Discussion: Network Discovery

[Hellbovine]

I'm trying to figure out which registry key is responsible for a scenario when I install Windows 10 without internet. At the desktop if you plug in the ethernet cable it will suddenly give you a very finicky pop-up that asks about network discovery and quickly disappears if you click somewhere else.

What I'm trying to do is find the registry key responsible for this pop-up, so that it prevents it from appearing at all, and just automatically chooses "No" for me, silently in the background. I've tried using registry compare tools, but because this setup process is also manipulating tons of other keys at the same time, I'm not confident in which one I'm looking for.

The other issue I have with this automated network configuration is that it also takes it upon itself to enable your firewall, even if you've manually disabled it prior to plugging in the ethernet cable, and furthermore even if you use a group policy key, it still ignores everything and enables the firewall anyway. I'd like to prevent this from happening as well.

UPDATE (AUGUST 31ST, 2023)

Spoiler: click here to reveal text

In the future I might convert this discussion into a guide, but right now I'm trying to focus on releasing version 2.0 of my Optimized Image guide, so this thread is on hold for the moment.

I ended up finding a full solution to everything I needed, but it's several different keys since you have to tweak both the network setup, as well as the firewall, and I would need to test it all again as a standalone set of tweaks to ensure that it works properly without all the numerous other tweaks I have on my custom image where I am using this network tweak.

For people that need this now, the TenForums link that Garlin posted will solve half of it, then to stop the firewall from enabling itself you have to manipulate some other keys. There are 3 dword keys labeled, "EnableFirewall" inside the registry path of \Defaults\FirewallPolicy\ which need to be set to 0 in order for Windows to truly default the Firewall to the off setting, and this stops nagging users to turn it back on too.

Also, keep in mind during this thread it was discovered that the firewall service must be enabled while toggling settings and experimenting or else many of the tweaks do not work properly. After all the tweaks you need are compiled and tested, then you can install them and disable the firewall service afterwards (if desired) and everything should work correctly in that scenario.

 

[garlin]

https://www.tenforums.com/tutorials/49652-turn-off-network-discovery-windows-10-a.html#option3

 

[Hellbovine]

I completely forgot to check TenForums, I should know better. I think I got distracted with my multitasking, since I'm also installing an ISO on a few computers. Thank you, I'll report back with the conclusion so that other people with the same question can see the results.

 

[garlin]

https://www.tenforums.com/tutorials...t-defender-firewall-windows-10-a.html#option4

Technically they're all saved as reg keys, but netsh is more readable.

 

[Hellbovine]

It's solved now, thank you. It turns out that because I had the Windows Defender Firewall service stopped, it wasn't allowing me to make any changes. Even when I opened up the network and sharing settings page and tried to use a registry compare tool in there, it wasn't ever saving my settings or changing the registry. Enabling the service again made it all work as intended.

I was expecting to see an error or some text on the saying, "This service has been disabled..." like it does on the Indexer page when that service is disabled. There's definitely some room for improvement here on Microsoft's side.

 

[Hellbovine]

If anyone has a TenForum's account (I don't), they may want to let Brink know that article could be updated to include the Windows Defender Firewall in his list of services that must be enabled first.

 

[garlin]

If anyone has a Tenforum's account (I don't), they may want to let Brink know that article could be updated to include the Windows Defender Firewall in his list of services that must be enabled first.

I blame you.
https://www.tenforums.com/tutorials...ery-windows-10-a-post2456825.html#post2456825

 

[Deleted member 8142]

i never had that kind of popup ciz i remove all firewall rules right after installation via pwsh command then add my 11 custom rules via netsh advfirewall.
then set firewall policy to block all incoming & outgoing except those 11 rules plus show a notification wjen something want to connect to tcp .

 

[404]

Was it ever found where the registry key for Network Discovery is, or, more specifically; for all of the settings for all "Advanced sharing settings (Control Panel)?

Reason I ask is because I have all the Windows Defender and Firewall services disabled; so commands like "Get-NetFirewallRule" and "netsh advfirewall firewall set rule group="Network Discovery" new enable=no" don't work.

If I temporarily enable these services; I can of course change these options; but once the services are disabled again these options go right back to being stuck to "on" in Control Panel.

(I do want some of them on btw, but not all.)

 

[Hellbovine]

The network discovery pop-up on the desktop after a clean install can be hidden with this tweak:

Spoiler: click here to reveal text

; Taskbar > Do you want to allow your PC to be discoverable... > No
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff]

If the firewall service (mpssvc) is disabled then the control panel networking settings are ignored, it's not just a visual/cosmetic bug. The firewall service is what handles the control panel networking sharing page and without an active service there's no entity to enforce those settings. In other words, changing network discovery options doesn't do anything if you're also going to disable the firewall service, since they're interconnected.

I use the Optimized Image (link) which has all Defender and firewall (domain, public, private) features disabled, the firewall service (mpssvc) enabled, network discovery pop-up gone, and many others. I've had no issues, and I'm a competitive gamer. Typically, when people say they want Defender/Firewall disabled they end up being a gamer too, so that link is my recommendation to those interested in performance and latency.

 

[404]

The network discovery pop-up on the desktop after a clean install can be hidden with this tweak:

Spoiler: click here to reveal text

; Taskbar > Do you want to allow your PC to be discoverable... > No
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff]

If the firewall service (mpssvc) is disabled then the control panel networking settings are ignored, it's not just a visual/cosmetic bug. The firewall service is what handles the control panel networking sharing page and without an active service there's no entity to enforce those settings. In other words, changing network discovery options doesn't do anything if you're also going to disable the firewall service, since they're interconnected.

I use the Optimized Image (link) which has all Defender and firewall (domain, public, private) features disabled, the firewall service (mpssvc) enabled, network discovery pop-up gone, and many others. I've had no issues, and I'm a competitive gamer. Typically, when people say they want Defender/Firewall disabled they end up being a gamer too, so that link is my recommendation to those interested in performance and latency.

Cheers! I was wondering if it was just a visual bug or not.

Moving forward will probably just re-enable these things (I use privaxy.sexy) as it's caused a few problems with other things as well.