Lightemerald/setup-script
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Reorganisation of the setup

Browse Source 
- Autounattend files moved to Autounattend folder
- WDAC files moved to WDAC folder
- Added WDAC check to setupScript
- Moved RDP to setupRDP
- Moved Activate to setupActivate
- Added online setup of Office with offline fallback
- Changed setupUsers to be more standard and allow customisation
- Added rastop setup
This commit is contained in:
Lightemerald
2024-01-29 10:20:09 +01:00
parent 216de49e8b
commit 820953e206
15 changed files with 280 additions and 174 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
autounattend TS.xml → Autounattend/autounattend TS.xml
View File

0
autounattend.xml → Autounattend/autounattend.xml
View File

BIN
Setup files/rastop.zip Normal file
View File

Binary file not shown.

0
{b4d6b24c-c3ad-44e5-9dea-72c1ed9577b8}.cip → WDAC/{b4d6b24c-c3ad-44e5-9dea-72c1ed9577b8}.cip
View File

0
{b4d6b24c-c3ad-44e5-9dea-72c1ed9577b8}.xml → WDAC/{b4d6b24c-c3ad-44e5-9dea-72c1ed9577b8}.xml
View File

68
setupActivate.ps1 Normal file
View File

@@ -0,0 +1,68 @@
function CheckWindowsActivation {
$osLicense = Get-CimInstance SoftwareLicensingProduct -Filter "Name like 'Windows%'" | where { $_.PartialProductKey } | select Description, LicenseStatus
if ($osLicense.LicenseStatus -eq 1) {
return $true
} else {
return $false
}
}
function CheckOfficeActivation {
$officeLicense = Get-CimInstance SoftwareLicensingProduct -Filter "Name like 'Office%'" | where { $_.PartialProductKey } | select Description, LicenseStatus
if ($officeLicense.LicenseStatus -eq 2) {
return $true
} else {
return $false
}
}
function DownloadScriptFromUrls {
param (
[string[]] $Urls
)
foreach ($url in $Urls) {
try {
$response = Invoke-WebRequest -Uri $url -UseBasicParsing
return $response
} catch {
Write-Host "Failed to download script from $url"
}
}
return $null
}
Function ActivateWindowsOffice {
[Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12
$DownloadURLs = @(
'https://git.justw.tf/Lightemerald/microsoft-activation-scripts/raw/branch/master/MAS/All-In-One-Version/MAS_AIO.cmd',
'https://raw.githubusercontent.com/massgravel/Microsoft-Activation-Scripts/master/MAS/All-In-One-Version/MAS_AIO.cmd',
'https://bitbucket.org/WindowsAddict/microsoft-activation-scripts/raw/master/MAS/All-In-One-Version/MAS_AIO.cmd'
)
$rand = Get-Random -Maximum 99999999
$isAdmin = [bool]([Security.Principal.WindowsIdentity]::GetCurrent().Groups -match 'S-1-5-32-544')
$FilePath = if ($isAdmin) { "$env:SystemRoot\Temp\MAS_$rand.cmd" } else { "$env:TEMP\MAS_$rand.cmd" }
$response = DownloadScriptFromUrls -Urls $DownloadURLs
$ScriptArgs = "$args "
$prefix = "@REM $rand `r`n"
$content = $prefix + $response
Set-Content -Path $FilePath -Value $content
Start-Process $FilePath $ScriptArgs -Wait
$FilePaths = @("$env:TEMP\MAS*.cmd", "$env:SystemRoot\Temp\MAS*.cmd")
foreach ($FilePath in $FilePaths) { Get-Item $FilePath | Remove-Item }
}
function SetupActivaton {
if (CheckWindowsActivation -eq $true -and CheckOfficeActivation -eq $true) {
Write-Host "Windows and Office are activated."
} else {
Write-Host "Windows and Office are not activated. Starting activation..."
ActivateWindowsOffice
}
}

