├── BarlowCondensed-Bold.ttf ├── BarlowCondensed-BoldItalic.ttf ├── BarlowCondensed-Italic.ttf ├── BarlowCondensed-Regular.ttf ├── Certificates ├── Detect_PrivateKeyPermission.ps1 └── Set_PrivateKeyPermission.ps1 ├── Check-UpdateComplianceSetting.ps1 ├── Check-Uptime.ps1 ├── Check_MDM_Enrollment.ps1 ├── Detect_Chassis.ps1 ├── Detect_EnableAutomaticUpdates.ps1 ├── Detect_EnableEdgeAutomaticUpdates.ps1 ├── Detect_OfficeMgmtCOM.ps1 ├── DisableOfficeMgmtCOM.ps1 ├── EnableAutomaticUpdates.ps1 ├── EnableEdgeAutomaticUpdates.ps1 ├── Feature Updates └── SetupCompleteCMD │ ├── Detect_SetupComplete.ps1 │ ├── Files │ ├── ProgramData │ │ └── Microsoft │ │ │ └── User Account Pictures │ │ │ ├── guest.bmp │ │ │ ├── guest.png │ │ │ ├── user-192.png │ │ │ ├── user-32.png │ │ │ ├── user-40.png │ │ │ ├── user-48.png │ │ │ ├── user.bmp │ │ │ ├── user.jpg │ │ │ └── user.png │ └── Windows │ │ └── Web │ │ └── Wallpaper │ │ ├── Custom.jpg │ │ └── Thumbs.db │ ├── Install_SetupComplete.ps1 │ ├── SetupComplete.ps1 │ ├── Thumbs.db │ ├── Uninstall_SetupComplete.ps1 │ └── Version.txt ├── FileShareToSPO_Migration_Check.ps1 ├── Flash Uninstall ├── Detect_Flash_Removal_KB4577586.ps1 ├── Install_Flash_Removal_KB4577586.ps1 ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1507 for x64-based systems (KB4577586) │ └── AMD64_X86-all-windows10.0-kb4577586-x64_a0ff1622de1e30a2400d56903161a3c0757c29d1.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1507 for x86-based systems (KB4577586) │ └── AMD64_X86-all-windows10.0-kb4577586-x86_cc1837e27113e5444e025cf2dc2e2ed556ba77f9.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1607 for x64-based systems (KB4577586) │ └── AMD64-all-windows10.0-kb4577586-x64_809b9640d04c5af4c7e78499052abaa936cb670a.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1607 for x86-based systems (KB4577586) │ └── X86-all-windows10.0-kb4577586-x86_97a4f342e91e40b921727a8b944a29f7155f3ca1.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1703 for x64-based systems (KB4577586) │ └── AMD64-all-windows10.0-kb4577586-x64_84ef2e9e7eb6bd2a3cfa5a8aef59adccab988e7d.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1703 for x86-based systems (KB4577586) │ └── AMD64_X86-all-windows10.0-kb4577586-x86_9a3ade6ec24a2627276cbd7df0b39ece8ffee269.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1709 for ARM64-based systems (KB4577586) │ └── ARM64-all-windows10.0-kb4577586-arm64_81d999c5c09cfd4e914cfaaa6f3c80b8ec911a84.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1709 for x64-based systems (KB4577586) │ └── AMD64-all-windows10.0-kb4577586-x64_e0921a984710c3992b68e570115b29b9e8e5c708.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1709 for x86-based systems (KB4577586) │ └── X86-all-windows10.0-kb4577586-x86_f1ee6a8c9cdc91b4486fde9dc98c9dc5f9babc77.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1803 for ARM64-based systems (KB4577586) │ └── ARM64-all-windows10.0-kb4577586-arm64_e6c65b35f640b4541a674b77b064c1e4d066e52d.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1803 for x64-based systems (KB4577586) │ └── AMD64-all-windows10.0-kb4577586-x64_07eba1db5a2cfac83683bd43d727a3195a94b39b.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1803 for x86-based systems (KB4577586) │ └── X86-all-windows10.0-kb4577586-x86_b737ffa841d2aab5cbf5e00560b93577a6d0b4d2.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1809 for ARM64-based systems (KB4577586) │ └── ARM64-all-windows10.0-kb4577586-arm64_9b954e1ca43f467e324283b8be5e5a8ab929e5a4.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1809 for x64-based systems (KB4577586) │ └── AMD64-all-windows10.0-kb4577586-x64_d0f434327db9e3308b86591c248c825c03687632.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1809 for x86-based systems (KB4577586) │ └── X86-all-windows10.0-kb4577586-x86_947f151a8bb5a0b0797702e53431c52d56c02c32.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1903 for ARM64-based systems (KB4577586) │ └── ARM64-all-windows10.0-kb4577586-arm64_cacff17e2776c6ade22df2533a674b0b68f13bc1.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1903 for x64-based systems (KB4577586) │ └── AMD64-all-windows10.0-kb4577586-x64_ec16e118cd8b99df185402c7a0c65a31e031a6f0.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1903 for x86-based systems (KB4577586) │ └── X86-all-windows10.0-kb4577586-x86_002b1ffa7fb31836aeaed74007a6949d31a96460.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1909 for ARM64-based systems (KB4577586) │ └── ARM64-all-windows10.0-kb4577586-arm64_cacff17e2776c6ade22df2533a674b0b68f13bc1.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1909 for x64-based systems (KB4577586) │ └── AMD64-all-windows10.0-kb4577586-x64_ec16e118cd8b99df185402c7a0c65a31e031a6f0.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1909 for x86-based systems (KB4577586) │ └── X86-all-windows10.0-kb4577586-x86_002b1ffa7fb31836aeaed74007a6949d31a96460.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 2004 for ARM64-based systems (KB4577586) │ └── ARM64-all-windows10.0-kb4577586-arm64_935f62c2ac5987ceda52ca0358664f5b6be381d8.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 2004 for x64-based systems (KB4577586) │ └── AMD64-all-windows10.0-kb4577586-x64_c9bb49df325c20ddc147137b3f769fa44d800dde.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 2004 for x86-based systems (KB4577586) │ └── X86-all-windows10.0-kb4577586-x86_238da6b730a3f6a709f31980b87e2d8ecb0a8973.msu ├── Update for Removal of Adobe Flash Player for Windows Server 2012 R2 for x64-based systems (KB4577586) │ └── windows8.1-kb4577586-x64_1c039dbdafaf12e9163e8d56cf578cc998306ecd.msu ├── Update for Removal of Adobe Flash Player for Windows Server 2012 for x64-based systems (KB4577586) │ └── windows8-rt-kb4577586-x64_3dde08cdb47cb317ba47a9181fceee09951c614c.msu ├── Update for Removal of Adobe Flash Player for Windows Server 2016 for x64-based systems (KB4577586) │ └── windows10.0-kb4577586-x64_809b9640d04c5af4c7e78499052abaa936cb670a.msu ├── Update for Removal of Adobe Flash Player for Windows Server 2019 for x64-based systems (KB4577586) │ └── windows10.0-kb4577586-x64_d0f434327db9e3308b86591c248c825c03687632.msu ├── Update for Removal of Adobe Flash Player for Windows Server, version 1903 for ARM64-based systems (KB4577586) │ └── windows10.0-kb4577586-arm64_cacff17e2776c6ade22df2533a674b0b68f13bc1.msu ├── Update for Removal of Adobe Flash Player for Windows Server, version 1903 for x64-based systems (KB4577586) │ └── windows10.0-kb4577586-x64_ec16e118cd8b99df185402c7a0c65a31e031a6f0 (1).msu ├── Update for Removal of Adobe Flash Player for Windows Server, version 1909 for ARM64-based systems (KB4577586) │ └── windows10.0-kb4577586-arm64_cacff17e2776c6ade22df2533a674b0b68f13bc1.msu ├── Update for Removal of Adobe Flash Player for Windows Server, version 1909 for x64-based systems (KB4577586) │ └── windows10.0-kb4577586-x64_ec16e118cd8b99df185402c7a0c65a31e031a6f0 (1).msu ├── Update for Removal of Adobe Flash Player for Windows Server, version 2004 for ARM64-based systems (KB4577586) │ └── windows10.0-kb4577586-arm64_935f62c2ac5987ceda52ca0358664f5b6be381d8.msu └── Update for Removal of Adobe Flash Player for Windows Server, version 2004 for x64-based systems (KB4577586) │ └── windows10.0-kb4577586-x64_c9bb49df325c20ddc147137b3f769fa44d800dde.msu ├── Flash Uninstall_Intune ├── Detect_Flash_Removal_KB4577586_Intune.ps1 ├── Install_Flash_Removal_KB4577586.ps1 ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1507 for x64-based systems (KB4577586) │ └── AMD64_X86-all-windows10.0-kb4577586-x64_a0ff1622de1e30a2400d56903161a3c0757c29d1.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1507 for x86-based systems (KB4577586) │ └── AMD64_X86-all-windows10.0-kb4577586-x86_cc1837e27113e5444e025cf2dc2e2ed556ba77f9.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1607 for x64-based systems (KB4577586) │ └── AMD64-all-windows10.0-kb4577586-x64_809b9640d04c5af4c7e78499052abaa936cb670a.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1607 for x86-based systems (KB4577586) │ └── X86-all-windows10.0-kb4577586-x86_97a4f342e91e40b921727a8b944a29f7155f3ca1.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1703 for x64-based systems (KB4577586) │ └── AMD64-all-windows10.0-kb4577586-x64_84ef2e9e7eb6bd2a3cfa5a8aef59adccab988e7d.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1703 for x86-based systems (KB4577586) │ └── AMD64_X86-all-windows10.0-kb4577586-x86_9a3ade6ec24a2627276cbd7df0b39ece8ffee269.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1709 for ARM64-based systems (KB4577586) │ └── ARM64-all-windows10.0-kb4577586-arm64_81d999c5c09cfd4e914cfaaa6f3c80b8ec911a84.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1709 for x64-based systems (KB4577586) │ └── AMD64-all-windows10.0-kb4577586-x64_e0921a984710c3992b68e570115b29b9e8e5c708.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1709 for x86-based systems (KB4577586) │ └── X86-all-windows10.0-kb4577586-x86_f1ee6a8c9cdc91b4486fde9dc98c9dc5f9babc77.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1803 for ARM64-based systems (KB4577586) │ └── ARM64-all-windows10.0-kb4577586-arm64_e6c65b35f640b4541a674b77b064c1e4d066e52d.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1803 for x64-based systems (KB4577586) │ └── AMD64-all-windows10.0-kb4577586-x64_07eba1db5a2cfac83683bd43d727a3195a94b39b.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1803 for x86-based systems (KB4577586) │ └── X86-all-windows10.0-kb4577586-x86_b737ffa841d2aab5cbf5e00560b93577a6d0b4d2.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1809 for ARM64-based systems (KB4577586) │ └── ARM64-all-windows10.0-kb4577586-arm64_9b954e1ca43f467e324283b8be5e5a8ab929e5a4.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1809 for x64-based systems (KB4577586) │ └── AMD64-all-windows10.0-kb4577586-x64_d0f434327db9e3308b86591c248c825c03687632.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1809 for x86-based systems (KB4577586) │ └── X86-all-windows10.0-kb4577586-x86_947f151a8bb5a0b0797702e53431c52d56c02c32.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1903 for ARM64-based systems (KB4577586) │ └── ARM64-all-windows10.0-kb4577586-arm64_cacff17e2776c6ade22df2533a674b0b68f13bc1.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1903 for x64-based systems (KB4577586) │ └── AMD64-all-windows10.0-kb4577586-x64_ec16e118cd8b99df185402c7a0c65a31e031a6f0.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1903 for x86-based systems (KB4577586) │ └── X86-all-windows10.0-kb4577586-x86_002b1ffa7fb31836aeaed74007a6949d31a96460.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1909 for ARM64-based systems (KB4577586) │ └── ARM64-all-windows10.0-kb4577586-arm64_cacff17e2776c6ade22df2533a674b0b68f13bc1.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1909 for x64-based systems (KB4577586) │ └── AMD64-all-windows10.0-kb4577586-x64_ec16e118cd8b99df185402c7a0c65a31e031a6f0.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 1909 for x86-based systems (KB4577586) │ └── X86-all-windows10.0-kb4577586-x86_002b1ffa7fb31836aeaed74007a6949d31a96460.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 2004 for ARM64-based systems (KB4577586) │ └── ARM64-all-windows10.0-kb4577586-arm64_935f62c2ac5987ceda52ca0358664f5b6be381d8.msu ├── Update for Removal of Adobe Flash Player for Windows 10 Version 2004 for x64-based systems (KB4577586) │ └── AMD64-all-windows10.0-kb4577586-x64_c9bb49df325c20ddc147137b3f769fa44d800dde.msu └── Update for Removal of Adobe Flash Player for Windows 10 Version 2004 for x86-based systems (KB4577586) │ └── X86-all-windows10.0-kb4577586-x86_238da6b730a3f6a709f31980b87e2d8ecb0a8973.msu ├── Get-Geo.ps1 ├── Install-Printer.ps1 ├── Install_Font.ps1 ├── Intune-HV-Tools.ps1 ├── Intune_Compliance_Windows_Updates_Enable.ps1 ├── Invoke-SyncAllWindowsDevices.ps1 ├── Invoke-UnsupportedAppToast.ps1 ├── LocalAdminGroup.ps1 ├── New-LabVM.ps1 ├── Remove-Appx.ps1 ├── Remove-Appx_Detection.ps1 ├── Remove-Printer.ps1 ├── Remove-WorkplaceUserJoinRegistration.ps1 ├── Render_XML_Function.ps1 ├── Toast_WU_Notification ├── Toast_WU_Detection.ps1 └── Toast_WU_Notification.ps1 ├── Uninstall_Font.ps1 ├── UnsupportedApps ├── Adobe Apps │ ├── Detect-AdobeApps.ps1 │ └── Remediate-AdobeApps.ps1 └── Java Apps │ ├── Detect-JavaApps.ps1 │ └── Remediate-JavaApps.ps1 └── Windows Updates ├── Invoke-WUInventory.ps1 ├── Invoke-WUInventory_Funky.ps1 ├── Invoke-WUInventory_testdata.ps1 ├── Windows Update Device Settings.workbook └── testdata.csv /BarlowCondensed-Bold.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/BarlowCondensed-Bold.ttf -------------------------------------------------------------------------------- /BarlowCondensed-BoldItalic.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/BarlowCondensed-BoldItalic.ttf -------------------------------------------------------------------------------- /BarlowCondensed-Italic.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/BarlowCondensed-Italic.ttf -------------------------------------------------------------------------------- /BarlowCondensed-Regular.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/BarlowCondensed-Regular.ttf -------------------------------------------------------------------------------- /Certificates/Detect_PrivateKeyPermission.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | =========================================================================== 3 | Created on: 14/01/2021 23:06 4 | Created by: Ben Whitmore 5 | Organization: - 6 | Filename: Detect_PrivateKeyPermission.ps1 7 | Target System: Windows 10 Only 8 | =========================================================================== 9 | 10 | 1.0 11 | Release 12 | 13 | .SYNOPSIS 14 | The purpose of the script is to check the Private Key Permission on a computer certificate issued from a specific template. 15 | 16 | .DESCRIPTION 17 | This script can be used to check an account has the correct permissions on a certificates private key when the certificate has been issued using a specific template. 18 | 19 | .Parameter Template 20 | Specify the name of the template used to issue the certificate 21 | 22 | .Parameter Account 23 | Specify the account you wish to check exists on the private key ACL. The default account will be set to "LOCAL SERVICE" if no parameter is specified 24 | 25 | .Parameter Permission 26 | Specify the permission you would like to check for. Choose "Read" or "FullControl" 27 | 28 | .Example 29 | Detect_PrivateKeyPermission.ps1 -Account "LOCAL SERVICE" -Permission "Read" -Template "Workstation Authentication" 30 | #> 31 | 32 | Param 33 | ( 34 | [Parameter(Mandatory = $False)] 35 | [String]$Template = "Workstation Authentication", 36 | [String]$Account = "LOCAL SERVICE", 37 | [ValidateSet("Read", "FullControl")] 38 | [String]$Permission = "Read" 39 | ) 40 | 41 | #Get Client Certificate issued from the specified Template 42 | $Certificates = Get-ChildItem Cert:\LocalMachine\my | Where-Object { $_.HasPrivateKey } | Where-Object { $_.Extensions | Where-Object { ($_.oid.friendlyname -match "Certificate Template Information" -and ($_.Format(0) -like "*$($Template)*")) } } 43 | 44 | #Change private key perms on Client Certificates 45 | ForEach ($Cert in $Certificates) { 46 | 47 | #Get the key 48 | $Key = [System.Security.Cryptography.X509Certificates.RSACertificateExtensions]::GetRSAPrivateKey($Cert) 49 | 50 | Try { 51 | #Get the permissions from the key 52 | $KeyPerm = $Key.key.UniqueName 53 | $KeyLocation = Get-ChildItem "$env:ALLUSERSPROFILE\Microsoft\Crypto" -Recurse | Where-Object { $_.Name -like "$KeyPerm*" } 54 | $KeyPermACL = Get-Acl -Path $KeyLocation.FullName 55 | 56 | #Check if the Account has the correct Permission on the Private Key 57 | $ACLAccess = $keypermacl | Select-Object -ExpandProperty AccessToString 58 | } 59 | Catch { 60 | 61 | #Catch error if permissions were unobtainable 62 | Write-Warning "Could not get the ACL: $($error[0].Exception)" 63 | Exit 1 64 | } 65 | 66 | If ($ACLAccess -like "*$($Account) Allow $($Permission)*") { 67 | Write-Output """$($Account)"" has the correct ""$($Permission)"" permission on the Certificate Private Key" 68 | Exit 0 69 | } 70 | else { 71 | Write-Warning """$($Account)"" does not have the correct ""$($Permission)"" permission on the Certificate Private Key" 72 | Exit 1 73 | } 74 | } -------------------------------------------------------------------------------- /Certificates/Set_PrivateKeyPermission.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | =========================================================================== 3 | Created on: 14/01/2021 23:06 4 | Created by: Ben Whitmore 5 | Organization: - 6 | Filename: Set_PrivateKeyPermission.ps1 7 | Target System: Windows 10 Only 8 | =========================================================================== 9 | 10 | 1.0 11 | Release 12 | 13 | .SYNOPSIS 14 | The purpose of the script is to change the Private Key Permission on a computer certificate issued from a specific template. 15 | 16 | .DESCRIPTION 17 | This script can be used to add/change an account permissions on a certificates private key when the certificate has been issued using a specific template. 18 | 19 | .Parameter Template 20 | Specify the name of the template used to issue the certificate 21 | 22 | .Parameter Account 23 | Specify the account you wish to add/change on the private key ACL. The default account will be set to "LOCAL SERVICE" if no parameter is specified 24 | 25 | .Parameter Permission 26 | Specify the permission you would like to set. Choose "Read" or "FullControl" 27 | 28 | .Example 29 | Set_PrivateKeyPermission.ps1 -Account "LOCAL SERVICE" -Permission "Read" -Template "Workstation Authentication" 30 | #> 31 | 32 | Param 33 | ( 34 | [Parameter(Mandatory = $False)] 35 | [String]$Template = "Workstation Authentication", 36 | [String]$Account = "LOCAL SERVICE", 37 | [ValidateSet("Read", "FullControl")] 38 | [String]$Permission = "Read" 39 | ) 40 | 41 | #Get Client Certificate issued from the specified Template 42 | $Certificates = Get-ChildItem Cert:\LocalMachine\my | Where-Object { $_.HasPrivateKey } | Where-Object { $_.Extensions | Where-Object { ($_.oid.friendlyname -match "Certificate Template Information" -and ($_.Format(0) -like "*$($Template)*")) } } 43 | 44 | #Change private key perms on Client Certificates 45 | ForEach ($Cert in $Certificates) { 46 | 47 | #Get the key 48 | $Key = [System.Security.Cryptography.X509Certificates.RSACertificateExtensions]::GetRSAPrivateKey($Cert) 49 | 50 | Try { 51 | #Get the permissions from the key 52 | $KeyPerm = $Key.key.UniqueName 53 | $KeyLocation = Get-ChildItem "$env:ALLUSERSPROFILE\Microsoft\Crypto" -Recurse | Where-Object { $_.Name -like "$KeyPerm*" } 54 | $KeyPermACL = Get-Acl -Path $KeyLocation.FullName 55 | 56 | #Check if the Account has the correct Permission on the Private Key 57 | $ACLAccess = $keypermacl | Select-Object -ExpandProperty AccessToString 58 | } 59 | Catch { 60 | 61 | #Catch error if permissions were unobtainable 62 | Write-Warning "Could not get the ACL: $($error[0].Exception)" 63 | } 64 | 65 | If ($ACLAccess -like "*$($Account) Allow $($Permission)*") { 66 | Write-Output """$($Account)"" has the correct ""$($Permission)"" permission on the Certificate Private Key" 67 | } 68 | else { 69 | Write-Warning """$($Account)"" does not have the correct ""$($Permission)"" permission on the Certificate Private Key" 70 | Write-Output "Setting Private Key Permission to ""$($Permission)"" for Account ""$($Account)""..." 71 | Try { 72 | 73 | #Create a new permission 74 | $NewPerm = New-Object security.accesscontrol.filesystemaccessrule $Account, $Permission, Allow 75 | 76 | #Add the new permission to the ACL 77 | $KeyPermACL.AddAccessRule($NewPerm) 78 | Set-Acl -Path $KeyLocation.FullName -AclObject $KeyPermACL 79 | } 80 | Catch { 81 | 82 | #Catch the error 83 | Write-Warning "Error modifying the private key ACL: $($error[0].Exception)" 84 | } 85 | } 86 | } -------------------------------------------------------------------------------- /Check-Uptime.ps1: -------------------------------------------------------------------------------- 1 | $Uptime = get-computerinfo | Select-Object OSUptime 2 | if ($Uptime.OsUptime.Days -ge 7) { 3 | Write-Output "Last reboot in days: $($Uptime.OsUptime.Days)" 4 | Exit 1 5 | } 6 | else { 7 | Write-Output "Last reboot in days: $($Uptime.OsUptime.Days)" 8 | Exit 0 9 | } -------------------------------------------------------------------------------- /Check_MDM_Enrollment.ps1: -------------------------------------------------------------------------------- 1 | Param( 2 | [Parameter(Mandatory = $False)] 3 | [Switch]$Remove, 4 | [Parameter(Mandatory = $True)] 5 | [String]$Tenant 6 | ) 7 | 8 | $OldTenant = $Tenant + ".onmicrosoft.com" 9 | $RegPath = "HKLM:\SOFTWARE\Microsoft\Enrollments" 10 | 11 | If ($Remove) { 12 | Write-Warning "Running script with the Remove parameter. Any existing MDM enrollment registrations will be removed" 13 | } 14 | else { 15 | Write-Output "Running script without the Remove Parameter. MDM enrollment information will be gathered but not removed" 16 | } 17 | 18 | Try { 19 | $SchTaskObj = New-Object -ComObject Schedule.Service 20 | $SchTaskObj.connect($ENV:COMPUTERNAME) 21 | $SchTaskObj_Folder = $SchTaskObj.GetFolder("Microsoft\Windows\EnterpriseMgmt") 22 | $EntMgmt_SchTask = $SchTaskObj_Folder.GetFolders(1) | Where-Object { [guid]::TryParse($_.Name, $([ref][guid]::Empty)) -eq $True } | Select-Object Name 23 | 24 | } 25 | Catch { 26 | Write-Warning "No MDM Enrollment Scheduled Task was found in ""\Microsoft\Windows\EnterpriseMgmt""" 27 | Exit 0 28 | } 29 | 30 | If ($EntMgmt_SchTask) { 31 | Foreach ($TaskFolder in $EntMgmt_SchTask) { 32 | Write-Host "MDM Enrollment Scheduled Task Found: ""$($TaskFolder.Name)""" 33 | $RegValue = (Join-Path -Path $RegPath -ChildPath $TaskFolder.Name) 34 | 35 | Try { 36 | $Reg = Get-ItemProperty -Path $RegValue | Where-Object { $_.UPN -like "*$OldTenant" } -ErrorAction SilentlyContinue 37 | } 38 | Catch { 39 | Write-Warning "Unable to get corresponding Registry Key for Scheduled Task ""$($TaskFolder.Name)""" 40 | Exit 0 41 | } 42 | 43 | If ($Reg) { 44 | Write-Output "MDM Enrollement Scheduled Task ""$($TaskFolder.Name)"" is for Tenant ""$OldTenant""" 45 | 46 | Try { 47 | $MDM_Cert = Get-ChildItem -path Cert:\LocalMachine\My | Where-Object { $_.ThumbPrint -eq $Reg.DMPCertThumbPrint } -ErrorAction SilentlyContinue 48 | If ($MDM_Cert) { 49 | Write-Output "Found Microsoft Intune MDM Device Certificate with matching ThumbPrint ""$($Reg.DMPCertThumbPrint)""" 50 | } 51 | else { 52 | Write-Warning "No Microsoft Intune MDM Device Certificate found with matching ThumbPrint ""$($Reg.DMPCertThumbPrint)""" 53 | } 54 | } 55 | Catch { 56 | Write-Warning "Unable to find Certificate with Thumbprint ""$($Reg.DMPCertThumbPrint)""" 57 | } 58 | If ($Remove) { 59 | Write-Output "Removing MDM enrollment registration ""$($TaskFolder.Name)""..." 60 | If ($MDM_Cert) { 61 | Write-Output "Removing MDM Certificate..." 62 | Try { 63 | $MDM_Cert | Remove-Item -ErrorAction SilentlyContinue 64 | Write-Output "Certificate with Thumbprint ""$($Reg.DMPCertThumbPrint)"" Deleted" 65 | } 66 | Catch { 67 | Write-Warning "Failed to remove certificate with Thumbprint ""$($Reg.DMPCertThumbPrint)""" 68 | Exit 0 69 | } 70 | } 71 | Write-Output "Removing Scheduled Tasks..." 72 | Try { 73 | $Tasks = ($SchTaskObj.GetFolder("Microsoft\Windows\EnterpriseMgmt\$($TaskFolder.Name)")).GetTasks(1) 74 | ForEach ($Task in $Tasks) { 75 | Write-Output "Deleting Task ""$($Task.Name)""" 76 | ($SchTaskObj.GetFolder("Microsoft\Windows\EnterpriseMgmt\$($TaskFolder.Name)")).DeleteTask($Task.Name, 0) 77 | } 78 | ($SchTaskObj.GetFolder("Microsoft\Windows\EnterpriseMgmt")).DeleteFolder($TaskFolder.Name, 0) 79 | } 80 | Catch { 81 | Write-Warning "Error Removing Scheduled Tasks" 82 | Write-Warning $Error[0] 83 | Exit 0 84 | } 85 | Write-Output "Removing MDM Registry Keys..." 86 | Try { 87 | Remove-Item -Path $RegValue -Recurse -Force -ErrorAction SilentlyContinue 88 | } 89 | Catch { 90 | Write-Warning "Error Removing MDM Enrollment Registry Key ""$RegValue""" 91 | Exit 0 92 | } 93 | Write-Output "Completed Removing MDM Enrollment." 