approval.
the unbelievable is that this pop up also appears although the necessary firewall rules have already been set by us administrators.
new-NetFirewallRule -DisplayName "Teams.exe" -Program "%LocalAppData%\Microsoft\Teams\current\Teams.exe" -Profile Domain,Private,Public -Description "Teams.exe" -Group "Teams" -Direction Inbound -Protocol TCP -Action Allow -EdgeTraversalPolicy DeferToUser
new-NetFirewallRule -DisplayName "Teams.exe" -Program "%LocalAppData%\Microsoft\Teams\current\Teams.exe" -Profile Domain,Private,Public -Description "Teams.exe" -Group "Teams" -Direction Inbound -Protocol UDP -Action Allow -EdgeTraversalPolicy DeferToUser
the firewall pop up from Teams apparently always appears, regardless of whether there are firewall problems or not.
now all users have to constantly click away these messages and cannot use teams 100%.
@microsoft: what a ****!
Zdenek Valenta commented
Mac OS X (Catalina 10.15.7) firewall blocked MS Teams today (Microsoft Teams Version 1.3.00.362, last updated on 14/10/2020) from sharing the screen, even though the Teams were allowed Screen sharing under the OS X system permissions. I had to turn off the firewall to fix the problem, but this looks like a serious security glitch on the part of MS Teams. Having turned the firewall off, in a matter of minutes I experienced an attack on my computer which was only denied with the help of Norton 360 so that an intruding computer was blocked (i.e., hopefully).
JOn C commented
A GPO or workaround for the firewall exception would be nice. This is a pain for the sys admins
Hi MS ... can you please fix this? Thanks
Another reason why Teams is not enterprise ready
Zoom has a real machine based installer that doesn't install during logon per user, can manage the updates and has one firewall rule that can be managed in GP with out dodgy scripts
Please fix it, we are being flooded with tickets
@Jesse Walter: Who do you think you're helping with that comment?
Jesse Walter commented
Launch the Task Manager, click the “Startup” tab, locate “Microsoft Teams” in the list, and click “Disable.” To open the Task Manager, right-click the Windows taskbar and select “Task Manager.” You can also press Ctrl+Shift+Esc. You can also uninstall the Teams software if you don't want to use it.
Hope this information is helpful to you
Seriously this needs to get fixed. The entire installation process is a mess. This will result in many needless helpdesk tickets from our user base.
Jonathan Mpofu commented
Please remove this popup for teams to even need to open firewall ports
Looks like Dawid's suggestion from 25 March might be the solution. I wish he had been a little more detailed on the instructions as to the GPO path to add the rules but I think I have figured it out. If it does not work I'll be back.
@Patrik DAve That's what people do today today which is cumbersome as it has to be run per-user while the installer is run per-machine which means you will have to use an additional deployment method.
It shouldn't be necessary to deploy an extra script for each user that logs in when the MSI could have taken care of it in the first place. The MSI is flawed.
Pratik DAve commented
If you want to prevent Teams from prompting users to create firewall rules when the users make their first call from Teams, use the Sample PowerShell script - inbound firewall rule below.
I think this problem should be escalated immediately. No need for review for 1 year.. get it done.
If user voice is not enough to get a serious issue acknowledge, then what other way do we have?
We are forced to migrate to Teams because of the end of life of Skype Online. But Teams is not ready for production. It is lacking features such has spellchecking in other languages than the installed language. Our department does exactly that.. enforce Canadian Official languages.
We protect our environment following MS recommendations, so users do no have the permissions to allow the connection. This is a huge problem and oversight from Microsoft.
Benjamin Ogier commented
Chris Garris commented
Why does Teams embed executables in the User Profile path? That makes it a PITA to create GPO FW exclusions....
Paul Jackson commented
With the amount of advertising MS are doing and the number of companies taking this up us included surly they would have resolved this by now!
Aaron Marks commented
Can we please just remove the need for Teams to even need to open firewall ports?
Disable Windows Firewall Notification for all Profiles via GPO as my solution. No need to deploy any powershell.