Add SetupScriptLabo.ps1
This commit is contained in:
239
SetupScriptLabo.ps1
Normal file
239
SetupScriptLabo.ps1
Normal file
@@ -0,0 +1,239 @@
|
||||
# Activate windows
|
||||
irm https://massgrave.dev/get | iex
|
||||
|
||||
#Download temp files
|
||||
$tmpPath = Join-Path $env:LOCALAPPDATA "Temp"
|
||||
|
||||
$filesToDownload = @(
|
||||
@{
|
||||
Url = "https://winstars.net/files/version3/winstars_installer.exe"
|
||||
FileName = "winstars_installer.exe"
|
||||
},
|
||||
@{
|
||||
Url = "https://cosphilog.fr/tectoglob3d/Tectoglob3D-win32-ia32.zip"
|
||||
FileName = "Tectoglob3D-win32-ia32.zip"
|
||||
},
|
||||
@{
|
||||
Url = "https://web.archive.org/web/20161115042325/http://extranet.saintjosephtoulouse.org/labo/Files/64_sismolog.sfx.exe"
|
||||
FileName = "Sismolog.exe"
|
||||
},
|
||||
@{
|
||||
Url = "http://acces.ens-lyon.fr/acces/logiciels/applications/tectoglob/Tectoglob_11_complet.zip/at_download/file"
|
||||
FileName = "Tectoglob_11_complet.zip"
|
||||
},
|
||||
@{
|
||||
Url = "http://svt.janzac.free.fr/logiciels/respipoisson/respipoisson.exe"
|
||||
FileName = "Respipoisson.exe"
|
||||
},
|
||||
@{
|
||||
Url = "https://regressi.fr/wp-zip/regressi-mpeg-setup.msi"
|
||||
FileName = "regressi-mpeg-setup.msi"
|
||||
},
|
||||
@{
|
||||
Url = "http://labocharlemagne.free.fr/logiciels/regavi.zip"
|
||||
FileName = "regavi.zip"
|
||||
},
|
||||
@{
|
||||
Url = "https://cdn.discordapp.com/attachments/704760633379389533/1163787807723094037/Radiochr_08.exe"
|
||||
FileName = "Radiochr.exe"
|
||||
},
|
||||
@{
|
||||
Url = "http://acces.ens-lyon.fr/acces/thematiques/evolution/logiciels/phylogene/telechargement-eleves/Phylogene-Lycee-2021.zip"
|
||||
FileName = "Phylogene-Lycee-2021.zip"
|
||||
},
|
||||
@{
|
||||
Url = "http://philippe.cosentino.free.fr/productions/paleoterre/paleoterre_el32.zip"
|
||||
FileName = "paleoterre_el32.zip"
|
||||
},
|
||||
@{
|
||||
Url = "http://acces.ens-lyon.fr/logiciels/EduAnat2/Eduanat2%20Setup%202.0.0.exe"
|
||||
FileName = "Eduanat2_Setup_2.0.0.exe"
|
||||
},
|
||||
@{
|
||||
Url = "https://www.pedagogie.ac-nice.fr//svt/productions/flash/couvac/couvac_exe.zip"
|
||||
FileName = "couvac_exe.zip"
|
||||
},
|
||||
@{
|
||||
Url = "https://acdusdownload.s3.amazonaws.com/ACDLabs202311_ChemSketch_FInstall.zip"
|
||||
FileName = "ACDLabs202311_ChemSketch_FInstall.zip"
|
||||
}
|
||||
)
|
||||
|
||||
foreach ($fileInfo in $filesToDownload) {
|
||||
$filePath = Join-Path $tmpPath $fileInfo.FileName
|
||||
|
||||
if (-not (Test-Path -Path $filePath -PathType Leaf)) {
|
||||
Invoke-WebRequest -Uri $fileInfo.Url -OutFile $filePath
|
||||
}
|
||||
}
|
||||
|
||||
Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))
|
||||
|
||||
# Setup users
|
||||
Set-LocalUser -Name "Eleve" -PasswordNeverExpires $true -UserMayChangePassword $false -Password ([securestring]::new())
|
||||
$SecurePassword = ConvertTo-SecureString -String "IPRprof2398" -AsPlainText -Force
|
||||
Set-LocalUser -Name "Prof" -PasswordNeverExpires $true -UserMayChangePassword $false -Password $SecurePassword
|
||||
$SecurePassword = ConvertTo-SecureString -String "Lprsnm4ehk26-" -AsPlainText -Force
|
||||
Set-LocalUser -Name "Admin" -PasswordNeverExpires $true -Password $SecurePassword
|
||||
|
||||
|
||||
# Function to load a user's HKU registry hive
|
||||
function UserReg {
|
||||
param (
|
||||
[string] $Username
|
||||
)
|
||||
$UserProfiles = Get-WmiObject Win32_UserProfile | Where-Object { $_.Special -eq $false }
|
||||
$UserProfile = $UserProfiles | Where-Object { $_.LocalPath.EndsWith("\$Username") }
|
||||
if ($UserProfile -ne $null) {
|
||||
$UserSID = $UserProfile.SID
|
||||
$HivePath = Join-Path -Path $UserProfile.LocalPath -ChildPath "NTUSER.DAT"
|
||||
return $UserSID, "Registry::HKEY_USERS\$UserSID"
|
||||
} else {
|
||||
Write-Host "User profile for $Username not found."