94 | } 95 | } 96 | } 97 | } 98 | else { 99 | Write-Output "No MDM Enrollment found matching the tenant ""$OldTenant""" 100 | } -------------------------------------------------------------------------------- /Detect_Chassis.ps1: -------------------------------------------------------------------------------- 1 | #Credit to https://powershell.one/wmi/root/cimv2/win32_systemenclosure 2 | #Modified original script to output IsLaptop, IsDesktop, IsServer, IsOther to be used as a detection method 3 | $Chassis = @{ 4 | Name = 'ChassisTypes' 5 | Expression = { 6 | $ChassisResult = foreach ($ChassisValue in $_.ChassisTypes) { 7 | switch ([int]$ChassisValue) { 8 | 1 { 'IsOther' } 9 | 2 { 'IsOther' } 10 | 3 { 'IsDesktop' } 11 | 4 { 'IsDesktop' } 12 | 5 { 'IsDesktop' } 13 | 6 { 'IsDesktop' } 14 | 7 { 'IsDesktop' } 15 | 8 { 'IsLaptop' } 16 | 9 { 'IsLaptop' } 17 | 10 { 'IsLaptop' } 18 | 11 { 'IsLaptop' } 19 | 12 { 'IsLaptop' } 20 | 13 { 'IsOther' } 21 | 14 { 'IsLaptop' } 22 | 15 { 'IsDesktop' } 23 | 16 { 'IsDesktop' } 24 | 17 { 'IsOther' } 25 | 18 { 'IsLaptop' } 26 | 19 { 'IsOther' } 27 | 20 { 'IsOther' } 28 | 21 { 'IsLaptop' } 29 | 22 { 'IsOther' } 30 | 23 { 'IsServer' } 31 | 24 { 'IsOther' } 32 | default { "$ChassisValue" } 33 | } 34 | 35 | } 36 | $ChassisResult 37 | } 38 | } 39 | 40 | Get-CimInstance -ClassName Win32_SystemEnclosure | Select-Object $Chassis | foreach-object { $_.ChassisTypes } -------------------------------------------------------------------------------- /Detect_EnableAutomaticUpdates.ps1: -------------------------------------------------------------------------------- 1 | $Path = "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" 2 | $Name = "NoAutoUpdate" 3 | $Type = "DWORD" 4 | $Value = 0 5 | 6 | Try { 7 | $Registry = Get-ItemProperty -Path $Path -Name $Name -ErrorAction Stop | Select-Object -ExpandProperty $Name 8 | If ($Registry -eq $Value){ 9 | Write-Output "Compliant" 10 | Exit 0 11 | } 12 | Write-Warning "Not Compliant" 13 | Exit 1 14 | } 15 | Catch { 16 | Write-Warning "Not Compliant" 17 | Exit 1 18 | } -------------------------------------------------------------------------------- /Detect_EnableEdgeAutomaticUpdates.ps1: -------------------------------------------------------------------------------- 1 | $Path = "HKLM:\SOFTWARE\Policies\Microsoft\EdgeUpdate" 2 | $Channel = @( 3 | "Update{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}" 4 | "Update{2CD8A007-E189-409D-A2C8-9AF4EF3C72AA}" 5 | "Update{65C35B14-6C1D-4122-AC46-7148CC9D6497}" 6 | "Update{0D50BFEC-CD6A-4F9A-964C-C7416E3ACB10}" 7 | ) 8 | $Type = "DWORD" 9 | $Value = 1 10 | 11 | ForEach ($Name in $Channel) { 12 | If (Get-ItemProperty -Path $Path -Name $Name -ErrorAction SilentlyContinue) { 13 | $RegName = $Name 14 | } 15 | } 16 | 17 | Try { 18 | $Registry = Get-ItemProperty -Path $Path -Name $RegName -ErrorAction Stop | Select-Object -ExpandProperty $RegName 19 | If ($Registry -eq $Value) { 20 | Write-Output "Compliant" 21 | Exit 0 22 | } 23 | Write-Warning "Not Compliant" 24 | Exit 1 25 | } 26 | Catch { 27 | Write-Warning "Not Compliant" 28 | Exit 1 29 | } 30 | -------------------------------------------------------------------------------- /Detect_OfficeMgmtCOM.ps1: -------------------------------------------------------------------------------- 1 | $Path = "HKLM:\SOFTWARE\Policies\Microsoft\office\16.0\common\officeupdate" 2 | $Name = "OfficeMgmtCOM" 3 | $Type = "DWORD" 4 | $Value = 0 5 | 6 | Try { 7 | $Registry = Get-ItemProperty -Path $Path -Name $Name -ErrorAction Stop | Select-Object -ExpandProperty $Name 8 | If ($Registry -eq $Value) { 9 | Write-Output "Compliant" 10 | Exit 0 11 | } 12 | Write-Warning "Not Compliant" 13 | Exit 1 14 | } 15 | Catch { 16 | Write-Warning "Not Compliant" 17 | Exit 1 18 | } -------------------------------------------------------------------------------- /DisableOfficeMgmtCOM.ps1: -------------------------------------------------------------------------------- 1 | $Path = "HKLM:\SOFTWARE\Policies\Microsoft\office\16.0\common\officeupdate" 2 | $Name = "OfficeMgmtCOM" 3 | $Type = "DWORD" 4 | $Value = 0 5 | 6 | Set-ItemProperty -Path $Path -Name $Name -Type $Type -Value $Value -------------------------------------------------------------------------------- /EnableAutomaticUpdates.ps1: -------------------------------------------------------------------------------- 1 | $Path = "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" 2 | $Name = "NoAutoUpdate" 3 | $Type = "DWORD" 4 | $Value = 0 5 | 6 | Set-ItemProperty -Path $Path -Name $Name -Type $Type -Value $Value -------------------------------------------------------------------------------- /EnableEdgeAutomaticUpdates.ps1: -------------------------------------------------------------------------------- 1 | $Path = "HKLM:\SOFTWARE\Policies\Microsoft\EdgeUpdate" 2 | $Channel = @( 3 | "Update{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}" 4 | "Update{2CD8A007-E189-409D-A2C8-9AF4EF3C72AA}" 5 | "Update{65C35B14-6C1D-4122-AC46-7148CC9D6497}" 6 | "Update{0D50BFEC-CD6A-4F9A-964C-C7416E3ACB10}" 7 | ) 8 | $Type = "DWORD" 9 | $Value = 1 10 | 11 | ForEach ($Name in $Channel) { 12 | Try { 13 | Get-ItemProperty -Path $Path -Name $Name -ErrorAction Stop -ErrorVariable NotExist | Out-Null 14 | Write-Output """$Path\$Name"" Exists" 15 | Write-Output "Attempting to set the Registry Value to $Value" 16 | } 17 | Catch { 18 | Write-Warning "Registry value for $Name not found" 19 | } 20 | 21 | Try { 22 | If (!($NotExist)) { 23 | Set-ItemProperty -Path $Path -Name $Name -Type $Type -Value $Value -ErrorAction Stop | Out-Null 24 | Write-Output "Updated Registry Value Successfully" 25 | } 26 | } 27 | Catch { 28 | Write-Warning "Could not update the registry value for $Name" 29 | } 30 | } -------------------------------------------------------------------------------- /Feature Updates/SetupCompleteCMD/Detect_SetupComplete.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | .Synopsis 3 | Created on: 10/04/2021 4 | Created by: Ben Whitmore 5 | Filename: Detect_SetupComplete.ps1 6 | 7 | .Description 8 | Detection script to be deployed with ConfigMgr to detect SetupComplete.cmd in $env:SystemDrive\ProgramData\FeatureUpdate\\SetupComplete.cmd and to check SetupCOnfig.ini references the correct version of the application i.e. $env:SystemDrive\Users\Default\AppData\Local\Microsoft\Windows\WSUS\SetupConfig.ini POSTOOBE will reference SetupComplete.cmd as outlined above 9 | #> 10 | 11 | $SetupCompleteVersion = "1.09.04" 12 | $SetupCompleteLocation = Join-Path -Path "$($env:SystemDrive)\ProgramData\FeatureUpdate" -ChildPath $SetupCompleteVersion 13 | 14 | $FUFilesInComplete = $Null 15 | $SetupConfigini_Valid = $Null 16 | 17 | Try { 18 | If (!(Test-Path -Path $SetupCompleteLocation)) { 19 | $FUFilesInComplete = $True 20 | } 21 | } 22 | Catch { 23 | $FUFilesInComplete = $True 24 | } 25 | 26 | Try { 27 | $iniFilePath = "$($env:SystemDrive)\Users\Default\AppData\Local\Microsoft\Windows\WSUS\SetupConfig.ini" 28 | if (Test-Path -Path $iniFilePath) { 29 | $SetupConfigini_Content = Get-Content $iniFilePath 30 | foreach ($line in $SetupConfigini_Content) { 31 | If ($line -like "PostOOBE=$($SetupCompleteLocation)\SetupComplete.cmd") { 32 | $SetupConfigini_Valid = $True 33 | } 34 | } 35 | } 36 | else { 37 | $FUFilesInComplete = $True 38 | } 39 | } 40 | Catch { 41 | $FUFilesInComplete = $True 42 | } 43 | 44 | If (($SetupConfigini_Valid) -and (!($FUFilesInComplete))) { 45 | Write-Output "Installed" 46 | } -------------------------------------------------------------------------------- /Feature Updates/SetupCompleteCMD/Files/ProgramData/Microsoft/User Account Pictures/guest.bmp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Feature Updates/SetupCompleteCMD/Files/ProgramData/Microsoft/User Account Pictures/guest.bmp -------------------------------------------------------------------------------- /Feature Updates/SetupCompleteCMD/Files/ProgramData/Microsoft/User Account Pictures/guest.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Feature Updates/SetupCompleteCMD/Files/ProgramData/Microsoft/User Account Pictures/guest.png -------------------------------------------------------------------------------- /Feature Updates/SetupCompleteCMD/Files/ProgramData/Microsoft/User Account Pictures/user-192.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Feature Updates/SetupCompleteCMD/Files/ProgramData/Microsoft/User Account Pictures/user-192.png -------------------------------------------------------------------------------- /Feature Updates/SetupCompleteCMD/Files/ProgramData/Microsoft/User Account Pictures/user-32.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Feature Updates/SetupCompleteCMD/Files/ProgramData/Microsoft/User Account Pictures/user-32.png -------------------------------------------------------------------------------- /Feature Updates/SetupCompleteCMD/Files/ProgramData/Microsoft/User Account Pictures/user-40.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Feature Updates/SetupCompleteCMD/Files/ProgramData/Microsoft/User Account Pictures/user-40.png -------------------------------------------------------------------------------- /Feature Updates/SetupCompleteCMD/Files/ProgramData/Microsoft/User Account Pictures/user-48.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Feature Updates/SetupCompleteCMD/Files/ProgramData/Microsoft/User Account Pictures/user-48.png -------------------------------------------------------------------------------- /Feature Updates/SetupCompleteCMD/Files/ProgramData/Microsoft/User Account Pictures/user.bmp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Feature Updates/SetupCompleteCMD/Files/ProgramData/Microsoft/User Account Pictures/user.bmp -------------------------------------------------------------------------------- /Feature Updates/SetupCompleteCMD/Files/ProgramData/Microsoft/User Account Pictures/user.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Feature Updates/SetupCompleteCMD/Files/ProgramData/Microsoft/User Account Pictures/user.jpg -------------------------------------------------------------------------------- /Feature Updates/SetupCompleteCMD/Files/ProgramData/Microsoft/User Account Pictures/user.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Feature Updates/SetupCompleteCMD/Files/ProgramData/Microsoft/User Account Pictures/user.png -------------------------------------------------------------------------------- /Feature Updates/SetupCompleteCMD/Files/Windows/Web/Wallpaper/Custom.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Feature Updates/SetupCompleteCMD/Files/Windows/Web/Wallpaper/Custom.jpg -------------------------------------------------------------------------------- /Feature Updates/SetupCompleteCMD/Files/Windows/Web/Wallpaper/Thumbs.db: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Feature Updates/SetupCompleteCMD/Files/Windows/Web/Wallpaper/Thumbs.db -------------------------------------------------------------------------------- /Feature Updates/SetupCompleteCMD/Install_SetupComplete.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | .Synopsis 3 | Created on: 10/04/2021 4 | Created by: Ben Whitmore 5 | Filename: Install_SetupComplete.ps1 6 | 7 | .Description 8 | Script to install a custom SetupComplete.cmd which will be used POSTOOBE when installing a Feautre Update using Windows Update. 9 | Files in the "Files" source folder should resemble the structure from the root $env:SystemDrive 10 | 11 | e.g. If you want to copy custom account pictures to your device after the OOBE they should be placed in ..\Files\ProgramData\Microsoft\User Account Pictures 12 | 13 | Version.txt should contain the current version of SetupComplete.cmd. The application is designed with version control in mind. The version value will determine the path in $env:SystemDrive\ProgramData which the "FeatureUpdate" folder is created and the reference in SetupConfig.ini will also point to $env:SystemDrive\ProgramData\FeatureUpdate\\SetupComplete.cmd 14 | #> 15 | 16 | #Setup environment 17 | $ScriptPath = Split-Path -Parent $MyInvocation.MyCommand.Definition 18 | $SetupCompleteVersionFile = Join-Path -Path $ScriptPath -ChildPath "Version.txt" 19 | 20 | #Get intended Version of SetupComplete 21 | Try { 22 | If (Test-Path -Path $SetupCompleteVersionFile) { 23 | $SetupCompleteVersion = Get-Content $SetupCompleteVersionFile 24 | $SetupCompleteLocation = Join-Path -Path "$($env:SystemDrive)\ProgramData\FeatureUpdate" -ChildPath $SetupCompleteVersion 25 | $SetupCompleteCMD = Join-Path -Path $SetupCompleteLocation -ChildPath "SetupComplete.cmd" 26 | } 27 | } 28 | Catch { 29 | Write-Host "Error getting SetupComplete Version from Script Source Directory. Does version.txt exist?" 30 | } 31 | 32 | Try { 33 | 34 | #Setup Directory and create SetupComplete.cmd 35 | New-Item $SetupCompleteLocation -ItemType Directory -Force 36 | New-Item $SetupCompleteCMD -ItemType File -Force 37 | 38 | #Add correct version of SetupComplete.ps1 to run post Feature Update 39 | Add-Content -Path $SetupCompleteCMD -Value "powershell.exe -executionpolicy bypass -file $($SetupCompleteLocation)\SetupComplete.ps1 -WindowStyle Hidden" 40 | } 41 | Catch { 42 | Write-Host "Error creating file ""$($SetupCompleteCMD)""" 43 | } 44 | 45 | Try { 46 | 47 | #Declare items to copy to Feature Update staging folder 48 | $SetupFiles = @("SetupComplete.ps1", "Files", "Version.txt") 49 | 50 | #Copy Files from Script Root to Feature Update staging folder 51 | Foreach ($File in $SetupFiles) { 52 | $FiletoCopy = Join-Path -Path $ScriptPath -ChildPath $File -ErrorAction SilentlyContinue 53 | Try { 54 | Copy-Item -Path $FiletoCopy -Destination $SetupCompleteLocation -Force -Recurse 55 | } 56 | Catch { 57 | Write-Warning: "Error copying item ""$($File)"" to ""$($SetupCompleteLocation)""" 58 | } 59 | } 60 | } 61 | Catch { 62 | Write-Warning "Error setting up the Feature Update staging folder" 63 | } 64 | 65 | #Create SetupConfig.ini 66 | #Source https://docs.microsoft.com/en-us/windows/deployment/update/feature-update-user-install#step-2-override-the-default-windows-setup-priority-windows-10-version-1709-and-later 67 | 68 | #Variables for SetupConfig 69 | $iniFilePath = "$env:SystemDrive\Users\Default\AppData\Local\Microsoft\Windows\WSUS\SetupConfig.ini" 70 | $PriorityValue = "Normal" 71 | 72 | $iniSetupConfigSlogan = "[SetupConfig]" 73 | $iniSetupConfigKeyValuePair = @{"Priority" = $PriorityValue; "PostOOBE" = $SetupCompleteCMD } 74 | 75 | #Init SetupConfig content 76 | $iniSetupConfigContent = @" 77 | $iniSetupConfigSlogan 78 | "@ 79 | 80 | Try { 81 | 82 | #Setup SetupConfig Directory 83 | #Build SetupConfig content with settings 84 | foreach ($k in $iniSetupConfigKeyValuePair.Keys) { 85 | $val = $iniSetupConfigKeyValuePair[$k] 86 | $iniSetupConfigContent = $iniSetupConfigContent.Insert($iniSetupConfigContent.Length, "`r`n$k=$val") 87 | } 88 | 89 | #Write content to file 90 | New-Item $iniFilePath -ItemType File -Value $iniSetupConfigContent -Force 91 | } 92 | Catch { 93 | Write-Warning "Error creating ""$($iniFilePath)""" 94 | } -------------------------------------------------------------------------------- /Feature Updates/SetupCompleteCMD/SetupComplete.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | .Synopsis 3 | Created on: 10/04/2021 4 | Created by: Ben Whitmore 5 | Filename: SetupComplete.ps1 6 | 7 | .Description 8 | POST OOBE during a Windows 10 Feature Update, installed via Windows Update, will run $env:SystemDrive\ProgramData\FeatureUpdate\\SetupComplete.cmd. SetupComplete.cmd calls SetupComplete.ps1 9 | 10 | This script will copy files to the device that are replaced, or required, after a Feature Update has been installed. The destination folder structure should be maintained in the "Files" source directory for the application. e.g. If you want to copy custom account pictures to your device after the OOBE they should be place in ..\Files\ProgramData\Microsoft\User Account Pictures 11 | #> 12 | 13 | #Setup environment 14 | $ScriptPath = Split-Path -Parent $MyInvocation.MyCommand.Definition 15 | 16 | #Copy Files from Script Root to Feature Update staging folder 17 | Try { 18 | $FilestoCopy = Join-Path -Path $ScriptPath -ChildPath "Files" 19 | Robocopy.exe $FilestoCopy $env:systemdrive\ /e /z /r:5 /w:1 /eta 20 | } 21 | Catch { 22 | Write-Warning: "Error copying files to ""$($env:systemdrive)""" 23 | } 24 | 25 | #Do other stuff here... 26 | -------------------------------------------------------------------------------- /Feature Updates/SetupCompleteCMD/Thumbs.db: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Feature Updates/SetupCompleteCMD/Thumbs.db -------------------------------------------------------------------------------- /Feature Updates/SetupCompleteCMD/Uninstall_SetupComplete.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | .Synopsis 3 | Created on: 10/04/2021 4 | Created by: Ben Whitmore 5 | Filename: Uninstall_SetupComplete.ps1 6 | 7 | .Description 8 | Script to uninstall a custom SetupComplete.cmd which will be used POSTOOBE when installing a Feautre Update using Windows Update. 9 | 10 | $env:SystemDrive\ProgramData\FeatureUpdate\\ will be removed 11 | $env:SystemDrive\Users\Default\AppData\Local\Microsoft\Windows\WSUS\SetupConfig.ini will be removed if the following line is present in SetupConfig.ini "PostOOBE=$env:SystemDrive\ProgramData\FeatureUpdate\\SetupComplete.cmd" 12 | #> 13 | 14 | #Setup environment 15 | $ScriptPath = Split-Path -Parent $MyInvocation.MyCommand.Definition 16 | $SetupCompleteVersionFile = Join-Path -Path $ScriptPath -ChildPath "Version.txt" 17 | 18 | #Get intended Version of SetupComplete 19 | Try { 20 | If (Test-Path -Path $SetupCompleteVersionFile) { 21 | $SetupCompleteVersion = Get-Content $SetupCompleteVersionFile 22 | $SetupCompleteLocation = Join-Path -Path "$($env:SystemDrive)\ProgramData\FeatureUpdate" -ChildPath $SetupCompleteVersion 23 | } 24 | } 25 | Catch { 26 | Write-Host "Error getting SetupComplete Version from Script Source Directory. Does version.txt exist?" 27 | } 28 | 29 | Try { 30 | 31 | #Remove Directory 32 | Remove-Item $SetupCompleteLocation -Force -Recurse 33 | } 34 | Catch { 35 | Write-Host "Error removing ""$($SetupCompleteLocation)""" 36 | } 37 | 38 | #Remove SetupConfig.ini 39 | Try { 40 | $iniFilePath = "$($env:SystemDrive)\Users\Default\AppData\Local\Microsoft\Windows\WSUS\SetupConfig.ini" 41 | if (Test-Path -Path $iniFilePath) { 42 | $SetupConfigini_Content = Get-Content $iniFilePath 43 | foreach ($line in $SetupConfigini_Content) { 44 | If ($line -like "PostOOBE=$($SetupCompleteLocation)\SetupComplete.cmd") { 45 | Remove-Item $iniFilePath -Force 46 | } 47 | } 48 | } 49 | } 50 | Catch { 51 | Write-Host "Error removing ""$($iniFilePath)""" 52 | } -------------------------------------------------------------------------------- /Feature Updates/SetupCompleteCMD/Version.txt: -------------------------------------------------------------------------------- 1 | 1.09.04 -------------------------------------------------------------------------------- /FileShareToSPO_Migration_Check.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | =========================================================================== 3 | Created on: 10/08/2020 10:02 4 | Created by: Ben Whitmore 5 | Filename: Path_Length.ps1 6 | =========================================================================== 7 | 8 | Version: 9 | 1.0 10 | 11 | .SYNOPSIS 12 | This script is designed to highlight files on a fileshare that will not be able to be 13 | moved to SharePoint online using the SharePoint Migration Tool 14 | 15 | .Parameter Path 16 | File Path to test 17 | 18 | .Parameter Length 19 | Length of path to test. SharePoint online has a 400 character limit for a file path 20 | https://support.microsoft.com/en-gb/office/invalid-file-names-and-file-types-in-onedrive- 21 | and-sharepoint-64883a5d-228e-48f5-b3d2-eb39e07630fa?ui=en-us&rs=en- 22 | gb&ad=gb#invalidfilefoldernames 23 | 24 | .Parameter OutDir 25 | Specify target Out Directory 26 | 27 | .Example 28 | Path_Length.ps1 -Path "D:\Test\Files" -Length "400" -OutDir "C:\Outs" 29 | 30 | #> 31 | Param 32 | ( 33 | [Parameter(Mandatory = $True)] 34 | [String]$Path, 35 | [Parameter(Mandatory = $False)] 36 | [String]$Length = 400, 37 | [String]$OutDir 38 | ) 39 | 40 | $ScriptPath = $MyInvocation.MyCommand.Path 41 | $CurrentDir = Split-Path $ScriptPath 42 | 43 | #Reset Warning 44 | $WarningPath = $Null 45 | 46 | #Specify Out File 47 | $OutFile = "SPO_Migrate_Out.csv" 48 | 49 | If ($OutDir) { 50 | $OutDir = $OutDir 51 | } 52 | Else { 53 | $OutDir = $CurrentDir 54 | } 55 | #Get file info from fileshare 56 | 57 | Try { 58 | $Files = Get-ChildItem -Path $Path -recurse -ErrorAction Continue -ErrorVariable Error_GCI | Select-Object Name, Fullname 59 | } 60 | Catch { 61 | Write-Warning "Path error: $($Path), Error: $($Error_GCI)" 62 | $WarningPath = $True 63 | } 64 | 65 | #Write-Warning "File path is greater than $($Length) characters for the following files" 66 | ForEach ($File in $Files) { 67 | If ($File.FullName.Length -gt $Length) { 68 | $WarningPath = $True 69 | } 70 | } 71 | 72 | #Show error if files with large paths found 73 | If ($WarningPath -eq $True) { 74 | Write-Warning "Some files in path ""$($Path)"" exceeded the path length of $($Length) or the path was unreadable. See the Out-GridView for more information" 75 | $WarningPath = $Null 76 | } 77 | 78 | 79 | #Save Out to Path being checked 80 | $Files | Select-Object Fullname, @{Name = "Path_Length"; Expression = { $_.FullName.Length } } | Sort-Object Path_Length -Descending | Export-Csv (Join-Path $OutDir "SPO_Migration_Check.csv") -Append 81 | 82 | #Output results to Grid View 83 | $Files | Select-Object Fullname, @{Name = "Path_Length"; Expression = { $_.FullName.Length 84 | } 85 | } | Sort-Object Path_Length -Descending | Out-GridView -------------------------------------------------------------------------------- /Flash Uninstall/Detect_Flash_Removal_KB4577586.ps1: -------------------------------------------------------------------------------- 1 | $Patch = Get-Hotfix | Where-Object { $_.HotFixID -match "KB4577586" } 2 | If ($Patch) { 3 | Write-Host "Installed" 4 | } 5 | else { 6 | } -------------------------------------------------------------------------------- /Flash Uninstall/Install_Flash_Removal_KB4577586.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | =========================================================================== 3 | Created on: 0/01/2021 13:06 4 | Created by: Ben Whitmore 5 | Organization: - 6 | Filename: Install_Flash_Removal_KB4577586.ps1 7 | Target System: Windows 10 , Windows Server 2012/R2 | 2016 | 2019 | 1903 | 1909 | 2004 8 | =========================================================================== 9 | 10 | Version: 11 | 1.2.1 - 22/01/2021 12 | Added support for Server OS - Thanks @Hoorge for the suggestion 13 | 14 | 1.2 - 04/01/2021 15 | Fixed 20H2 coding error - Credit @AndyUpperton 16 | 17 | 1.1 02/01/2021 18 | Basic Transcript Logging added 19 | 20 | 1.0 - 01/01/2021 21 | Release 22 | #> 23 | 24 | #Set Current Directory 25 | $ScriptPath = $MyInvocation.MyCommand.Path 26 | $CurrentDir = Split-Path $ScriptPath 27 | 28 | $Log = Join-Path $ENV:TEMP "Flash_Uninstall.log" 29 | Start-Transcript $Log 30 | 31 | #Set WUSA.EXE Variable 32 | $WUSA = "$env:systemroot\System32\wusa.exe" 33 | 34 | #Get OS Product Name 35 | $OS_ProductName = (Get-ItemProperty -Path 'Registry::HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion' ProductName).ProductName 36 | 37 | #Build OS Version String 38 | Switch ($OS_ProductName) { 39 | { $_.StartsWith("Windows 10") } { $OS_String = ($OS_ProductName -split "\s+" | Select-Object -First 2) -Join ' ' } 40 | { $_.StartsWith("Windows Server 2012 R2") } { $OS_String = ($OS_ProductName -split "\s+" | Select-Object -First 4) -Join ' ' } 41 | { ($_.StartsWith("Windows Server") -and (!($_.Contains("R2")))) } { $OS_String = ($OS_ProductName -split "\s+" | Select-Object -First 3) -Join ' ' } 42 | } 43 | 44 | #Get OS Release ID for valid OS's 45 | If (!($OS_String -match "Server 2012")) { 46 | $OS_ReleaseID = (Get-ItemProperty -Path 'Registry::HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion' ReleaseId).ReleaseId 47 | } 48 | else { 49 | Write-Output "Skipping check of Release ID for $($OS_ProductName)" 50 | } 51 | 52 | #Rename $OS_ReleaseID variable for "Windows 10 20H2" and "Windows Server, version 1909" because the same KB update is used for both 2004 and 2009 53 | If (($OS_ReleaseID -eq "2009" -and $OS_ProductName -match "Windows 10")) { 54 | $OS_ReleaseID = "2004" 55 | } 56 | 57 | #Build OS Version Name variable 58 | Switch ($OS_String) { 59 | { $_.Equals("Windows 10") } { $Version_String = $OS_String + " Version " + $OS_ReleaseID } 60 | { $_.StartsWith("Windows Server 2") } { $Version_String = $OS_String } 61 | { $_.StartsWith("Windows Server,") } { $Version_String = $OS_String + $OS_ReleaseID } 62 | } 63 | 64 | #Get OS Architecture 65 | $OS_Architecture = Switch (Get-CIMInstance -Namespace "ROOT\CIMV2" -Class "Win32_Processor" | Select-Object -Unique -ExpandProperty Architecture) { 66 | 9 { 'x64-based' } 67 | 0 { 'x86-based' } 68 | 5 { 'ARM64-based' } 69 | } 70 | 71 | $PatchRequired = "Update for Removal of Adobe Flash Player for " + $Version_String + " for " + $OS_Architecture + " systems (KB4577586)" 72 | 73 | #Get Patch Titles 74 | $PatchNames = Get-ChildItem $CurrentDir | Where-Object { $_.PSIsContainer } | Foreach-Object { $_.Name } 75 | 76 | #Check if the patch has been downloaded for the current system 77 | $PatchFound = $False 78 | 79 | #Check Installation 80 | $Patch = Get-Hotfix | Where-Object { $_.HotFixID -match "KB4577586" } 81 | If ($Patch) { 82 | Write-Host "Patch Already Installed" 83 | } 84 | else { 85 | 86 | Foreach ($Patch in $PatchNames) { 87 | If ($Patch -eq $PatchRequired) { 88 | $PatchFound = $True 89 | 90 | #Get MSU from the correct Directory 91 | $MSU = Get-ChildItem (Join-Path $CurrentDir $Patch) -Recurse | Where-Object { $_.Extension -eq ".msu" } 92 | $MSUFullPath = Join-Path (Join-Path $CurrentDir $PatchRequired) $MSU.Name 93 | 94 | #Set WUSA Args 95 | $Args = @( 96 | """$MSUFullPath""" 97 | "/quiet" 98 | "/norestart" 99 | ) 100 | } 101 | } 102 | 103 | #Patch detection determines outcome 104 | If ($PatchFound) { 105 | Write-Host "Patch found for this system" 106 | Write-Host "Patch Required: $($PatchRequired)" 107 | Write-Host "Patch Name: $($MSU.Name)" 108 | Write-Host "Installing Update..." 109 | 110 | #Install Patch 111 | Start-Process -FilePath $WUSA -ArgumentList $Args -Wait 112 | 113 | #Check Installation 114 | $Patch = Get-Hotfix | Where-Object { $_.HotFixID -match "KB4577586" } 115 | If ($Patch) { 116 | Write-Host "Patch Installed Successfully" 117 | } 118 | else { 119 | Write-Warning "Patch Installation Failed" 120 | } 121 | } 122 | else { 123 | Write-Host "Patch not found for this system" 124 | Write-Host "Patch Required: $($PatchRequired)" 125 | } 126 | } 127 | Stop-Transcript -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1507 for x64-based systems (KB4577586)/AMD64_X86-all-windows10.0-kb4577586-x64_a0ff1622de1e30a2400d56903161a3c0757c29d1.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1507 for x64-based systems (KB4577586)/AMD64_X86-all-windows10.0-kb4577586-x64_a0ff1622de1e30a2400d56903161a3c0757c29d1.