7
setupApps.ps1
View File

@@ -125,8 +125,8 @@ function InstallApps {
switch ($Type) {
"Labo" {
InstallExeSetup -app "winstars_installer.exe" -skipIf "C:\Program Files\WinStars3"
#InstallZip -zip "Tectoglob3D-win32-ia32.zip" -exe "Tectoglob3D.exe" -app "Tectoglob3D"
#InstallZip -zip "Tectoglob_11_complet.zip" -exe "TectoGlob.exe" -app "TectoGlob"
InstallZip -zip "Tectoglob3D-win32-ia32.zip" -exe "Tectoglob3D.exe" -app "Tectoglob3D"
InstallZip -zip "Tectoglob_11_complet.zip" -exe "TectoGlob.exe" -app "TectoGlob"
InstallZip -zip "Sismolog.zip" -exe "Sismolog.exe" -app "Sismolog"
InstallExe -app "Respipoisson.exe"
InstallMsi -app "regressi-mpeg-setup.msi"
@@ -138,10 +138,11 @@ function InstallApps {
InstallZip -zip "Phylogene-Lycee-2021.zip" -exe "Programmes\Phylo.exe" -app "Phylogene"
InstallZip -zip "paleoterre_el32.zip" -exe "paleoTerre.exe" -app "PaleoTerre"
InstallExeSetup -app "Eduanat2_Setup_2.0.0.exe" -skipIf "C:\Program Files (x86)\Eduanat2"
InstallExe -app "Couvac.exe" -createSubfolder $true
InstallExe -app "Couvac.exe"
InstallZipMsi -zip "ChemSketch.zip" -msi "script.msi"
InstallZipMsi -zip "Anagene.zip" -msi "Anagene.msi"
InstallZip -zip "EduPython.zip" -exe "EduPython.exe" -app "EduPython"
InstallZip -zip "rastop.zip" -exe "RasTop.exe" -app "RasTop"
}
"Info" {
InstallMsi -app "EV3_Classroom_Windows_1.5.3_Global.msi"

125
setupOffice.ps1
View File

@@ -1,10 +1,46 @@
function CheckOfficeInstall {
function InstallOffice {
param (
[string] $mode
)
if ($mode -eq "offline") {
DownloadFiles -Type "Office"
$imagePath = Join-Path $tmpPath "O365ProPlusRetail.img"
Write-Host "Starting Microsoft Office Installation..."
if (Test-Path -Path $imagePath -PathType Leaf) {
$mountResult = Mount-DiskImage -ImagePath $imagePath -PassThru
$driveLetter = ($mountResult | Get-Volume).DriveLetter
$setupPath = "${driveLetter}:\Office\Setup64.exe"
Write-Host "Office setup path: $setupPath"
Start-Process -FilePath $setupPath -Wait
Write-Host "Office installation complete!"
} else {
Write-Host "Office setup files not found."
}
}
else if ($mode -eq "online") {
DownloadFiles -Type "Office-online"
$setupPath = Join-Path $tmpPath "OfficeSetup.exe"
Write-Host "Starting Microsoft Office Installation..."
if (Test-Path -Path $setupPath -PathType Leaf) {
Start-Process -FilePath $setupPath -Wait
Write-Host "Office installation complete!"
} else {
Write-Host "Office setup files not found."
}
}
else {
Write-Host "Invalid mode. Please choose 'online' or 'offline'."
}
}
function CheckIfOfficeIsInstalled {
$officeRegistryPath = "HKLM:\SOFTWARE\Microsoft\Office\ClickToRun"
if (Test-Path -Path $officeRegistryPath) {
$installedPath = Get-ItemProperty -Path $officeRegistryPath | Select-Object -ExpandProperty "InstallPath"
if ($installedPath) {
Write-Host "Microsoft Office is installed at: $installedPath"
if ($installedPath -like "C:\Program Files*") {
Write-Host "Office is installed as 64-bit."
} elseif ($installedPath -like "C:\Program Files (x86)*") {
@@ -15,88 +51,23 @@ function CheckOfficeInstall {
} else {
Write-Host "Microsoft Office is installed, but the path could not be determined."
