Microsoft Teams Windows Firewall pop up
Issue : Microsoft Teams client is showing prompt “Windows Firewall has blocked some features of this app” even after adding Windows Firewall Rules. Issue is explained in the article https://docs.microsoft.com/en-us/microsoftteams/get-clients but no resolution.
Jesse Walter commented
Launch the Task Manager, click the “Startup” tab, locate “Microsoft Teams” in the list, and click “Disable.” To open the Task Manager, right-click the Windows taskbar and select “Task Manager.” You can also press Ctrl+Shift+Esc. You can also uninstall the Teams software if you don't want to use it.
Hope this information is helpful to you
Seriously this needs to get fixed. The entire installation process is a mess. This will result in many needless helpdesk tickets from our user base.
Jonathan Mpofu commented
Please remove this popup for teams to even need to open firewall ports
Looks like Dawid's suggestion from 25 March might be the solution. I wish he had been a little more detailed on the instructions as to the GPO path to add the rules but I think I have figured it out. If it does not work I'll be back.
@Patrik DAve That's what people do today today which is cumbersome as it has to be run per-user while the installer is run per-machine which means you will have to use an additional deployment method.
It shouldn't be necessary to deploy an extra script for each user that logs in when the MSI could have taken care of it in the first place. The MSI is flawed.
Pratik DAve commented
If you want to prevent Teams from prompting users to create firewall rules when the users make their first call from Teams, use the Sample PowerShell script - inbound firewall rule below.
I think this problem should be escalated immediately. No need for review for 1 year.. get it done.
If user voice is not enough to get a serious issue acknowledge, then what other way do we have?
We are forced to migrate to Teams because of the end of life of Skype Online. But Teams is not ready for production. It is lacking features such has spellchecking in other languages than the installed language. Our department does exactly that.. enforce Canadian Official languages.
We protect our environment following MS recommendations, so users do no have the permissions to allow the connection. This is a huge problem and oversight from Microsoft.
Benjamin Ogier commented
Chris Garris commented
Why does Teams embed executables in the User Profile path? That makes it a PITA to create GPO FW exclusions....
Paul Jackson commented
With the amount of advertising MS are doing and the number of companies taking this up us included surly they would have resolved this by now!
Aaron Marks commented
Can we please just remove the need for Teams to even need to open firewall ports?
Disable Windows Firewall Notification for all Profiles via GPO as my solution. No need to deploy any powershell.
Rick Chahal commented
We've been using teams for a couple of years and supprised that there's no Group policy feature that allows this through teams. We had to go through powershell to do this constaint deployment. I feel bad for any admins out there that don't have sccm with high number of pc's/laptops to allow this feature via powershell.
I can see a lot of admins requiring this through group policies since it's just a one time setup instead of managing this on a script basis.
Does your Macbook block access when you plug in your iPhone????? Holy **** MS ... get your s**t together!!!
oh come off it let's make this happen MS!!!!
Ben Matthews commented
We wrote up a batch script that essentially does the same thing as Microsoft's PS script, but it can be run as a logon script as it recreates the rule whenever a user logs in so you don't have to re-run the script every time there is a new user.
FOR /D %%G in ("*") DO netsh advfirewall firewall delete rule name="Teams %%~nxG"
FOR /D %%G in ("*") DO netsh advfirewall firewall add rule name="Teams %%~nxG" dir=in action=allow program="C:\Users\%%~nxG\AppData\Local\Microsoft\Teams\Current\Teams.exe" enable=yes
Michael Mardahl commented
For those using Intune, I have not had good results with use of %userlogon% or similar variables in firewall rules.
Instead I created a Powershell solution, that you can read about here:
It's not the only solution, but it works.
Sameer Sheikh commented
I have developed a Powershell script to work around this issue after finding other suggestions lacking in our mixed environment for one reason or another. It works in RDS+UPDs and both on and off network laptops once the GPO applies.
I'd like a few testers to see if it works more broadly before putting it out there publicly. If there are any takers, shoot me an email at firstname.lastname@example.org
Really disappointed on how Microsoft is handling this issue, smh.