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1507 for x86-based systems (KB4577586)/AMD64_X86-all-windows10.0-kb4577586-x86_cc1837e27113e5444e025cf2dc2e2ed556ba77f9.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1507 for x86-based systems (KB4577586)/AMD64_X86-all-windows10.0-kb4577586-x86_cc1837e27113e5444e025cf2dc2e2ed556ba77f9.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1607 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_809b9640d04c5af4c7e78499052abaa936cb670a.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1607 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_809b9640d04c5af4c7e78499052abaa936cb670a.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1607 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_97a4f342e91e40b921727a8b944a29f7155f3ca1.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1607 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_97a4f342e91e40b921727a8b944a29f7155f3ca1.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1703 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_84ef2e9e7eb6bd2a3cfa5a8aef59adccab988e7d.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1703 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_84ef2e9e7eb6bd2a3cfa5a8aef59adccab988e7d.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1703 for x86-based systems (KB4577586)/AMD64_X86-all-windows10.0-kb4577586-x86_9a3ade6ec24a2627276cbd7df0b39ece8ffee269.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1703 for x86-based systems (KB4577586)/AMD64_X86-all-windows10.0-kb4577586-x86_9a3ade6ec24a2627276cbd7df0b39ece8ffee269.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1709 for ARM64-based systems (KB4577586)/ARM64-all-windows10.0-kb4577586-arm64_81d999c5c09cfd4e914cfaaa6f3c80b8ec911a84.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1709 for ARM64-based systems (KB4577586)/ARM64-all-windows10.0-kb4577586-arm64_81d999c5c09cfd4e914cfaaa6f3c80b8ec911a84.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1709 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_e0921a984710c3992b68e570115b29b9e8e5c708.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1709 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_e0921a984710c3992b68e570115b29b9e8e5c708.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1709 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_f1ee6a8c9cdc91b4486fde9dc98c9dc5f9babc77.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1709 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_f1ee6a8c9cdc91b4486fde9dc98c9dc5f9babc77.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1803 for ARM64-based systems (KB4577586)/ARM64-all-windows10.0-kb4577586-arm64_e6c65b35f640b4541a674b77b064c1e4d066e52d.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1803 for ARM64-based systems (KB4577586)/ARM64-all-windows10.0-kb4577586-arm64_e6c65b35f640b4541a674b77b064c1e4d066e52d.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1803 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_07eba1db5a2cfac83683bd43d727a3195a94b39b.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1803 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_07eba1db5a2cfac83683bd43d727a3195a94b39b.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1803 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_b737ffa841d2aab5cbf5e00560b93577a6d0b4d2.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1803 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_b737ffa841d2aab5cbf5e00560b93577a6d0b4d2.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1809 for ARM64-based systems (KB4577586)/ARM64-all-windows10.0-kb4577586-arm64_9b954e1ca43f467e324283b8be5e5a8ab929e5a4.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1809 for ARM64-based systems (KB4577586)/ARM64-all-windows10.0-kb4577586-arm64_9b954e1ca43f467e324283b8be5e5a8ab929e5a4.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1809 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_d0f434327db9e3308b86591c248c825c03687632.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1809 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_d0f434327db9e3308b86591c248c825c03687632.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1809 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_947f151a8bb5a0b0797702e53431c52d56c02c32.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1809 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_947f151a8bb5a0b0797702e53431c52d56c02c32.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1903 for ARM64-based systems (KB4577586)/ARM64-all-windows10.0-kb4577586-arm64_cacff17e2776c6ade22df2533a674b0b68f13bc1.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1903 for ARM64-based systems (KB4577586)/ARM64-all-windows10.0-kb4577586-arm64_cacff17e2776c6ade22df2533a674b0b68f13bc1.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1903 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_ec16e118cd8b99df185402c7a0c65a31e031a6f0.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1903 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_ec16e118cd8b99df185402c7a0c65a31e031a6f0.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1903 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_002b1ffa7fb31836aeaed74007a6949d31a96460.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1903 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_002b1ffa7fb31836aeaed74007a6949d31a96460.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1909 for ARM64-based systems (KB4577586)/ARM64-all-windows10.0-kb4577586-arm64_cacff17e2776c6ade22df2533a674b0b68f13bc1.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1909 for ARM64-based systems (KB4577586)/ARM64-all-windows10.0-kb4577586-arm64_cacff17e2776c6ade22df2533a674b0b68f13bc1.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1909 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_ec16e118cd8b99df185402c7a0c65a31e031a6f0.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1909 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_ec16e118cd8b99df185402c7a0c65a31e031a6f0.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1909 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_002b1ffa7fb31836aeaed74007a6949d31a96460.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 1909 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_002b1ffa7fb31836aeaed74007a6949d31a96460.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 2004 for ARM64-based systems (KB4577586)/ARM64-all-windows10.0-kb4577586-arm64_935f62c2ac5987ceda52ca0358664f5b6be381d8.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 2004 for ARM64-based systems (KB4577586)/ARM64-all-windows10.0-kb4577586-arm64_935f62c2ac5987ceda52ca0358664f5b6be381d8.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 2004 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_c9bb49df325c20ddc147137b3f769fa44d800dde.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 2004 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_c9bb49df325c20ddc147137b3f769fa44d800dde.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 2004 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_238da6b730a3f6a709f31980b87e2d8ecb0a8973.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows 10 Version 2004 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_238da6b730a3f6a709f31980b87e2d8ecb0a8973.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows Server 2012 R2 for x64-based systems (KB4577586)/windows8.1-kb4577586-x64_1c039dbdafaf12e9163e8d56cf578cc998306ecd.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows Server 2012 R2 for x64-based systems (KB4577586)/windows8.1-kb4577586-x64_1c039dbdafaf12e9163e8d56cf578cc998306ecd.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows Server 2012 for x64-based systems (KB4577586)/windows8-rt-kb4577586-x64_3dde08cdb47cb317ba47a9181fceee09951c614c.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows Server 2012 for x64-based systems (KB4577586)/windows8-rt-kb4577586-x64_3dde08cdb47cb317ba47a9181fceee09951c614c.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows Server 2016 for x64-based systems (KB4577586)/windows10.0-kb4577586-x64_809b9640d04c5af4c7e78499052abaa936cb670a.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows Server 2016 for x64-based systems (KB4577586)/windows10.0-kb4577586-x64_809b9640d04c5af4c7e78499052abaa936cb670a.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows Server 2019 for x64-based systems (KB4577586)/windows10.0-kb4577586-x64_d0f434327db9e3308b86591c248c825c03687632.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows Server 2019 for x64-based systems (KB4577586)/windows10.0-kb4577586-x64_d0f434327db9e3308b86591c248c825c03687632.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows Server, version 1903 for ARM64-based systems (KB4577586)/windows10.0-kb4577586-arm64_cacff17e2776c6ade22df2533a674b0b68f13bc1.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows Server, version 1903 for ARM64-based systems (KB4577586)/windows10.0-kb4577586-arm64_cacff17e2776c6ade22df2533a674b0b68f13bc1.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows Server, version 1903 for x64-based systems (KB4577586)/windows10.0-kb4577586-x64_ec16e118cd8b99df185402c7a0c65a31e031a6f0 (1).msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows Server, version 1903 for x64-based systems (KB4577586)/windows10.0-kb4577586-x64_ec16e118cd8b99df185402c7a0c65a31e031a6f0 (1).msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows Server, version 1909 for ARM64-based systems (KB4577586)/windows10.0-kb4577586-arm64_cacff17e2776c6ade22df2533a674b0b68f13bc1.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows Server, version 1909 for ARM64-based systems (KB4577586)/windows10.0-kb4577586-arm64_cacff17e2776c6ade22df2533a674b0b68f13bc1.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows Server, version 1909 for x64-based systems (KB4577586)/windows10.0-kb4577586-x64_ec16e118cd8b99df185402c7a0c65a31e031a6f0 (1).msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows Server, version 1909 for x64-based systems (KB4577586)/windows10.0-kb4577586-x64_ec16e118cd8b99df185402c7a0c65a31e031a6f0 (1).msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows Server, version 2004 for ARM64-based systems (KB4577586)/windows10.0-kb4577586-arm64_935f62c2ac5987ceda52ca0358664f5b6be381d8.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows Server, version 2004 for ARM64-based systems (KB4577586)/windows10.0-kb4577586-arm64_935f62c2ac5987ceda52ca0358664f5b6be381d8.msu -------------------------------------------------------------------------------- /Flash Uninstall/Update for Removal of Adobe Flash Player for Windows Server, version 2004 for x64-based systems (KB4577586)/windows10.0-kb4577586-x64_c9bb49df325c20ddc147137b3f769fa44d800dde.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall/Update for Removal of Adobe Flash Player for Windows Server, version 2004 for x64-based systems (KB4577586)/windows10.0-kb4577586-x64_c9bb49df325c20ddc147137b3f769fa44d800dde.msu -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Detect_Flash_Removal_KB4577586_Intune.ps1: -------------------------------------------------------------------------------- 1 | Try { 2 | $Patch = Get-Hotfix | Where-Object { $_.HotFixID -match "KB4577586" } 3 | If ($Patch) { 4 | Write-Output "Compliant" 5 | Exit 0 6 | } 7 | Write-Warning "Not Compliant" 8 | Exit 1 9 | } 10 | Catch { 11 | Write-Warning "Not Compliant" 12 | Exit 1 13 | } -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Install_Flash_Removal_KB4577586.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | =========================================================================== 3 | Created on: 0/01/2021 13:06 4 | Created by: Ben Whitmore 5 | Organization: - 6 | Filename: Install_Flash_Removal_KB4577586.ps1 7 | Target System: Windows 10 Only 8 | =========================================================================== 9 | 10 | Version: 11 | 1.2 12 | Fixed 20H2 coding error - Credit @AndyUpperton 13 | 14 | 1.1 15 | Basic Transcript Logging added 16 | 17 | 1.0 18 | Release 19 | #> 20 | 21 | #Set Current Directory 22 | $ScriptPath = $MyInvocation.MyCommand.Path 23 | $CurrentDir = Split-Path $ScriptPath 24 | 25 | $Log = Join-Path $ENV:WINDIR "Temp\Flash_Uninstall.log" 26 | Start-Transcript $Log 27 | 28 | #Set WUSA.EXE Variable 29 | $WUSA = "$env:systemroot\System32\wusa.exe" 30 | 31 | #Get OS Release ID 32 | $OS_ReleaseID = Get-ItemProperty "HKLM:SOFTWARE\Microsoft\Windows NT\CurrentVersion" | Select-Object -ExpandProperty ReleaseID 33 | 34 | #Rename variable for Windows 10 20H2 ReleaseID because the same update is used for 2004/2009 35 | If ($OS_ReleaseID -eq "2009"){ 36 | $OS_ReleaseID = "2004" 37 | } 38 | 39 | $OS_ProductName = Get-ItemProperty "HKLM:SOFTWARE\Microsoft\Windows NT\CurrentVersion" | Select-Object -ExpandProperty ProductName 40 | 41 | #Get OS Architecture 42 | $OS_Architecture = Switch (Get-CIMInstance -Namespace "ROOT\CIMV2" -Class "Win32_Processor" | Select-Object -Unique -ExpandProperty Architecture) { 43 | 9 { 'x64-based' } 44 | 0 { 'x86-based' } 45 | 5 { 'ARM64-based' } 46 | } 47 | 48 | #Build OS Version String 49 | $OS_String = ($OS_ProductName -split "\s+" | Select-Object -First 2) -Join ' ' 50 | 51 | #Build Patch Name String 52 | $PatchRequired = "Update for Removal of Adobe Flash Player for " + $OS_String + " Version " + $OS_ReleaseID + " for " + $OS_Architecture + " systems (KB4577586)" 53 | 54 | #Get Patch Titles 55 | $PatchNames = Get-ChildItem $CurrentDir | Where-Object { $_.PSIsContainer } | Foreach-Object { $_.Name } 56 | 57 | #Check if the patch has been downloaded for the current system 58 | $PatchFound = $False 59 | 60 | #Check Installation 61 | $Patch = Get-Hotfix | Where-Object { $_.HotFixID -match "KB4577586" } 62 | If ($Patch) { 63 | Write-Host "Patch Already Installed" 64 | } 65 | else { 66 | 67 | Foreach ($Patch in $PatchNames) { 68 | If ($Patch -eq $PatchRequired) { 69 | $PatchFound = $True 70 | 71 | #Get MSU from the correct Directory 72 | $MSU = Get-ChildItem (Join-Path $CurrentDir $Patch) -Recurse | Where-Object { $_.Extension -eq ".msu" } 73 | $MSUFullPath = Join-Path (Join-Path $CurrentDir $PatchRequired) $MSU.Name 74 | 75 | #Set WUSA Args 76 | $Args = @( 77 | """$MSUFullPath""" 78 | "/quiet" 79 | "/norestart" 80 | ) 81 | } 82 | } 83 | 84 | #Patch detection determines outcome 85 | If ($PatchFound) { 86 | Write-Host "Patch found for this system" 87 | Write-Host "Patch Required: $($PatchRequired)" 88 | Write-Host "Patch Name: $($MSU.Name)" 89 | Write-Host "`Installing Update..." 90 | 91 | #Install Patch 92 | Start-Process -FilePath $WUSA -ArgumentList $Args -Wait 93 | 94 | #Check Installation 95 | $Patch = Get-Hotfix | Where-Object { $_.HotFixID -match "KB4577586" } 96 | If ($Patch) { 97 | Write-Host "Patch Installed Successfully" 98 | } 99 | else { 100 | Write-Host "Patch Installation Failed" 101 | } 102 | } 103 | else { 104 | Write-Host "Patch not found for this system" 105 | Write-Host "Patch Required: $($PatchRequired)" 106 | Write-Host "Current System: $($OS_String) $($OS_ReleaseID) $($OS_Architecture) PC" 107 | } 108 | } 109 | Stop-Transcript -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1507 for x64-based systems (KB4577586)/AMD64_X86-all-windows10.0-kb4577586-x64_a0ff1622de1e30a2400d56903161a3c0757c29d1.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1507 for x64-based systems (KB4577586)/AMD64_X86-all-windows10.0-kb4577586-x64_a0ff1622de1e30a2400d56903161a3c0757c29d1.msu -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1507 for x86-based systems (KB4577586)/AMD64_X86-all-windows10.0-kb4577586-x86_cc1837e27113e5444e025cf2dc2e2ed556ba77f9.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1507 for x86-based systems (KB4577586)/AMD64_X86-all-windows10.0-kb4577586-x86_cc1837e27113e5444e025cf2dc2e2ed556ba77f9.msu -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1607 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_809b9640d04c5af4c7e78499052abaa936cb670a.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1607 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_809b9640d04c5af4c7e78499052abaa936cb670a.msu -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1607 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_97a4f342e91e40b921727a8b944a29f7155f3ca1.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1607 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_97a4f342e91e40b921727a8b944a29f7155f3ca1.msu -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1703 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_84ef2e9e7eb6bd2a3cfa5a8aef59adccab988e7d.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1703 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_84ef2e9e7eb6bd2a3cfa5a8aef59adccab988e7d.msu -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1703 for x86-based systems (KB4577586)/AMD64_X86-all-windows10.0-kb4577586-x86_9a3ade6ec24a2627276cbd7df0b39ece8ffee269.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1703 for x86-based systems (KB4577586)/AMD64_X86-all-windows10.0-kb4577586-x86_9a3ade6ec24a2627276cbd7df0b39ece8ffee269.msu -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1709 for ARM64-based systems (KB4577586)/ARM64-all-windows10.0-kb4577586-arm64_81d999c5c09cfd4e914cfaaa6f3c80b8ec911a84.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1709 for ARM64-based systems (KB4577586)/ARM64-all-windows10.0-kb4577586-arm64_81d999c5c09cfd4e914cfaaa6f3c80b8ec911a84.msu -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1709 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_e0921a984710c3992b68e570115b29b9e8e5c708.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1709 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_e0921a984710c3992b68e570115b29b9e8e5c708.msu -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1709 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_f1ee6a8c9cdc91b4486fde9dc98c9dc5f9babc77.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1709 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_f1ee6a8c9cdc91b4486fde9dc98c9dc5f9babc77.msu -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1803 for ARM64-based systems (KB4577586)/ARM64-all-windows10.0-kb4577586-arm64_e6c65b35f640b4541a674b77b064c1e4d066e52d.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1803 for ARM64-based systems (KB4577586)/ARM64-all-windows10.0-kb4577586-arm64_e6c65b35f640b4541a674b77b064c1e4d066e52d.msu -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1803 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_07eba1db5a2cfac83683bd43d727a3195a94b39b.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1803 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_07eba1db5a2cfac83683bd43d727a3195a94b39b.msu -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1803 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_b737ffa841d2aab5cbf5e00560b93577a6d0b4d2.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1803 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_b737ffa841d2aab5cbf5e00560b93577a6d0b4d2.msu -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1809 for ARM64-based systems (KB4577586)/ARM64-all-windows10.0-kb4577586-arm64_9b954e1ca43f467e324283b8be5e5a8ab929e5a4.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1809 for ARM64-based systems (KB4577586)/ARM64-all-windows10.0-kb4577586-arm64_9b954e1ca43f467e324283b8be5e5a8ab929e5a4.msu -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1809 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_d0f434327db9e3308b86591c248c825c03687632.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1809 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_d0f434327db9e3308b86591c248c825c03687632.msu -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1809 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_947f151a8bb5a0b0797702e53431c52d56c02c32.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1809 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_947f151a8bb5a0b0797702e53431c52d56c02c32.msu -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1903 for ARM64-based systems (KB4577586)/ARM64-all-windows10.0-kb4577586-arm64_cacff17e2776c6ade22df2533a674b0b68f13bc1.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1903 for ARM64-based systems (KB4577586)/ARM64-all-windows10.0-kb4577586-arm64_cacff17e2776c6ade22df2533a674b0b68f13bc1.msu -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1903 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_ec16e118cd8b99df185402c7a0c65a31e031a6f0.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1903 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_ec16e118cd8b99df185402c7a0c65a31e031a6f0.msu -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1903 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_002b1ffa7fb31836aeaed74007a6949d31a96460.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1903 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_002b1ffa7fb31836aeaed74007a6949d31a96460.msu -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1909 for ARM64-based systems (KB4577586)/ARM64-all-windows10.0-kb4577586-arm64_cacff17e2776c6ade22df2533a674b0b68f13bc1.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1909 for ARM64-based systems (KB4577586)/ARM64-all-windows10.0-kb4577586-arm64_cacff17e2776c6ade22df2533a674b0b68f13bc1.msu -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1909 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_ec16e118cd8b99df185402c7a0c65a31e031a6f0.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1909 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_ec16e118cd8b99df185402c7a0c65a31e031a6f0.msu -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1909 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_002b1ffa7fb31836aeaed74007a6949d31a96460.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 1909 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_002b1ffa7fb31836aeaed74007a6949d31a96460.msu -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 2004 for ARM64-based systems (KB4577586)/ARM64-all-windows10.0-kb4577586-arm64_935f62c2ac5987ceda52ca0358664f5b6be381d8.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 2004 for ARM64-based systems (KB4577586)/ARM64-all-windows10.0-kb4577586-arm64_935f62c2ac5987ceda52ca0358664f5b6be381d8.msu -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 2004 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_c9bb49df325c20ddc147137b3f769fa44d800dde.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 2004 for x64-based systems (KB4577586)/AMD64-all-windows10.0-kb4577586-x64_c9bb49df325c20ddc147137b3f769fa44d800dde.msu -------------------------------------------------------------------------------- /Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 2004 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_238da6b730a3f6a709f31980b87e2d8ecb0a8973.msu: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/byteben/Windows-10/85a9a46d02c943d1a5cdde2792c79191d476be59/Flash Uninstall_Intune/Update for Removal of Adobe Flash Player for Windows 10 Version 2004 for x86-based systems (KB4577586)/X86-all-windows10.0-kb4577586-x86_238da6b730a3f6a709f31980b87e2d8ecb0a8973.msu -------------------------------------------------------------------------------- /Get-Geo.ps1: -------------------------------------------------------------------------------- 1 | 2 | 3 | $PublicIP_URI = 'http://ifconfig.me/ip' 4 | $GEO_URI = 'http://ipinfo.io/' 5 | 6 | Write-Host "--------------Testing GEO URL's--------------" -ForegroundColor Cyan 7 | Write-Host "` " 8 | 9 | function TestURL($URL) { 10 | $URL_Mod = $URL.split("//") 11 | $URL_ToTest = $URL_Mod[0] + '//' + $URL_Mod[2] 12 | Try { 13 | $Request = [System.Net.WebRequest]::Create($URL_ToTest) 14 | $Response = $Request.getResponse() 15 | 16 | If ($Response.StatusCode -eq 'OK') { 17 | Write-Host "$URL_ToTest is accessible." -ForegroundColor green 18 | $Return_Response = "OK" 19 | } 20 | Else { 21 | Write-Warning "$URL_ToTest is not accessible. Site may be down." 22 | $Return_Response = "Failed" 23 | } 24 | } 25 | Catch { 26 | Write-Warning "$URL_ToTest is not accessible. Site may be down." 27 | $Return_Response = "Failed" 28 | } 29 | Return $Return_Response 30 | } 31 | If (((TestURL $PublicIP_URI) -eq "OK") -and ((TestURL $GEO_URI) -eq "OK")) { 32 | 33 | $MY_GEO = Invoke-RestMethod -Uri ($GEO_URI + (Invoke-WebRequest -uri $PublicIP_URI).Content) 34 | 35 | $MY_IP = $MY_GEO.ip 36 | $MY_City = $MY_GEO.city 37 | $MY_Region = $MY_GEO.region 38 | $MY_Country = $MY_GEO.country 39 | $MY_LOC = $MY_GEO.loc 40 | $MY_ISP = $MY_GEO.org 41 | Write-Host "` " 42 | Write-Host "--------------Geolocation information--------------" -ForegroundColor Cyan 43 | Write-Host "` " 44 | Write-Output "IP Address: $MY_IP" 45 | Write-Output "City: $MY_City" 46 | Write-Output "Region: $MY_Region" 47 | Write-Output "Country: $MY_Country" 48 | Write-Output "Coordinates: $MY_LOC" 49 | Write-Output "ISP: $MY_ISP" 50 | Write-Host "` " 51 | } 52 | else { 53 | Write-Warning "Could not obtain GEO information. URL(s) inaccessible." 54 | } -------------------------------------------------------------------------------- /Install-Printer.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | .Synopsis 3 | Created on: 31/12/2021 4 | Created by: Ben Whitmore 5 | Filename: Install-Printer.ps1 6 | 7 | Simple script to install a network printer from an INF file. The INF and required CAB files hould be in the same directory as the script if creating a Win32app 8 | 9 | #### Win32 app Commands #### 10 | 11 | Install: 12 | powershell.exe -executionpolicy bypass -file .