}
} else {
Write-Host "Microsoft Office is not installed."
InstallOffice
}
$status = CheckActivation
if ($status -eq $false) {
Write-Host "Activating Windows and Office..."
ActivateWindowsOffice
}
Write-Host "Windows and Office activation complete!"
}
function CheckActivation {
$osLicense = Get-CimInstance SoftwareLicensingProduct -Filter "Name like 'Windows%'" | where { $_.PartialProductKey } | select Description, LicenseStatus
$officeLicense = Get-CimInstance SoftwareLicensingProduct -Filter "Name like 'Office%'" | where { $_.PartialProductKey } | select Description, LicenseStatus
# if both activated return true
if ($osLicense.LicenseStatus -eq 1 -and $officeLicense.LicenseStatus -eq 2) {
Write-Host "Windows and Office are activated."
return $true
} else {
Write-Host "Windows and Office are not activated."
return $false
}
}
function InstallOffice {
DownloadFiles -Type "Office"
$imagePath = Join-Path $tmpPath "O365ProPlusRetail.img"
Write-Host "Starting Microsoft Office Installation..."
if (Test-Path -Path $imagePath -PathType Leaf) {
$mountResult = Mount-DiskImage -ImagePath $imagePath -PassThru
$driveLetter = ($mountResult | Get-Volume).DriveLetter
$setupPath = "${driveLetter}:\Office\Setup64.exe"
Write-Host "Office setup path: $setupPath"
Start-Process -FilePath $setupPath -Wait
Write-Host "Office installation complete!"
function SetupOffice {
Write-Host "Setting up Microsoft Office..."
if (CheckIfOfficeIsInstalled) {
Write-Host "Office is already installed! Skipping..."
} else {
Write-Host "Office setup files not found."
}
}
function DownloadScriptFromUrls {
param (
[string[]] $Urls
)
foreach ($url in $Urls) {
try {
$response = Invoke-WebRequest -Uri $url -UseBasicParsing
return $response
} catch {
Write-Host "Failed to download script from $url"
Write-Host "Office is not installed."
InstallOffice -mode "online"
Start-Sleep -s 20
if (-not (CheckIfOfficeIsInstalled)) {
Write-Host "Office installation failed. Trying again using offline setup..."
InstallOffice -mode "offline"
}
}
return $null
}
Function ActivateWindowsOffice {
[Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12
$DownloadURLs = @(
'https://git.justw.tf/Lightemerald/microsoft-activation-scripts/raw/branch/master/MAS/All-In-One-Version/MAS_AIO.cmd',
'https://raw.githubusercontent.com/massgravel/Microsoft-Activation-Scripts/master/MAS/All-In-One-Version/MAS_AIO.cmd',
'https://bitbucket.org/WindowsAddict/microsoft-activation-scripts/raw/master/MAS/All-In-One-Version/MAS_AIO.cmd'
)
$rand = Get-Random -Maximum 99999999
$isAdmin = [bool]([Security.Principal.WindowsIdentity]::GetCurrent().Groups -match 'S-1-5-32-544')
$FilePath = if ($isAdmin) { "$env:SystemRoot\Temp\MAS_$rand.cmd" } else { "$env:TEMP\MAS_$rand.cmd" }
$response = DownloadScriptFromUrls -Urls $DownloadURLs
$ScriptArgs = "$args "
$prefix = "@REM $rand `r`n"
$content = $prefix + $response
Set-Content -Path $FilePath -Value $content
Start-Process $FilePath $ScriptArgs -Wait
$FilePaths = @("$env:TEMP\MAS*.cmd", "$env:SystemRoot\Temp\MAS*.cmd")
foreach ($FilePath in $FilePaths) { Get-Item $FilePath | Remove-Item }
}

