first commit

setupScript.ps1

@@ -0,0 +1,306 @@
+Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))
+# remove bloatware
+$apps = @(
+    "Microsoft.549981C3F5F10"
+    "Microsoft.3DBuilder"
+    "Microsoft.Appconnector"
+    "Microsoft.BingFinance"
+    "Microsoft.BingNews"
+    "Microsoft.BingSports"
+    "Microsoft.BingTranslator"
+    "Microsoft.BingWeather"
+    "Microsoft.FreshPaint"
+    "Microsoft.GamingServices"
+    "Microsoft.Microsoft3DViewer"
+    "Microsoft.MicrosoftOfficeHub"
+    "Microsoft.MicrosoftPowerBIForWindows"
+    "Microsoft.MicrosoftSolitaireCollection"
+    "Microsoft.MicrosoftStickyNotes"
+    "Microsoft.MinecraftUWP"
+    "Microsoft.NetworkSpeedTest"
+    "Microsoft.Office.OneNote"
+    "Microsoft.People"
+    "Microsoft.Print3D"
+    "Microsoft.SkypeApp"
+    "Microsoft.Wallet"
+    "Microsoft.WindowsAlarms"
+    "microsoft.windowscommunicationsapps"
+    "Microsoft.WindowsMaps"
+    "Microsoft.WindowsPhone"
+    "Microsoft.WindowsSoundRecorder"
+    "Microsoft.WindowsStore"
+    "Microsoft.Xbox.TCUI"
+    "Microsoft.XboxApp"
+    "Microsoft.XboxGameOverlay"
+    "Microsoft.XboxGamingOverlay"
+    "Microsoft.XboxSpeechToTextOverlay"
+    "Microsoft.YourPhone"
+    "Microsoft.ZuneMusic"
+    "Microsoft.ZuneVideo"
+    "Microsoft.CommsPhone"
+    "Microsoft.ConnectivityStore"
+    "Microsoft.GetHelp"
+    "Microsoft.Getstarted"
+    "Microsoft.Messaging"
+    "Microsoft.Office.Sway"
+    "Microsoft.OneConnect"
+    "Microsoft.WindowsFeedbackHub"
+    "Microsoft.Microsoft3DViewer"
+    "Microsoft.MSPaint"
+    "Microsoft.BingFoodAndDrink"
+    "Microsoft.BingHealthAndFitness"
+    "Microsoft.BingTravel"
+    "Microsoft.WindowsReadingList"
+    "Microsoft.MixedReality.Portal"
+    "Microsoft.ScreenSketch"
+    "Microsoft.XboxGamingOverlay"
+    "Microsoft.YourPhone"
+    "Microsoft.WindowsMaps"
+    "Microsoft.MixedReality.Portal"
+    "Microsoft.WindowsCamera"
+    "Microsoft.MicrosoftSolitaireCollection"
+    "Microsoft.MicrosoftStickyNotes"
+    "Microsoft.SkypeApp"
+    "Microsoft.Office.OneNote"
+    "Microsoft.WindowsStore"
+    "2FE3CB00.PicsArt-PhotoStudio"
+    "46928bounde.EclipseManager"
+    "4DF9E0F8.Netflix"
+    "613EBCEA.PolarrPhotoEditorAcademicEdition"
+    "6Wunderkinder.Wunderlist"
+    "7EE7776C.LinkedInforWindows"
+    "89006A2E.AutodeskSketchBook"
+    "9E2F88E3.Twitter"
+    "A278AB0D.DisneyMagicKingdoms"
+    "A278AB0D.MarchofEmpires"
+    "ActiproSoftwareLLC.562882FEEB491"
+    "CAF9E577.Plex"
+    "ClearChannelRadioDigital.iHeartRadio"
+    "D52A8D61.FarmVille2CountryEscape"
+    "D5EA27B7.Duolingo-LearnLanguagesforFree"
+    "DB6EA5DB.CyberLinkMediaSuiteEssentials"