\Install-Printer.ps1 -PortName "IP_10.10.1.1" -PrinterIP "10.1.1.1" -PrinterName "Canon Printer Upstairs" -DriverName "Canon Generic Plus UFR II" -INFFile "CNLB0MA64.inf" 13 | 14 | Uninstall: 15 | powershell.exe -executionpolicy bypass -file .\Remove-Printer.ps1 -PrinterName "Canon Printer Upstairs" 16 | 17 | Detection: 18 | HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Print\Printers\Canon Printer Upstairs 19 | Name = "Canon Printer Upstairs" 20 | 21 | .Example 22 | .\Install-Printer.ps1 -PortName "IP_10.10.1.1" -PrinterIP "10.1.1.1" -PrinterName "Canon Printer Upstairs" -DriverName "Canon Generic Plus UFR II" -INFFile "CNLB0MA64.inf" 23 | #> 24 | 25 | [CmdletBinding()] 26 | Param ( 27 | [Parameter(Mandatory = $True)] 28 | [String]$PortName, 29 | [Parameter(Mandatory = $True)] 30 | [String]$PrinterIP, 31 | [Parameter(Mandatory = $True)] 32 | [String]$PrinterName, 33 | [Parameter(Mandatory = $True)] 34 | [String]$DriverName, 35 | [Parameter(Mandatory = $True)] 36 | [String]$INFFile 37 | ) 38 | 39 | #Reset Error catching variable 40 | $Throwbad = $Null 41 | 42 | #Run script in 64bit PowerShell to enumerate correct path for pnputil 43 | If ($ENV:PROCESSOR_ARCHITEW6432 -eq "AMD64") { 44 | Try { 45 | &"$ENV:WINDIR\SysNative\WindowsPowershell\v1.0\PowerShell.exe" -File $PSCOMMANDPATH -PortName $PortName -PrinterIP $PrinterIP -DriverName $DriverName -PrinterName $PrinterName -INFFile $INFFile 46 | } 47 | Catch { 48 | Write-Error "Failed to start $PSCOMMANDPATH" 49 | Write-Warning "$($_.Exception.Message)" 50 | $Throwbad = $True 51 | } 52 | } 53 | 54 | function Write-LogEntry { 55 | param ( 56 | [parameter(Mandatory = $true)] 57 | [ValidateNotNullOrEmpty()] 58 | [string]$Value, 59 | [parameter(Mandatory = $false)] 60 | [ValidateNotNullOrEmpty()] 61 | [string]$FileName = "$($PrinterName).log", 62 | [switch]$Stamp 63 | ) 64 | 65 | #Build Log File appending System Date/Time to output 66 | $LogFile = Join-Path -Path $env:SystemRoot -ChildPath $("Temp\$FileName") 67 | $Time = -join @((Get-Date -Format "HH:mm:ss.fff"), " ", (Get-WmiObject -Class Win32_TimeZone | Select-Object -ExpandProperty Bias)) 68 | $Date = (Get-Date -Format "MM-dd-yyyy") 69 | 70 | If ($Stamp) { 71 | $LogText = "<$($Value)> " 72 | } 73 | else { 74 | $LogText = "$($Value)" 75 | } 76 | 77 | Try { 78 | Out-File -InputObject $LogText -Append -NoClobber -Encoding Default -FilePath $LogFile -ErrorAction Stop 79 | } 80 | Catch [System.Exception] { 81 | Write-Warning -Message "Unable to add log entry to $LogFile.log file. Error message at line $($_.InvocationInfo.ScriptLineNumber): $($_.Exception.Message)" 82 | } 83 | } 84 | 85 | Write-LogEntry -Value "##################################" 86 | Write-LogEntry -Stamp -Value "Installation started" 87 | Write-LogEntry -Value "##################################" 88 | Write-LogEntry -Value "Install Printer using the following values..." 89 | Write-LogEntry -Value "Port Name: $PortName" 90 | Write-LogEntry -Value "Printer IP: $PrinterIP" 91 | Write-LogEntry -Value "Printer Name: $PrinterName" 92 | Write-LogEntry -Value "Driver Name: $DriverName" 93 | Write-LogEntry -Value "INF File: $INFFile" 94 | 95 | $INFARGS = @( 96 | "/add-driver" 97 | "$INFFile" 98 | ) 99 | 100 | If (-not $ThrowBad) { 101 | 102 | Try { 103 | 104 | #Stage driver to driver store 105 | Write-LogEntry -Stamp -Value "Staging Driver to Windows Driver Store using INF ""$($INFFile)""" 106 | Write-LogEntry -Stamp -Value "Running command: Start-Process pnputil.exe -ArgumentList $($INFARGS) -wait -passthru" 107 | Start-Process pnputil.exe -ArgumentList $INFARGS -wait -passthru 108 | 109 | } 110 | Catch { 111 | Write-Warning "Error staging driver to Driver Store" 112 | Write-Warning "$($_.Exception.Message)" 113 | Write-LogEntry -Stamp -Value "Error staging driver to Driver Store" 114 | Write-LogEntry -Stamp -Value "$($_.Exception)" 115 | $ThrowBad = $True 116 | } 117 | } 118 | 119 | If (-not $ThrowBad) { 120 | Try { 121 | 122 | #Install driver 123 | $DriverExist = Get-PrinterDriver -Name $DriverName -ErrorAction SilentlyContinue 124 | if (-not $DriverExist) { 125 | Write-LogEntry -Stamp -Value "Adding Printer Driver ""$($DriverName)""" 126 | Add-PrinterDriver -Name $DriverName -Confirm:$false 127 | } 128 | else { 129 | Write-LogEntry -Stamp -Value "Print Driver ""$($DriverName)"" already exists. Skipping driver installation." 130 | } 131 | } 132 | Catch { 133 | Write-Warning "Error installing Printer Driver" 134 | Write-Warning "$($_.Exception.Message)" 135 | Write-LogEntry -Stamp -Value "Error installing Printer Driver" 136 | Write-LogEntry -Stamp -Value "$($_.Exception)" 137 | $ThrowBad = $True 138 | } 139 | } 140 | 141 | If (-not $ThrowBad) { 142 | Try { 143 | 144 | #Create Printer Port 145 | $PortExist = Get-Printerport -Name $PortName -ErrorAction SilentlyContinue 146 | if (-not $PortExist) { 147 | Write-LogEntry -Stamp -Value "Adding Port ""$($PortName)""" 148 | Add-PrinterPort -name $PortName -PrinterHostAddress $PrinterIP -Confirm:$false 149 | } 150 | else { 151 | Write-LogEntry -Stamp -Value "Port ""$($PortName)"" already exists. Skipping Printer Port installation." 152 | } 153 | } 154 | Catch { 155 | Write-Warning "Error creating Printer Port" 156 | Write-Warning "$($_.Exception.Message)" 157 | Write-LogEntry -Stamp -Value "Error creating Printer Port" 158 | Write-LogEntry -Stamp -Value "$($_.Exception)" 159 | $ThrowBad = $True 160 | } 161 | } 162 | 163 | If (-not $ThrowBad) { 164 | Try { 165 | 166 | #Add Printer 167 | $PrinterExist = Get-Printer -Name $PrinterName -ErrorAction SilentlyContinue 168 | if (-not $PrinterExist) { 169 | Write-LogEntry -Stamp -Value "Adding Printer ""$($PrinterName)""" 170 | Add-Printer -Name $PrinterName -DriverName $DriverName -PortName $PortName -Confirm:$false 171 | } 172 | else { 173 | Write-LogEntry -Stamp -Value "Printer ""$($PrinterName)"" already exists. Removing old printer..." 174 | Remove-Printer -Name $PrinterName -Confirm:$false 175 | Write-LogEntry -Stamp -Value "Adding Printer ""$($PrinterName)""" 176 | Add-Printer -Name $PrinterName -DriverName $DriverName -PortName $PortName -Confirm:$false 177 | } 178 | 179 | $PrinterExist2 = Get-Printer -Name $PrinterName -ErrorAction SilentlyContinue 180 | if ($PrinterExist2) { 181 | Write-LogEntry -Stamp -Value "Printer ""$($PrinterName)"" added successfully" 182 | } 183 | else { 184 | Write-Warning "Error creating Printer" 185 | Write-LogEntry -Stamp -Value "Printer ""$($PrinterName)"" error creating printer" 186 | $ThrowBad = $True 187 | } 188 | } 189 | Catch { 190 | Write-Warning "Error creating Printer" 191 | Write-Warning "$($_.Exception.Message)" 192 | Write-LogEntry -Stamp -Value "Error creating Printer" 193 | Write-LogEntry -Stamp -Value "$($_.Exception)" 194 | $ThrowBad = $True 195 | } 196 | } 197 | 198 | If ($ThrowBad) { 199 | Write-Error "An error was thrown during installation. Installation failed. Refer to the log file in %temp% for details" 200 | Write-LogEntry -Stamp -Value "Installation Failed" 201 | } -------------------------------------------------------------------------------- /Install_Font.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | =========================================================================== 3 | Created on: 04/07/2020 13:06 4 | Created by: Ben Whitmore 5 | Organization: - 6 | Filename: Install_Font.ps1 7 | =========================================================================== 8 | 9 | Version: 10 | 1.0 11 | 12 | #> 13 | 14 | #Set Current Directory 15 | $ScriptPath = $MyInvocation.MyCommand.Path 16 | $CurrentDir = Split-Path $ScriptPath 17 | 18 | #Set Font Reg Key Path 19 | $FontRegPath = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts" 20 | 21 | #Grab the Font from the Current Directory 22 | foreach ($Font in $(Get-ChildItem -Path $CurrentDir -Include *.ttf, *.otf, *.fon, *.fnt -Recurse)) { 23 | 24 | #Copy Font to the Windows Font Directory 25 | Copy-Item $Font "C:\Windows\Fonts\" -Force 26 | 27 | #Set the Registry Key to indicate the Font has been installed 28 | New-ItemProperty -Path $FontRegPath -Name $Font.Name -Value $Font.Name -PropertyType String | Out-Null 29 | } -------------------------------------------------------------------------------- /Intune-HV-Tools.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | Intune.HV.Tools 3 | ______ ______ ______ __ ______ ________ __ __ ________ ________ 4 | / \ / \ / \ / | / \ / |/ | / |/ |/ | 5 | /$$$$$$ |/$$$$$$ |/$$$$$$ |$$ | /$$$$$$ |$$$$$$$$/ $$ | $$ |$$$$$$$$/ $$$$$$$$/ 6 | $$ | $$/ $$ | $$ |$$ | $$ |$$ | $$ \__$$/ $$ | $$ | $$ |$$ |__ $$ |__ 7 | $$ | $$ | $$ |$$ | $$ |$$ | $$ \ $$ | $$ | $$ |$$ | $$ | 8 | $$ | __ $$ | $$ |$$ | $$ |$$ | $$$$$$ | $$ | $$ | $$ |$$$$$/ $$$$$/ 9 | $$ \__/ |$$ \__$$ |$$ \__$$ |$$ |_____ / \__$$ | $$ | $$ \__$$ |$$ | $$ | 10 | $$ $$/ $$ $$/ $$ $$/ $$ | $$ $$/ $$ | $$ $$/ $$ | $$ | 11 | $$$$$$/ $$$$$$/ $$$$$$/ $$$$$$$$/ $$$$$$/ $$/ $$$$$$/ $$/ $$/ 12 | 13 | 14 | 15 | https://github.com/tabs-not-spaces/Intune.HV.Tools 16 | 17 | #> 18 | 19 | #Initialize Environment 20 | Install-Module -Name Intune.HV.Tools -Scope CurrentUser 21 | Initialize-HVTools -Path "C:\MMSLABS\IntuneHVTools" 22 | 23 | #Create templates (convert ISO to VHDX) 24 | Add-ImageToConfig -ImageName "W1121H2" -IsoPath "C:\MMSLABS\IntuneHVTools\W1121H2.iso" 25 | Add-ImageToConfig -ImageName "W1021H1" -IsoPath "C:\MMSLABS\IntuneHVTools\W1021H1.iso" 26 | 27 | #Alternatively add a custom VHDX to the environment 28 | Add-ImageToConfig -ImageName "2004" -ReferenceVHDX "c:\Path\To\ref10.vhdx" 29 | 30 | #Add Tenant to the config (Image Name can be overidden, it just sets a default image for the tenant) 31 | Add-TenantToConfig -TenantName 'byteben' -ImageName W1121H2 -AdminUpn 'gadm-ben@byteben.com' 32 | 33 | #Add VSwitch 34 | Add-NetworkToConfig -VSwitchName 'WAN' 35 | 36 | #Review Config 37 | Get-HVToolsConfig 38 | -------------------------------------------------------------------------------- /Intune_Compliance_Windows_Updates_Enable.ps1: -------------------------------------------------------------------------------- 1 | Param( 2 | [Parameter(Mandatory = $True, Position = 0)] 3 | [string]$commercialIDValue 4 | ) 5 | 6 | $vCommercialIDPath = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection" 7 | 8 | if (Test-Path -Path $vCommercialIDPath -eq $false) { 9 | Try { 10 | New-Item -Path $vCommercialIDPath -ItemType Key 11 | } 12 | Catch { 13 | Write-Output "Failed to create registry key path: $vCommercialIDPath" 14 | } 15 | } 16 | 17 | if ((Get-ItemProperty -Path $vCommercialIDPath -Name CommercialId -ErrorAction SilentlyContinue) -eq $null) { 18 | Try { 19 | New-ItemProperty -Path $vCommercialIDPath -Name CommercialId -PropertyType String -Value $commercialIDValue 20 | } 21 | Catch { 22 | Write-Output "Failed to write Commercial Id: $commercialIDValue at registry key path: $vCommercialIDPath" 23 | } 24 | } -------------------------------------------------------------------------------- /Invoke-SyncAllWindowsDevices.ps1: -------------------------------------------------------------------------------- 1 | $Devices = Get-IntuneManagedDevice -Filter "contains(operatingsystem, 'Windows')" | Get-MSGraphAllPages 2 | Foreach ($Device in $Devices) { 3 | Invoke-IntuneManagedDeviceSyncDevice -managedDeviceId $Device.managedDeviceId 4 | Write-Host "Sending Sync request to Device with DeviceID $($Device.managedDeviceId)" 5 | } -------------------------------------------------------------------------------- /Invoke-UnsupportedAppToast.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | .SYNOPSIS 3 | Pop a toast notification if unsupported applications are detected 4 | .DESCRIPTION 5 | This script is designed to be run as a Proactive Remediation. 6 | The BadApps array contains application names that are considered unsupported by the company. The user is prompted to remove the application(s). 7 | If no BadApps are found, the output of the script is "No Bad Apps Found". If BadAPps are found, along with the Toast the BadAPps are written to the script output as a JSON. 8 | Note: The script is suitable for environments where users have the correct permissions to remove the application(s) listed. 9 | .EXAMPLE 10 | Invoke-UnsupportedAppToast.ps1 (Run in the User Context) 11 | .NOTES 12 | FileName: Invoke-UnsupportedAppToast.ps1 13 | Author: Ben Whitmore 14 | Contributor: Jan Ketil Skanke 15 | Contact: @byteben 16 | Created: 2022-12-Feb 17 | 18 | Version history: 19 | 1.0.1 - (2022-02-14) Logging added 20 | 1.0.0 - (2022-02-12) Script released 21 | #> 22 | 23 | #region SCRIPTVARIABLES 24 | 25 | $BadApps = @( 26 | "Adobe Shockwave Player" 27 | "JavaFX" 28 | "Java 6" 29 | "Java SE Development Kit 6" 30 | "Java`(TM`) SE Development Kit 6" 31 | "Java`(TM`) 6" 32 | "Java 7" 33 | "Java SE Development Kit 7" 34 | "Java`(TM`) SE Development Kit 7" 35 | "Java`(TM`) 7" 36 | "Adobe Flash Player" 37 | "Adobe Air" 38 | ) 39 | $CustomHandlerDisplayName = "Contoso IT Company" 40 | $CustomHandlerAppID = "CustomToastNotify" 41 | $GoodMorning = "Good Morning" 42 | $GoodAfternoon = "Good Afternoon" 43 | $GoodEvening = "Good Evening" 44 | $ToastImageSource = "https://github.com/byteben/Toast/raw/master/heroimage.jpg" #ToastImage should be 364px x 180px 45 | $ToastImage = Join-Path -Path $ENV:temp -ChildPath "ToastImage.jpg" #ToastImageSource is downloaded to this location 46 | $ToastDuration = "long" #ToastDuration: Short = 7s, Long = 25s 47 | $ToastScenario = "reminder" #ToastScenario: Default | Reminder | Alarm 48 | $ToastTitle = "Unsupported App(s) Found" 49 | $ToastText = "Please uninstall the following applications at your earliest convenience as they pose a security risk to your computer:-" 50 | $SnoozeTitle = "Set Reminder" 51 | $SnoozeMessage = "Remind me again in" 52 | $LogFile = Join-Path -Path $env:TEMP -ChildPath "UnsupportAppsFound.log" 53 | #endregion 54 | 55 | #region FETCHIMAGE 56 | 57 | $WebClient = New-Object System.Net.WebClient 58 | $WebClient.DownloadFile("$ToastImageSource", "$ToastImage") 59 | #endregion 60 | 61 | # Function to get all Installed Applications 62 | function Get-InstalledApplications() { 63 | param( 64 | [string]$UserSid 65 | ) 66 | 67 | New-PSDrive -PSProvider Registry -Name "HKU" -Root HKEY_USERS | Out-Null 68 | $regpath = @("HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*") 69 | $regpath += "HKU:\$UserSid\Software\Microsoft\Windows\CurrentVersion\Uninstall\*" 70 | if (-not ([IntPtr]::Size -eq 4)) { 71 | $regpath += "HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*" 72 | $regpath += "HKU:\$UserSid\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*" 73 | } 74 | $PropertyNames = 'DisplayName', 'DisplayVersion', 'Publisher', 'UninstallString' 75 | $Apps = Get-ItemProperty $regpath -Name $PropertyNames -ErrorAction SilentlyContinue | . { process { if ($_.DisplayName) { $_ } } } | Select-Object DisplayName, DisplayVersion, Publisher | Sort-Object DisplayName 76 | Remove-PSDrive -Name "HKU" | Out-Null 77 | Return $Apps 78 | } 79 | #end function 80 | # Function Write Log Entry 81 | function Write-LogEntry { 82 | param ( 83 | [parameter(Mandatory = $true)] 84 | [ValidateNotNullOrEmpty()] 85 | [string]$Value, 86 | [parameter(Mandatory = $false)] 87 | [ValidateNotNullOrEmpty()] 88 | [string]$FileName = $($LogName), 89 | [switch]$Stamp 90 | ) 91 | 92 | #Build Log File appending System Date/Time to output 93 | $Time = -join @((Get-Date -Format "HH:mm:ss.fff"), " ", (Get-WmiObject -Class Win32_TimeZone | Select-Object -ExpandProperty Bias)) 94 | $Date = (Get-Date -Format "MM-dd-yyyy") 95 | 96 | If ($Stamp) { 97 | $LogText = "<$($Value)> " 98 | } 99 | else { 100 | $LogText = "$($Value)" 101 | } 102 | 103 | Try { 104 | Out-File -InputObject $LogText -Append -NoClobber -Encoding Default -FilePath $LogFile -ErrorAction Stop 105 | } 106 | Catch [System.Exception] { 107 | Write-Warning -Message "Unable to add log entry to $LogFile.log file. Error message at line $($_.InvocationInfo.ScriptLineNumber): $($_.Exception.Message)" 108 | } 109 | } 110 | #end function 111 | 112 | #region GETSID 113 | #region RESETLOG 114 | If (Test-Path -Path $LogFile) { 115 | Remove-Item $LogFile -Force | Out-Null 116 | } 117 | #endregion 118 | 119 | #Get SID of current interactive users 120 | 121 | $CurrentLoggedOnUser = (Get-CimInstance win32_computersystem).UserName 122 | if (-not ([string]::IsNullOrEmpty($CurrentLoggedOnUser))) { 123 | $AdObj = New-Object System.Security.Principal.NTAccount($CurrentLoggedOnUser) 124 | $strSID = $AdObj.Translate([System.Security.Principal.SecurityIdentifier]) 125 | $UserSid = $strSID.Value 126 | } 127 | else { 128 | $UserSid = $null 129 | } 130 | #endregion 131 | 132 | #region APPINVENTORY 133 | #Get Apps for system and current user 134 | $MyApps = Get-InstalledApplications -UserSid $UserSid 135 | $UniqueApps = ($MyApps | Group-Object Displayname | Where-Object { $_.Count -eq 1 }).Group 136 | $DuplicatedApps = ($MyApps | Group-Object Displayname | Where-Object { $_.Count -gt 1 }).Group 137 | $NewestDuplicateApp = ($DuplicatedApps | Group-Object DisplayName) | ForEach-Object { $_.Group | Sort-Object [version]DisplayVersion -Descending | Select-Object -First 1 } 138 | $CleanAppList = $UniqueApps + $NewestDuplicateApp | Sort-Object DisplayName 139 | 140 | #Build App Array 141 | $AppArray = @() 142 | foreach ($App in $CleanAppList) { 143 | $tempapp = New-Object -TypeName PSObject 144 | $tempapp | Add-Member -MemberType NoteProperty -Name "AppName" -Value $App.DisplayName -Force 145 | $tempapp | Add-Member -MemberType NoteProperty -Name "AppVersion" -Value $App.DisplayVersion -Force 146 | $tempapp | Add-Member -MemberType NoteProperty -Name "AppPublisher" -Value $App.Publisher -Force 147 | $AppArray += $tempapp 148 | } 149 | 150 | $AppPayLoad = $AppArray 151 | $AppPayLoadLog = $AppPayLoad | Out-String 152 | Write-LogEntry -Value "################Unique Apps Found################" 153 | Write-LogEntry -Stamp -Value $AppPayLoadLog 154 | #endregion APPINVENTORY 155 | 156 | #region Find Bad Apps 157 | $BadAppsLog = $BadApps | Out-String 158 | Write-LogEntry -Value "################Unsupport Apps being searched for################" 159 | Write-LogEntry -Stamp -Value $BadAppsLog 160 | $BadAppFound = $Null 161 | $BadAppArray = @() 162 | 163 | Foreach ($App in $AppPayLoad) { 164 | Foreach ($BadApp in $BadApps) { 165 | If ($App.AppName -like "*$BadApp*") { 166 | $tempbadapp = New-Object -TypeName PSObject 167 | $tempbadapp | Add-Member -MemberType NoteProperty -Name "AppName" -Value $App.AppName -Force 168 | $tempbadapp | Add-Member -MemberType NoteProperty -Name "AppVersion" -Value $App.AppVersion -Force 169 | $tempbadapp | Add-Member -MemberType NoteProperty -Name "AppPublisher" -Value $App.AppPublisher -Force 170 | $BadAppArray += $tempbadapp 171 | $BadAppFound = $True 172 | } 173 | } 174 | } 175 | $BadAppPayLoad = $BadAppArray 176 | 177 | #Update Event Text Message to include bad apps 178 | $EventText = $EventText + "`n" 179 | Foreach ($BadApp2 in $BadAppPayload) { 180 | $EventText = $EventText + "`n- $($BadApp2.AppName)" 181 | } 182 | Write-LogEntry -Value "################Toast Notification Details################" 183 | Write-LogEntry -Stamp -Value $EventText 184 | #endregion 185 | 186 | If ($BadAppFound) { 187 | $BadAppPayLoadLog = $BadAppPayLoad | Out-String 188 | Write-LogEntry -Value "################Unsupport Apps Found################" 189 | Write-LogEntry -Stamp -Value $BadAppPayLoadLog 190 | 191 | #region CUSTOMHANDLER 192 | #https://docs.microsoft.com/en-us/windows/apps/design/shell/tiles-and-notifications/send-local-toast-other-apps 193 | $CustomToastNotifyRegKey = "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Notifications\Settings\$CustomHandlerAppID" 194 | $CustomHandlerClassRegKey = "HKCU:\Software\Classes\AppUserModelId" 195 | 196 | Try { 197 | If (!(Test-Path -Path $CustomToastNotifyRegKey)) { 198 | New-Item -Path $CustomToastNotifyRegKey -Force | Out-Null 199 | New-ItemProperty -Path $CustomToastNotifyRegKey -Name "ShowInActionCenter" -Value 1 -PropertyType DWORD -Force | Out-Null 200 | } 201 | } 202 | Catch { 203 | $_.Exception.Message 204 | } 205 | 206 | Try { 207 | If (!(Test-Path -Path $CustomHandlerClassRegKey)) { 208 | New-Item -Path $CustomHandlerClassRegKey -Name $CustomHandlerAppID -Force | Out-Null 209 | New-ItemProperty -Path $CustomHandlerClassRegKey\$CustomHandlerAppID -Name "DisplayName" -Value $CustomHandlerDisplayName -PropertyType String -Force | Out-Null 210 | New-ItemProperty -Path $CustomHandlerClassRegKey\$CustomHandlerAppID -Name "ShowInSettings" -Value 0 -PropertyType DWORD -Force | Out-Null 211 | } 212 | } 213 | Catch { 214 | $_.Exception.Message 215 | } 216 | 217 | Try { 218 | If ((Get-ItemProperty -Path $CustomHandlerClassRegKey\$CustomHandlerAppID -Name "DisplayName" -ErrorAction SilentlyContinue | Select-Object -ExpandProperty DisplayName -ErrorAction SilentlyContinue) -ne $CustomHandlerDisplayName) { 219 | New-ItemProperty -Path $CustomHandlerClassRegKey\$CustomHandlerAppID -Name "DisplayName" -Value $CustomHandlerDisplayName -PropertyType String -Force | Out-Null 220 | } 221 | } 222 | Catch { 223 | $_.Exception.Message 224 | } 225 | #endregion 226 | 227 | #region TOAST 228 | #Get Hour of Day and set Custom Hello 229 | $Hour = (Get-Date).Hour 230 | If ($Hour -lt 12) { $CustomHello = $GoodMorning + ". " } 231 | ElseIf ($Hour -gt 16) { $CustomHello = $GoodEvening + ". " } 232 | Else { $CustomHello = $GoodAfternoon + ". " } 233 | 234 | $CustomHello = $CustomHello + $ToastText 235 | 236 | #Load Assemblies 237 | [Windows.UI.Notifications.ToastNotificationManager, Windows.UI.Notifications, ContentType = WindowsRuntime] | Out-Null 238 | [Windows.Data.Xml.Dom.XmlDocument, Windows.Data.Xml.Dom.XmlDocument, ContentType = WindowsRuntime] | Out-Null 239 | 240 | #Build XML ToastTemplate 241 | [xml]$ToastTemplate = @" 242 | 243 | 244 | 245 | $ToastTitle 246 | $CustomHello 247 | 248 | 249 | 250 | $EventText 251 | 252 | 253 | 254 | 255 | 268 | "@ 269 | 270 | #Prepare XML 271 | $ToastXml = [Windows.Data.Xml.Dom.XmlDocument]::New() 272 | $ToastXml.LoadXml($ToastTemplate.OuterXml) 273 | 274 | #Prepare and Create Toast 275 | $ToastMessage = [Windows.UI.Notifications.ToastNotification]::New($ToastXML) 276 | [Windows.UI.Notifications.ToastNotificationManager]::CreateToastNotifier($CustomHandlerAppID).Show($ToastMessage) 277 | #endregion 278 | 279 | #Write-Output for Proactive Remediation 280 | $BadAppPayLoadOutput = $BadAppPayLoad | ConvertTo-Json -Compress 281 | Write-Output $BadAppPayLoadOutput 282 | Exit 1 283 | } 284 | else { 285 | Write-LogEntry -Value "################Unsupport Apps Found################" 286 | Write-LogEntry -Stamp -Value "No Bad Apps Found" 287 | Write-Output "No Bad Apps Found" 288 | Exit 0 289 | } -------------------------------------------------------------------------------- /LocalAdminGroup.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | .Synopsis 3 | LocalAdminGroup is a script that can be deployed in a Domain environment, from ConfigMgr, that will add or remove individual users from the Local Administrators group. 4 | Careful thought should be exercised on why you would want to use this. 5 | 6 | .Description 7 | =========================================================================== 8 | Created on: 05/03/2021 9 | Created by: Ben Whitmore 10 | Organization: - 11 | Filename: LocalAdminGroup.ps1 12 | =========================================================================== 13 | 14 | Version: 15 | 1.0.1 - 05/03/2021 16 | - Replaced ADSI command with Add-LocalGroupMember and Remove-LocalGroupMember. Thanks @IoanPopovici 17 | 18 | 1.0 - 05/03/2021 19 | 20 | .Parameter Username 21 | SAMAccountName of the user being added 22 | 23 | .Parameter Action 24 | "Add" will add the user to the Local Administrators Group 25 | "Remove" will remove the user from the Local Administrators Group 26 | 27 | .Example 28 | LocalAdminGroup.ps1 -Username ernest.shackleton -Action "Add" 29 | 30 | .Example 31 | LocalAdminGroup.ps1 -Username ernest.shackleton -Action "Remove" 32 | 33 | #> 34 | 35 | [CmdletBinding()] 36 | param( 37 | [Parameter(Position = 0, Mandatory = $true)] 38 | [String]$Username, 39 | [Parameter(Position = 1, Mandatory = $true)] 40 | [ValidateSet ("Add", "Remove")] 41 | [String]$Action 42 | ) 43 | 44 | $LocalAdmins = Get-LocalGroupMember Administrators | Select-Object -ExpandProperty Name 45 | $User = Join-Path -Path $env:USERDOMAIN -ChildPath $Username 46 | $UserExists = $Null 47 | $UserExistsFinal = $Null 48 | 49 | Switch ($Action) { 50 | 51 | Add { 52 | Write-Output "Checking if $Username is already in the Local Administrators Group" 53 | foreach ($Admin in $LocalAdmins) { 54 | 55 | If ($Admin -eq $User) { 56 | Write-Output "$Username already exists in the Local Administrators Group" 57 | $UserExists = $True 58 | } 59 | } 60 | 61 | If (!($UserExists)) { 62 | Write-Output "Adding $Username to Local Administrators Group" 63 | Try { 64 | Add-LocalGroupMember -Group "Administrators" -Member $User -ErrorAction Stop 65 | } 66 | Catch { 67 | Write-Warning $error[0] 68 | } 69 | } 70 | } 71 | 72 | Remove { 73 | Write-Output "Checking if $Username is in the Local Administrators Group" 74 | foreach ($Admin in $LocalAdmins) { 75 | 76 | If ($Admin -eq $User) { 77 | Write-Output "$Username is in the Local Administrators Group" 78 | $UserExists = $True 79 | } 80 | } 81 | 82 | If ($UserExists) { 83 | Write-Output "Removing $Username from Local Administrators Group" 84 | Try { 85 | Remove-LocalGroupMember -Group "Administrators" -Member $User -ErrorAction Stop 86 | } 87 | Catch { 88 | Write-Warning $error[0] 89 | } 90 | } 91 | } 92 | } 93 | 94 | $LocalAdminsFinal = Get-LocalGroupMember Administrators | Select-Object -ExpandProperty Name 95 | 96 | foreach ($Admin in $LocalAdminsFinal) { 97 | 98 | If ($Admin -eq $User) { 99 | $UserExistsFinal = $True 100 | } 101 | } 102 | 103 | If ($UserExistsFinal) { 104 | Write-Output "Summary: $Username is present in the Local Administrators Group on $env:ComputerName" 105 | } 106 | else { 107 | Write-Output "Summary: $Username is absent from the Local Administrators Group on $env:ComputerName" 108 | } -------------------------------------------------------------------------------- /New-LabVM.