|
||||
return $null, $null
|
||||
}
|
||||
}
|
||||
|
||||
function SetRegistry {
|
||||
param (
|
||||
[string] $regpath,
|
||||
[string] $regproperty
|
||||
)
|
||||
|
||||
if( -not (Test-Path -Path $regpath -PathType Container) ) {
|
||||
New-Item -Path $regpath -Force -ItemType Registry
|
||||
New-ItemProperty -Path $regpath -Name $regproperty -Value 1 -PropertyType DWord
|
||||
}
|
||||
else {
|
||||
$RegistryItem = Get-ItemProperty -Path $regpath
|
||||
if ($RegistryItem.PSObject.Properties.Name -contains $regproperty) {
|
||||
Set-ItemProperty -Path $regpath -Name $regproperty -Value 1
|
||||
} else {
|
||||
New-ItemProperty -Path $regpath -Name $regproperty -Value 1 -PropertyType DWord
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$TargetUsername = "Eleve"
|
||||
$UserSID, $UserHKUPath = UserReg -Username $TargetUsername
|
||||
# Add restriction
|
||||
if ($UserSID -ne $null -and $UserHKUPath -ne $null) {
|
||||
# Restrict access to Settings
|
||||
$ControlPanelKeyPath = "$UserHKUPath\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer"
|
||||
$ControlPanelValueName = "NoControlPanel"
|
||||
SetRegistry -regpath $ControlPanelKeyPath -regproperty $ControlPanelValueName
|
||||
|
||||
# Disable access to regedit
|
||||
$REGKeyPath = "$UserHKUPath\Software\Microsoft\Windows\CurrentVersion\Policies\System"
|
||||
$REGValueName = "DisableRegistryTools"
|
||||
SetRegistry -regpath $REGKeyPath -regproperty $REGValueName
|
||||
|
||||
# Restrict access to Command Prompt
|
||||
$CMDKeyPath = "$UserHKUPath\Software\Policies\Microsoft\Windows\System"
|
||||
$CMDValueName = "DisableCMD"
|
||||
SetRegistry -regpath $CMDKeyPath -regproperty $CMDValueName
|
||||
|
||||
# Add entries to DisallowRun for cmd.exe and powershell.exe
|
||||
$DisallowRunKeyPath = "$UserHKUPath\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer"
|
||||
$DisallowRunValueName = "DisallowRun"
|
||||
SetRegistry -regpath $DisallowRunKeyPath -regproperty $DisallowRunValueName
|
||||
Write-Host (Get-ItemProperty -Path "$UserHKUPath\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun")
|
||||
|
||||
$DisallowRunPath = "$UserHKUPath\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun"
|
||||
$applications = @("cmd.exe", "powershell.exe", "powershell_ise.exe")
|
||||
Get-ItemProperty -Path $DisallowRunPath | ForEach-Object {
|
||||
Remove-ItemProperty -Path $DisallowRunPath -Name $_.PSObject.Properties.Name -ErrorAction SilentlyContinue
|
||||
}
|
||||
foreach ($valueName in $applications) {
|
||||
New-ItemProperty -Path $DisallowRunPath -Name $valueName -Value $valueName -PropertyType String
|
||||
}
|
||||
} else {
|
||||
Write-Host "Unable to get the user's HKU registry."
