├── .gitignore ├── .vscode ├── launch.json └── settings.json ├── 2Pint └── Readme.md ├── Alexa └── Send-AlexaAnnoucement.ps1 ├── AppCustomizations └── Opera │ ├── GARYTOWN │ ├── Local State │ ├── Preferences │ └── installer_prefs.json │ ├── Install-OperaW365.ps1 │ └── W365 │ ├── Local State │ ├── Preferences │ └── installer_prefs.json ├── Atlassian └── Update-Confluence-Table.ps1 ├── Automation └── WindowsDefender │ ├── Update-DefenderCMPackage.ps1 │ └── readme.md ├── Azure └── Automation │ └── WinUpdates │ ├── Functions.ps1 │ ├── Get-MSUpdates-ToJSON.ps1 │ ├── Get-WindowsUpdateInfo.ps1 │ ├── M365SupportedVersionTableData.json │ ├── M365UpdateHistory.ps1 │ ├── M365VersionsHistoryTableData.json │ ├── MSWinDefenderDefsInfo.json │ ├── OSEditionsTableData.json │ ├── OSLatestUpdateTable.json │ └── OSUpdateHistoryTable.json ├── BlackLotusKB5025885 ├── Backup-PreMay5 │ ├── KB5025885-PSDetectionScriptMonitor.ps1 │ ├── KB5025885-PSDetectionScriptStep1.ps1 │ ├── KB5025885-PSDetectionScriptStep2.ps1 │ ├── KB5025885-PSDetectionScriptStep3.ps1 │ ├── KB5025885-PSDetectionScriptStep4.ps1 │ ├── KB5025885-PSRemediationScriptStep1.ps1 │ ├── KB5025885-PSRemediationScriptStep2.ps1 │ ├── KB5025885-PSRemediationScriptStep3-4.ps1 │ ├── KB5025885-PSRemediationScriptStep3.ps1 │ └── KB5025885-PSRemediationScriptStep4.ps1 ├── Backup │ ├── KB5025885-GARYTOWNCleanupPreviousVersions.ps1 │ ├── KB5025885-PSDetectionScriptStep1.ps1 │ ├── KB5025885-PSDetectionScriptStep2.ps1 │ ├── KB5025885-PSDetectionScriptStep3.ps1 │ ├── KB5025885-PSDetectionScriptStep4.ps1 │ ├── KB5025885-PSRemediationScriptStep1.ps1 │ ├── KB5025885-PSRemediationScriptStep2.ps1 │ ├── KB5025885-PSRemediationScriptStep3.ps1 │ └── KB5025885-PSRemediationScriptStep4.ps1 ├── BlackLotusFunctions.ps1 ├── ConfigMgr │ ├── Black Lotus Monitoring.cab │ ├── Black Lotus Remediation.cab │ ├── KB5025885 - Media Creator.zip │ ├── KB5025885-CreateCMNonCompliantCollections.ps1 │ ├── KB5025885-Prereq-Discovery-SecureBoot.ps1 │ ├── KB5025885-Prereq-Discovery-UBR.ps1 │ ├── KB5025885-Step1 - Detection-Applicability.ps1 │ ├── KB5025885-Step1 - DiscoveryScript.ps1 │ ├── KB5025885-Step2 - Detection-Applicability.ps1 │ ├── KB5025885-Step2 - DiscoveryScript-Reboot.ps1 │ ├── KB5025885-Step2 - DiscoveryScript.ps1 │ ├── KB5025885-Step3 - Detection-Applicability.ps1 │ ├── KB5025885-Step3 - DiscoveryScript.ps1 │ ├── media │ │ ├── ConfigMgrBaselineCompliance-02.png │ │ ├── ConfigMgrBaselineCompliance-03.png │ │ ├── ConfigMgrBaselineCompliance.png │ │ ├── ConfigMgrNonCompliantCollectionCreation-01.png │ │ └── ConfigMgrNonCompliantCollectionCreation-02.png │ └── readme.md ├── Intune │ ├── IndividualSteps │ │ ├── KB5025885-Step1-Detection.ps1 │ │ └── KB5025885-Step1-Remediation.ps1 │ ├── KB5025885-FullProcess-Detection.ps1 │ ├── KB5025885-FullProcess-Remediate.ps1 │ ├── KB5025885-PreCheck-BlackLotusStatusMonitor.ps1 │ ├── KB5025885-ReferenceFile-Functions.ps1 │ └── readme.md ├── Invoke-BlackLotusKB5025885Compliance.ps1 ├── KB5025885-Basics.ps1 ├── Test-BlackLotusKB5025885Compliance.ps1 ├── Update-BootMgr2023.ps1 ├── media │ ├── BL-InvokeStep3-01.png │ ├── BL-InvokeStep3-02-PostInvoke-PreReboot.png │ ├── BL-Test-01.png │ └── BootMgrCatch22.jpg └── readme.md ├── CM_LAB ├── AD-Setup.ps1 ├── BuildDatabase.ps1 ├── CMPivot-Queries.ps1 ├── Create-AutomateBootISO.ps1 ├── CreateCerts.ps1 ├── CreateCollections.ps1 ├── Readme.md ├── SQLConfigurationFile.ini └── SetupSnips.ps1 ├── CM_PowerShell_Snips ├── Add-CMTrace2Path.ps1 ├── AppDetectionMethods.ps1 ├── AppReset_AllowAppInstallWOBeingDeployed.ps1 ├── CMApplicationRevisionHistory.ps1 ├── CMProgramFlagsDecoder.ps1 ├── CM_Functions.ps1 ├── ClearCCMCacheTSReferencedItems.ps1 ├── Collections │ ├── Create-CollectionsBasedOnBaseline.ps1 │ └── ExportCollections.ps1 ├── Conexant-Uninstall.ps1 ├── ConvertFrom-Logs.ps1 ├── Create-ScheduledTask-TriggerPSScript.ps1 ├── Disable_NetBIOS.ps1 ├── Enable-PSGalleryWinPE-CMPackage-InstallModule.ps1 ├── Enable-PSGalleryWinPE-InstallModule.ps1 ├── Function-CMTracelog.ps1 ├── Get-CCMCacheApps.ps1 ├── Get-CCMDTSJobsActive.ps1 ├── Get-CMLogContent.ps1 ├── Get-CMUpdatePackage-ForSpecificKB.ps1 ├── Get-FirstFreeDriveLetter.ps1 ├── Get-MSKBData.ps1 ├── Get-TaskSequenceInfo.ps1 ├── Get-UpdatePackage-ForKB.ps1 ├── GetSqlServerProductKey.ps1 ├── InstallBrowserExtensions.ps1 ├── New-AppShortcut.ps1 ├── Readme.md ├── Restart-ByPassComputer-CM.ps1 ├── ScheduledTaskCreation.ps1 ├── SetProgramFlags.ps1 ├── Start-TaskSequence.ps1 ├── Sync_CMCollection2ADGroup.ps1 ├── SystemVolumeBinFiles.ps1 ├── TSExecutionHistory.ps1 ├── TS_ProgressUI_showmessageex.ps1 ├── Test-MeteredConnection.ps1 ├── Test-MeteredConnection_OLD.ps1 ├── TestSnips.ps1 ├── USMT_Extract.ps1 ├── Update-CMDistributionPoint.ps1 ├── WindowsFunctions.ps1 ├── WindowsUpdateFunctions.ps1 └── WriteTSStepsRegistry.ps1 ├── CodeDependancies ├── ErrorCodeDBInfo.ps1 └── errorcodes.json ├── ConfigMgr ├── Baselines │ ├── Active Cache Management.cab │ ├── ActiveCacheManagement-CCMCacheDiscovery.ps1 │ ├── ActiveCacheManagement-CCMCacheDuplicates-Detect.ps1 │ ├── ActiveCacheManagement-CCMCacheDuplicates-Remediate.ps1 │ ├── ActiveCacheManagement-CCMCacheMaintenance.ps1 │ ├── ActiveCacheManagement-CCMCacheSize.ps1 │ ├── CI_WUTroubleshooter.ps1 │ ├── CVE-2023-24932 │ │ ├── CVE-2023-24932-CI-Discovery.ps1 │ │ ├── CVE-2023-24932-CI-Remediation.ps1 │ │ ├── CVE-2023-24932-PR-Detection.ps1 │ │ ├── CVE-2023-24932-PR-Detection_v2.ps1 │ │ ├── CVE-2023-24932-PR-Detection_v2_July.ps1 │ │ ├── CVE-2023-24932-PR-Remediation.ps1 │ │ ├── CVE-2023-24932-PR-Remediation_v2.ps1 │ │ ├── CVE-2023-24932-PR-Remediation_v2_July.ps1 │ │ ├── KB5025885 - Remediation.zip │ │ ├── KB5025885-PSDetectionScript.ps1 │ │ ├── KB5025885-PSDetectionScript_Step1-2.ps1 │ │ ├── KB5025885-PSRemediationScript.ps1 │ │ ├── KB5025885-PSRemediationScriptHPCMSL.ps1 │ │ ├── KB5025885-PSRemediationScript_Step1-2_HPCMSL.ps1 │ │ ├── KB5025885-PSRemediationScript_Step1-2_HPCMSL2Pint .ps1 │ │ ├── KB5025885-TSCheckCompliance.ps1 │ │ ├── Snips.ps1 │ │ ├── TS-UpdateBootMedia.ps1 │ │ ├── TestApril2024UBR.ps1 │ │ ├── UpdateADK_winpe_wim.ps1 │ │ └── readme.md │ ├── PackageContentCompliance_TSPackageID.ps1 │ ├── QuickAccess_AddCustomFolders.ps1 │ ├── QuickAccess_RemoveDefaultFolders.ps1 │ ├── Readme.md │ └── SysinternalsSuiteInstall.ps1 └── Modify-CMBootImage.ps1 ├── Create-Collections-BasedOnCIs_NonCompliant.ps1 ├── CreateCMPowerShellModulePackage.ps1 ├── CreateCopyExportTS.ps1 ├── CreateDeviceCollections ├── CreateManufacturerCollections.ps1 ├── Customizations ├── Set-LockScreen-InTune.ps1 ├── Set-LockScreen.ps1 ├── Set-ThisPC-to-name-of-Machine.ps1 └── Set-Wallpaper.ps1 ├── DEMOS ├── CBS.zip ├── CloudScriptsDemo.ps1 ├── DISM.zip ├── MMSHPDemos2024.ps1 └── UI++.xml ├── Dev ├── CloudScripts │ ├── Debloat.ps1 │ ├── Folinic.ps1 │ ├── Functions.ps1 │ ├── Hope.ps1 │ ├── Hope10.ps1 │ ├── Install-ZoomIt.ps1 │ ├── IntuneLab.ps1 │ ├── Lenovo.ps1 │ ├── LenovoUpdate.ps1 │ ├── OOBE_DELL.ps1 │ ├── OSDCloud.ps1 │ ├── OSDCloudStartNet.ps1 │ ├── OSDSilent.ps1 │ ├── PostActionsTask.ps1 │ ├── Production.ps1 │ ├── SMSTSPostAction.ps1 │ ├── SettingOSDCloudVarsSample.ps1 │ ├── SetupCompleteDEV.ps1 │ ├── SpecializeDEV.ps1 │ ├── StartOSDCloudPreStart.ps1 │ ├── TaskSequence.ps1 │ ├── TyDoneRight.ps1 │ ├── cm.ps1 │ ├── debug.ps1 │ ├── fr-ca.ps1 │ ├── hp.ps1 │ ├── lightaria.ps1 │ ├── test.ps1 │ ├── win10.ps1 │ └── win11.ps1 ├── FunctionsSnips │ ├── Invoke-ScriptNewJob.ps1 │ ├── ScheduledTaskFunctions.ps1 │ └── Set-TaskBarStartMenu.ps1 ├── PowerSettingTurnMonitorOffAfterFunctions.ps1 └── PowerSettingsSleepAfterFunctions.ps1 ├── FakeApp.ps1 ├── Feature-Updates ├── ConfigMgrApp │ ├── CreateCustomActionScripts.ps1 │ ├── PreInstall │ │ ├── Microsoft.Toolkit.Uwp.Notifications.dll │ │ ├── PreInstallNotification.ps1 │ │ ├── PreInstallNotificationLauncher.ps1 │ │ └── readme.txt │ ├── Run │ │ ├── PostUninstall.ps1 │ │ ├── Success.ps1 │ │ ├── SuccessSetupDiag.ps1 │ │ └── preinstall.ps1 │ ├── RunOnce │ │ └── Readme.txt │ ├── Success │ │ ├── BackgroundImages │ │ │ ├── lockscreen.jpg │ │ │ └── wallpaper.jpg │ │ ├── SystemLogo │ │ │ └── logo.bmp │ │ └── UserPictures │ │ │ ├── guest.png │ │ │ ├── user-192.png │ │ │ ├── user-200.png │ │ │ ├── user-32.png │ │ │ ├── user-40.png │ │ │ ├── user-48.png │ │ │ └── user.png │ └── Windows-Update-icon-big-256.png ├── Get-WindowsESDFileInfo.ps1 ├── OSDCloud │ ├── Build-OSDCloudOSIndexList.ps1 │ ├── Build-OSDCloudOSIndexMap.ps1 │ ├── Build-OSDCloudOSs.ps1 │ └── TestBIOSDate.ps1 ├── ProductXML.md ├── SafeGuardHolds │ ├── Bandaid-40667045.ps1 │ ├── Build-SafeGuardDatabase.ps1 │ ├── Get-SafeGuardHoldInfo.ps1 │ ├── Get-SafeGuardURLs.ps1 │ ├── Override-SafeGuard.ps1 │ ├── Readme.md │ ├── SafeGuardHoldDataBase.json │ ├── SafeGuardHoldLookup.html │ ├── SafeGuardHoldLookupSample.ps1 │ ├── SafeGuardHoldLookupSample2.ps1 │ ├── SafeGuardHoldLookupSampleLOCALTEST.ps1 │ ├── SafeGuardHoldURLS.json │ ├── backup │ │ ├── Get-SafeGuardHoldData.ps1 │ │ ├── SafeGuardHoldCombinedDataBase.json │ │ ├── SafeGuardHoldDataBase-25.2.9.json │ │ ├── SafeGuardHoldDataBase.json │ │ ├── SafeGuardHoldURLS.json │ │ ├── smsagent-BuildDatabase.ps1 │ │ └── smsagent-GetURLs.ps1 │ ├── media │ │ ├── BuildScript.png │ │ ├── CMPivot.png │ │ ├── Demo1.png │ │ ├── RemoveDups.png │ │ ├── RemoveDups2.png │ │ ├── RemoveDups3.png │ │ ├── RunScript.png │ │ ├── RunScript1.png │ │ └── RunScript2.png │ └── sdb2xml.exe ├── media │ ├── FeatureUpdates01.png │ ├── FeatureUpdates02.png │ ├── FeatureUpdates03.png │ ├── FeatureUpdates04.png │ ├── FeatureUpdates05.png │ ├── FeatureUpdates06.png │ ├── FeatureUpdates07.png │ ├── FeatureUpdates08.png │ ├── FeatureUpdates09.png │ └── FeatureUpdates10.png └── readme.md ├── GraphAPI └── GraphTest.ps1 ├── HopeForUsedComputers ├── Hope For Used Computers - Flyer.pdf ├── Hope for Used Computers PDF.pdf └── readme.md ├── HyperV ├── BuildVMs_BLink.ps1 ├── BuildVMs_GTOWN.ps1 ├── BuildVMs_OSD.ps1 ├── Cleanup-BackupVMs.ps1 ├── Export-BackupVMs.ps1 ├── HyperVOptimizeVHDxFiles.ps1 ├── Manage-VMLab-Tasks.ps1 ├── Manage-VMLab.ps1 └── RunDeduponVMVolume.ps1 ├── Install_RecastRCTEnterpriseTools.ps1 ├── Intune ├── Add-Item2HostsFileDetect.ps1 ├── Add-Item2HostsFileRemediate.ps1 ├── BIOSManagement │ ├── Dell-Desktop-BIOSSettings-Detection.ps1 │ ├── Dell-Desktop-BIOSSettings-Remediation.ps1 │ ├── HP-Desktop-BIOSSettings-Detection.ps1 │ ├── HP-Desktop-BIOSSettings-Remediation.ps1 │ ├── Lenovo-Desktop-BIOSSettings-Detection.ps1 │ └── Lenovo-Desktop-BIOSSettings-Remediation.ps1 ├── Create-ScheduledTaskItem.ps1 ├── CreateControlPanelDesktopIconsDetect.ps1 ├── CreateControlPanelDesktopIconsRemedate.ps1 ├── Enable-PSTranscription.ps1 ├── EndMgrEnhancedInventoryAddon_Battery.ps1 ├── EndMgrEnhancedInventoryAddon_HP.ps1 ├── EndMgrEnhancedInventoryAddon_HPIA.ps1 ├── EndMgrEnhancedInventoryAddon_HPIACombo.ps1 ├── EndMgrEnhancedInventoryAddon_IUS.ps1 ├── EndMgrEnhancedInventoryAddon_SoftPaq.ps1 ├── Get-AzureTenantDisplayNameFromClient.ps1 ├── Install-BingWallpaper.ps1 ├── Install-CMTrace-Detect.ps1 ├── Install-CMTrace-Remediate.ps1 ├── Install-Git-Detect.ps1 ├── Install-Git-Remediate.ps1 ├── Install-Git.ps1 ├── Install-PowerShellMSI-Detect.ps1 ├── Install-PowerShellMSI-Remediate.ps1 ├── Install-PowerShellMSI.ps1 ├── Install-VSCode.ps1 ├── Install-WMIExplorer-Detect.ps1 ├── Install-WMIExplorer-Remediate.ps1 ├── Intune-DisableSleepOnAC-Detect.ps1 ├── Intune-DisableSleepOnAC-Remediation.ps1 ├── Intune-EnableRDP-Detect.ps1 ├── Intune-EnableRDP-Remediate.ps1 ├── IntuneAppBuilder.ps1 ├── IntuneExtendedLoggingDetect.ps1 ├── IntuneExtendedLoggingRemediation.ps1 ├── IntuneWinCreator-2PintStifleR.ps1 ├── IntuneWinCreator-Generic.ps1 ├── IntuneWinCreator_HPWolfSecure.ps1 ├── LowDiskSpace_Detection.ps1 ├── LowDiskSpace_Remediation.ps1 ├── PSModule-HPCMSL-Detect.ps1 ├── PSModule-HPCMSL-Remediate.ps1 ├── PSModule-NuGet-Detect.ps1 ├── PSModule-NuGet-Remediate.ps1 ├── PSModule-PowerShellGet-Detect.ps1 ├── PSModule-PowerShellGet-Remediate.ps1 ├── ParseIntuneDeviceDiagZipLogs.ps1 ├── PatchMyPCHome-Detect.ps1 ├── PatchMyPCHome-Remediation.ps1 ├── SchedTask-ShutdownNightly-Detect.ps1 ├── SchedTask-ShutdownNightly-Remediate.ps1 ├── Set-ThisPC-icon-to-Machine-name-Detect.ps1 ├── Set-ThisPC-icon-to-Machine-name-Remediate.ps1 ├── Set-TimeZoneByIP-Detect.ps1 ├── Set-TimeZoneByIP-Remediate.ps1 ├── Set-VMName2ShellName-Detect.ps1 ├── Set-VMName2ShellName-Remediate.ps1 ├── Update-DellApps-Detect.ps1 ├── Update-DellBIOS-Detect.ps1 ├── Update-DellDCU-XML.ps1 └── Update-HPCSML.ps1 ├── OSD ├── ARM64 │ └── Create-WinPEARM64.ps1 ├── AppendUnattendXML.ps1 ├── Apply-UWPDriverPack.ps1 ├── BGInfo │ ├── BGINFO_DL_Launch.ps1 │ ├── BGInfoBootMediaPreStart.png │ ├── BGInfoFolder.png │ ├── BGInfoInWinPE.png │ ├── BGInfoInWinPEinTS.png │ ├── BGInfoRegBuilder.ps1 │ ├── BGInfoRegBuilderTS.ps1 │ ├── BGInfoTS01.png │ ├── BGInfoTS02.png │ ├── BGInfoTS03.png │ ├── Readme.md │ ├── WinPE-PreStart.bgi │ └── WinPE-TSStarted.bgi ├── BIOS │ ├── BIOSGatherPackage │ │ ├── BIOS_Gather.ps1 │ │ ├── BIOS_Status_Confirm.ps1 │ │ ├── CaptureBIOSInfoForReporting.ps1 │ │ ├── Determine_BIOSPW.ps1 │ │ ├── Launch_Custom_Dialog-Failure.ps1 │ │ ├── Record_BIOS_Info.ps1 │ │ ├── Set_BIOS_Path_Variable.ps1 │ │ ├── Setting_Path_to_FlashBIN.ps1 │ │ └── gather.ps1 │ ├── BIOSModule.zip │ ├── Dell Utilities │ │ ├── BIOSIntf.dll │ │ ├── Flash64W.exe │ │ ├── cctk.exe │ │ ├── dchapi64.dll │ │ └── dchbas64.dll │ └── HP Script Library PowerShell Module for WinPE │ │ └── HP.PowershellModules │ │ ├── LoadHPScriptLibrary.ps1 │ │ └── Modules │ │ ├── HP.ClientManagement │ │ ├── HP.ClientManagement.psd1 │ │ ├── HP.ClientManagement.psm1 │ │ ├── HP.UEFI.psm1 │ │ └── license.txt │ │ ├── HP.Consent │ │ ├── HP.Consent.psd1 │ │ ├── HP.Consent.psm1 │ │ └── license.txt │ │ ├── HP.Firmware │ │ ├── HP.Firmware.Defs.psm1 │ │ ├── HP.Firmware.SecurePlatform.psm1 │ │ ├── HP.Firmware.SureAdmin.psm1 │ │ ├── HP.Firmware.SureRecover.psm1 │ │ ├── HP.Firmware.SureView.psm1 │ │ ├── HP.Firmware.psd1 │ │ ├── HP.Firmware.psm1 │ │ ├── MSAL_4.19.0 │ │ │ ├── net45 │ │ │ │ └── Microsoft.Identity.Client.dll │ │ │ └── netcoreapp2.1 │ │ │ │ └── Microsoft.Identity.Client.dll │ │ ├── MSAL_4.36.2 │ │ │ ├── net45 │ │ │ │ └── Microsoft.Identity.Client.dll │ │ │ └── netcoreapp2.1 │ │ │ │ └── Microsoft.Identity.Client.dll │ │ ├── dfmbios32.dll │ │ ├── dfmbios64.dll │ │ └── license.txt │ │ └── HP.Notifications │ │ ├── HP.Notifications.psd1 │ │ ├── HP.Notifications.psm1 │ │ ├── assets │ │ ├── img.jpg │ │ └── logo.jpg │ │ └── license.txt ├── CloudOSD │ ├── CMTrace.exe │ ├── CalcRequiredFree.ps1 │ ├── ConfigBranchCache.ps1 │ ├── ConfigMgrDesktopIcons.ps1 │ ├── Control.zip │ ├── CopyCMTrace.ps1 │ ├── CopyJson.ps1 │ ├── CreateCloudOSDTSVars.ps1 │ ├── CreateCloudOSDUnattendXML.ps1 │ ├── CreateCloudOSD_MDTPost_UnattendXML.ps1 │ ├── CreateCloudOSD_MDT_UnattendXML.ps1 │ ├── CreateOSDComputerName.ps1 │ ├── FormatRAWDisks.ps1 │ ├── Install-LAPSClientX64.ps1 │ ├── Install-PSModules_WinPE.ps1 │ ├── Manage-HPBiosSettings.ps1 │ ├── Manage-LenovoBiosSettings.ps1 │ ├── NiniteInstall.ps1 │ ├── OEMInfo.ps1 │ ├── OSDCloud-CloudFunctions_BACKUP.ps1 │ ├── OSDCloudTaskSequence.zip │ ├── Pilot.json │ ├── Remove-NonCorporateApps.ps1 │ ├── ScheduleOSDCloudPost.ps1 │ ├── ServiceUI.exe │ ├── Set-LockScreen.ps1 │ ├── Set-ThisPC.ps1 │ ├── Set-WallPaper.ps1 │ ├── Sysinternals-Suite.ps1 │ ├── TS_DISM_Drivers.ps1 │ ├── Update-PowerShellGet.ps1 │ ├── UserImages.ps1 │ ├── UserPics │ │ ├── Readme.md │ │ ├── guest.png │ │ ├── user-192.png │ │ ├── user-200.png │ │ ├── user-32.png │ │ ├── user-40.png │ │ ├── user-48.png │ │ └── user.png │ ├── WMIExplorer.ps1 │ ├── WindowsCustomizations-Machine.ps1 │ ├── WindowsDefenderDefs_Updater.ps1 │ ├── gather.ps1 │ ├── lockscreen.jpg │ ├── logo.bmp │ └── wallpaper.jpg ├── Create-JSON-Data.ps1 ├── CreateConfigMgrDesktopShortcut.ps1 ├── CustomTSLogging │ ├── CustomTSLogging.ps1 │ ├── Readme.md │ ├── TSLogging01.png │ ├── TSLogging02.png │ └── TSLogging03.png ├── DefenderUpdater │ ├── CM-Update-MS-Defender-Package.XML │ ├── CM-Update-MS-Defender-Package.ps1 │ ├── DefenderUpdate01.png │ ├── DefenderUpdate02.png │ ├── DefenderUpdate03.png │ └── readme.md ├── GetWin11Readiness.ps1 ├── HardwareReadiness_TS.ps1 ├── Install_HPCMSL.ps1 ├── LanguagePackModule-TS.zip ├── ModelSupportTS-CM2103.zip ├── OSDLogGather.ps1 ├── RecordTSInfo.ps1 ├── SMSTS_Info.ps1 ├── SecureWipeSDELETE.ps1 ├── Set-DarkModeTheme-Logon.ps1 ├── Set-DiskNumber.ps1 ├── Set-StaticIPVars.ps1 ├── Set-WiFI.ps1 ├── SplashScreen │ ├── Create-FullScreenBackground-Variable.ps1 │ ├── Create-Runspaces.ps1 │ ├── Invoke-PSScriptAsUser.ps1 │ ├── ServiceUI.exe │ ├── Show-OSUpgradeBackground-Variable.ps1 │ └── bin │ │ ├── MahApps.Metro.dll │ │ └── System.Windows.Interactivity.dll ├── TS-AppMapping │ ├── AppMapping.JSON │ ├── AppMapping.ps1 │ ├── AppMapping01.png │ ├── AppMapping02.png │ ├── AppMapping03.png │ ├── AppMapping04.png │ ├── AppMapping05.png │ ├── AppMapping06.png │ ├── AppMappingAppInstalls.zip │ └── Readme.md ├── TroubleShootingSteps │ ├── Get-2PintOSDToolKitInfo.ps1 │ ├── Get-2PintStfileRInfo.ps1 │ ├── Get-HardwareDevicesAndDrivers.ps1 │ ├── Get-MachineInfo.ps1 │ └── Get-TSVarsSafeDump.ps1 ├── UserInputDialog.ps1 ├── UserInputListBox.ps1 └── gather.ps1 ├── OSDCloud ├── OSDCloudCommandsv2.ps1 ├── OSDCloudSetupFromScratch.ps1 ├── OSDCloudUSBCommands.ps1 ├── SureRecover-CustomOSDCloudAgent.ps1 ├── SurfaceRecovery.ps1 ├── UpdateOSDCloudUSB.ps1 ├── WinPE-BlackLotus-TCSMUG-25.05-Demo.ps1 └── media │ ├── OCM01.png │ ├── OCM02.png │ ├── OCM03.png │ ├── OCM04.png │ ├── OCM05.png │ ├── OCM06.png │ └── OCM07.png ├── Office365 ├── BuildM365Apps.ps1 ├── CI_ToastLaunch_Discovery.ps1 ├── CI_ToastLaunch_Remediate.ps1 ├── CI_ToastPreReq.ps1 ├── CreateADGroup-CMUserCollection.ps1 ├── Icons │ ├── Access.png │ ├── M365.png │ ├── Project.png │ ├── Visio.png │ └── readme.md ├── M365-Intune.ps1 ├── Readme.md ├── o365_Change_Channel_ConfigItem.ps1 ├── o365_Content_DetectionMethod.ps1 ├── o365_download.ps1 ├── o365_install.ps1 ├── o365_prep.ps1 ├── o365_uninstall.ps1 └── simple │ ├── Readme.md │ ├── o365_install.ps1 │ └── o365_uninstall.ps1 ├── OneVinn_IPUApplication.ps1 ├── README.md ├── RandomHoliday.ps1 ├── ResetTSlite.ps1 ├── RunScripts ├── AddRemoveLocalGroup.ps1 ├── CCMCacheReport.ps1 ├── Get-HPSoftPaq.ps1 ├── Get-MachineInfo.ps1 ├── Invoke-Baseline.ps1 ├── Rename-Computer.ps1 ├── Run-HPIA.ps1 ├── Run-ScheduledTask.ps1 ├── Run-WindowsUpdates.ps1 ├── Set-PSTranscription.ps1 ├── Start-TaskSequence.ps1 ├── Start-TaskSequence │ ├── Start-TaskSequence.ps1 │ ├── StartTS01.png │ ├── StartTS02.png │ ├── StartTS03.png │ ├── StartTS05.png │ └── readme.md ├── Start-TaskSequenceLite.ps1 ├── Update-DellBIOS.ps1 ├── Update-HPBIOS.ps1 └── Update-HPBIOSv2.ps1 ├── SQL ├── DeviceInfoByCollection.sql ├── HP │ ├── HPBIOSSelectedSettingsPerDevice.sql │ ├── HPBIOSSpecificSetting.sql │ └── HPBIOSWiFiProfile.sql ├── ModelCount.sql ├── SQL-CMApplicationsInfo.sql └── WriteToSql.ps1 ├── SoftwareUpdates ├── Install-Update.ps1 ├── Windows10.0-KB4517245-x64.cab ├── Windows10.0-KB5003791-x64.cab ├── Windows11.0-kb5027397-x64.cab ├── WindowsUpdateFunctions.ps1 └── readme.md ├── TS_OSDBUILDER └── OSDBuilder_TS-Step_UpdateSRC.ps1 ├── TaskSequenceExport ├── TaskSequenceSteps2Excel ├── BootImage2Excel.ps1 ├── TS2Excel.ps1 ├── TS2Excelv2.ps1 ├── media │ ├── TS2E01.png │ ├── TS2E02.png │ └── TS2E03.png └── readme.md ├── WaaS ├── CompatScan_CheckReadinessResults.ps1 ├── CompatScan_LaunchCustomDialog.ps1 ├── Create-Lang-Package-Variables-TS-Function.ps1 ├── Create-Language-CM-Packages.ps1 ├── CreateCMFeaturesOnDemandPackage-RSAT.ps1 ├── CustomActionScriptsTest.ps1 ├── Detect_RSATInstalled.ps1 ├── Install_RSAT.ps1 └── TS_StampInfo.ps1 ├── Windows10.0-KB4517245-x64.cab ├── hardware ├── BIOSManagement-Remediation-Laptop-Dell.ps1 ├── BIOSManagement-Remediation-Laptop-HP.ps1 ├── ChassisType.ps1 ├── CreateCMPackages_BIOS_Drivers.ps1 ├── CreateCMPackages_BIOS_Drivers_old.ps1 ├── Dell │ ├── BIOSManagement │ │ ├── Get-DellPSProvider.ps1 │ │ └── Set-BiosSettings-PSProvider.ps1 │ └── CommandUpdate │ │ ├── DCU-BuildOfflineRepo-CMPackages-WIM.ps1 │ │ ├── EMPS │ │ ├── Dell-EMPS.ps1 │ │ ├── Dell-EMPSWarranty.ps1 │ │ ├── Dell-MMSDemo.ps1 │ │ └── Invoke-PublishDellIntuneApp.ps1 │ │ ├── LatitudeE7470-Pre-Prod.xml │ │ ├── LatitudeE7470-Prod.xml │ │ ├── OptiPlex7050-Pre-Prod.xml │ │ └── OptiPlex7050-Prod.xml ├── Dell_BIOS_PopulateCMPackage.ps1 ├── Dell_BIOS_PopulateCMPackage_old.ps1 ├── Dell_DeployDriverPackLive.ps1 ├── Dell_Driver_PopulateCMPackages.ps1 ├── Dell_Driver_PopulateCMPackages_old.ps1 ├── Get-DellSystemTypeID.ps1 ├── Get-IntelProcInfo.ps1 ├── HP │ ├── ApplyHPDriverPackOSD.ps1 │ ├── BatteryInfo.ps1 │ ├── ConfigItems │ │ ├── HPCMSLModule-Discovery.ps1 │ │ ├── HPCMSLModule-Remediation.ps1 │ │ ├── HPManagementBaseline │ │ │ ├── HPBIOSSettingCI-Sample_Discovery.ps1 │ │ │ ├── HPBIOSSettingCI-Sample_Remediation.ps1 │ │ │ ├── HPBiosUpdateComplianceDiscovery.ps1 │ │ │ ├── HPBiosUpdateComplianceRemediation.ps1 │ │ │ └── Readme.md │ │ ├── NuGetModule-Discovery.ps1 │ │ ├── NuGetModule-Remediation.ps1 │ │ ├── PkgMgmt-PowerShellGet-ModuleUpdate-Detect.ps1 │ │ ├── PkgMgmt-PowerShellGet-ModuleUpdate-Remediate.ps1 │ │ ├── PowerShellGetModule-Discovery.ps1 │ │ ├── PowerShellGetModule-Remediation.ps1 │ │ └── Readme.md │ ├── ConfigMgr │ │ ├── Create-HPContentPackages.ps1 │ │ ├── Populate-CMPackage-HP-DriverPacks-WIM.ps1 │ │ ├── Populate-CMPackage-HPIAOfflineRepo.ps1 │ │ └── Update-TSVars-HPDrivers-Repos.ps1 │ ├── ConfigMgr_DriverPackManagement.ps1 │ ├── CreateBIOSUpdateListJSON.ps1 │ ├── Docks │ │ ├── CM_AppModel_DockDetectionMethodScripts.ps1 │ │ ├── CM_AppModel_DockUpdaterScript.ps1 │ │ ├── ConfigMgr_HPDock_GlobalCondition.ps1 │ │ ├── Function_Get-HPDockUpdateDetails.ps1 │ │ ├── HPDockHistory.ps1 │ │ ├── HPDockUpdaterCI_DetectionScript.ps1 │ │ ├── HPDockUpdater_Intune_ConfigMgr.ps1 │ │ ├── HPDock_FirmwareLookup.ps1 │ │ ├── HPDocks.HWInvConfigurationMOF.txt │ │ ├── HPDocks.HWInvExt.mof │ │ ├── IRM-HPDockInfo.ps1 │ │ ├── Readme.md │ │ ├── Set-HPDockHistory.ps1 │ │ ├── Set-HPDockHistory_WMI.ps1 │ │ ├── TB2Workaround.ps1 │ │ └── Update-HPDockFirmware.ps1 │ ├── EMPS │ │ ├── BasicBIOSSettingsHPCMSL.ps1 │ │ ├── BasicBIOSSettingsWMI.ps1 │ │ ├── CompareWUtoHPUpdate.ps1 │ │ ├── ConvertBCUConfig2CMSL.ps1 │ │ ├── HP-MMSDemo.ps1 │ │ ├── HPCMSL-Intro.ps1 │ │ ├── Install-ModuleHPCMSL.ps1 │ │ ├── Invoke-HPDriverUpdate.ps1 │ │ └── Snips.ps1 │ ├── EssentalDock.ps1 │ ├── Get-HPDriverPackLatestExample.ps1 │ ├── HPBIOSJSON.JSON │ ├── HPIA-BlogSeries-2024 │ │ ├── CMTS-RunHPIAStep.ps1 │ │ ├── Create-HPIARefFiles.ps1 │ │ ├── Create-HPPackages.ps1 │ │ ├── CreateHPIARepo-FileShare.ps1 │ │ ├── HP_Logo_clear.png │ │ ├── Populate-CMPackages-HPRepo.ps1 │ │ ├── Set-TSVariablesRepoID.ps1 │ │ └── readme.md │ ├── HPIA-RefFileTS │ │ ├── Get-HPIARefFiles.ps1 │ │ ├── HPIAXMLCompare.ps1 │ │ └── HPIA_Task_Sequence.zip │ ├── HPIA │ │ ├── Driver Updates via HPIA.cab │ │ ├── HPIA Scheduled Task Setup.cab │ │ ├── HPIA-AutoUpdate-Setup.ps1 │ │ ├── HPIA-CI-Run-HPIA-Discovery.ps1 │ │ ├── HPIA-CI-Setup-Discovery.ps1 │ │ ├── HPIA-CompareXMLReferenceFiles.ps1 │ │ ├── HPIA-Functions.ps1 │ │ ├── HPIA-PR-Detect.ps1 │ │ ├── HPIA-PR-Remediation.ps1 │ │ ├── HPIA-WMI-Reporting.ps1 │ │ ├── HPIA.garytown.com.ps1 │ │ ├── Readme.md │ │ └── media │ │ │ ├── Get-HPIALatestVersion.png │ │ │ └── readme.md │ ├── HPIA_TS.ps1 │ ├── HP_UpdateDriverPacks_Online_Offline.ps1 │ ├── MIK │ │ ├── MIKClient_CI_Discovery.ps1 │ │ ├── MIKClient_CI_Remediation.ps1 │ │ └── readme.md │ ├── New-HPDriverPack.ps1 │ ├── Populate-CMPackage-HP-Drivers-WIM.ps1 │ ├── Run-HPIA-Function.ps1 │ ├── SureRecover │ │ ├── CI │ │ │ ├── HPClientsBaseline.cab │ │ │ ├── Readme.md │ │ │ ├── WiFiSetup-CI-DetectionMethod.ps1 │ │ │ ├── WiFiSetup-CI-DetectionScript.ps1 │ │ │ └── WiFiSetup-CI-RemediationScript.ps1 │ │ ├── HPSRAdminGuide.pdf │ │ ├── HPSRAgentWithinCorporateFirewall.pdf │ │ ├── PR │ │ │ ├── WiFiBIOSPreReqs-PR-DetectionScript.ps1 │ │ │ ├── WiFiBIOSPreReqs-PR-RemediationScript.ps1 │ │ │ ├── WiFiSetup-PR-DetectionScript.ps1 │ │ │ └── WiFiSetup-PR-RemediationScript.ps1 │ │ ├── SureRecoverBIOSSettingsLookup.ps1 │ │ ├── SureRecoverSetup.ps1 │ │ └── readme.md │ ├── TPM_Update.ps1 │ ├── TechPulseAPI │ │ └── HPTechPulseAPI.ps1 │ └── Test-HPIASupport.ps1 ├── HP_BIOS_PopulateCMPackage.ps1 ├── HP_DeployDriverPackLive.ps1 ├── HP_Driver_PopulateCMPackage.ps1 ├── HP_Driver_PopulateCMPackage_old.ps1 ├── Lenovo │ ├── EMPS │ │ ├── Lenovo-EMPS.ps1 │ │ ├── Lenovo-MMSDemo.ps1 │ │ └── SU-InstallBIOSUpdates.ps1 │ └── Set-BIOSSettings.ps1 ├── Lenovo_DeployDriverPackLive.ps1 ├── Lenovo_Driver_PopulateCMPackage.ps1 ├── Panasonic │ └── PanasonicInfo.ps1 ├── Readme.md ├── Temp │ └── Temp1.ps1 └── UpdateTSVariables_BIOS_Drivers.ps1 └── images ├── BackGround.jpg ├── Design.png ├── GARYTOWN_LOGO_Innovation.png ├── _868a8e47-a528-4cd4-9a12-c27b4272950a.jpg ├── _957e0259-e644-4341-aa93-5bb6622d03f5.jpg └── readme.md /.gitignore: -------------------------------------------------------------------------------- 1 | Feature-Updates/ConfigMgrApp/Success/UserPictures/Thumbs.db 2 | Feature-Updates/ConfigMgrApp/Success/Thumbs.db 3 | -------------------------------------------------------------------------------- /.vscode/launch.json: -------------------------------------------------------------------------------- 1 | { 2 | // Use IntelliSense to learn about possible attributes. 