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | __ __ ______ ______ ______ 3 | / | / |/ | / \ / \ 4 | $$ | /$$/ $$$$$$/ /$$$$$$ |/$$$$$$ | 5 | $$ |/$$/ $$ | $$ \__$$/ $$ \__$$/ 6 | $$ $$< $$ | $$ \ $$ \ 7 | $$$$$ \ $$ | $$$$$$ | $$$$$$ | 8 | $$ |$$ \ _$$ |_ / \__$$ |/ \__$$ | 9 | $$ | $$ |/ $$ |$$ $$/ $$ $$/ 10 | $$/ $$/ $$$$$$/ $$$$$$/ $$$$$$/ 11 | 12 | #> 13 | 14 | param ( 15 | [Parameter(Mandatory = $true)] 16 | [string]$VMName 17 | 18 | ) 19 | 20 | ################CHOP IT################ 21 | 22 | $Generation = 2 23 | $HDDSize = 30GB 24 | $ProcessorCount = 2 25 | $StartupMEM = 4096MB 26 | $VMPath = "C:\MMSLABS\QuickVM" 27 | $VirtualSwitchName = "WAN" 28 | $ISOPath = "C:\MMSLABS\ISO\W1121H2.iso" 29 | $VHDXPath = (Join-Path -Path $VMPath -ChildPath $VMName) + ".vhdx" 30 | 31 | ################COOK IT################ 32 | 33 | #Create VM 34 | If (Test-Path -Path (Join-Path -Path $VMPath -ChildPath $VMName)) { 35 | Write-Warning "That VM Already exists, please specify a different VM name" 36 | Exit 0 37 | } 38 | else { 39 | New-VM -Name $VMName -Path $VMPath -MemoryStartupBytes $StartupMEM -SwitchName $VirtualSwitchName -Generation $Generation 40 | } 41 | 42 | #Change Processor Count 43 | Set-VMProcessor -VMName $VMName -Count $ProcessorCount 44 | 45 | #Create VHD 46 | New-VHD -Path $VHDXPath -SizeBytes $HDDSize -Dynamic 47 | Add-VMHardDiskDrive -VMName $VMName -Path $VHDXPath 48 | 49 | #Attach ISO 50 | Add-VMDvdDrive -VMName $VMName -Path $ISOPath 51 | 52 | #Change Boot Order 53 | $BootDVD = Get-VMFirmware $VMName | Select-Object -ExpandProperty BootOrder | where-object { $_.Device -like "DVD*" } 54 | $BootHDD = Get-VMFirmware $VMName | Select-Object -ExpandProperty BootOrder | where-object { $_.Device -like "HardDiskDrive*" } 55 | $BootPXE = Get-VMFirmware $VMName | Select-Object -ExpandProperty BootOrder | where-object { $_.Device -like "VMNetwork*" } 56 | Set-VMFirmware -VMName $VMName -BootOrder $BootHDD, $BootDVD, $BootPXE 57 | 58 | #Enable TPM 59 | Set-VMKeyProtector -VMName $VMName -NewLocalKeyProtector 60 | Enable-VMTPM -VMName $VMName 61 | 62 | ################CRANK IT################ 63 | 64 | #Start VM 65 | #Start-VM -Name $VMName -------------------------------------------------------------------------------- /Remove-Appx.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | .SYNOPSIS 3 | Remove built-in apps (modern apps) from Windows 10. 4 | .DESCRIPTION 5 | This script will remove all built-in apps with a provisioning package that are specified in the 'black-list' in this script. 6 | .EXAMPLE 7 | .\Remove-Appx.ps1 8 | .NOTES 9 | 10 | Based on original script / Credit to:- 11 | FileName: Invoke-RemoveBuiltinApps.ps1 12 | Author: Nickolaj Andersen 13 | Contact: @NickolajA 14 | 15 | Modifications to original script to Black list Appx instead of Whitelist 16 | 17 | FileName: Remove-Apps.ps1 18 | Author: Ben Whitmore 19 | Contact: @byteben 20 | 21 | ################################ 22 | Appx Packages as of 27/08/2021 23 | ################################ 24 | 25 | Full Package List: https://docs.microsoft.com/en-us/windows/application-management/apps-in-windows-10 26 | 27 | ## 1809 - 21H1 ## 28 | Microsoft.BingWeather 29 | Microsoft.DesktopAppInstaller 30 | Microsoft.GetHelp 31 | Microsoft.GetStarted 32 | Microsoft.HEIFImageExtension 33 | Microsoft.Microsoft3DViewer 34 | Microsoft.MicrosoftOfficeHub 35 | Microsoft.MicrosoftSolitaireCollection 36 | Microsoft.MicrosoftStickyNotes 37 | Microsoft.MixedReality.Portal 38 | Microsoft.MSPaint 39 | Microsoft.Office.OneNote 40 | Microsoft.People 41 | Microsoft.ScreenSketch 42 | Microsoft.SkypeApp 43 | Microsoft.StorePurchaseApp 44 | Microsoft.VP9VideoExtensions 45 | Microsoft.Wallet 46 | Microsoft.WebMediaExtensions 47 | Microsoft.Windows.Photos 48 | Microsoft.WindowsAlarms 49 | Microsoft.WindowsCalculator 50 | Microsoft.WindowsCamera 51 | Microsoft.WindowsCommunicationsApps 52 | Microsoft.WindowsFeedbackHub 53 | Microsoft.WindowsMaps 54 | Microsoft.WindowsSoundRecorder 55 | Microsoft.WindowsStore 56 | Microsoft.Xbox.TCUI 57 | Microsoft.XboxApp 58 | Microsoft.XboxGameOverlay 59 | Microsoft.XboxGamingOverlay 60 | Microsoft.XboxIdentityProvider 61 | Microsoft.XboxSpeechToTextOverlay 62 | Microsoft.YourPhone 63 | Microsoft.ZuneMusic 64 | Microsoft.ZuneVideo 65 | 66 | ## 1809, 1903, 1909, 20H2, 21H1 ## 67 | Microsoft.Messaging 68 | Microsoft.OneConnect 69 | Microsoft.Print3D 70 | 71 | ## 1909, 20H2, 21H1## 72 | Microsoft.Outlook.DesktopIntegrationServices 73 | 74 | ## 21H1 ## 75 | Microsoft.3DBuilder 76 | #> 77 | Begin { 78 | 79 | # Black list of appx packages to remove 80 | $BlackListedApps = New-Object -TypeName System.Collections.ArrayList 81 | $BlackListedApps.AddRange(@( 82 | "Microsoft.GetHelp", 83 | "Microsoft.GetStarted", 84 | "Microsoft.MicrosoftOfficeHub", 85 | "Microsoft.MixedReality.Portal", 86 | "Microsoft.SkypeApp", 87 | "Microsoft.WindowsFeedbackHub", 88 | "Microsoft.XboxApp", 89 | "Microsoft.XboxGameOverlay", 90 | "Microsoft.XboxGamingOverlay", 91 | "Microsoft.YourPhone", 92 | "Microsoft.ZuneMusic", 93 | "Microsoft.ZuneVideo" 94 | )) 95 | } 96 | Process { 97 | # Functions 98 | function Write-LogEntry { 99 | param( 100 | [parameter(Mandatory=$true, HelpMessage="Value added to the RemovedApps.log file.")] 101 | [ValidateNotNullOrEmpty()] 102 | [string]$Value, 103 | 104 | [parameter(Mandatory=$false, HelpMessage="Name of the log file that the entry will written to.")] 105 | [ValidateNotNullOrEmpty()] 106 | [string]$FileName = "RemovedApps.log" 107 | ) 108 | # Determine log file location 109 | $LogFilePath = Join-Path -Path $env:windir -ChildPath "Temp\$($FileName)" 110 | 111 | # Add value to log file 112 | try { 113 | Out-File -InputObject $Value -Append -NoClobber -Encoding Default -FilePath $LogFilePath -ErrorAction Stop 114 | } 115 | catch [System.Exception] { 116 | Write-Warning -Message "Unable to append log entry to $($FileName) file" 117 | } 118 | } 119 | 120 | # Initial logging 121 | Write-LogEntry -Value "Starting built-in AppxPackage, AppxProvisioningPackage and Feature on Demand V2 removal process" 122 | 123 | # Determine provisioned apps 124 | $AppArrayList = Get-AppxProvisionedPackage -Online | Select-Object -ExpandProperty DisplayName 125 | 126 | # Loop through the list of appx packages 127 | foreach ($App in $AppArrayList) { 128 | Write-LogEntry -Value "Processing appx package: $($App)" 129 | 130 | # If application name not in appx package black list, remove AppxPackage and AppxProvisioningPackage 131 | if (($App -Notin $BlackListedApps)) { 132 | Write-LogEntry -Value "Skipping excluded application package: $($App)" 133 | } 134 | else { 135 | # Gather package names 136 | $AppPackageFullName = Get-AppxPackage -Name $App | Select-Object -ExpandProperty PackageFullName -First 1 137 | $AppProvisioningPackageName = Get-AppxProvisionedPackage -Online | Where-Object { $_.DisplayName -like $App } | Select-Object -ExpandProperty PackageName -First 1 138 | 139 | # Attempt to remove AppxPackage 140 | if ($AppPackageFullName -ne $null) { 141 | try { 142 | Write-LogEntry -Value "Removing AppxPackage: $($AppPackageFullName)" 143 | Remove-AppxPackage -Package $AppPackageFullName -ErrorAction Stop | Out-Null 144 | } 145 | catch [System.Exception] { 146 | Write-LogEntry -Value "Removing AppxPackage '$($AppPackageFullName)' failed: $($_.Exception.Message)" 147 | } 148 | } 149 | else { 150 | Write-LogEntry -Value "Unable to locate AppxPackage for current app: $($App)" 151 | } 152 | 153 | # Attempt to remove AppxProvisioningPackage 154 | if ($AppProvisioningPackageName -ne $null) { 155 | try { 156 | Write-LogEntry -Value "Removing AppxProvisioningPackage: $($AppProvisioningPackageName)" 157 | Remove-AppxProvisionedPackage -PackageName $AppProvisioningPackageName -Online -ErrorAction Stop | Out-Null 158 | } 159 | catch [System.Exception] { 160 | Write-LogEntry -Value "Removing AppxProvisioningPackage '$($AppProvisioningPackageName)' failed: $($_.Exception.Message)" 161 | } 162 | } 163 | else { 164 | Write-LogEntry -Value "Unable to locate AppxProvisioningPackage for current app: $($App)" 165 | } 166 | } 167 | } 168 | 169 | # Complete 170 | Write-LogEntry -Value "Completed built-in AppxPackage, AppxProvisioningPackage and Feature on Demand V2 removal process" 171 | } -------------------------------------------------------------------------------- /Remove-Appx_Detection.ps1: -------------------------------------------------------------------------------- 1 | 2 | Begin { 3 | 4 | $BlackListedApps = New-Object -TypeName System.Collections.ArrayList 5 | $BlackListedApps.AddRange(@( 6 | "Microsoft.GetHelp", 7 | "Microsoft.GetStarted", 8 | "Microsoft.MicrosoftOfficeHub", 9 | "Microsoft.MixedReality.Portal", 10 | "Microsoft.SkypeApp", 11 | "Microsoft.WindowsFeedbackHub", 12 | "Microsoft.XboxApp", 13 | "Microsoft.XboxGameOverlay", 14 | "Microsoft.XboxGamingOverlay", 15 | "Microsoft.YourPhone", 16 | "Microsoft.ZuneMusic", 17 | "Microsoft.ZuneVideo" 18 | )) 19 | } 20 | 21 | Process { 22 | 23 | $AppArrayList = Get-AppxProvisionedPackage -Online | Select-Object -ExpandProperty DisplayName 24 | 25 | foreach ($App in $AppArrayList) { 26 | if (($App -in $BlackListedApps)) { 27 | $AppExists = $True 28 | } 29 | } 30 | 31 | If ($AppExists) { 32 | Write-Output "All appx packages were not removed" 33 | Exit 1 34 | } 35 | else { 36 | Write-Output "All appx packages were removed" 37 | Exit 0 38 | } 39 | } -------------------------------------------------------------------------------- /Remove-Printer.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | .Synopsis 3 | Created on: 31/12/2021 4 | Created by: Ben Whitmore 5 | Filename: Remove-Printer.ps1 6 | 7 | powershell.exe -executionpolicy bypass -file .\Remove-Printer.ps1 -PrinterName "Canon Printer Upstairs" 8 | 9 | .Example 10 | .\Remove-Printer.ps1 -PrinterName "Canon Printer Upstairs" 11 | #> 12 | 13 | [CmdletBinding()] 14 | Param ( 15 | [Parameter(Mandatory = $True)] 16 | [String]$PrinterName 17 | ) 18 | 19 | Try { 20 | #Remove Printer 21 | $PrinterExist = Get-Printer -Name $PrinterName -ErrorAction SilentlyContinue 22 | if ($PrinterExist) { 23 | Remove-Printer -Name $PrinterName -Confirm:$false 24 | } 25 | } 26 | Catch { 27 | Write-Warning "Error removing Printer" 28 | Write-Warning "$($_.Exception.Message)" 29 | } -------------------------------------------------------------------------------- /Remove-WorkplaceUserJoinRegistration.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | .Synopsis 3 | Created: 21/06/21 4 | DEV ONLY: Author Ben Whitmore 5 | Purpose: Remove Workplace join registrations - RunAsUser 6 | 7 | .Example 8 | Remove-WorkplaceUserJoinRegistration.ps1 -TenantID "0cebf1f4-e0c4-46d4-8c5a-0fc80bed6b2c" -Remove 9 | #> 10 | 11 | Param( 12 | [Parameter(Mandatory = $False)] 13 | [Switch]$Remove, 14 | [Parameter(Mandatory = $True)] 15 | [String] $TenantId 16 | ) 17 | 18 | #Get JoinInfo Reg keys that match the TenantId 19 | $UserWPJPath = "HKCU:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WorkplaceJoin\JoinInfo" 20 | $UserWPJRegKeys = Get-ChildItem -Path $UserWPJPath 21 | $UserWPJRegKeysMatch = @() 22 | 23 | Foreach ($UserWPJRegKey in $UserWPJRegKeys) { 24 | $WorkPlaceRegKey = Join-Path -Path $UserWPJPath -Childpath $UserWPJRegKey.PSChildName 25 | Try { 26 | $KeyMatchJoininfo = Get-ItemProperty -Path $WorkPlaceRegKey -Name "TenantId" -ErrorAction SilentlyContinue 27 | $UserWPJPathMatch = $KeyMatchJoininfo | Where-Object { $_.TenantId -eq $TenantId } 28 | If (!($Null -eq $UserWPJPathMatch)) { 29 | $UserWPJRegKeysMatch += $UserWPJPathMatch.PSChildName 30 | } 31 | } 32 | Catch { 33 | } 34 | } 35 | 36 | #Write registry match for HKCU:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WorkplaceJoin\JoinInfo\ Where TenantId matched 37 | Foreach ($WPJRegKeyFound in $UserWPJRegKeysMatch) { 38 | Write-Host "AAD Registration match found at: ""HKCU:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WorkplaceJoin\Joininfo\$WPJRegKeyFound""" 39 | } 40 | 41 | #Get TenantInfo Reg keys that match the TenantId 42 | $TenantInfoPath = "HKCU:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WorkplaceJoin\TenantInfo" 43 | $TenantInfoPathRegKeys = Get-ChildItem -Path $TenantInfoPath 44 | $TenantInfoPathRegKeysMatch = @() 45 | 46 | Foreach ($TenantInfoPathRegKey in $TenantInfoPathRegKeys) { 47 | If ($TenantInfoPathRegKey.PSChildName -eq $TenantId) { 48 | $TenantInfoPathRegKeysMatch += $TenantInfoPathRegKey.PSChildName 49 | } 50 | } 51 | 52 | #Write registry match for HKCU:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WorkplaceJoin\TenantInfo\ Where TenantId matched 53 | Foreach ($AADRegTenantFound in $TenantInfoPathRegKeysMatch) { 54 | Write-Host "Tenant match found at: ""HKCU:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WorkplaceJoin\TenantInfo\$AADRegTenantFound""" 55 | } 56 | 57 | #Get Personal Certificate for AAD Registrations found in registry 58 | $Certs = @() 59 | Foreach ($Cert in $UserWPJRegKeysMatch) { 60 | Try { 61 | $AAD_Cert = Get-ChildItem -path Cert:\CurrentUser\My | Where-Object { $_.ThumbPrint -eq $Cert } -ErrorAction SilentlyContinue 62 | If ($AAD_Cert) { 63 | 64 | $Certs += $Cert 65 | } 66 | } 67 | Catch { 68 | } 69 | } 70 | 71 | #Write certificate match where thumbprints match AAD registry key registration information 72 | Foreach ($CertFound in $Certs) { 73 | Write-Host "Certificate found with Thumbprint ""$($CertFound)""" 74 | } 75 | 76 | #Remove Registry Keys and Certificates if the $Remove parameter is passed 77 | If ($Remove) { 78 | Write-Host "INFO: ""Remove"" parameter passed to script. Removing AAD Registration and certificates for Tenant ""$($TenantId)"" for the current user" -ForegroundColor Yellow 79 | 80 | #Remove registry for HKCU:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WorkplaceJoin\JoinInfo\ Where TenantId matched 81 | 82 | Foreach ($WPJRegKeyFound in $UserWPJRegKeysMatch) { 83 | Write-Host "Removing AAD Registration WPJ match found at: ""HKCU:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WorkplaceJoin\JoinInfo\$WPJRegKeyFound""" 84 | Remove-Item (Join-Path -Path "HKCU:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WorkplaceJoin\JoinInfo" -ChildPath $WPJRegKeyFound) -Force -Recurse 85 | } 86 | 87 | #Remove registry for HKCU:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WorkplaceJoin\TenantInfo\ Where TenantId matched 88 | Foreach ($AADTenantFound in $TenantInfoPathRegKeysMatch) { 89 | Write-Host "Removing AAD Registration Tenant match found at: ""HKCU:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WorkplaceJoin\TenantInfo\$AADTenantFound""" 90 | Remove-Item (Join-Path -Path "HKCU:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WorkplaceJoin\TenantInfo" -ChildPath $AADTenantFound) -Force -Recurse 91 | } 92 | 93 | #Remove Certificate(s) identified for AAD Join Where TenantId matched 94 | Foreach ($WPJRegKeyFound in $UserWPJRegKeysMatch) { 95 | Write-Host "Removing Certificate with Thumbprint: ""$($WPJRegKeyFound)""" 96 | Get-ChildItem -path Cert:\CurrentUser\My | Where-Object { $_.ThumbPrint -eq $WPJRegKeyFound } -ErrorAction SilentlyContinue | Remove-Item -Force -ErrorAction SilentlyContinue 97 | } 98 | 99 | #DSREGCMD Leave to clear up registration 100 | Start-Process $ENV:Windir\System32\dsregcmd.exe /leave 101 | } -------------------------------------------------------------------------------- /Render_XML_Function.ps1: -------------------------------------------------------------------------------- 1 | function WriteXmlToScreen ([xml]$xml) 2 | { 3 | $StringWriter = New-Object System.IO.StringWriter; 4 | $XmlWriter = New-Object System.Xml.XmlTextWriter $StringWriter; 5 | $XmlWriter.Formatting = "indented"; 6 | $xml.WriteTo($XmlWriter); 7 | $XmlWriter.Flush(); 8 | $StringWriter.Flush(); 9 | Write-Output $StringWriter.ToString(); 10 | } -------------------------------------------------------------------------------- /Toast_WU_Notification/Toast_WU_Detection.ps1: -------------------------------------------------------------------------------- 1 | $Path = "HKLM:\Software\!ProactiveRemediations" 2 | $Name = "20H2NotificationSchTaskCreated" 3 | $Value = 1 4 | 5 | $TargetDate = (Get-Date -Day 24 -Month 5 -Year 2021).ToString("ddMMyyy") 6 | $ClientDate = (Get-Date).ToString("ddMMyyy") 7 | 8 | If (!($TargetDate -eq $ClientDate)){ 9 | Write-Output "Remediation Target Date""$($TargetDate)"" not valid. Client date is $ClientDate. Remediation will not run." 10 | Exit 0 11 | } 12 | 13 | Try { 14 | $Registry = Get-ItemProperty -Path $Path -Name $Name | Select-Object -ExpandProperty $Name 15 | If ($Registry -eq $Value){ 16 | Write-Output "Remediation not required." 17 | Exit 0 18 | } 19 | Write-Output "Remediation required" 20 | Exit 1 21 | } 22 | Catch { 23 | Write-Warning "Error Caught. Remediation will not run." 24 | Exit 0 25 | } -------------------------------------------------------------------------------- /Toast_WU_Notification/Toast_WU_Notification.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | .NOTES 3 | =========================================================================== 4 | Created on: 17/05/2021 11:12 AM 5 | Created by: Maurice Daly / Ben Whitmore 6 | Organization: CloudWay 7 | Filename: Toast_WU_Notification.ps1 8 | =========================================================================== 9 | .DESCRIPTION 10 | Notify the logged on user of a pending Windows Updates Installation 11 | 12 | Adding multiple times to the $ToastTimes array will pop the toast at regular intervals 13 | #> 14 | 15 | Param 16 | ( 17 | [Parameter(Mandatory = $False)] 18 | [String]$ToastGUID 19 | ) 20 | 21 | #region ToastCustomisation 22 | 23 | #Create Toast variables, 24HR Time Format 24 | $ToastTimes = @("15:00", "16:00", "17:00") 25 | 26 | #Toast Message 27 | $ToastTitle = "an Important Update is Scheduled" 28 | $ToastText = "You MUST leave your computer on after 17:00 today. Failure to do so will result in a delay accessing your computer tomorrow" 29 | 30 | #Toast Images 31 | [uri]$ImageRepositoryUri = "https://raw.githubusercontent.com/byteben/Toast/master/" 32 | $BadgeImgName = "badgeimage.jpg" 33 | $HeroImgName = "heroimage.jpg" 34 | 35 | #ToastScenario: Alarm, Reminder 36 | $ToastScenario = "reminder" 37 | 38 | #ToastDuration: Short = 7s, Long = 25s 39 | $ToastDuration = "long" 40 | 41 | #endregion ToastCustomisation 42 | 43 | #region ToastRunningValues 44 | 45 | #Set Unique GUID for the Toast 46 | If (!($ToastGUID)) { 47 | $ToastGUID = ([guid]::NewGuid()).ToString().ToUpper() 48 | } 49 | 50 | #Format Time 51 | $TaskTimes = @() 52 | Foreach ($ToastTime in $ToastTimes) { 53 | $ToastTimeToUse = ([datetime]::ParseExact($ToastTime, "HH:mm", $null)) 54 | $TaskTimes += $ToastTimeToUse 55 | } 56 | 57 | #Current Directory 58 | $ScriptPath = $MyInvocation.MyCommand.Path 59 | $CurrentDir = Split-Path $ScriptPath 60 | 61 | #Set Toast Path to Temp Directory 62 | $ToastPath = (Join-Path $ENV:Windir -ChildPath "temp\$($ToastGUID)") 63 | 64 | #Set Toast PS File Name 65 | $ToastPSFile = $MyInvocation.MyCommand.Name 66 | 67 | #Create image destination variables 68 | $BadgeImage = Join-Path -Path $ENV:Windir -ChildPath "temp\$BadgeImgName" 69 | $HeroImage = Join-Path -Path $ENV:Windir -ChildPath "temp\$HeroImgName" 70 | 71 | #endregion ToastRunningValues 72 | 73 | #region ScriptFunctions 74 | 75 | # Toast function 76 | function Display-ToastNotification { 77 | 78 | #Check for Constrained Language Mode 79 | $PSExecutionContext = $ExecutionContext.SessionState.LanguageMode 80 | 81 | If ($PSExecutionContext -eq "ConstrainedLanguage") { 82 | Write-Warning "Execution Context is set to ConstrainedLanguage. Toast will not run. Ensure your AppLocker policy allow scripts to run from ""$($ToastPath)"" - or even better, sign the script and trust the publisher." 83 | Exit 1 84 | } 85 | 86 | #Force TLS1.2 Connection 87 | [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 88 | 89 | #Fetching images from URI 90 | $BadgeImageUri = [Uri]::new([Uri]::new($ImageRepositoryUri), $BadgeImgName).ToString() 91 | $HeroImageUri = [Uri]::new([Uri]::new($ImageRepositoryUri), $HeroImgName).ToString() 92 | New-Object uri $BadgeImageUri 93 | New-Object uri $HeroImageUri 94 | 95 | Invoke-WebRequest -UseBasicParsing -Uri $BadgeImageUri -OutFile $BadgeImage -ErrorAction SilentlyContinue 96 | Invoke-WebRequest -UseBasicParsing -Uri $HeroImageUri -OutFile $HeroImage -ErrorAction SilentlyContinue 97 | 98 | #Set COM App ID > To bring a URL on button press to focus use a browser for the appid e.g. MSEdge 99 | #$LauncherID = "Microsoft.SoftwareCenter.DesktopToasts" 100 | $LauncherID = "{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\WindowsPowerShell\v1.0\powershell.exe" 101 | #$Launcherid = "MSEdge" 102 | 103 | #Dont Create a Scheduled Task if the script is running in the context of the logged on user, only if SYSTEM fired the script i.e. Deployment from Intune/ConfigMgr 104 | If (([System.Security.Principal.WindowsIdentity]::GetCurrent()).Name -eq "NT AUTHORITY\SYSTEM") { 105 | 106 | #Prepare to stage Toast Notification Content in Toast Folder 107 | Try { 108 | 109 | #Create TEMP folder to stage Toast Notification Content in %TEMP% Folder 110 | New-Item $ToastPath -ItemType Directory -Force -ErrorAction Continue | Out-Null 111 | $ToastFiles = Get-ChildItem $CurrentDir -Filter *.ps1 -Recurse 112 | 113 | #Copy Toast Files to Toat TEMP folder 114 | ForEach ($ToastFile in $ToastFiles) { 115 | Copy-Item -Path (Join-Path -Path $CurrentDir -ChildPath $ToastFile) -Destination $ToastPath -ErrorAction Continue 116 | } 117 | } 118 | Catch { 119 | Write-Warning $_.Exception.Message 120 | } 121 | 122 | #Created Scheduled Tasks to run as Logged on User 123 | 124 | #New ToastFile to run for Scheduled Task 125 | 126 | $NewToastFile = Join-Path -Path $ToastPath -ChildPath $ToastPSFile 127 | 128 | #Create Trigger for eacdh time in $ToastTime 129 | $Task_Triggers = @() 130 | Foreach ($TaskTime in $TaskTimes) { 131 | $Task_Expiry = $TaskTime.AddSeconds(21600).ToString('s') #Task Expires after 6 hours 132 | $Task_Trigger = New-ScheduledTaskTrigger -Once -At $TaskTime 133 | $Task_Trigger.EndBoundary = $Task_Expiry 134 | $Task_Triggers += $Task_Trigger 135 | } 136 | 137 | $Task_Principal = New-ScheduledTaskPrincipal -GroupId "S-1-5-32-545" -RunLevel Limited 138 | $Task_Settings = New-ScheduledTaskSettingsSet -Compatibility V1 -DeleteExpiredTaskAfter (New-TimeSpan -Seconds 600) -AllowStartIfOnBatteries 139 | $Task_Action = New-ScheduledTaskAction -Execute "C:\WINDOWS\system32\WindowsPowerShell\v1.0\PowerShell.exe" -Argument "-NoProfile -WindowStyle Hidden -File ""$NewToastFile"" -ToastGUID ""$ToastGUID""" 140 | $New_Task = New-ScheduledTask -Description "Toast_Notification_$($ToastGuid) Task for user notification. Title: $($ToastTitle) :: Event:$($ToastText) :: Source Path: $($ToastPath) " -Action $Task_Action -Principal $Task_Principal -Trigger $Task_Triggers -Settings $Task_Settings 141 | Register-ScheduledTask -TaskName "Toast_Notification_$($ToastGuid)" -InputObject $New_Task 142 | 143 | #Create Reg key to flag Proactive Remediation as successful 144 | New-Item -Path "HKLM:\Software\!ProactiveRemediations" -ErrorAction SilentlyContinue 145 | New-ItemProperty -Path "HKLM:\Software\!ProactiveRemediations" -Name "20H2NotificationSchTaskCreated" -Type DWord -Value 1 -ErrorAction SilentlyContinue 146 | } 147 | 148 | #Run the toast if the script is running in the context of the Logged On User 149 | If (!(([System.Security.Principal.WindowsIdentity]::GetCurrent()).Name -eq "NT AUTHORITY\SYSTEM")) { 150 | 151 | $Log = (Join-Path $ENV:Windir "Temp\$($ToastGuid).log") 152 | Start-Transcript $Log 153 | 154 | #Get logged on user DisplayName 155 | #Try to get the DisplayName for Domain User 156 | $ErrorActionPreference = "Continue" 157 | 158 | Try { 159 | Write-Output "Trying Identity LogonUI Registry Key for Domain User info..." 160 | Get-Itemproperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI" -Name "LastLoggedOnDisplayName" -ErrorAction Stop | out-null 161 | $User = Get-Itemproperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI" -Name "LastLoggedOnDisplayName" | Select-Object -ExpandProperty LastLoggedOnDisplayName -ErrorAction Stop | out-null 162 | 163 | If ($Null -eq $User) { 164 | $Firstname = $Null 165 | } 166 | else { 167 | $DisplayName = $User.Split(" ") 168 | $Firstname = $DisplayName[0] 169 | } 170 | } 171 | Catch [System.Management.Automation.PSArgumentException] { 172 | "Registry Key Property missing" 173 | Write-Warning "Registry Key for LastLoggedOnDisplayName could not be found." 174 | $Firstname = $Null 175 | } 176 | Catch [System.Management.Automation.ItemNotFoundException] { 177 | "Registry Key itself is missing" 178 | Write-Warning "Registry value for LastLoggedOnDisplayName could not be found." 