What firewall rules must be enabled on a client for remote Group Policy update via `Invoke-GPUpdate`?

Question

What firewall rules must be enabled on a client for remote Group Policy update via `Invoke-GPUpdate`?

Accepted Answer

The client’s firewall must allow the following inbound connections: Remote Scheduled Tasks Management (RPC), Remote Scheduled Tasks Management (RPC-ERMAP), and Windows Management Instrumentation (WMI-IN). Without these rules, the `Invoke-GPUpdate -Computer` command will fail to force a remote policy refresh.

What firewall rules must be enabled on a client for remote Group Policy update via `Invoke-GPUpdate`?

Explore More Q&A