3 | // Hover to view descriptions of existing attributes. 4 | // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387 5 | "version": "0.2.0", 6 | "configurations": [ 7 | { 8 | "name": "PowerShell: Launch Current File", 9 | "type": "PowerShell", 10 | "request": "launch", 11 | "script": "${file}", 12 | "args": [] 13 | } 14 | ] 15 | } -------------------------------------------------------------------------------- /.vscode/settings.json: -------------------------------------------------------------------------------- 1 | { 2 | "tfvc.location": "C:\\Program Files (x86)\\Microsoft Visual Studio\\2019\\Community\\Common7\\IDE\\CommonExtensions\\Microsoft\\TeamFoundation\\Team Explorer\\TF.exe" 3 | } -------------------------------------------------------------------------------- /2Pint/Readme.md: -------------------------------------------------------------------------------- 1 | # We've Moved 2 | 3 | If you were looking for anything I've done with 2Pint, I've moved it to it's own Repo: 4 | 5 | 6 | -------------------------------------------------------------------------------- /Alexa/Send-AlexaAnnoucement.ps1: -------------------------------------------------------------------------------- 1 | # Configuration - Get these from your Alexa Developer Console 2 | $clientId = "amzn1.application-oa2-client." 3 | $clientSecret = "amzn1.oa2-cs.v1." 4 | $uri = "https://api.amazon.com/auth/o2/token" 5 | $proactiveUri = "https://api.amazonalexa.com/v1/proactiveEvents" 6 | 7 | # Get Access Token 8 | $body = @{ 9 | grant_type = "client_credentials" 10 | client_id = $clientId 11 | client_secret = $clientSecret 12 | scope = "alexa::proactive_events" 13 | } | ConvertTo-Json 14 | 15 | $response = Invoke-RestMethod -Uri $uri -Method Post -Body $body -ContentType "application/json" 16 | $accessToken = $response.access_token 17 | 18 | # Create Announcement 19 | $announcementPayload = @{ 20 | timestamp = (Get-Date -Format "o") 21 | referenceId = "unique-id-$(Get-Random)" 22 | expiryTime = (Get-Date).AddDays(1).ToString("o") 23 | event = @{ 24 | name = "AMAZON.MessageAlert.Activated" 25 | payload = @{ 26 | state = @{ 27 | status = "UNREAD" 28 | freshness = "NEW" 29 | } 30 | message = @{ 31 | creator = @{ 32 | name = "PowerShellApp" 33 | } 34 | content = "Hello from PowerShell!" 35 | } 36 | } 37 | } 38 | relevantAudience = @{ 39 | type = "Multicast" 40 | payload = @{} 41 | } 42 | } | ConvertTo-Json -Depth 5 43 | 44 | # Send Announcement 45 | $headers = @{ 46 | Authorization = "Bearer $accessToken" 47 | "Content-Type" = "application/json" 48 | } 49 | Invoke-RestMethod -Uri $proactiveUri -Method Post -Headers $headers -Body $announcementPayload -------------------------------------------------------------------------------- /AppCustomizations/Opera/GARYTOWN/installer_prefs.json: -------------------------------------------------------------------------------- 1 | {"all-installer-experiments":["installer-experiment-test@2","installer-bypass-launcher@1"],"autoupdate":false,"browser_edition":"","country":"US","enable_stats":false,"features-dna-requirements":{"818c3ef12d0b":{"forbidden":["5b3eb4a6c335a0659d16d1a189ca155e4441ea14"],"required":["64336fb81a04836eb8108d24fbca3aa3682db0a5"]}},"features-remote-flag":"01979299c8cd,03b8357e5a08,06fbbd0b7bf7,0f9cf8758bcc:disabled,1c4dddb65bac,1d24dceb937a,2114dc8bd72a:disabled,26f7e2d59ecf,278deecb29a1,3389f6c15eb9,3993848b2bd9,3fc0872a857b,40db6e644d2c:disabled,50796754ffc7,5448a57d6689:disabled,54a846ecd4f2,5a28d66c82cd,5aceda74693f,5ee708e89d7b:disabled,603cade21cf7,654296fe9d6c,6713f3df0bed,804beb213cf7,818c3ef12d0b,970fe421a344,9a48123ec9e3,b7751444d14a,b9677b166709:disabled,c25d6d8d2719,c57119eb4723,c73cad8a4668