179 | $Firstname = $Null 180 | } 181 | 182 | #Try to get the DisplayName for Azure AD User 183 | If ($Null -eq $Firstname) { 184 | Write-Output "Trying Identity Store Cache for Azure AD User info..." 185 | Try { 186 | $UserSID = (whoami /user /fo csv | ConvertFrom-Csv).Sid 187 | $LogonCacheSID = (Get-ChildItem HKLM:\SOFTWARE\Microsoft\IdentityStore\LogonCache -Recurse -Depth 2 | Where-Object { $_.Name -match $UserSID }).Name 188 | If ($LogonCacheSID) { 189 | $LogonCacheSID = $LogonCacheSID.Replace("HKEY_LOCAL_MACHINE", "HKLM:") 190 | $User = Get-ItemProperty -Path $LogonCacheSID | Select-Object -ExpandProperty DisplayName -ErrorAction Stop 191 | $DisplayName = $User.Split(" ") 192 | $Firstname = $DisplayName[0] 193 | } 194 | else { 195 | Write-Warning "Could not get DisplayName property from Identity Store Cache for Azure AD User" 196 | $Firstname = $Null 197 | } 198 | } 199 | Catch [System.Management.Automation.PSArgumentException] { 200 | Write-Warning "Could not get DisplayName property from Identity Store Cache for Azure AD User" 201 | Write-Output "Resorting to whoami info for Toast DisplayName..." 202 | $Firstname = $Null 203 | } 204 | Catch [System.Management.Automation.ItemNotFoundException] { 205 | Write-Warning "Could not get SID from Identity Store Cache for Azure AD User" 206 | Write-Output "Resorting to whoami info for Toast DisplayName..." 207 | $Firstname = $Null 208 | } 209 | Catch { 210 | Write-Warning "Could not get SID from Identity Store Cache for Azure AD User" 211 | Write-Output "Resorting to whoami info for Toast DisplayName..." 212 | $Firstname = $Null 213 | } 214 | } 215 | 216 | #Try to get the DisplayName from whoami 217 | If ($Null -eq $Firstname) { 218 | Try { 219 | Write-Output "Trying Identity whoami.exe for DisplayName info..." 220 | $User = whoami.exe 221 | $Firstname = (Get-Culture).textinfo.totitlecase($User.Split("\")[1]) 222 | Write-Output "DisplayName retrieved from whoami.exe" 223 | } 224 | Catch { 225 | Write-Warning "Could not get DisplayName from whoami.exe" 226 | } 227 | } 228 | 229 | #If DisplayName could not be obtained, leave it blank 230 | If ($Null -eq $Firstname) { 231 | Write-Output "DisplayName could not be obtained, it will be blank in the Toast" 232 | } 233 | 234 | #Get Hour of Day and set Custom Hello 235 | $Hour = (Get-Date).Hour 236 | If ($Hour -lt 12) { $CustomHello = "Good Morning $($Firstname), $ToastTitle" } 237 | ElseIf ($Hour -gt 16) { $CustomHello = "Good Evening $($Firstname), $ToastTitle" } 238 | Else { $CustomHello = "Good Afternoon $($Firstname), $ToastTitle" } 239 | 240 | #Load Assemblies 241 | [Windows.UI.Notifications.ToastNotificationManager, Windows.UI.Notifications, ContentType = WindowsRuntime] | Out-Null 242 | [Windows.Data.Xml.Dom.XmlDocument, Windows.Data.Xml.Dom.XmlDocument, ContentType = WindowsRuntime] | Out-Null 243 | 244 | #Build XML ToastTemplate 245 | [xml]$ToastTemplate = @" 246 | 247 | 248 | 249 | $CustomHello 250 | $ToastText 251 | $Signature 252 | 253 | 254 | 255 | 256 | 258 | "@ 259 | 260 | #Build XML ActionTemplate 261 | [xml]$ActionTemplate = @" 262 | 263 | 264 | 265 | 266 | 267 | "@ 268 | 269 | #Define default actions to be added $ToastTemplate 270 | $Action_Node = $ActionTemplate.toast.actions 271 | 272 | #Append actions to $ToastTemplate 273 | [void]$ToastTemplate.toast.AppendChild($ToastTemplate.ImportNode($Action_Node, $true)) 274 | 275 | #Prepare XML 276 | $ToastXml = [Windows.Data.Xml.Dom.XmlDocument]::New() 277 | $ToastXml.LoadXml($ToastTemplate.OuterXml) 278 | 279 | #Prepare and Create Toast 280 | $ToastMessage = [Windows.UI.Notifications.ToastNotification]::New($ToastXML) 281 | [Windows.UI.Notifications.ToastNotificationManager]::CreateToastNotifier($LauncherID).Show($ToastMessage) 282 | 283 | Stop-Transcript 284 | } 285 | } 286 | #endregion RegionName 287 | 288 | #region ScriptRunningCode 289 | 290 | Display-ToastNotification 291 | 292 | #Endregion ScriptRunningCode -------------------------------------------------------------------------------- /Uninstall_Font.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | =========================================================================== 3 | Created on: 04/07/2020 13:06 4 | Created by: Ben Whitmore 5 | Organization: - 6 | Filename: Uninstall_Font.ps1 7 | =========================================================================== 8 | 9 | Version: 10 | 1.0 11 | 12 | #> 13 | 14 | #Set Current Directory 15 | $ScriptPath = $MyInvocation.MyCommand.Path 16 | $CurrentDir = Split-Path $ScriptPath 17 | 18 | #Set Font Reg Key Path 19 | $FontRegPath = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts" 20 | 21 | #Grab the Font from the Current Directory 22 | foreach ($File in $(Get-ChildItem -Path $CurrentDir -Include *.ttf, *.otf, *.fon, *.fnt -Recurse)) { 23 | 24 | #Remove the Font from the Windows Font Directory 25 | Remove-Item (Join-Path "C:\Windows\Fonts\" $File.Name) -Force | Out-Null 26 | 27 | #Remove the corresponding Registry Key 28 | Remove-ItemProperty -Path $FontRegPath -Name $File.Name | Out-Null 29 | } -------------------------------------------------------------------------------- /UnsupportedApps/Adobe Apps/Detect-AdobeApps.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | .SYNOPSIS 3 | Detection Script for unsupported applications 4 | .DESCRIPTION 5 | This script is designed to be run as a Proactive Remediation. 6 | The BadApps array contains application names that are considered unsupported by the company. 7 | If no BadApps are found, the exit code of the script is 0 (Do not remediate). If BadApps are found, the exit code is 1 (Remediate) 8 | .EXAMPLE 9 | Detect-AdobeApps.ps1 (Run in the User Context) 10 | .NOTES 11 | FileName: Detect-AdobeApps.ps1 12 | Author: Ben Whitmore 13 | Contributor: Jan Ketil Skanke 14 | Contact: @byteben 15 | Created: 2022-11-Mar 16 | 17 | Version history: 18 | 2.0.0 - (2022-03-01) Split Detection/Remeiation scripts and used Invoke-WebRequest instead of WebClient .NET http download 19 | #> 20 | 21 | #region SCRIPTVARIABLES 22 | $BadApps = @( 23 | "Adobe Shockwave Player" 24 | "Adobe Flash Player" 25 | "Adobe Air" 26 | ) 27 | #endregion 28 | 29 | # Function to get all Installed Applications 30 | function Get-InstalledApplications() { 31 | param( 32 | [string]$UserSid 33 | ) 34 | 35 | New-PSDrive -PSProvider Registry -Name "HKU" -Root HKEY_USERS | Out-Null 36 | $regpath = @("HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*") 37 | $regpath += "HKU:\$UserSid\Software\Microsoft\Windows\CurrentVersion\Uninstall\*" 38 | if (-not ([IntPtr]::Size -eq 4)) { 39 | $regpath += "HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*" 40 | $regpath += "HKU:\$UserSid\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*" 41 | } 42 | $PropertyNames = 'DisplayName', 'DisplayVersion', 'Publisher', 'UninstallString' 43 | $Apps = Get-ItemProperty $regpath -Name $PropertyNames -ErrorAction SilentlyContinue | . { process { if ($_.DisplayName) { $_ } } } | Select-Object DisplayName, DisplayVersion, Publisher | Sort-Object DisplayName 44 | Remove-PSDrive -Name "HKU" | Out-Null 45 | Return $Apps 46 | } 47 | #end function 48 | 49 | #region GETSID 50 | #Get SID of current interactive users 51 | $CurrentLoggedOnUser = (Get-CimInstance win32_computersystem).UserName 52 | if (-not ([string]::IsNullOrEmpty($CurrentLoggedOnUser))) { 53 | $AdObj = New-Object System.Security.Principal.NTAccount($CurrentLoggedOnUser) 54 | $strSID = $AdObj.Translate([System.Security.Principal.SecurityIdentifier]) 55 | $UserSid = $strSID.Value 56 | } 57 | else { 58 | $UserSid = $null 59 | } 60 | #endregion 61 | 62 | #region APPINVENTORY 63 | #Get Apps for system and current user 64 | $MyApps = Get-InstalledApplications -UserSid $UserSid 65 | $UniqueApps = ($MyApps | Group-Object Displayname | Where-Object { $_.Count -eq 1 }).Group 66 | $DuplicatedApps = ($MyApps | Group-Object Displayname | Where-Object { $_.Count -gt 1 }).Group 67 | $NewestDuplicateApp = ($DuplicatedApps | Group-Object DisplayName) | ForEach-Object { $_.Group | Sort-Object [version]DisplayVersion -Descending | Select-Object -First 1 } 68 | $CleanAppList = $UniqueApps + $NewestDuplicateApp | Sort-Object DisplayName 69 | 70 | #Build App Array 71 | $AppArray = @() 72 | foreach ($App in $CleanAppList) { 73 | $tempapp = New-Object -TypeName PSObject 74 | $tempapp | Add-Member -MemberType NoteProperty -Name "AppName" -Value $App.DisplayName -Force 75 | $tempapp | Add-Member -MemberType NoteProperty -Name "AppVersion" -Value $App.DisplayVersion -Force 76 | $tempapp | Add-Member -MemberType NoteProperty -Name "AppPublisher" -Value $App.Publisher -Force 77 | $AppArray += $tempapp 78 | } 79 | $AppPayLoad = $AppArray 80 | #endregion APPINVENTORY 81 | 82 | #region Find Bad Apps 83 | $BadAppFound = $Null 84 | $BadAppArray = @() 85 | 86 | Foreach ($App in $AppPayLoad) { 87 | Foreach ($BadApp in $BadApps) { 88 | If ($App.AppName -like "*$BadApp*") { 89 | $tempbadapp = New-Object -TypeName PSObject 90 | $tempbadapp | Add-Member -MemberType NoteProperty -Name "AppName" -Value $App.AppName -Force 91 | $tempbadapp | Add-Member -MemberType NoteProperty -Name "AppVersion" -Value $App.AppVersion -Force 92 | $tempbadapp | Add-Member -MemberType NoteProperty -Name "AppPublisher" -Value $App.AppPublisher -Force 93 | $BadAppArray += $tempbadapp 94 | $BadAppFound = $True 95 | } 96 | } 97 | } 98 | $BadAppPayLoad = $BadAppArray 99 | 100 | If ($BadAppFound) { 101 | #Write-Output for Proactive Remediation 102 | $BadAppPayLoadOutput = $BadAppPayLoad | ConvertTo-Json -Compress 103 | Write-Output $BadAppPayLoadOutput 104 | Exit 1 105 | } 106 | else { 107 | Write-Output "OK" 108 | Exit 0 109 | } 110 | #endregion -------------------------------------------------------------------------------- /UnsupportedApps/Adobe Apps/Remediate-AdobeApps.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | .SYNOPSIS 3 | Remediation Script for unsupported applications 4 | .DESCRIPTION 5 | This script is designed to be run as a Proactive Remediation. 6 | The BadApps array contains application names that are considered unsupported by the company. 7 | If BadApps are found, a Toast Notification is displayed to the user informing them to remove the unsupported applications. 8 | .EXAMPLE 9 | Remediate-AdobeApps.ps1 (Run in the User Context) 10 | .NOTES 11 | FileName: Remediate-AdobeApps.ps1 12 | Author: Ben Whitmore 13 | Contributor: Jan Ketil Skanke 14 | Contact: @byteben 15 | Created: 2022-11-Mar 16 | 17 | Version history: 18 | 2.0.0 - (2022-03-01) Split Detection/Remeiation scripts and used Invoke-WebRequest instead of WebClient .NET http download 19 | #> 20 | 21 | #region SCRIPTVARIABLES 22 | $BadApps = @( 23 | "Adobe Shockwave Player" 24 | "Adobe Flash Player" 25 | "Adobe Air" 26 | ) 27 | $CustomHandlerDisplayName = "CloudWay Notifications" 28 | $CustomHandlerAppID = "CustomToastNotify" 29 | $GoodMorning = "Good Morning" 30 | $GoodAfternoon = "Good Afternoon" 31 | $GoodEvening = "Good Evening" 32 | $ToastImageSource = "https://azurefilesnorway.blob.core.windows.net/brandingpictures/CW/CloudWay_Toast_364x180.png" #ToastImage should be 364px x 180px 33 | $ToastImage = Join-Path -Path $ENV:temp -ChildPath "ToastImage.jpg" #ToastImageSource is downloaded to this location 34 | $ToastDuration = "long" #ToastDuration: Short = 7s, Long = 25s 35 | $ToastScenario = "reminder" #ToastScenario: Default | Reminder | Alarm 36 | $ToastTitle = "Adobe apps found on your computer" 37 | $ToastText = "Please uninstall the following Adobe applications at your earliest convenience as they pose a security risk to your computer:-" 38 | $SnoozeTitle = "Set Reminder" 39 | $SnoozeMessage = "Remind me again in" 40 | $LogFile = Join-Path -Path $env:TEMP -ChildPath "UnsupportedAppsFound-Adobe.log" 41 | #endregion 42 | 43 | # Function to get all Installed Applications 44 | function Get-InstalledApplications() { 45 | param( 46 | [string]$UserSid 47 | ) 48 | 49 | New-PSDrive -PSProvider Registry -Name "HKU" -Root HKEY_USERS | Out-Null 50 | $regpath = @("HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*") 51 | $regpath += "HKU:\$UserSid\Software\Microsoft\Windows\CurrentVersion\Uninstall\*" 52 | if (-not ([IntPtr]::Size -eq 4)) { 53 | $regpath += "HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*" 54 | $regpath += "HKU:\$UserSid\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*" 55 | } 56 | $PropertyNames = 'DisplayName', 'DisplayVersion', 'Publisher', 'UninstallString' 57 | $Apps = Get-ItemProperty $regpath -Name $PropertyNames -ErrorAction SilentlyContinue | . { process { if ($_.DisplayName) { $_ } } } | Select-Object DisplayName, DisplayVersion, Publisher | Sort-Object DisplayName 58 | Remove-PSDrive -Name "HKU" | Out-Null 59 | Return $Apps 60 | } 61 | #end function 62 | # Function Write Log Entry 63 | function Write-LogEntry { 64 | param ( 65 | [parameter(Mandatory = $true)] 66 | [ValidateNotNullOrEmpty()] 67 | [string]$Value, 68 | [parameter(Mandatory = $false)] 69 | [ValidateNotNullOrEmpty()] 70 | [string]$FileName = $($LogName), 71 | [switch]$Stamp 72 | ) 73 | 74 | #Build Log File appending System Date/Time to output 75 | $Time = -join @((Get-Date -Format "HH:mm:ss.fff"), " ", (Get-WmiObject -Class Win32_TimeZone | Select-Object -ExpandProperty Bias)) 76 | $Date = (Get-Date -Format "MM-dd-yyyy") 77 | 78 | If ($Stamp) { 79 | $LogText = "<$($Value)> " 80 | } 81 | else { 82 | $LogText = "$($Value)" 83 | } 84 | 85 | Try { 86 | Out-File -InputObject $LogText -Append -NoClobber -Encoding Default -FilePath $LogFile -ErrorAction Stop 87 | } 88 | Catch [System.Exception] { 89 | Write-Warning -Message "Unable to add log entry to $LogFile.log file. Error message at line $($_.InvocationInfo.ScriptLineNumber): $($_.Exception.Message)" 90 | } 91 | } 92 | #end function 93 | 94 | #region RESETLOG 95 | If (Test-Path -Path $LogFile) { 96 | Remove-Item $LogFile -Force | Out-Null 97 | } 98 | #endregion 99 | 100 | #region FETCHIMAGE 101 | New-Object uri $ToastImageSource 102 | 103 | #Test if URL is valid 104 | Try { 105 | #Attempt URL get and set Status Code variable 106 | $URLRequest = Invoke-WebRequest -UseBasicParsing -URI $ToastImageSource -ErrorAction SilentlyContinue 107 | $StatusCode = $URLRequest.StatusCode 108 | Write-LogEntry -Stamp -Value "Attempting to download $ToastImageSource" 109 | Write-LogEntry -Stamp -Value "Download status code is $StatusCode" 110 | } 111 | Catch { 112 | #Catch Status Code on error 113 | $StatusCode = $_.Exception.Response.StatusCode.value__ 114 | Exit 1 115 | } 116 | 117 | #If URL exists 118 | If ($StatusCode -eq 200) { 119 | #Attempt File download 120 | Try { 121 | Invoke-WebRequest -UseBasicParsing -Uri $ToastImageSource -OutFile $ToastImage -ErrorAction SilentlyContinue 122 | #If download was successful, test the file was saved to the correct directory 123 | If (!(Test-Path -Path $ToastImage)) { 124 | Write-LogEntry -Stamp -Value "The download was interrupted or an error occured moving the file to the destination specified" 125 | Write-Output "The download was interrupted or an error occured moving the file to the destination specified" 126 | Exit 1 127 | } 128 | } 129 | Catch { 130 | #Catch any errors during the file download 131 | Write-LogEntry -Stamp -Value "Error downloading file: $ToastImageSource" 132 | write-Output "Error downloading file: $ToastImageSource" 133 | Exit 1 134 | } 135 | } 136 | else { 137 | #For anything other than status 200 (URL OK), throw a warning 138 | Write-LogEntry -Stamp -Value "URL Does not exists or the website is down. Status Code: $StatusCode" 139 | Write-Output "URL Does not exists or the website is down. Status Code: $StatusCode" 140 | Exit 1 141 | } 142 | #endregion 143 | 144 | #region GETSID 145 | #Get SID of current interactive users 146 | 147 | $CurrentLoggedOnUser = (Get-CimInstance win32_computersystem).UserName 148 | if (-not ([string]::IsNullOrEmpty($CurrentLoggedOnUser))) { 149 | $AdObj = New-Object System.Security.Principal.NTAccount($CurrentLoggedOnUser) 150 | $strSID = $AdObj.Translate([System.Security.Principal.SecurityIdentifier]) 151 | $UserSid = $strSID.Value 152 | } 153 | else { 154 | $UserSid = $null 155 | } 156 | #endregion 157 | 158 | #region APPINVENTORY 159 | #Get Apps for system and current user 160 | $MyApps = Get-InstalledApplications -UserSid $UserSid 161 | $UniqueApps = ($MyApps | Group-Object Displayname | Where-Object { $_.Count -eq 1 }).Group 162 | $DuplicatedApps = ($MyApps | Group-Object Displayname | Where-Object { $_.Count -gt 1 }).Group 163 | $NewestDuplicateApp = ($DuplicatedApps | Group-Object DisplayName) | ForEach-Object { $_.Group | Sort-Object [version]DisplayVersion -Descending | Select-Object -First 1 } 164 | $CleanAppList = $UniqueApps + $NewestDuplicateApp | Sort-Object DisplayName 165 | 166 | #Build App Array 167 | $AppArray = @() 168 | foreach ($App in $CleanAppList) { 169 | $tempapp = New-Object -TypeName PSObject 170 | $tempapp | Add-Member -MemberType NoteProperty -Name "AppName" -Value $App.DisplayName -Force 171 | $tempapp | Add-Member -MemberType NoteProperty -Name "AppVersion" -Value $App.DisplayVersion -Force 172 | $tempapp | Add-Member -MemberType NoteProperty -Name "AppPublisher" -Value $App.Publisher -Force 173 | $AppArray += $tempapp 174 | } 175 | 176 | $AppPayLoad = $AppArray 177 | $AppPayLoadLog = $AppPayLoad | Out-String 178 | Write-LogEntry -Value "################Unique Apps Found################" 179 | Write-LogEntry -Stamp -Value $AppPayLoadLog 180 | #endregion APPINVENTORY 181 | 182 | #region Find Bad Apps 183 | $BadAppsLog = $BadApps | Out-String 184 | Write-LogEntry -Value "################Unsupported Apps being searched for################" 185 | Write-LogEntry -Stamp -Value $BadAppsLog 186 | $BadAppArray = @() 187 | 188 | Foreach ($App in $AppPayLoad) { 189 | Foreach ($BadApp in $BadApps) { 190 | If ($App.AppName -like "*$BadApp*") { 191 | $tempbadapp = New-Object -TypeName PSObject 192 | $tempbadapp | Add-Member -MemberType NoteProperty -Name "AppName" -Value $App.AppName -Force 193 | $tempbadapp | Add-Member -MemberType NoteProperty -Name "AppVersion" -Value $App.AppVersion -Force 194 | $tempbadapp | Add-Member -MemberType NoteProperty -Name "AppPublisher" -Value $App.AppPublisher -Force 195 | $BadAppArray += $tempbadapp 196 | } 197 | } 198 | } 199 | $BadAppPayLoad = $BadAppArray 200 | 201 | #Update Event Text Message to include bad apps 202 | $EventText = $EventText + "`n" 203 | Foreach ($BadApp2 in $BadAppPayload) { 204 | $EventText = $EventText + "`n- $($BadApp2.AppName)" 205 | } 206 | Write-LogEntry -Value "################Toast Notification Details################" 207 | Write-LogEntry -Stamp -Value $EventText 208 | #endregion 209 | 210 | $BadAppPayLoadLog = $BadAppPayLoad | Out-String 211 | Write-LogEntry -Value "################Unsupported Apps Found################" 212 | Write-LogEntry -Stamp -Value $BadAppPayLoadLog 213 | 214 | #region CUSTOMHANDLER 215 | #https://docs.microsoft.com/en-us/windows/apps/design/shell/tiles-and-notifications/send-local-toast-other-apps 216 | $CustomToastNotifyRegKey = "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Notifications\Settings\$CustomHandlerAppID" 217 | $CustomHandlerClassRegKey = "HKCU:\Software\Classes\AppUserModelId" 218 | 219 | Try { 220 | If (!(Test-Path -Path $CustomToastNotifyRegKey)) { 221 | New-Item -Path $CustomToastNotifyRegKey -Force | Out-Null 222 | New-ItemProperty -Path $CustomToastNotifyRegKey -Name "ShowInActionCenter" -Value 1 -PropertyType DWORD -Force | Out-Null 223 | } 224 | } 225 | Catch { 226 | $_.Exception.Message 227 | } 228 | 229 | Try { 230 | If (!(Test-Path -Path $CustomHandlerClassRegKey)) { 231 | New-Item -Path $CustomHandlerClassRegKey -Name $CustomHandlerAppID -Force | Out-Null 232 | New-ItemProperty -Path $CustomHandlerClassRegKey\$CustomHandlerAppID -Name "DisplayName" -Value $CustomHandlerDisplayName -PropertyType String -Force | Out-Null 233 | New-ItemProperty -Path $CustomHandlerClassRegKey\$CustomHandlerAppID -Name "ShowInSettings" -Value 0 -PropertyType DWORD -Force | Out-Null 234 | } 235 | } 236 | Catch { 237 | $_.Exception.Message 238 | } 239 | 240 | Try { 241 | If ((Get-ItemProperty -Path $CustomHandlerClassRegKey\$CustomHandlerAppID -Name "DisplayName" -ErrorAction SilentlyContinue | Select-Object -ExpandProperty DisplayName -ErrorAction SilentlyContinue) -ne $CustomHandlerDisplayName) { 242 | New-ItemProperty -Path $CustomHandlerClassRegKey\$CustomHandlerAppID -Name "DisplayName" -Value $CustomHandlerDisplayName -PropertyType String -Force | Out-Null 243 | } 244 | } 245 | Catch { 246 | $_.Exception.Message 247 | } 248 | #endregion 249 | 250 | #region TOAST 251 | #Get Hour of Day and set Custom Hello 252 | $Hour = (Get-Date).Hour 253 | If ($Hour -lt 12) { $CustomHello = $GoodMorning + ". " } 254 | ElseIf ($Hour -gt 16) { $CustomHello = $GoodEvening + ". " } 255 | Else { $CustomHello = $GoodAfternoon + ". " } 256 | 257 | $CustomHello = $CustomHello + $ToastText 258 | 259 | #Load Assemblies 260 | [Windows.UI.Notifications.ToastNotificationManager, Windows.UI.Notifications, ContentType = WindowsRuntime] | Out-Null 261 | [Windows.Data.Xml.Dom.XmlDocument, Windows.Data.Xml.Dom.XmlDocument, ContentType = WindowsRuntime] | Out-Null 262 | 263 | #Build XML ToastTemplate 264 | [xml]$ToastTemplate = @" 265 | 266 | 267 | 268 | $ToastTitle 269 | $CustomHello 270 | 271 | 272 | 273 | $EventText 274 | 275 | 276 | 277 | 278 | 291 | "@ 292 | 293 | #Prepare XML 294 | $ToastXml = [Windows.Data.Xml.Dom.XmlDocument]::New() 295 | $ToastXml.LoadXml($ToastTemplate.OuterXml) 296 | 297 | #Prepare and Create Toast 298 | $ToastMessage = [Windows.UI.Notifications.ToastNotification]::New($ToastXML) 299 | [Windows.UI.Notifications.ToastNotificationManager]::CreateToastNotifier($CustomHandlerAppID).Show($ToastMessage) 300 | #endregion 301 | Exit 0 -------------------------------------------------------------------------------- /UnsupportedApps/Java Apps/Detect-JavaApps.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | .SYNOPSIS 3 | Detection Script for unsupported applications 4 | .DESCRIPTION 5 | This script is designed to be run as a Proactive Remediation. 6 | The BadApps array contains application names that are considered unsupported by the company. 7 | If no BadApps are found, the exit code of the script is 0 (Do not remediate). If BadApps are found, the exit code is 1 (Remediate) 8 | .EXAMPLE 9 | Detect-JavaApps.ps1 (Run in the User Context) 10 | .NOTES 11 | FileName: Detect-JavaApps.ps1 12 | Author: Ben Whitmore 13 | Contributor: Jan Ketil Skanke 14 | Contact: @byteben 15 | Created: 2022-11-Mar 16 | 17 | Version history: 18 | 2.0.0 - (2022-03-01) Split Detection/Remeiation scripts and used Invoke-WebRequest instead of WebClient .NET http download 19 | #> 20 | 21 | #region SCRIPTVARIABLES 22 | $BadApps = @( 23 | "Java 6" 24 | "Java SE Development Kit 6" 25 | "Java(TM) SE Development Kit 6" 26 | "Java(TM) 6" 27 | "Java 7" 28 | "Java SE Development Kit 7" 29 | "Java(TM) SE Development Kit 7" 30 | "Java(TM) 7" 31 | ) 32 | #endregion 33 | 34 | # Function to get all Installed Applications 35 | function Get-InstalledApplications() { 36 | param( 37 | [string]$UserSid 38 | ) 39 | 40 | New-PSDrive -PSProvider Registry -Name "HKU" -Root HKEY_USERS | Out-Null 41 | $regpath = @("HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*") 42 | $regpath += "HKU:\$UserSid\Software\Microsoft\Windows\CurrentVersion\Uninstall\*" 43 | if (-not ([IntPtr]::Size -eq 4)) { 44 | $regpath += "HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*" 45 | $regpath += "HKU:\$UserSid\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*" 46 | } 47 | $PropertyNames = 'DisplayName', 'DisplayVersion', 'Publisher', 'UninstallString' 48 | $Apps = Get-ItemProperty $regpath -Name $PropertyNames -ErrorAction SilentlyContinue | . { process { if ($_.DisplayName) { $_ } } } | Select-Object DisplayName, DisplayVersion, Publisher | Sort-Object DisplayName 49 | Remove-PSDrive -Name "HKU" | Out-Null 50 | Return $Apps 51 | } 52 | #end function 53 | 54 | #region GETSID 55 | #Get SID of current interactive users 56 | $CurrentLoggedOnUser = (Get-CimInstance win32_computersystem).UserName 57 | if (-not ([string]::IsNullOrEmpty($CurrentLoggedOnUser))) { 58 | $AdObj = New-Object System.Security.Principal.NTAccount($CurrentLoggedOnUser) 59 | $strSID = $AdObj.Translate([System.Security.Principal.SecurityIdentifier]) 60 | $UserSid = $strSID.Value 61 | } 62 | else { 63 | $UserSid = $null 64 | } 65 | #endregion 66 | 67 | #region APPINVENTORY 68 | #Get Apps for system and current user 69 | $MyApps = Get-InstalledApplications -UserSid $UserSid 70 | $UniqueApps = ($MyApps | Group-Object Displayname | Where-Object { $_.Count -eq 1 }).Group 71 | $DuplicatedApps = ($MyApps | Group-Object Displayname | Where-Object { $_.Count -gt 1 }).Group 72 | $NewestDuplicateApp = ($DuplicatedApps | Group-Object DisplayName) | ForEach-Object { $_.Group | Sort-Object [version]DisplayVersion -Descending | Select-Object -First 1 } 73 | $CleanAppList = $UniqueApps + $NewestDuplicateApp | Sort-Object DisplayName 74 | 75 | #Build App Array 76 | $AppArray = @() 77 | foreach ($App in $CleanAppList) { 78 | $tempapp = New-Object -TypeName PSObject 79 | $tempapp | Add-Member -MemberType NoteProperty -Name "AppName" -Value $App.DisplayName -Force 80 | $tempapp | Add-Member -MemberType NoteProperty -Name "AppVersion" -Value $App.DisplayVersion -Force 81 | $tempapp | Add-Member -MemberType NoteProperty -Name "AppPublisher" -Value $App.Publisher -Force 82 | $AppArray += $tempapp 83 | } 84 | $AppPayLoad = $AppArray 85 | #endregion APPINVENTORY 86 | 87 | #region Find Bad Apps 88 | $BadAppFound = $Null 89 | $BadAppArray = @() 90 | 91 | Foreach ($App in $AppPayLoad) { 92 | Foreach ($BadApp in $BadApps) { 93 | If ($App.AppName -like "*$BadApp*") { 94 | $tempbadapp = New-Object -TypeName PSObject 95 | $tempbadapp | Add-Member -MemberType NoteProperty -Name "AppName" -Value $App.AppName -Force 96 | $tempbadapp | Add-Member -MemberType NoteProperty -Name "AppVersion" -Value $App.AppVersion -Force 97 | $tempbadapp | Add-Member -MemberType NoteProperty -Name "AppPublisher" -Value $App.AppPublisher -Force 98 | $BadAppArray += $tempbadapp 99 | $BadAppFound = $True 100 | } 101 | } 102 | } 103 | $BadAppPayLoad = $BadAppArray 104 | 105 | If ($BadAppFound) { 106 | #Write-Output for Proactive Remediation 107 | $BadAppPayLoadOutput = $BadAppPayLoad | ConvertTo-Json -Compress 108 | Write-Output $BadAppPayLoadOutput 109 | Exit 1 110 | } 111 | else { 112 | Write-Output "OK" 113 | Exit 0 114 | } 115 | #endregion -------------------------------------------------------------------------------- /UnsupportedApps/Java Apps/Remediate-JavaApps.