24
setupRDP.ps1 Normal file
View File

@@ -0,0 +1,24 @@
function EnableRDP {
Write-Host "Enabling RDP..."
Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" -Value 0
Enable-NetFirewallRule -Group "@FirewallAPI.dll,-28752"
Write-Host "RDP enabled."
}
function DisableRDP {
Write-Host "Disabling RDP..."
Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" -Value 1
Disable-NetFirewallRule -Group "@FirewallAPI.dll,-28752"
Write-Host "RDP disabled."
}
function SetupRDP {
param (
[bool] enable
)
if ($enable) {
EnableRDP
} else {
DisableRDP
}
}

10
setupReg.ps1
View File

@@ -52,7 +52,7 @@ function SetRegistry {
}
}
function SetupEleveReg {
function SetupUserReg {
param (
[string] $username
)
@@ -103,12 +103,4 @@ function SetupEleveReg {
} else {
Write-Host "Unable to get the user's HKU registry."
}
}
function EnableRDP {
Write-Host "Enabling RDP..."
Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" -Value 0
Enable-NetFirewallRule -Group "@FirewallAPI.dll,-28752"
Write-Host "RDP enabled."
}

149
setupScript.ps1
View File

@@ -1,51 +1,55 @@
function Import-ScriptsFromUrls {
param (
[string[]] $ScriptUrls,
[string] $LocalPath
)
$scripts = @()
foreach ($url in $ScriptUrls) {
$fileName = Split-Path -Leaf $url
$localFile = Join-Path -Path $LocalPath -ChildPath $fileName
Write-Host "Downloading script $fileName to $localFile"
Invoke-WebRequest -Uri $url -OutFile $localFile -UseBasicParsing
Write-Host "Importing script from $localFile"
$scripts += $localFile
}
return $scripts
}
$baseUrl = "https://git.justw.tf/Lightemerald/setup-script/raw/branch/main/"
$scriptUrls = @(
($baseUrl + "setupTmp.ps1"),
($baseUrl + "setupOffice.ps1"),
($baseUrl + "setupActivate.ps1"),
($baseUrl + "setupUsers.ps1"),
($baseUrl + "setupReg.ps1"),
($baseUrl + "setupRDP.ps1"),
($baseUrl + "setupChoco.ps1"),
($baseUrl + "setupApps.ps1"),
($baseUrl + "setupUpdate.ps1"),
($baseUrl + "setupWDAC.ps1")
)
$scripts = Import-ScriptsFromUrls -ScriptUrls $scriptUrls -LocalPath (Join-Path $env:LOCALAPPDATA "Temp")
Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope Process -Force
foreach ($script in $scripts) {
. $script
function OldImport {
Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope Process -Force
foreach ($url in $ScriptUrls) {
$fileName = Split-Path -Leaf $url
$localFile = Join-Path -Path $(Join-Path $env:LOCALAPPDATA "Temp") -ChildPath $fileName
Write-Host "Downloading script $fileName to $localFile"
Invoke-WebRequest -Uri $url -OutFile $localFile -UseBasicParsing
Write-Host "Importing script from $localFile"
. $localFile
}
}
function Import {
Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope Process -Force
foreach ($ScriptUrl in $ScriptUrls) {
try {
Write-Host "Importing script from $ScriptUrl"
$scriptContent = Invoke-RestMethod $ScriptUrl
Invoke-Expression $scriptContent
} catch {
Write-Error "Error importing script from $ScriptUrl. Error: $_"
}
}
}
function Setup {
function StandardSetup {
param (
[string] $Type
)
Write-Host "Performing $Type Installation..."
DownloadFiles -Type $Type
CheckOfficeInstall
SetupUsers
SetupEleveReg -username "Eleve"
SetupOffice
SetupActivaton
SetupUser -username "Eleve" -password "" -description "Compte élève" -group "Users"
SetupUser -username "Prof" -password "IPRprof2398" -description "Compte professeur" -group "Users"
SetupUser -username "Admin" -password "Lprsnm4ehk26-" -description "Compte administrateur" -group "Administrators"
SetupUserReg -username "Eleve"
EnableRDP
InstallChoco
ChocoInstallApps -Type $Type
@@ -56,96 +60,91 @@ function Setup {
Write-Host "Would you like to restart now? (y/n)"
$input = Read-Host
if ($input -eq "y") {
Clear-RecycleBin
Clear-RecycleBin -Force
Restart-Computer -Force
}
}
function Custom {
function CustomSetup {
$Office = 0
$Activate
$Users = 0
$EleveReg = 0
$UserReg = 0
$UserRegUsername = ""