+    "DolbyLaboratories.DolbyAccess"
+    "DolbyLaboratories.DolbyAccess"
+    "Drawboard.DrawboardPDF"
+    "Facebook.Facebook"
+    "Fitbit.FitbitCoach"
+    "Flipboard.Flipboard"
+    "GAMELOFTSA.Asphalt8Airborne"
+    "KeeperSecurityInc.Keeper"
+    "NORDCURRENT.COOKINGFEVER"
+    "PandoraMediaInc.29680B314EFC2"
+    "Playtika.CaesarsSlotsFreeCasino"
+    "ShazamEntertainmentLtd.Shazam"
+    "SlingTVLLC.SlingTV"
+    "SpotifyAB.SpotifyMusic"
+    "ThumbmunkeysLtd.PhototasticCollage"
+    "TuneIn.TuneInRadio"
+    "WinZipComputing.WinZipUniversal"
+    "XINGAG.XING"
+    "flaregamesGmbH.RoyalRevolt2"
+    "king.com.*"
+    "king.com.BubbleWitch3Saga"
+    "king.com.CandyCrushSaga"
+    "king.com.CandyCrushSodaSaga"
+    "5319275A.WhatsAppDesktop"
+    "Microsoft.Advertising.Xaml"
+    "Microsoft.549981C3F5F10"
+    "Microsoft.3DBuilder"
+    "Microsoft.Appconnector"
+    "Microsoft.BingFinance"
+    "Microsoft.BingNews"
+    "Microsoft.BingSports"
+    "Microsoft.BingTranslator"
+    "Microsoft.BingWeather"
+    "Microsoft.FreshPaint"
+    "Microsoft.GamingServices"
+    "Microsoft.Microsoft3DViewer"
+    "Microsoft.MicrosoftOfficeHub"
+    "Microsoft.MicrosoftPowerBIForWindows"
+    "Microsoft.MicrosoftSolitaireCollection"
+    "Microsoft.MicrosoftStickyNotes"
+    "Microsoft.MinecraftUWP"
+    "Microsoft.NetworkSpeedTest"
+    "Microsoft.Office.OneNote"
+    "Microsoft.People"
+    "Microsoft.Print3D"
+    "Microsoft.SkypeApp"
+    "Microsoft.Wallet"
+    "Microsoft.WindowsAlarms"
+    "microsoft.windowscommunicationsapps"
+    "Microsoft.WindowsMaps"
+    "Microsoft.WindowsPhone"
+    "Microsoft.WindowsSoundRecorder"
+    "Microsoft.WindowsStore"
+    "Microsoft.Xbox.TCUI"
+    "Microsoft.XboxApp"
+    "Microsoft.XboxGameOverlay"
+    "Microsoft.XboxGamingOverlay"
+    "Microsoft.XboxSpeechToTextOverlay"
+    "Microsoft.YourPhone"
+    "Microsoft.ZuneMusic"
+    "Microsoft.ZuneVideo"
+    "Microsoft.CommsPhone"
+    "Microsoft.ConnectivityStore"
+    "Microsoft.GetHelp"
+    "Microsoft.Getstarted"
+    "Microsoft.Messaging"
+    "Microsoft.Office.Sway"
+    "Microsoft.OneConnect"
+    "Microsoft.WindowsFeedbackHub"
+    "Microsoft.Microsoft3DViewer"
+    "Microsoft.MSPaint"
+    "Microsoft.BingFoodAndDrink"
+    "Microsoft.BingHealthAndFitness"
+    "Microsoft.BingTravel"
+    "Microsoft.WindowsReadingList"
+    "Microsoft.MixedReality.Portal"
+    "Microsoft.ScreenSketch"
+    "Microsoft.XboxGamingOverlay"
+    "Microsoft.YourPhone"
+    "Microsoft.WindowsMaps"
+    "Microsoft.MixedReality.Portal"
+    "Microsoft.WindowsCamera"
+    "Microsoft.MicrosoftSolitaireCollection"
+    "Microsoft.MicrosoftStickyNotes"
+    "Microsoft.SkypeApp"