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | .SYNOPSIS 3 | Remediation Script for unsupported applications 4 | .DESCRIPTION 5 | This script is designed to be run as a Proactive Remediation. 6 | The BadApps array contains application names that are considered unsupported by the company. 7 | If BadApps are found, a Toast Notification is displayed to the user informing them to remove the unsupported applications. 8 | .EXAMPLE 9 | RemediateJavaApps.ps1 (Run in the User Context) 10 | .NOTES 11 | FileName: Remediate-JavaApps.ps1 12 | Author: Ben Whitmore 13 | Contributor: Jan Ketil Skanke 14 | Contact: @byteben 15 | Created: 2022-11-Mar 16 | 17 | Version history: 18 | 2.0.0 - (2022-03-01) Split Detection/Remeiation scripts and used Invoke-WebRequest instead of WebClient .NET http download 19 | #> 20 | 21 | #region SCRIPTVARIABLES 22 | 23 | $BadApps = @( 24 | "Java 6" 25 | "Java SE Development Kit 6" 26 | "Java(TM) SE Development Kit 6" 27 | "Java(TM) 6" 28 | "Java 7" 29 | "Java SE Development Kit 7" 30 | "Java(TM) SE Development Kit 7" 31 | "Java(TM) 7" 32 | ) 33 | 34 | $CustomHandlerDisplayName = "CloudWay Notifications" 35 | $CustomHandlerAppID = "CustomToastNotify" 36 | $GoodMorning = "Good Morning" 37 | $GoodAfternoon = "Good Afternoon" 38 | $GoodEvening = "Good Evening" 39 | $ToastImageSource = "https://azurefilesnorway.blob.core.windows.net/brandingpictures/CW/CloudWay_Toast_364x180.png" #ToastImage should be 364px x 180px 40 | $ToastImage = Join-Path -Path $ENV:temp -ChildPath "ToastImage.jpg" #ToastImageSource is downloaded to this location 41 | $ToastDuration = "long" #ToastDuration: Short = 7s, Long = 25s 42 | $ToastScenario = "reminder" #ToastScenario: Default | Reminder | Alarm 43 | $ToastTitle = "Java apps found on your computer" 44 | $ToastText = "If not required, please uninstall the following Java applications at your earliest convenience as they pose a security risk to your computer:-" 45 | $SnoozeTitle = "Set Reminder" 46 | $SnoozeMessage = "Remind me again in" 47 | $LogFile = Join-Path -Path $env:TEMP -ChildPath "UnsupportedAppsFound-Java.log" 48 | #endregion 49 | 50 | # Function to get all Installed Applications 51 | function Get-InstalledApplications() { 52 | param( 53 | [string]$UserSid 54 | ) 55 | 56 | New-PSDrive -PSProvider Registry -Name "HKU" -Root HKEY_USERS | Out-Null 57 | $regpath = @("HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*") 58 | $regpath += "HKU:\$UserSid\Software\Microsoft\Windows\CurrentVersion\Uninstall\*" 59 | if (-not ([IntPtr]::Size -eq 4)) { 60 | $regpath += "HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*" 61 | $regpath += "HKU:\$UserSid\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*" 62 | } 63 | $PropertyNames = 'DisplayName', 'DisplayVersion', 'Publisher', 'UninstallString' 64 | $Apps = Get-ItemProperty $regpath -Name $PropertyNames -ErrorAction SilentlyContinue | . { process { if ($_.DisplayName) { $_ } } } | Select-Object DisplayName, DisplayVersion, Publisher | Sort-Object DisplayName 65 | Remove-PSDrive -Name "HKU" | Out-Null 66 | Return $Apps 67 | } 68 | #end function 69 | # Function Write Log Entry 70 | function Write-LogEntry { 71 | param ( 72 | [parameter(Mandatory = $true)] 73 | [ValidateNotNullOrEmpty()] 74 | [string]$Value, 75 | [parameter(Mandatory = $false)] 76 | [ValidateNotNullOrEmpty()] 77 | [string]$FileName = $($LogName), 78 | [switch]$Stamp 79 | ) 80 | 81 | #Build Log File appending System Date/Time to output 82 | $Time = -join @((Get-Date -Format "HH:mm:ss.fff"), " ", (Get-WmiObject -Class Win32_TimeZone | Select-Object -ExpandProperty Bias)) 83 | $Date = (Get-Date -Format "MM-dd-yyyy") 84 | 85 | If ($Stamp) { 86 | $LogText = "<$($Value)> " 87 | } 88 | else { 89 | $LogText = "$($Value)" 90 | } 91 | 92 | Try { 93 | Out-File -InputObject $LogText -Append -NoClobber -Encoding Default -FilePath $LogFile -ErrorAction Stop 94 | } 95 | Catch [System.Exception] { 96 | Write-Warning -Message "Unable to add log entry to $LogFile.log file. Error message at line $($_.InvocationInfo.ScriptLineNumber): $($_.Exception.Message)" 97 | } 98 | } 99 | #end function 100 | 101 | #region RESETLOG 102 | If (Test-Path -Path $LogFile) { 103 | Remove-Item $LogFile -Force | Out-Null 104 | } 105 | #endregion 106 | 107 | #region FETCHIMAGE 108 | New-Object uri $ToastImageSource 109 | 110 | #Test if URL is valid 111 | Try { 112 | #Attempt URL get and set Status Code variable 113 | $URLRequest = Invoke-WebRequest -UseBasicParsing -URI $ToastImageSource -ErrorAction SilentlyContinue 114 | $StatusCode = $URLRequest.StatusCode 115 | Write-LogEntry -Stamp -Value "Attempting to download $ToastImageSource" 116 | Write-LogEntry -Stamp -Value "Download status code is $StatusCode" 117 | } 118 | Catch { 119 | #Catch Status Code on error 120 | $StatusCode = $_.Exception.Response.StatusCode.value__ 121 | Exit 1 122 | } 123 | 124 | #If URL exists 125 | If ($StatusCode -eq 200) { 126 | #Attempt File download 127 | Try { 128 | Invoke-WebRequest -UseBasicParsing -Uri $ToastImageSource -OutFile $ToastImage -ErrorAction SilentlyContinue 129 | #If download was successful, test the file was saved to the correct directory 130 | If (!(Test-Path -Path $ToastImage)) { 131 | Write-LogEntry -Stamp -Value "The download was interrupted or an error occured moving the file to the destination specified" 132 | Write-Output "The download was interrupted or an error occured moving the file to the destination specified" 133 | Exit 1 134 | } 135 | } 136 | Catch { 137 | #Catch any errors during the file download 138 | Write-LogEntry -Stamp -Value "Error downloading file: $ToastImageSource" 139 | write-Output "Error downloading file: $ToastImageSource" 140 | Exit 1 141 | } 142 | } 143 | else { 144 | #For anything other than status 200 (URL OK), throw a warning 145 | Write-LogEntry -Stamp -Value "URL Does not exists or the website is down. Status Code: $StatusCode" 146 | Write-Output "URL Does not exists or the website is down. Status Code: $StatusCode" 147 | Exit 1 148 | } 149 | #endregion 150 | 151 | #region GETSID 152 | #Get SID of current interactive users 153 | 154 | $CurrentLoggedOnUser = (Get-CimInstance win32_computersystem).UserName 155 | if (-not ([string]::IsNullOrEmpty($CurrentLoggedOnUser))) { 156 | $AdObj = New-Object System.Security.Principal.NTAccount($CurrentLoggedOnUser) 157 | $strSID = $AdObj.Translate([System.Security.Principal.SecurityIdentifier]) 158 | $UserSid = $strSID.Value 159 | } 160 | else { 161 | $UserSid = $null 162 | } 163 | #endregion 164 | 165 | #region APPINVENTORY 166 | #Get Apps for system and current user 167 | $MyApps = Get-InstalledApplications -UserSid $UserSid 168 | $UniqueApps = ($MyApps | Group-Object Displayname | Where-Object { $_.Count -eq 1 }).Group 169 | $DuplicatedApps = ($MyApps | Group-Object Displayname | Where-Object { $_.Count -gt 1 }).Group 170 | $NewestDuplicateApp = ($DuplicatedApps | Group-Object DisplayName) | ForEach-Object { $_.Group | Sort-Object [version]DisplayVersion -Descending | Select-Object -First 1 } 171 | $CleanAppList = $UniqueApps + $NewestDuplicateApp | Sort-Object DisplayName 172 | 173 | #Build App Array 174 | $AppArray = @() 175 | foreach ($App in $CleanAppList) { 176 | $tempapp = New-Object -TypeName PSObject 177 | $tempapp | Add-Member -MemberType NoteProperty -Name "AppName" -Value $App.DisplayName -Force 178 | $tempapp | Add-Member -MemberType NoteProperty -Name "AppVersion" -Value $App.DisplayVersion -Force 179 | $tempapp | Add-Member -MemberType NoteProperty -Name "AppPublisher" -Value $App.Publisher -Force 180 | $AppArray += $tempapp 181 | } 182 | 183 | $AppPayLoad = $AppArray 184 | $AppPayLoadLog = $AppPayLoad | Out-String 185 | Write-LogEntry -Value "################Unique Apps Found################" 186 | Write-LogEntry -Stamp -Value $AppPayLoadLog 187 | #endregion APPINVENTORY 188 | 189 | #region Find Bad Apps 190 | $BadAppsLog = $BadApps | Out-String 191 | Write-LogEntry -Value "################Unsupported Apps being searched for################" 192 | Write-LogEntry -Stamp -Value $BadAppsLog 193 | 194 | $BadAppArray = @() 195 | 196 | Foreach ($App in $AppPayLoad) { 197 | Foreach ($BadApp in $BadApps) { 198 | If ($App.AppName -like "*$BadApp*") { 199 | $tempbadapp = New-Object -TypeName PSObject 200 | $tempbadapp | Add-Member -MemberType NoteProperty -Name "AppName" -Value $App.AppName -Force 201 | $tempbadapp | Add-Member -MemberType NoteProperty -Name "AppVersion" -Value $App.AppVersion -Force 202 | $tempbadapp | Add-Member -MemberType NoteProperty -Name "AppPublisher" -Value $App.AppPublisher -Force 203 | $BadAppArray += $tempbadapp 204 | } 205 | } 206 | } 207 | $BadAppPayLoad = $BadAppArray 208 | 209 | #Update Event Text Message to include bad apps 210 | $EventText = $EventText + "`n" 211 | Foreach ($BadApp2 in $BadAppPayload) { 212 | $EventText = $EventText + "`n- $($BadApp2.AppName)" 213 | } 214 | Write-LogEntry -Value "################Toast Notification Details################" 215 | Write-LogEntry -Stamp -Value $EventText 216 | #endregion 217 | 218 | $BadAppPayLoadLog = $BadAppPayLoad | Out-String 219 | Write-LogEntry -Value "################Unsupported Apps Found################" 220 | Write-LogEntry -Stamp -Value $BadAppPayLoadLog 221 | 222 | #region CUSTOMHANDLER 223 | #https://docs.microsoft.com/en-us/windows/apps/design/shell/tiles-and-notifications/send-local-toast-other-apps 224 | $CustomToastNotifyRegKey = "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Notifications\Settings\$CustomHandlerAppID" 225 | $CustomHandlerClassRegKey = "HKCU:\Software\Classes\AppUserModelId" 226 | 227 | Try { 228 | If (!(Test-Path -Path $CustomToastNotifyRegKey)) { 229 | New-Item -Path $CustomToastNotifyRegKey -Force | Out-Null 230 | New-ItemProperty -Path $CustomToastNotifyRegKey -Name "ShowInActionCenter" -Value 1 -PropertyType DWORD -Force | Out-Null 231 | } 232 | } 233 | Catch { 234 | $_.Exception.Message 235 | } 236 | 237 | Try { 238 | If (!(Test-Path -Path $CustomHandlerClassRegKey)) { 239 | New-Item -Path $CustomHandlerClassRegKey -Name $CustomHandlerAppID -Force | Out-Null 240 | New-ItemProperty -Path $CustomHandlerClassRegKey\$CustomHandlerAppID -Name "DisplayName" -Value $CustomHandlerDisplayName -PropertyType String -Force | Out-Null 241 | New-ItemProperty -Path $CustomHandlerClassRegKey\$CustomHandlerAppID -Name "ShowInSettings" -Value 0 -PropertyType DWORD -Force | Out-Null 242 | } 243 | } 244 | Catch { 245 | $_.Exception.Message 246 | } 247 | 248 | Try { 249 | If ((Get-ItemProperty -Path $CustomHandlerClassRegKey\$CustomHandlerAppID -Name "DisplayName" -ErrorAction SilentlyContinue | Select-Object -ExpandProperty DisplayName -ErrorAction SilentlyContinue) -ne $CustomHandlerDisplayName) { 250 | New-ItemProperty -Path $CustomHandlerClassRegKey\$CustomHandlerAppID -Name "DisplayName" -Value $CustomHandlerDisplayName -PropertyType String -Force | Out-Null 251 | } 252 | } 253 | Catch { 254 | $_.Exception.Message 255 | } 256 | #endregion 257 | 258 | #region TOAST 259 | #Get Hour of Day and set Custom Hello 260 | $Hour = (Get-Date).Hour 261 | If ($Hour -lt 12) { $CustomHello = $GoodMorning + ". " } 262 | ElseIf ($Hour -gt 16) { $CustomHello = $GoodEvening + ". " } 263 | Else { $CustomHello = $GoodAfternoon + ". " } 264 | 265 | $CustomHello = $CustomHello + $ToastText 266 | 267 | #Load Assemblies 268 | [Windows.UI.Notifications.ToastNotificationManager, Windows.UI.Notifications, ContentType = WindowsRuntime] | Out-Null 269 | [Windows.Data.Xml.Dom.XmlDocument, Windows.Data.Xml.Dom.XmlDocument, ContentType = WindowsRuntime] | Out-Null 270 | 271 | #Build XML ToastTemplate 272 | [xml]$ToastTemplate = @" 273 | 274 | 275 | 276 | $ToastTitle 277 | $CustomHello 278 | 279 | 280 | 281 | $EventText 282 | 283 | 284 | 285 | 286 | 299 | "@ 300 | 301 | #Prepare XML 302 | $ToastXml = [Windows.Data.Xml.Dom.XmlDocument]::New() 303 | $ToastXml.LoadXml($ToastTemplate.OuterXml) 304 | 305 | #Prepare and Create Toast 306 | $ToastMessage = [Windows.UI.Notifications.ToastNotification]::New($ToastXML) 307 | [Windows.UI.Notifications.ToastNotificationManager]::CreateToastNotifier($CustomHandlerAppID).Show($ToastMessage) 308 | #endregion 309 | Exit 0 -------------------------------------------------------------------------------- /Windows Updates/Invoke-WUInventory.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | .SYNOPSIS 3 | Inventory Windows Update device settings 4 | .DESCRIPTION 5 | This script is designed to be run as a Proactive Remediation. 6 | Registry keys are inventoried on the device and uploaded to Log Analytics. 7 | Admins are able visualise the Windows Update settings in force across their devices and understand if legacy settings or GPO's are having an undesirable effect on the device Windows Update experience 8 | .EXAMPLE 9 | Invoke-WUInventory.ps1 (Required to run as System or Administrator) 10 | .NOTES 11 | FileName: Invoke-WUInventory.ps1 12 | Author: Ben Whitmore 13 | Contributor: Maurice Daly 14 | Contact: @byteben 15 | Created: 2022-10-April 16 | 17 | Version history: 18 | 1.0 - (2022-04-10) Original Release 19 | #> 20 | 21 | #region SCRIPTVARIABLES 22 | 23 | #Track Script Version in Log Analytics Table 24 | $ScriptVersion = "PR003" 25 | 26 | #Log Analytics Workspace ID 27 | $CustomerID = "" 28 | 29 | #Log Analytics Workspace Primary Key 30 | $SharedKey = "" 31 | 32 | #Custom Log Name 33 | $LogType = "WUDevice_Settings" 34 | 35 | # You can use an optional field to specify the timestamp from the data. If the time field is not specified, Azure Monitor assumes the time is the message ingestion time 36 | # DO NOT DELETE THIS VARIABLE. Recommened keep this blank. 37 | $TimeStampField = "" 38 | 39 | #Create Windows Update Settings Array 40 | #Software\Policies\Microsoft\Windows\WindowsUpdate 41 | $WUSettingsArray = @() 42 | $WUSettingsArray += "AutoRestartDeadlinePeriodInDays" 43 | $WUSettingsArray += "AutoRestartNotificationSchedule" 44 | $WUSettingsArray += "AutoRestartRequiredNotificationDismissal" 45 | $WUSettingsArray += "BranchReadinessLevel" 46 | $WUSettingsArray += "DeferFeatureUpdates" 47 | $WUSettingsArray += "DeferFeatureUpdatesPeriodInDays" 48 | $WUSettingsArray += "DeferQualityUpdates" 49 | $WUSettingsArray += "DeferQualityUpdatesPeriodInDays" 50 | $WUSettingsArray += "DisableDualScan" 51 | $WUSettingsArray += "DoNotConnectToWindowsUpdateInternetLocations" 52 | $WUSettingsArray += "ElevateNonAdmins" 53 | $WUSettingsArray += "EngagedRestartDeadline" 54 | $WUSettingsArray += "EngagedRestartSnoozeSchedule" 55 | $WUSettingsArray += "EngagedRestartTransitionSchedule" 56 | $WUSettingsArray += "PauseFeatureUpdatesStartTime" 57 | $WUSettingsArray += "PauseQualityUpdatesStartTime" 58 | $WUSettingsArray += "ScheduleImminentRestartWarning" 59 | $WUSettingsArray += "ScheduleRestartWarning" 60 | $WUSettingsArray += "SetAutoRestartDeadline" 61 | $WUSettingsArray += "SetAutoRestartNotificationConfig" 62 | $WUSettingsArray += "SetAutoRestartNotificationDisable" 63 | $WUSettingsArray += "SetAutoRestartRequiredNotificationDismissal" 64 | $WUSettingsArray += "SetEDURestart" 65 | $WUSettingsArray += "SetEngagedRestartTransitionSchedule" 66 | $WUSettingsArray += "SetRestartWarningSchd" 67 | $WUSettingsArray += "WUServer" 68 | $WUSettingsArray += "WUStatusServer" 69 | 70 | #Collect Scan Source Registry Keys 71 | $WUSettingsArray += "SetPolicyDrivenUpdateSourceForDriverUpdates" 72 | $WUSettingsArray += "SetPolicyDrivenUpdateSourceForFeatureUpdates" 73 | $WUSettingsArray += "SetPolicyDrivenUpdateSourceForOtherUpdates" 74 | $WUSettingsArray += "SetPolicyDrivenUpdateSourceForQualityUpdates" 75 | 76 | #Software\Policies\Microsoft\Windows\WindowsUpdate\AU 77 | $WUAUSettingsArray = @() 78 | $WUAUSettingsArray += "AutoInstallMinorUpdates" 79 | $WUAUSettingsArray += "EnableFeaturedSoftware" 80 | $WUAUSettingsArray += "IncludeRecommendedUpdates" 81 | $WUAUSettingsArray += "NoAUAsDefaultShutdownOption" 82 | $WUAUSettingsArray += "NoAUShutdownOption" 83 | $WUAUSettingsArray += "NoAutoRebootWithLoggedOnUsers" 84 | $WUAUSettingsArray += "NoAutoUpdate" 85 | $WUAUSettingsArray += "RebootRelaunchTimeout" 86 | $WUAUSettingsArray += "RebootRelaunchTimeoutEnabled" 87 | $WUAUSettingsArray += "RebootWarningTimeout" 88 | $WUAUSettingsArray += "RebootWarningTimeoutEnabled" 89 | $WUAUSettingsArray += "RescheduleWaitTime" 90 | $WUAUSettingsArray += "RescheduleWaitTimeEnabled" 91 | 92 | #CoManagement Capabilities for WIndows Update Workload 93 | $CoMgmtArray = @(17, 19, 21, 23, 25, 27, 29, 31, 49, 51, 53, 55, 57, 59, 61, 63, 81, 83, 85, 87, 89, 91, 93, 95, 113, 115, 117, 119, 121, 123, 125, 127, 145, 147, 149, 151, 153, 155, 157, 159, 177, 179, 181, 183, 185, 187, 189, 191, 209, 211, 213, 215, 217, 219, 221, 223, 241, 243, 245, 247, 249, 251, 253, 255) 94 | 95 | #endregion 96 | 97 | #region Initialize 98 | 99 | # Enable TLS 1.2 support 100 | [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 101 | 102 | #Get Intune DeviceID and ManagedDeviceName 103 | if (@(Get-ChildItem HKLM:SOFTWARE\Microsoft\Enrollments\ -Recurse | Where-Object { $_.PSChildName -eq 'MS DM Server' })) { 104 | $MSDMServerInfo = Get-ChildItem HKLM:SOFTWARE\Microsoft\Enrollments\ -Recurse | Where-Object { $_.PSChildName -eq 'MS DM Server' } 105 | $ManagedDeviceInfo = Get-ItemProperty -LiteralPath "Registry::$($MSDMServerInfo)" 106 | } 107 | $ManagedDeviceID = $ManagedDeviceInfo.EntDMID 108 | 109 | #Get AAD DeviceID 110 | # Define Cloud Domain Join information registry path 111 | $AzureADJoinInfoRegistryKeyPath = "HKLM:\SYSTEM\CurrentControlSet\Control\CloudDomainJoin\JoinInfo" 112 | 113 | # Retrieve the child key name that is the thumbprint of the machine certificate containing the device identifier guid 114 | $AzureADJoinInfoThumbprint = Get-ChildItem -Path $AzureADJoinInfoRegistryKeyPath | Select-Object -ExpandProperty "PSChildName" 115 | if (-not ($AzureADJoinInfoThumbprint -eq $null)) { 116 | # Retrieve the machine certificate based on thumbprint from registry key 117 | $AzureADJoinCertificate = Get-ChildItem -Path "Cert:\LocalMachine\My" -Recurse | Where-Object { $PSItem.Thumbprint -eq $AzureADJoinInfoThumbprint } 118 | if (-not ($AzureADJoinCertificate -eq $null)) { 119 | # Determine the device identifier from the subject name 120 | $AzureADDeviceID = ($AzureADJoinCertificate | Select-Object -ExpandProperty "Subject") -replace "CN=", "" 121 | } 122 | } 123 | 124 | #Get Computer Name 125 | $DeviceName = (Get-CIMInstance -ClassName Win32_OperatingSystem -NameSpace root\cimv2).CSName 126 | 127 | #Get OS Information 128 | $ComputerOSVersion = (Get-CIMInstance -ClassName Win32_OperatingSystem -NameSpace root\cimv2).Version 129 | $ComputerOSBuild = (Get-CIMInstance -ClassName Win32_OperatingSystem -NameSpace root\cimv2).BuildNumber 130 | 131 | #Get Default AU Service 132 | $DefaultAUService = (New-Object -ComObject "Microsoft.Update.ServiceManager").services | Where-Object { $_.IsDefaultAUService -eq 'True' } | Select-Object -ExpandProperty Name 133 | 134 | #endregion 135 | 136 | #region Functions 137 | 138 | # Function to create the authorization signature 139 | Function New-Signature ($customerID, $SharedKey, $Date, $ContentLength, $Method, $ContentType, $Resource) { 140 | $xHeaders = "x-ms-date:" + $Date 141 | $stringToHash = $Method + "`n" + $ContentLength + "`n" + $ContentType + "`n" + $xHeaders + "`n" + $Resource 142 | 143 | $bytesToHash = [Text.Encoding]::UTF8.GetBytes($stringToHash) 144 | $keyBytes = [Convert]::FromBase64String($sharedKey) 145 | 146 | $sha256 = New-Object System.Security.Cryptography.HMACSHA256 147 | $sha256.Key = $keyBytes 148 | $calculatedHash = $sha256.ComputeHash($bytesToHash) 149 | $encodedHash = [Convert]::ToBase64String($calculatedHash) 150 | $authorization = 'SharedKey {0}:{1}' -f $customerId, $encodedHash 151 | return $authorization 152 | } 153 | 154 | # Function to create and post the request 155 | Function Send-LogAnalyticsData($CustomerID, $SharedKey, $Body, $LogType) { 156 | $Method = "POST" 157 | $ContentType = "application/json" 158 | $Resource = "/api/logs" 159 | $rfc1123date = [DateTime]::UtcNow.ToString("r") 160 | $ContentLength = $Body.Length 161 | $signature = New-Signature ` 162 | -customerId $customerId ` 163 | -sharedKey $sharedKey ` 164 | -date $rfc1123date ` 165 | -ContentLength $ContentLength ` 166 | -Method $Method ` 167 | -ContentType $ContentType ` 168 | -Resource $Resource 169 | $uri = "https://" + $CustomerID + ".ods.opinsights.azure.com" + $Resource + "?api-version=2016-04-01" 170 | 171 | #validate that payload data does not exceed limits 172 | if ($Body.Length -gt (31.9 * 1024 * 1024)) { 173 | throw ("Upload payload is too big and exceed the 32Mb limit for a single upload. Please reduce the payload size. Current payload size is: " + ($Body.Length / 1024 / 1024).ToString("#.#") + "Mb") 174 | } 175 | 176 | $PayLoadSize = ("Upload payload size is " + ($Body.Length / 1024).ToString("#.#") + "Kb ") 177 | 178 | $Headers = @{ 179 | "Authorization" = $signature; 180 | "Log-Type" = $logType; 181 | "x-ms-date" = $rfc1123date; 182 | "time-generated-field" = $TimeStampField; 183 | } 184 | 185 | $Response = Invoke-WebRequest -Uri $uri -Method $Method -ContentType $ContentType -Headers $Headers -Body $Body -UseBasicParsing 186 | $StatusMessage = "$($Response.StatusCode) : $($PayLoadSize)" 187 | return "$StatusMessage" 188 | } 189 | 190 | Function Get-RegSetting { 191 | param ( 192 | [parameter(Mandatory = $True)] 193 | [ValidateNotNullOrEmpty()] 194 | [string]$RegKey, 195 | [string]$RegSetting 196 | ) 197 | Try { 198 | $RegSettingValue = Get-ItemPropertyValue -Path $RegKey -Name $RegSetting -ErrorAction Stop 199 | If (-not ($RegSettingValue -eq $Null)) { 200 | Return $RegSettingValue 201 | } 202 | else { 203 | If ($RegSetting -in ("WUServer", "WUStatusServer")) { 204 | Return "" 205 | } 206 | else { 207 | Return 0 208 | } 209 | } 210 | } 211 | Catch { 212 | #Not returning caught errors 213 | If ($RegSetting -in ("WUServer", "WUStatusServer")) { 214 | Return "" 215 | } 216 | else { 217 | Return 0 218 | } 219 | } 220 | } 221 | 222 | #endregion 223 | 224 | #region Workspace 225 | 226 | #Build WindowsUpdate Regsitry Key Inventory 227 | $WUSettingPayloadInventory = $Null 228 | $WUSettingPayloadInventory = New-Object -TypeName PSObject 229 | 230 | #Build Device Inventory 231 | $WUSettingPayloadInventory | Add-Member -MemberType NoteProperty -Name ScriptVersion -Value $ScriptVersion -Force 232 | $WUSettingPayloadInventory | Add-Member -MemberType NoteProperty -Name DeviceName -Value $DeviceName -Force 233 | $WUSettingPayloadInventory | Add-Member -MemberType NoteProperty -Name ManagedDeviceID -Value $ManagedDeviceID -Force 234 | $WUSettingPayloadInventory | Add-Member -MemberType NoteProperty -Name AzureADDeviceID -Value $AzureADDeviceID -Force 235 | $WUSettingPayloadInventory | Add-Member -MemberType NoteProperty -Name ComputerOSVersion -Value $ComputerOSVersion -Force 236 | $WUSettingPayloadInventory | Add-Member -MemberType NoteProperty -Name ComputerOSBuild -Value $ComputerOSBuild -Force 237 | $WUSettingPayloadInventory | Add-Member -MemberType NoteProperty -Name DefaultAUService -Value $DefaultAUService -Force 238 | 239 | #Get CoManagement State and Workload 240 | $CoMgmtRegKey = "HKLM:\Software\Microsoft\CCM" 241 | $CoMgmtSetting = "CoManagementFlags" 242 | $CoMgmtValue = Get-RegSetting -RegKey $CoMgmtRegKey -RegSetting $CoMgmtSetting 243 | If ($CoMgmtValue -in $CoMgmtArray) { 244 | $WUSettingPayloadInventory | Add-Member -MemberType NoteProperty -Name CoMgmtWorkload -Value $true -Force 245 | } 246 | else { 247 | $WUSettingPayloadInventory | Add-Member -MemberType NoteProperty -Name CoMgmtWorkload -Value $false -Force 248 | } 249 | $WUSettingPayloadInventory | Add-Member -MemberType NoteProperty -Name CoMgmtValue -Value $CoMgmtValue -Force 250 | 251 | #Get Registry Values for Software\Policies\Microsoft\Windows\WindowsUpdate 252 | $WURegKey = "HKLM:Software\Policies\Microsoft\Windows\WindowsUpdate" 253 | ForEach ($WUSetting in $WUSettingsArray) { 254 | $RegValue = Get-RegSetting -RegKey $WURegKey -RegSetting $WUSetting 255 | $WUSettingPayloadInventory | Add-Member -MemberType NoteProperty -Name $WUSetting -Value $RegValue -Force 256 | } 257 | 258 | #Get Registry Values for Software\Policies\Microsoft\Windows\WindowsUpdate 259 | $WUAURegKey = "HKLM:Software\Policies\Microsoft\Windows\WindowsUpdate\AU" 260 | ForEach ($WUAUSetting in $WUAUSettingsArray) { 261 | $RegValue = Get-RegSetting -RegKey $WUAURegKey -RegSetting $WUAUSetting 262 | $WUSettingPayloadInventory | Add-Member -MemberType NoteProperty -Name $WUAUSetting -Value $RegValue -Force 263 | } 264 | 265 | #Build Payload Array 266 | $WUSettingPayload = $Null 267 | $WUSettingPayload = @() 268 | $WUSettingPayload += $WUSettingPayloadInventory 269 | 270 | #Prepare Array for Upload 271 | $PayloadJson = $WUSettingPayload | ConvertTo-Json 272 | 273 | #Write upload intent to console 274 | Write-Output "Sending Payload:" 275 | Write-Output $PayloadJson 276 | 277 | #Upload Data 278 | $ResponseWUInventory = Send-LogAnalyticsData -CustomerID $CustomerID -SharedKey $SharedKey -Body ([System.Text.Encoding]::UTF8.GetBytes($PayloadJson)) -LogType $LogType 279 | $ResponseWUInventory 280 | 281 | #Status Report 282 | $Date = Get-Date -Format "dd-MM HH:mm" 283 | $OutputMessage = "InventoryDate: $Date " 284 | 285 | if ($ResponseWUInventory) { 286 | if ($ResponseWUInventory -like "200*") { 287 | $OutputMessage = $OutputMessage + " WUInventory:OK" 288 | } 289 | else { 290 | $OutputMessage = $OutputMessage + " WUInventory:Fail" 291 | } 292 | } 293 | Write-Output $OutputMessage 294 | 295 | #endregion 296 | #> -------------------------------------------------------------------------------- /Windows Updates/Invoke-WUInventory_Funky.