|
||||
}
|
||||
|
||||
|
||||
function InstallMsi {
|
||||
param (
|
||||
[string] $app
|
||||
)
|
||||
$msiFilePath = Join-Path -Path $tmpPath -ChildPath $app
|
||||
Start-Process -FilePath "msiexec.exe" -ArgumentList "/i `"$msiFilePath`" /qn" -Wait
|
||||
}
|
||||
|
||||
function InstallExeSetup {
|
||||
param (
|
||||
[string] $app
|
||||
)
|
||||
Start-Process -FilePath $(Join-Path $tmpPath $app) -ArgumentList "/allusers /s" -Wait
|
||||
}
|
||||
|
||||
function InstallExe {
|
||||
param (
|
||||
[string] $app
|
||||
)
|
||||
$appName = [System.IO.Path]::GetFileNameWithoutExtension($app)
|
||||
|
||||
$targetPath = Join-Path $env:ProgramFiles $appName
|
||||
if (-not (Test-Path -Path $targetPath -PathType Container)) {
|
||||
New-Item -Path $targetPath -ItemType Directory
|
||||
}
|
||||
$appFilePath = Join-Path $tmpPath $app
|
||||
Copy-Item -Path $appFilePath -Destination $targetPath -Force
|
||||
createShortcut -exe $appFilePath -app $appName
|
||||
}
|
||||
|
||||
function InstallZip {
|
||||
param (
|
||||
[string] $zip
|
||||
[string] $exe
|
||||
[string] $app
|
||||
)
|
||||
$zipName = [System.IO.Path]::GetFileNameWithoutExtension($zip)
|
||||
|
||||
Expand-Archive -Path (Join-Path $tmpPath $zip) -DestinationPath $env:ProgramFiles -Force
|
||||
Move-Item -Path $(Join-Path $env:ProgramFiles $zipName) -Destination $(Join-Path $env:ProgramFiles $app)
|
||||
createShortcut -exe $(Join-Path $env:ProgramFiles $app $exe) -app $app
|
||||
}
|
||||
|
||||
function createShortcut {
|
||||
param (
|
||||
[string] $exe
|
||||
[string] $app
|
||||
)
|
||||
$shell = New-Object -ComObject WScript.Shell
|
||||
$shortcut = $shell.CreateShortcut($(Join-Path $env:PUBLIC "Desktop\$app.lnk"))
|
||||
$shortcut.TargetPath = $exe
|
||||
$shortcut.IconLocation = $exe
|
||||
$shortcut.WorkingDirectory = (Get-Item $exe).DirectoryName
|
||||
$shortcut.Save()
|
||||
}
|
||||
|
||||
# Installing needed apps
|
||||
choco upgrade all -y
|
||||
choco install dotnet -y
|
||||
choco install vcredist-all -y
|
||||
choco install firefox -y
|
||||
choco install 7zip -y
|
||||
choco install onlyoffice -y
|
||||
choco install googleearthpro -y
|
||||
choco install adobereader -y
|
||||
choco install sublimetext4 -y
|
||||
choco install vlc -y
|
||||
choco install audacity -y
|
||||
choco install avogadro -y
|
||||
choco install arduino -y --install-arguments="/allusers" --force
|
||||
|
||||
# Regressi
|
||||
InstallExeSetup -app "winstars_installer.exe"
|
||||
InstallZip -zip "Tectoglob3D-win32-ia32.zip" -exe "Tectoglob3D.exe" -app "Tectoglob3D"
|
||||
InstallExe -app "Sismolog.exe"
|
||||
InstallZip -zip "Tectoglob_11_complet.zip" -exe "TectoGlob.exe" -app "TectoGlob"
|
||||
InstallExe -app "Respipoisson.exe"
|
||||
InstallMsi -app "regressi-mpeg-setup.msi"
|
||||
InstallZip -zip "regavi.zip" -exe "regavi.exe" -app "Regavi"
|
||||
|
||||
|
||||
# Update Windows
|
||||
Install-Module -Name PSWindowsUpdate -Force
|
||||
Get-WindowsUpdate -ForceInstall
|
||||
Install-WindowsUpdate -AcceptAll -AutoReboot
|
||||
Reference in New Issue
Block a user