+    "Microsoft.Office.OneNote"
+    "Microsoft.WindowsStore"
+)
+
+foreach ($app in $apps) {
+    Write-Output "Trying to remove $app"
+    # Get the app version
+    $appVersion = (Get-AppxPackage -Name $app).Version
+    If ($appVersion){
+      # If the apps is found, remove it
+      Get-AppxPackage -Name $app -AllUsers | Remove-AppxPackage -AllUsers
+    }
+
+    # Remove the app from the local Windows Image to prevent re-install on new user accounts
+    Get-AppXProvisionedPackage -Online | Where-Object DisplayName -EQ $app | Remove-AppxProvisionedPackage -Online
+    # Cleanup Local App Data
+    $appPath="$Env:LOCALAPPDATA\Packages\$app*"
+    Remove-Item $appPath -Recurse -Force -ErrorAction 0
+}
+
+# Installing needed apps
+choco install dotnet -y
+choco install vcredist-all -y
+choco install firefox -y
+choco install 7zip -y
+choco install onlyoffice -y
+choco install googleearthpro -y
+choco install adobereader -y
+choco install sublimetext4 -y
+choco install vlc -y
+choco install audacity -y
+choco install arduino -y
+choco install avogadro -y
+
+Set-LocalUser -Name "Eleve" -PasswordNeverExpires $true -UserMayChangePassword $false -Password ([securestring]::new())
+$SecurePassword = ConvertTo-SecureString -String "IPRprof2398" -AsPlainText -Force
+Set-LocalUser -Name "Prof" -PasswordNeverExpires $true -UserMayChangePassword $false -Password $SecurePassword
+$SecurePassword = ConvertTo-SecureString -String "Lprsnm4ehk26-" -AsPlainText -Force
+Set-LocalUser -Name "Admin" -PasswordNeverExpires $true -Password $SecurePassword
+
+cd D:\Setup\Labo
+cd E:\Setup\Labo
+cd F:\Setup\Labo
+Copy-Item -Path .\Software\* -Destination "C:\Program Files\" -Recurse
+Copy-Item -Path .\Shortcut\* -Destination "C:\Users\Public\Desktop\" -Recurse
+icacls "C:\Users\Public" /grant:r "Eleve:(OI)(CI)(R)"
+
+
+# Function to load a user's HKU registry hive
+function UserReg {
+    param (
+        [string] $Username
+    )
+
+    # Get the list of user profiles on the computer
+    $UserProfiles = Get-WmiObject Win32_UserProfile | Where-Object { $_.Special -eq $false }
+
+    # Search for the user profile based on the username
+    $UserProfile = $UserProfiles | Where-Object { $_.LocalPath.EndsWith("\$Username") }
+
+    # Check if the user profile exists
+    if ($UserProfile -ne $null) {
+        # Construct the path to the user's NTUSER.DAT file (registry hive)
+        $UserSID = $UserProfile.SID
+        $HivePath = Join-Path -Path $UserProfile.LocalPath -ChildPath "NTUSER.DAT"
+
+        # Return the user's SID and HKU registry key
+        return $UserSID, "Registry::HKEY_USERS\$UserSID"
+    } else {
+        Write-Host "User profile for $Username not found."