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | .SYNOPSIS 3 | Inventory Windows Update device settings 4 | .DESCRIPTION 5 | This script is designed to be run as a Proactive Remediation. 6 | Registry keys are inventoried on the device and uploaded to Log Analytics. 7 | Admins are able visualise the Windows Update settings in force across their devices and understand if legacy settings or GPO's are having an undesirable effect on the device Windows Update experience 8 | .EXAMPLE 9 | Invoke-WUInventory.ps1 (Required to run as System or Administrator) 10 | .NOTES 11 | FileName: Invoke-WUInventory.ps1 12 | Author: Ben Whitmore 13 | Contributor: Maurice Daly 14 | Contact: @byteben 15 | Created: 2022-10-April 16 | 17 | Version history: 18 | 1.0 - (2022-04-10) Original Release 19 | #> 20 | 21 | #region SCRIPTVARIABLES 22 | 23 | #Track Script Version in Log Analytics Table 24 | $ScriptVersion = "PR004" 25 | 26 | #FunctionAppURI for Log Upload 27 | $AzureFunctionURL = "https://fn-enhancedinventory.azurewebsites.net/api/LogCollectorAPI" 28 | 29 | #Custom Log Name 30 | $CustomLogName = "WUDevice_Settings" 31 | 32 | #Date 33 | $Date = (Get-Date) 34 | 35 | #Create Windows Update Settings Array 36 | #Software\Policies\Microsoft\Windows\WindowsUpdate 37 | $WUSettingsArray = @() 38 | $WUSettingsArray += "AutoRestartDeadlinePeriodInDays" 39 | $WUSettingsArray += "AutoRestartNotificationSchedule" 40 | $WUSettingsArray += "AutoRestartRequiredNotificationDismissal" 41 | $WUSettingsArray += "BranchReadinessLevel" 42 | $WUSettingsArray += "DeferFeatureUpdates" 43 | $WUSettingsArray += "DeferFeatureUpdatesPeriodInDays" 44 | $WUSettingsArray += "DeferQualityUpdates" 45 | $WUSettingsArray += "DeferQualityUpdatesPeriodInDays" 46 | $WUSettingsArray += "DisableDualScan" 47 | $WUSettingsArray += "DoNotConnectToWindowsUpdateInternetLocations" 48 | $WUSettingsArray += "ElevateNonAdmins" 49 | $WUSettingsArray += "EngagedRestartDeadline" 50 | $WUSettingsArray += "EngagedRestartSnoozeSchedule" 51 | $WUSettingsArray += "EngagedRestartTransitionSchedule" 52 | $WUSettingsArray += "PauseFeatureUpdatesStartTime" 53 | $WUSettingsArray += "PauseQualityUpdatesStartTime" 54 | $WUSettingsArray += "ScheduleImminentRestartWarning" 55 | $WUSettingsArray += "ScheduleRestartWarning" 56 | $WUSettingsArray += "SetAutoRestartDeadline" 57 | $WUSettingsArray += "SetAutoRestartNotificationConfig" 58 | $WUSettingsArray += "SetAutoRestartNotificationDisable" 59 | $WUSettingsArray += "SetAutoRestartRequiredNotificationDismissal" 60 | $WUSettingsArray += "SetEDURestart" 61 | $WUSettingsArray += "SetEngagedRestartTransitionSchedule" 62 | $WUSettingsArray += "SetRestartWarningSchd" 63 | $WUSettingsArray += "WUServer" 64 | $WUSettingsArray += "WUStatusServer" 65 | 66 | #Collect Scan Source Registry Keys 67 | $WUSettingsArray += "SetPolicyDrivenUpdateSourceForDriverUpdates" 68 | $WUSettingsArray += "SetPolicyDrivenUpdateSourceForFeatureUpdates" 69 | $WUSettingsArray += "SetPolicyDrivenUpdateSourceForOtherUpdates" 70 | $WUSettingsArray += "SetPolicyDrivenUpdateSourceForQualityUpdates" 71 | 72 | #Software\Policies\Microsoft\Windows\WindowsUpdate\AU 73 | $WUAUSettingsArray = @() 74 | $WUAUSettingsArray += "AutoInstallMinorUpdates" 75 | $WUAUSettingsArray += "EnableFeaturedSoftware" 76 | $WUAUSettingsArray += "IncludeRecommendedUpdates" 77 | $WUAUSettingsArray += "NoAUAsDefaultShutdownOption" 78 | $WUAUSettingsArray += "NoAUShutdownOption" 79 | $WUAUSettingsArray += "NoAutoRebootWithLoggedOnUsers" 80 | $WUAUSettingsArray += "NoAutoUpdate" 81 | $WUAUSettingsArray += "RebootRelaunchTimeout" 82 | $WUAUSettingsArray += "RebootRelaunchTimeoutEnabled" 83 | $WUAUSettingsArray += "RebootWarningTimeout" 84 | $WUAUSettingsArray += "RebootWarningTimeoutEnabled" 85 | $WUAUSettingsArray += "RescheduleWaitTime" 86 | $WUAUSettingsArray += "RescheduleWaitTimeEnabled" 87 | 88 | #CoManagement Capabilities for WIndows Update Workload 89 | $CoMgmtArray = @(17, 19, 21, 23, 25, 27, 29, 31, 49, 51, 53, 55, 57, 59, 61, 63, 81, 83, 85, 87, 89, 91, 93, 95, 113, 115, 117, 119, 121, 123, 125, 127, 145, 147, 149, 151, 153, 155, 157, 159, 177, 179, 181, 183, 185, 187, 189, 191, 209, 211, 213, 215, 217, 219, 221, 223, 241, 243, 245, 247, 249, 251, 253, 255) 90 | 91 | #endregion 92 | 93 | #region Initialize 94 | 95 | # Enable TLS 1.2 support 96 | [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 97 | 98 | #Get Intune DeviceID and ManagedDeviceName 99 | if (@(Get-ChildItem HKLM:SOFTWARE\Microsoft\Enrollments\ -Recurse | Where-Object { $_.PSChildName -eq 'MS DM Server' })) { 100 | $MSDMServerInfo = Get-ChildItem HKLM:SOFTWARE\Microsoft\Enrollments\ -Recurse | Where-Object { $_.PSChildName -eq 'MS DM Server' } 101 | $ManagedDeviceInfo = Get-ItemProperty -LiteralPath "Registry::$($MSDMServerInfo)" 102 | } 103 | $ManagedDeviceID = $ManagedDeviceInfo.EntDMID 104 | 105 | #Get AAD DeviceID 106 | # Define Cloud Domain Join information registry path 107 | $AzureADJoinInfoRegistryKeyPath = "HKLM:\SYSTEM\CurrentControlSet\Control\CloudDomainJoin\JoinInfo" 108 | 109 | # Retrieve the child key name that is the thumbprint of the machine certificate containing the device identifier guid 110 | $AzureADJoinInfoThumbprint = Get-ChildItem -Path $AzureADJoinInfoRegistryKeyPath | Select-Object -ExpandProperty "PSChildName" 111 | if (-not ($AzureADJoinInfoThumbprint -eq $null)) { 112 | # Retrieve the machine certificate based on thumbprint from registry key 113 | $AzureADJoinCertificate = Get-ChildItem -Path "Cert:\LocalMachine\My" -Recurse | Where-Object { $PSItem.Thumbprint -eq $AzureADJoinInfoThumbprint } 114 | if (-not ($AzureADJoinCertificate -eq $null)) { 115 | # Determine the device identifier from the subject name 116 | $AzureADDeviceID = ($AzureADJoinCertificate | Select-Object -ExpandProperty "Subject") -replace "CN=", "" 117 | } 118 | } 119 | 120 | #Get Computer Name 121 | $DeviceName = (Get-CIMInstance -ClassName Win32_OperatingSystem -NameSpace root\cimv2).CSName 122 | 123 | #Get OS Information 124 | $ComputerOSVersion = (Get-CIMInstance -ClassName Win32_OperatingSystem -NameSpace root\cimv2).Version 125 | $ComputerOSBuild = (Get-CIMInstance -ClassName Win32_OperatingSystem -NameSpace root\cimv2).BuildNumber 126 | 127 | #Get Default AU Service 128 | $DefaultAUService = (New-Object -ComObject "Microsoft.Update.ServiceManager").services | Where-Object { $_.IsDefaultAUService -eq 'True' } | Select-Object -ExpandProperty Name 129 | 130 | #endregion 131 | 132 | #region Functions 133 | 134 | 135 | Function Get-RegSetting { 136 | param ( 137 | [parameter(Mandatory = $True)] 138 | [ValidateNotNullOrEmpty()] 139 | [string]$RegKey, 140 | [string]$RegSetting 141 | ) 142 | Try { 143 | $RegSettingValue = Get-ItemPropertyValue -Path $RegKey -Name $RegSetting -ErrorAction Stop 144 | If (-not ($RegSettingValue -eq $Null)) { 145 | Return $RegSettingValue 146 | } 147 | else { 148 | If ($RegSetting -in ("WUServer", "WUStatusServer")) { 149 | Return "" 150 | } 151 | else { 152 | Return 0 153 | } 154 | } 155 | } 156 | Catch { 157 | #Not returning caught errors 158 | If ($RegSetting -in ("WUServer", "WUStatusServer")) { 159 | Return "" 160 | } 161 | else { 162 | Return 0 163 | } 164 | } 165 | } 166 | function Get-AzureADDeviceID { 167 | <# 168 | .SYNOPSIS 169 | Get the Azure AD device ID from the local device. 170 | 171 | .DESCRIPTION 172 | Get the Azure AD device ID from the local device. 173 | 174 | .NOTES 175 | Author: Nickolaj Andersen 176 | Contact: @NickolajA 177 | Created: 2021-05-26 178 | Updated: 2021-05-26 179 | 180 | Version history: 181 | 1.0.0 - (2021-05-26) Function created 182 | #> 183 | Process { 184 | # Define Cloud Domain Join information registry path 185 | $AzureADJoinInfoRegistryKeyPath = "HKLM:\SYSTEM\CurrentControlSet\Control\CloudDomainJoin\JoinInfo" 186 | 187 | # Retrieve the child key name that is the thumbprint of the machine certificate containing the device identifier guid 188 | $AzureADJoinInfoThumbprint = Get-ChildItem -Path $AzureADJoinInfoRegistryKeyPath | Select-Object -ExpandProperty "PSChildName" 189 | if ($AzureADJoinInfoThumbprint -ne $null) { 190 | # Retrieve the machine certificate based on thumbprint from registry key 191 | $AzureADJoinCertificate = Get-ChildItem -Path "Cert:\LocalMachine\My" -Recurse | Where-Object { $PSItem.Thumbprint -eq $AzureADJoinInfoThumbprint } 192 | if ($AzureADJoinCertificate -ne $null) { 193 | # Determine the device identifier from the subject name 194 | $AzureADDeviceID = ($AzureADJoinCertificate | Select-Object -ExpandProperty "Subject") -replace "CN=", "" 195 | # Handle return value 196 | return $AzureADDeviceID 197 | } 198 | } 199 | } 200 | } #endfunction 201 | function Get-AzureADJoinDate { 202 | <# 203 | .SYNOPSIS 204 | Get the Azure AD device ID from the local device. 205 | 206 | .DESCRIPTION 207 | Get the Azure AD device ID from the local device. 208 | 209 | .NOTES 210 | Author: Nickolaj Andersen 211 | Contact: @NickolajA 212 | Created: 2021-05-26 213 | Updated: 2021-05-26 214 | 215 | Version history: 216 | 1.0.0 - (2021-05-26) Function created 217 | #> 218 | Process { 219 | # Define Cloud Domain Join information registry path 220 | $AzureADJoinInfoRegistryKeyPath = "HKLM:\SYSTEM\CurrentControlSet\Control\CloudDomainJoin\JoinInfo" 221 | 222 | # Retrieve the child key name that is the thumbprint of the machine certificate containing the device identifier guid 223 | $AzureADJoinInfoThumbprint = Get-ChildItem -Path $AzureADJoinInfoRegistryKeyPath | Select-Object -ExpandProperty "PSChildName" 224 | if ($AzureADJoinInfoThumbprint -ne $null) { 225 | # Retrieve the machine certificate based on thumbprint from registry key 226 | $AzureADJoinCertificate = Get-ChildItem -Path "Cert:\LocalMachine\My" -Recurse | Where-Object { $PSItem.Thumbprint -eq $AzureADJoinInfoThumbprint } 227 | if ($AzureADJoinCertificate -ne $null) { 228 | # Determine the device identifier from the subject name 229 | $AzureADJoinDate = ($AzureADJoinCertificate | Select-Object -ExpandProperty "NotBefore") 230 | # Handle return value 231 | return $AzureADJoinDate 232 | } 233 | } 234 | } 235 | } #endfunction 236 | #Function to get AzureAD TenantID 237 | function Get-AzureADTenantID { 238 | # Cloud Join information registry path 239 | $AzureADTenantInfoRegistryKeyPath = "HKLM:\SYSTEM\CurrentControlSet\Control\CloudDomainJoin\TenantInfo" 240 | # Retrieve the child key name that is the tenant id for AzureAD 241 | $AzureADTenantID = Get-ChildItem -Path $AzureADTenantInfoRegistryKeyPath | Select-Object -ExpandProperty "PSChildName" 242 | return $AzureADTenantID 243 | } 244 | #endregion functions 245 | 246 | 247 | #region Workspace 248 | #Get Common data for validation in Azure Function: 249 | $AzureADDeviceID = Get-AzureADDeviceID 250 | $AzureADTenantID = Get-AzureADTenantID 251 | 252 | #Build WindowsUpdate Regsitry Key Inventory 253 | $WUSettingPayloadInventory = $Null 254 | $WUSettingPayloadInventory = New-Object -TypeName PSObject 255 | 256 | #Build Device Inventory 257 | $WUSettingPayloadInventory | Add-Member -MemberType NoteProperty -Name ScriptVersion -Value $ScriptVersion -Force 258 | $WUSettingPayloadInventory | Add-Member -MemberType NoteProperty -Name DeviceName -Value $DeviceName -Force 259 | $WUSettingPayloadInventory | Add-Member -MemberType NoteProperty -Name ManagedDeviceID -Value $ManagedDeviceID -Force 260 | $WUSettingPayloadInventory | Add-Member -MemberType NoteProperty -Name AzureADDeviceID -Value $AzureADDeviceID -Force 261 | $WUSettingPayloadInventory | Add-Member -MemberType NoteProperty -Name ComputerOSVersion -Value $ComputerOSVersion -Force 262 | $WUSettingPayloadInventory | Add-Member -MemberType NoteProperty -Name ComputerOSBuild -Value $ComputerOSBuild -Force 263 | $WUSettingPayloadInventory | Add-Member -MemberType NoteProperty -Name DefaultAUService -Value $DefaultAUService -Force 264 | 265 | #Get CoManagement State and Workload 266 | $CoMgmtRegKey = "HKLM:\Software\Microsoft\CCM" 267 | $CoMgmtSetting = "CoManagementFlags" 268 | $CoMgmtValue = Get-RegSetting -RegKey $CoMgmtRegKey -RegSetting $CoMgmtSetting 269 | If ($CoMgmtValue -in $CoMgmtArray) { 270 | $WUSettingPayloadInventory | Add-Member -MemberType NoteProperty -Name CoMgmtWorkload -Value $true -Force 271 | } 272 | else { 273 | $WUSettingPayloadInventory | Add-Member -MemberType NoteProperty -Name CoMgmtWorkload -Value $false -Force 274 | } 275 | $WUSettingPayloadInventory | Add-Member -MemberType NoteProperty -Name CoMgmtValue -Value $CoMgmtValue -Force 276 | 277 | #Get Registry Values for Software\Policies\Microsoft\Windows\WindowsUpdate 278 | $WURegKey = "HKLM:Software\Policies\Microsoft\Windows\WindowsUpdate" 279 | ForEach ($WUSetting in $WUSettingsArray) { 280 | $RegValue = Get-RegSetting -RegKey $WURegKey -RegSetting $WUSetting 281 | $WUSettingPayloadInventory | Add-Member -MemberType NoteProperty -Name $WUSetting -Value $RegValue -Force 282 | } 283 | 284 | #Get Registry Values for Software\Policies\Microsoft\Windows\WindowsUpdate 285 | $WUAURegKey = "HKLM:Software\Policies\Microsoft\Windows\WindowsUpdate\AU" 286 | ForEach ($WUAUSetting in $WUAUSettingsArray) { 287 | $RegValue = Get-RegSetting -RegKey $WUAURegKey -RegSetting $WUAUSetting 288 | $WUSettingPayloadInventory | Add-Member -MemberType NoteProperty -Name $WUAUSetting -Value $RegValue -Force 289 | } 290 | 291 | #Build Payload Array 292 | $WUSettingPayload = $Null 293 | $WUSettingPayload = @() 294 | $WUSettingPayload += $WUSettingPayloadInventory 295 | 296 | #Randomize over 50 minutes to spread load on Azure Function - disabled on date of enrollment (Disabled in sample - Enable only in larger environments) 297 | $JoinDate = Get-AzureADJoinDate 298 | $DelayDate = $JoinDate.AddDays(1) 299 | $CompareDate = ($DelayDate - $JoinDate) 300 | if ($CompareDate.Days -ge 1) { 301 | #Write-Output "Randomzing execution time" 302 | #$ExecuteInSeconds = (Get-Random -Maximum 3000 -Minimum 1) 303 | #Start-Sleep -Seconds $ExecuteInSeconds 304 | } 305 | #Start sending logs 306 | $date = Get-Date -Format "dd-MM HH:mm" 307 | $OutputMessage = "InventoryDate:$date " 308 | 309 | $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" 310 | $headers.Add("Content-Type", "application/json") 311 | 312 | # Add arrays of logs into payload array 313 | $LogPayLoad = New-Object -TypeName PSObject 314 | $LogPayLoad | Add-Member -NotePropertyMembers @{$CustomLogName = $WUSettingPayload } 315 | 316 | # Construct main payload to send to LogCollectorAPI // IMPORTANT // KEEP AND DO NOT CHANGE THIS 317 | $MainPayLoad = [PSCustomObject]@{ 318 | AzureADTenantID = $AzureADTenantID 319 | AzureADDeviceID = $AzureADDeviceID 320 | LogPayloads = $LogPayLoad 321 | } 322 | $MainPayLoadJson = $MainPayLoad | ConvertTo-Json -Depth 9 323 | 324 | #Write upload intent to console 325 | Write-Output "Sending Payload:" 326 | Write-Output $MainPayLoadJson 327 | 328 | # Sending data to API 329 | try { 330 | $ResponseInventory = Invoke-RestMethod $AzureFunctionURL -Method 'POST' -Headers $headers -Body $MainPayLoadJson 331 | $OutputMessage = $OutPutMessage + "Inventory:OK " + $ResponseInventory 332 | } 333 | catch { 334 | $ResponseInventory = "Error Code: $($_.Exception.Response.StatusCode.value__)" 335 | $ResponseMessage = $_.Exception.Message 336 | $OutputMessage = $OutPutMessage + "Inventory:Fail " + $ResponseInventory + $ResponseMessage 337 | } 338 | 339 | # Check status and report to Proactive Remediations 340 | if ($ResponseInventory -match "200") { 341 | Write-Output $OutputMessage 342 | Exit 0 343 | } 344 | else { 345 | Write-Output "Error: $($ResponseInventory), Message: $($ResponseMessage)" 346 | Exit 1 347 | } 348 | 349 | #endregion 350 | #> -------------------------------------------------------------------------------- /Windows Updates/Invoke-WUInventory_testdata.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | .SYNOPSIS 3 | Inventory Windows Update device settings 4 | .DESCRIPTION 5 | This script is designed to be run as a Proactive Remediation. 6 | Registry keys are inventoried on the device and uploaded to Log Analytics. 7 | Admins are able visualise the Windows Update settings in force across their devices and understand if legacy settings or GPO's are having an undesirable effect on the device Windows Update experience 8 | .EXAMPLE 9 | Invoke-WUInventory.ps1 (Required to run as System or Administrator) 10 | .NOTES 11 | FileName: Invoke-WUInventory.ps1 12 | Author: Ben Whitmore 13 | Contributor: Maurice Daly 14 | Contact: @byteben 15 | Created: 2022-10-April 16 | 17 | Version history: 18 | 1.0 - (2022-04-10) Original Release 19 | #> 20 | Param ( 21 | [Parameter(Mandatory = $true)] 22 | [string]$testdatapath 23 | ) 24 | 25 | #region SCRIPTVARIABLES 26 | 27 | #Log Analytics Workspace ID 28 | $CustomerID = "3c547246-0c3b-4493-89bc-7eb5b53129b4" 29 | 30 | #Log Analytics Workspace Primary Key 31 | $SharedKey = "TzBPHmaxzxApj+HZbHH+hjwt2/Dx1bwJBkCbMvKFLeLzXNCHG2quBhPA+sRhJ9CQ5/RD6FlxYNiK+i5VxjpvTQ==" 32 | 33 | #Custom Log Name 34 | $LogType = "WUDevice_Settings" 35 | 36 | # You can use an optional field to specify the timestamp from the data. If the time field is not specified, Azure Monitor assumes the time is the message ingestion time 37 | # DO NOT DELETE THIS VARIABLE. Recommened keep this blank. 38 | $TimeStampField = "" 39 | 40 | #region Initialize 41 | 42 | # Enable TLS 1.2 support 43 | [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 44 | 45 | #region Functions 46 | 47 | # Function to create the authorization signature 48 | Function New-Signature ($customerID, $SharedKey, $Date, $ContentLength, $Method, $ContentType, $Resource) { 49 | $xHeaders = "x-ms-date:" + $Date 50 | $stringToHash = $Method + "`n" + $ContentLength + "`n" + $ContentType + "`n" + $xHeaders + "`n" + $Resource 51 | 52 | $bytesToHash = [Text.Encoding]::UTF8.GetBytes($stringToHash) 53 | $keyBytes = [Convert]::FromBase64String($sharedKey) 54 | 55 | $sha256 = New-Object System.Security.Cryptography.HMACSHA256 56 | $sha256.Key = $keyBytes 57 | $calculatedHash = $sha256.ComputeHash($bytesToHash) 58 | $encodedHash = [Convert]::ToBase64String($calculatedHash) 59 | $authorization = 'SharedKey {0}:{1}' -f $customerId, $encodedHash 60 | return $authorization 61 | } 62 | 63 | # Function to create and post the request 64 | Function Send-LogAnalyticsData($CustomerID, $SharedKey, $Body, $LogType) { 65 | $Method = "POST" 66 | $ContentType = "application/json" 67 | $Resource = "/api/logs" 68 | $rfc1123date = [DateTime]::UtcNow.ToString("r") 69 | $ContentLength = $Body.Length 70 | $signature = New-Signature ` 71 | -customerId $customerId ` 72 | -sharedKey $sharedKey ` 73 | -date $rfc1123date ` 74 | -ContentLength $ContentLength ` 75 | -Method $Method ` 76 | -ContentType $ContentType ` 77 | -Resource $Resource 78 | $uri = "https://" + $CustomerID + ".ods.opinsights.azure.com" + $Resource + "?api-version=2016-04-01" 79 | 80 | #validate that payload data does not exceed limits 81 | if ($Body.Length -gt (31.9 * 1024 * 1024)) { 82 | throw ("Upload payload is too big and exceed the 32Mb limit for a single upload. Please reduce the payload size. Current payload size is: " + ($Body.Length / 1024 / 1024).ToString("#.#") + "Mb") 83 | } 84 | 85 | $PayLoadSize = ("Upload payload size is " + ($Body.Length / 1024).ToString("#.#") + "Kb ") 86 | 87 | $Headers = @{ 88 | "Authorization" = $signature; 89 | "Log-Type" = $logType; 90 | "x-ms-date" = $rfc1123date; 91 | "time-generated-field" = $TimeStampField; 92 | } 93 | 94 | $Response = Invoke-WebRequest -Uri $uri -Method $Method -ContentType $ContentType -Headers $Headers -Body $Body -UseBasicParsing 95 | $StatusMessage = "$($Response.StatusCode) : $($PayLoadSize)" 96 | return "$StatusMessage" 97 | } 98 | 99 | #region Workspace 100 | 101 | #Import test data 102 | $csv = Import-Csv $testdatapath | Select-Object ` 103 | ScriptVersion, ` 104 | DeviceName, ` 105 | ManagedDeviceID, ` 106 | AzureADDeviceID, ` 107 | ComputerOSVersion, ` 108 | ComputerOSBuild, ` 109 | DefaultAUService, ` 110 | @{Name = "CoMgmtWorkload"; Expression = { [bool]$_.CoMgmtWorkload } }, ` 111 | @{Name = "CoMgmtValue"; Expression = { [int]$_.CoMgmtValue } }, ` 112 | @{Name = "AutoInstallMinorUpdates"; Expression = { [int]$_.AutoInstallMinorUpdates } }, ` 113 | @{Name = "AutoRestartDeadlinePeriodInDays"; Expression = { [int]$_.AutoRestartDeadlinePeriodInDays } }, ` 114 | @{Name = "AutoRestartNotificationSchedule"; Expression = { [int]$_.AutoRestartNotificationSchedule } }, ` 115 | @{Name = "AutoRestartRequiredNotificationDismissal"; Expression = { [int]$_.AutoRestartRequiredNotificationDismissal } }, ` 116 | @{Name = "BranchReadinessLevel"; Expression = { [int]$_.BranchReadinessLevel } }, ` 117 | @{Name = "DeferFeatureUpdates"; Expression = { [int]$_.DeferFeatureUpdates } }, ` 118 | @{Name = "DeferFeatureUpdatesPeriodInDays"; Expression = { [int]$_.DeferFeatureUpdatesPeriodInDays } }, ` 119 | @{Name = "DeferQualityUpdates"; Expression = { [int]$_.DeferQualityUpdates } }, ` 120 | @{Name = "DeferQualityUpdatesPeriodInDays"; Expression = { [int]$_.DeferQualityUpdatesPeriodInDays } }, ` 121 | @{Name = "DisableDualScan"; Expression = { [int]$_.DisableDualScan } }, ` 122 | @{Name = "DoNotConnectToWindowsUpdateInternetLocations"; Expression = { [int]$_.DoNotConnectToWindowsUpdateInternetLocations } }, ` 123 | @{Name = "ElevateNonAdmins"; Expression = { [int]$_.ElevateNonAdmins } }, ` 124 | @{Name = "EnableFeaturedSoftware"; Expression = { [int]$_.EnableFeaturedSoftware } }, ` 125 | @{Name = "EngagedRestartDeadline"; Expression = { [int]$_.EngagedRestartDeadline } }, ` 126 | @{Name = "EngagedRestartSnoozeSchedule"; Expression = { [int]$_.EngagedRestartSnoozeSchedule } }, ` 127 | @{Name = "EngagedRestartTransitionSchedule"; Expression = { [int]$_.EngagedRestartTransitionSchedule } }, ` 128 | @{Name = "IncludeRecommendedUpdates"; Expression = { [int]$_.IncludeRecommendedUpdates } }, ` 129 | @{Name = "NoAUAsDefaultShutdownOption"; Expression = { [int]$_.NoAUAsDefaultShutdownOption } }, ` 130 | @{Name = "NoAUShutdownOption"; Expression = { [int]$_.NoAUShutdownOption } }, ` 131 | @{Name = "NoAutoRebootWithLoggedOnUsers"; Expression = { [int]$_.NoAutoRebootWithLoggedOnUsers } }, ` 132 | @{Name = "NoAutoUpdate"; Expression = { [int]$_.NoAutoUpdate } }, ` 133 | @{Name = "PauseFeatureUpdatesStartTime"; Expression = { [int]$_.PauseFeatureUpdatesStartTime } }, ` 134 | @{Name = "PauseQualityUpdatesStartTime"; Expression = { [int]$_.PauseQualityUpdatesStartTime } }, ` 135 | @{Name = "RebootRelaunchTimeout"; Expression = { [int]$_.RebootRelaunchTimeout } }, ` 136 | @{Name = "RebootRelaunchTimeoutEnabled"; Expression = { [int]$_.RebootRelaunchTimeoutEnabled } }, ` 137 | @{Name = "RebootWarningTimeout"; Expression = { [int]$_.RebootWarningTimeout } }, ` 138 | @{Name = "RebootWarningTimeoutEnabled"; Expression = { [int]$_.RebootWarningTimeoutEnabled } }, ` 139 | @{Name = "RescheduleWaitTime"; Expression = { [int]$_.RescheduleWaitTime } }, ` 140 | @{Name = "RescheduleWaitTimeEnabled"; Expression = { [int]$_.RescheduleWaitTimeEnabled } }, ` 141 | @{Name = "ScheduleImminentRestartWarning"; Expression = { [int]$_.ScheduleImminentRestartWarning } }, ` 142 | @{Name = "ScheduleRestartWarning"; Expression = { [int]$_.ScheduleRestartWarning } }, ` 143 | @{Name = "SetAutoRestartDeadline"; Expression = { [int]$_.SetAutoRestartDeadline } }, ` 144 | @{Name = "SetAutoRestartNotificationConfig"; Expression = { [int]$_.SetAutoRestartNotificationConfig } }, ` 145 | @{Name = "SetAutoRestartNotificationDisable"; Expression = { [int]$_.SetAutoRestartNotificationDisable } }, ` 146 | @{Name = "SetAutoRestartRequiredNotificationDismissal"; Expression = { [int]$_.SetAutoRestartRequiredNotificationDismissal } }, ` 147 | @{Name = "SetEDURestart"; Expression = { [int]$_.SetEDURestart } }, ` 148 | @{Name = "SetEngagedRestartTransitionSchedule"; Expression = { [int]$_.SetEngagedRestartTransitionSchedule } }, ` 149 | @{Name = "SetPolicyDrivenUpdateSourceForDriverUpdates"; Expression = { [int]$_.SetPolicyDrivenUpdateSourceForDriverUpdates } }, ` 150 | @{Name = "SetPolicyDrivenUpdateSourceForFeatureUpdates"; Expression = { [int]$_.SetPolicyDrivenUpdateSourceForFeatureUpdates } }, ` 151 | @{Name = "SetPolicyDrivenUpdateSourceForOtherUpdates"; Expression = { [int]$_.SetPolicyDrivenUpdateSourceForOtherUpdates } }, ` 152 | @{Name = "SetPolicyDrivenUpdateSourceForQualityUpdates"; Expression = { [int]$_.SetPolicyDrivenUpdateSourceForQualityUpdates } }, ` 153 | @{Name = "SetRestartWarningSchd"; Expression = { [int]$_.SetRestartWarningSchd } }, ` 154 | WUServer, ` 155 | WUStatusServer 156 | 157 | 158 | #Prepare Array for Upload 159 | $PayloadJson = $csv | ConvertTo-Json 160 | 161 | #Write upload intent to console 162 | Write-Output "Sending Payload:" 163 | Write-Output $PayloadJson 164 | 165 | #Upload Data 166 | $ResponseWUInventory = Send-LogAnalyticsData -CustomerID $CustomerID -SharedKey $SharedKey -Body ([System.Text.Encoding]::UTF8.GetBytes($PayloadJson)) -LogType $LogType 167 | $ResponseWUInventory 168 | 169 | #Status Report 170 | $Date = Get-Date -Format "dd-MM HH:mm" 171 | $OutputMessage = "InventoryDate: $Date " 172 | 173 | if ($ResponseWUInventory) { 174 | if ($ResponseWUInventory -like "200*") { 175 | $OutputMessage = $OutputMessage + " WUInventory:OK" 176 | } 177 | else { 178 | $OutputMessage = $OutputMessage + " WUInventory:Fail" 179 | } 180 | } 181 | Write-Output $OutputMessage 182 | 183 | #endregion 184 | #> --------------------------------------------------------------------------------