$RDP = 0
$Choco = 0
$ChocoApps = 0
$Update = 0
$WDAC = 0
$input = Read-Host "Do you need to install Office? (y/n)"
if ($input -eq "y") {
$Office = 1
}
if ($input -eq "y") { $Office = 1 }
$input = Read-Host "Do you need to activate Windows and Office? (y/n)"
if ($input -eq "y") { $Activate = 1 }
$input = Read-Host "Do you need to setup users? (y/n)"
if ($input -eq "y") {
$Users = 1
$input = Read-Host "Do you need to setup eleve registry? (y/n)"
$input = Read-Host "Do you need to setup a restricted user registry? (y/n)"
if ($input -eq "y") {
$EleveReg = 1
$UserReg = 1
$input = Read-Host "Enter the username of the user you want to setup"
$UserRegUsername = $input
}
}
$input = Read-Host "Do you need to enable RDP? (y/n)"
if ($input -eq "y") {
$RDP = 1
}
if ($input -eq "y") { $RDP = 1 }
$input = Read-Host "Do you need to install chocolatey? (y/n)"
if ($input -eq "y") {
$Choco = 1
$input = Read-Host "Do you need to install chocolatey apps? (y/n)"
if ($input -eq "y") {
$ChocoApps = @()
do {
$input = Read-Host "Enter the name of the app you want to install (leave empty to stop)"
if ($input -ne "") {
$ChocoApps += $input
}
if ($input -ne "") { $ChocoApps += $input }
} while ($input -ne "")
}
}
$input = Read-Host "Do you need to update windows? (y/n)"
if ($input -eq "y") {
$Update = 1
}
SetupCustom -Office $Office -Users $Users -EleveReg $EleveReg -RDP $RDP -Choco $Choco -ChocoApps $ChocoApps -Update $Update
if ($input -eq "y") { $Update = 1 }
$input = Read-Host "Do you need to setup WDAC? (y/n)"
if ($input -eq "y") { $WDAC = 1 }
SetupCustom -Office $Office -Activate $Activate -Users $Users -UserReg $UserReg -UserRegUsername $UserRegUsername -RDP $RDP -Choco $Choco -ChocoApps $ChocoApps -Update $Update -WDAC $WDAC
}
function SetupCustom {
param (
[bool] $Office,
[bool] $Activate,
[bool] $Users,
[bool] $EleveReg,
[bool] $UserReg,
[string] $UserRegUsername,
[bool] $RDP,
[bool] $Choco,
[array] $ChocoApps,
[bool] $Update
[bool] $Update,
[bool] $WDAC
)
Write-Host "Performing Custom Installation..."
if ($Office) {
CheckOfficeInstall
}
if ($Office) { SetupOffice }
if ($Activate) { SetupActivaton }
if ($Users) {
SetupUsers
if ($EleveReg) {
SetupEleveReg -username "Eleve"
}
}
if ($RDP) {
EnableRDP
if ($UserReg) { SetupUserReg -username $UserRegUsername }
}
if ($RDP) { EnableRDP }
if ($Choco) {
InstallChoco
if ($ChocoApps) {
ChocoInstallApps -Type "Custom" -Apps $ChocoApps
}
if ($ChocoApps) { ChocoInstallApps -Type "Custom" -Apps $ChocoApps }
}
if ($Update) {
UpdateWindows
}
Show-WDACMenu
if ($Update) { UpdateWindows }
if ($WDAC) { SetupWDAC -enable $WDAC }
Write-Host "Would you like to restart now? (y/n)"
$input = Read-Host
if ($input -eq "y") {
@@ -168,17 +167,25 @@ function Show-InstallationMenu {
$selection = Read-Host "Enter the number of your choice"
switch ($selection) {
"1" { Setup -Type "Labo" }
"2" { Setup -Type "Info" }
"3" { Setup -Type "Laptop" }
"4" { Custom }
"1" { StandardSetup -Type "Labo" }
"2" { StandardSetup -Type "Info" }
"3" { StandardSetup -Type "Laptop" }
"4" { CustomSetup }
"q" {
Write-Host "Exiting..."
exit
}
default { Write-Host "Invalid selection." }
}
} while ($selection -ne "1" -and $selection -ne "2" -and $selection -ne "3")
} while ($selection -ne "1" -and $selection -ne "2" -and $selection -ne "3" -and $selection -ne "4" -and $selection -ne "q")
}
if (Test-Path -Path "C:\Windows\System32\CodeIntegrity\CiPolicies\Active\{b4d6b24c-c3ad-44e5-9dea-72c1ed9577b8}.cip") {
Write-Host "WDAC is enabled, should we disabled it? (y/n)"
Write-Host "Not disabling WDAC will prevent the script from running properly. You should enable it again after the script is done."
$input = Read-Host
if ($input -eq "y") {
Remove-Item -Path "C:\Windows\System32\CodeIntegrity\CiPolicies\Active\{b4d6b24c-c3ad-44e5-9dea-72c1ed9577b8}.cip"
}
}
Show-InstallationMenu