+        return $null, $null
+    }
+}
+
+$TargetUsername = "Eleve"
+$UserSID, $UserHKUPath = UserReg -Username $TargetUsername
+
+if ($UserSID -ne $null -and $UserHKUPath -ne $null) {
+    # Restrict access to Settings
+    $ControlPanelKeyPath = "$UserHKUPath\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer"
+    $ControlPanelValueName = "NoControlPanel"
+    if (Test-Path -Path $ControlPanelKeyPath) {
+        $RegistryItem = Get-ItemProperty -Path $ControlPanelKeyPath
+        if ($RegistryItem.PSObject.Properties.Name -contains $ControlPanelValueName) {
+            Set-ItemProperty -Path $ControlPanelKeyPath -Name $ControlPanelValueName -Value 1
+        } else {
+            New-ItemProperty -Path $ControlPanelKeyPath -Name $ControlPanelValueName -Value 1 -PropertyType DWord
+        }
+    } else {
+        New-Item -Path $ControlPanelKeyPath -Force
+        New-ItemProperty -Path $ControlPanelKeyPath -Name $ControlPanelValueName -Value 1 -PropertyType DWord
+    }
+
+    # Disable access to regedit
+    $REGKeyPath = "$UserHKUPath\Software\Microsoft\Windows\CurrentVersion\Policies\System"
+    $REGValueName = "DisableRegistryTools"
+    if (Test-Path -Path $REGKeyPath) {
+        $RegistryItem = Get-ItemProperty -Path $REGKeyPath
+        if ($RegistryItem.PSObject.Properties.Name -contains $REGValueName) {
+            Set-ItemProperty -Path $REGKeyPath -Name $REGValueName -Value 1
+        } else {
+            New-ItemProperty -Path $REGKeyPath -Name $REGValueName -Value 1 -PropertyType DWord
+        }
+    } else {
+        New-Item -Path $REGKeyPath -Force
+        New-ItemProperty -Path $REGKeyPath -Name $REGValueName -Value 1 -PropertyType DWord
+    }
+
+    # Restrict access to Command Prompt
+    $CMDKeyPath = "$UserHKUPath\Software\Policies\Microsoft\Windows\System"
+    $CMDValueName = "DisableCMD"
+    if (Test-Path -Path $CMDKeyPath) {
+        $RegistryItem = Get-ItemProperty -Path $CMDKeyPath
+        if ($RegistryItem.PSObject.Properties.Name -contains $CMDValueName) {
+            Set-ItemProperty -Path $CMDKeyPath -Name $CMDValueName -Value 1
+        } else {
+            New-ItemProperty -Path $CMDKeyPath -Name $CMDValueName -Value 1 -PropertyType DWord
+        }
+    } else {
+        New-Item -Path $CMDKeyPath -Force
+        New-ItemProperty -Path $CMDKeyPath -Name $CMDValueName -Value 1 -PropertyType DWord
+    }
+
+    # Add entries to DisallowRun for cmd.exe and powershell.exe
+    $DisallowRunKeyPath = "$UserHKUPath\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun"
+    if (Test-Path -Path $DisallowRunKeyPath) {
+        Set-ItemProperty -Path "$UserHKUPath\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" -Name "DisallowRun" -Value 1
+        New-ItemProperty -Path $DisallowRunKeyPath -Name "1" -Value "cmd.exe" -PropertyType String
+        New-ItemProperty -Path $DisallowRunKeyPath -Name "2" -Value "powershell.exe" -PropertyType String
+        New-ItemProperty -Path $DisallowRunKeyPath -Name "3" -Value "powershell_ise.exe" -PropertyType String
+    } else {
+        New-Item -Path $DisallowRunKeyPath -Force
+        Set-ItemProperty -Path "$UserHKUPath\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" -Name "DisallowRun" -Value 1
+        New-ItemProperty -Path $DisallowRunKeyPath -Name "1" -Value "cmd.exe" -PropertyType String
+        New-ItemProperty -Path $DisallowRunKeyPath -Name "2" -Value "powershell.exe" -PropertyType String
+        New-ItemProperty -Path $DisallowRunKeyPath -Name "3" -Value "powershell_ise.exe" -PropertyType String
+    }
+} else {
+    Write-Host "Unable to get the user's HKU registry."
+}