23
setupTmp.ps1
View File

@@ -13,14 +13,14 @@ function DownloadFiles {
FileName = "winstars_installer.exe"
Hash = "f3e97e1373ab84eb4c707f04fca78abbcb0ed289"
},
#@{
# Url = "https://cosphilog.fr/tectoglob3d/Tectoglob3D-win32-ia32.zip"
# FileName = "Tectoglob3D-win32-ia32.zip"
#},
#@{
# Url = "http://acces.ens-lyon.fr/acces/logiciels/applications/tectoglob/Tectoglob_11_complet.zip/at_download/file"
# FileName = "Tectoglob_11_complet.zip"
#},
@{
Url = "https://cosphilog.fr/tectoglob3d/Tectoglob3D-win32-ia32.zip"
FileName = "Tectoglob3D-win32-ia32.zip"
},
@{
Url = "http://acces.ens-lyon.fr/acces/logiciels/applications/tectoglob/Tectoglob_11_complet.zip/at_download/file"
FileName = "Tectoglob_11_complet.zip"
},
@{
Url = "https://git.justw.tf/Lightemerald/setup-script/raw/branch/main/Setup%20files/Sismolog.zip"
FileName = "Sismolog.zip"
@@ -80,6 +80,11 @@ function DownloadFiles {
Url = "https://git.justw.tf/Lightemerald/setup-script/raw/branch/main/Setup%20files/EduPython.zip"
FileName = "EduPython.zip"
Hash = "41cb919182beb4d0fe2ea7a91fdb94eaf9bc91cc"
},
@{
Url = "https://git.justw.tf/Lightemerald/setup-script/raw/branch/main/Setup%20files/rastop.zip"
FileName = "rastop.zip"
Hash = "ae63a6aaf8c85adc16a93c7e2ebbab89b4796384"
}
)
}
@@ -111,7 +116,7 @@ function DownloadFiles {
}
)
}
"Office-setup" {
"Office-online" {
$filesToDownload = @(
@{
Url = "https://c2rsetup.officeapps.live.com/c2r/download.aspx?ProductreleaseID=O365ProPlusRetail&platform=x64&language=fr-fr&version=O16GA" # Validated 23/01/24

5
setupUpdate.ps1
View File

@@ -5,10 +5,7 @@ function UpdateWindows {
if ($ieFeature.State -eq "Enabled") {
Write-Host "Removing Internet Explorer."
Disable-WindowsOptionalFeature -online -NoRestart -FeatureName internet-explorer-optional-amd64
} else {
Write-Host "Internet Explorer is already disabled."
}
}
Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
Install-Module -Name PSWindowsUpdate -Force
Get-WindowsUpdate -ForceInstall

22
setupUsers.ps1
View File

@@ -34,4 +34,26 @@ function SetupUsers {
Write-Host "User $username already exists. Configuring the user..."
Set-LocalUser -Name $username -PasswordNeverExpires $true -Password $SecurePassword
}
}
function SetupUser {
param (
[string] $username,
[string] $password,
[string] $description,
[string] $group
)
if ($password -eq "") {
$SecurePassword = ConvertTo-SecureString -String $password -AsPlainText -Force
} else {
$SecurePassword = [securestring]::new()
}
if ($null -eq $(Get-LocalUser -Name $username -ErrorAction SilentlyContinue)) {
Write-Host "User $username doesn't exist. Creating the user..."
New-LocalUser -Name $username -Description $description -Password $SecurePassword -PasswordNeverExpires -UserMayNotChangePassword
Add-LocalGroupMember -Group $group -Member $username
} else {
Write-Host "User $username already exists. Configuring the user..."
Set-LocalUser -Name $username -PasswordNeverExpires $true -Password $SecurePassword
}
}

21
setupWDAC.ps1
View File

@@ -1,5 +1,5 @@
function EnableWDAC {
$DownloadFile = "https://git.justw.tf/Lightemerald/setup-script/raw/branch/main/{b4d6b24c-c3ad-44e5-9dea-72c1ed9577b8}.cip"
$DownloadFile = "https://git.justw.tf/Lightemerald/setup-script/raw/branch/main/WDAC/{b4d6b24c-c3ad-44e5-9dea-72c1ed9577b8}.cip"
$LocalFile = Join-Path -Path $env:LOCALAPPDATA -ChildPath "Temp\{b4d6b24c-c3ad-44e5-9dea-72c1ed9577b8}.cip"
Write-Host "Downloading file from $DownloadFile to $LocalFile"
Invoke-WebRequest -Uri $DownloadFile -OutFile $LocalFile -UseBasicParsing
@@ -35,4 +35,23 @@ function Show-WDACMenu {
default { Write-Host "Invalid selection. Please choose 1, 2, or 3." }
}
} while ($selection -ne "1" -and $selection -ne "2" -and $selection -ne "3")
}
function SetupWDAC {
param (
[bool] enable
)
if ($enable) {
if (Test-Path -Path "C:\Windows\System32\CodeIntegrity\CiPolicies\Active\{b4d6b24c-c3ad-44e5-9dea-72c1ed9577b8}.cip") {
Write-Host "WDAC is already enabled!"
} else {
EnableWDAC
}
} else {
if (Test-Path -Path "C:\Windows\System32\CodeIntegrity\CiPolicies\Active\{b4d6b24c-c3ad-44e5-9dea-72c1ed9577b8}.cip") {
DisableWDAC
} else {
Write-Host "WDAC is already disabled!"
}
}
}