,c9a44eaecc11,cb479f6a3f5d,cbc43aa3cfb6,d144067b33ec,d4260daf5dd9,d57d30ff08ab,e2c9ffba8439,f3834d6657d8,f824dfec6894,f87041ae758a,fc82980101cd,fda8dc4bd759","import_browser_data":false,"installer-experiments":[],"installer_id":"b641b01f-e6bf-48a8-9057-7746868684d6","language":"en","last_installation_guid":"89fd0494-1365-433b-af3e-3afb75935011","locally-generated-uuid":"f398e175-dff0-4f18-a7c6-d2078a6c34d0","remote-features-guid":"35489574-abed-4e0b-b347-9e24191734a2","run-at-startup":false,"single_profile":true,"welcome-url":"https://garytown.com"} -------------------------------------------------------------------------------- /AppCustomizations/Opera/W365/installer_prefs.json: -------------------------------------------------------------------------------- 1 | {"all-installer-experiments":["installer-experiment-test@2","installer-bypass-launcher@1"],"autoupdate":false,"browser_edition":"","country":"US","enable_stats":false,"features-dna-requirements":{"818c3ef12d0b":{"forbidden":["5b3eb4a6c335a0659d16d1a189ca155e4441ea14"],"required":["64336fb81a04836eb8108d24fbca3aa3682db0a5"]}},"features-remote-flag":"01979299c8cd,03b8357e5a08,06fbbd0b7bf7,0f9cf8758bcc:disabled,1c4dddb65bac,1d24dceb937a,2114dc8bd72a:disabled,26f7e2d59ecf,278deecb29a1,3389f6c15eb9,3993848b2bd9,3fc0872a857b,40db6e644d2c:disabled,50796754ffc7,5448a57d6689:disabled,54a846ecd4f2,5a28d66c82cd,5aceda74693f,5ee708e89d7b:disabled,603cade21cf7,654296fe9d6c,6713f3df0bed,804beb213cf7,818c3ef12d0b,970fe421a344,9a48123ec9e3,b7751444d14a,b9677b166709:disabled,c25d6d8d2719,c57119eb4723,c73cad8a4668,c9a44eaecc11,cb479f6a3f5d,cbc43aa3cfb6,d144067b33ec,d4260daf5dd9,d57d30ff08ab,e2c9ffba8439,f3834d6657d8,f824dfec6894,f87041ae758a,fc82980101cd,fda8dc4bd759","import_browser_data":false,"installer-experiments":[],"installer_id":"b641b01f-e6bf-48a8-9057-7746868684d6","language":"en","last_installation_guid":"89fd0494-1365-433b-af3e-3afb75935011","locally-generated-uuid":"f398e175-dff0-4f18-a7c6-d2078a6c34d0","remote-features-guid":"35489574-abed-4e0b-b347-9e24191734a2","run-at-startup":false,"single_profile":true,"welcome-url":"https://windows365.microsoft.com"} -------------------------------------------------------------------------------- /Automation/WindowsDefender/readme.md: -------------------------------------------------------------------------------- 1 | # Automatically Update a CM Package with the latest Defender Defintions & Platform Updates 2 | 3 | Much credit goes to others, who are noted in the script, I took what they had and added Platform Updates and made it my dynamic by leveraging a Package in CM. 4 | Why? Because it's nice during OSD to apply these so Defender if updated ASAP, even before the software updates start getting applied. 5 | -------------------------------------------------------------------------------- /Azure/Automation/WinUpdates/M365SupportedVersionTableData.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Azure/Automation/WinUpdates/M365SupportedVersionTableData.json -------------------------------------------------------------------------------- /Azure/Automation/WinUpdates/M365VersionsHistoryTableData.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Azure/Automation/WinUpdates/M365VersionsHistoryTableData.json -------------------------------------------------------------------------------- /Azure/Automation/WinUpdates/MSWinDefenderDefsInfo.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Azure/Automation/WinUpdates/MSWinDefenderDefsInfo.json -------------------------------------------------------------------------------- /Azure/Automation/WinUpdates/OSLatestUpdateTable.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Azure/Automation/WinUpdates/OSLatestUpdateTable.json -------------------------------------------------------------------------------- /Azure/Automation/WinUpdates/OSUpdateHistoryTable.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Azure/Automation/WinUpdates/OSUpdateHistoryTable.json -------------------------------------------------------------------------------- /BlackLotusKB5025885/Backup/KB5025885-GARYTOWNCleanupPreviousVersions.ps1: -------------------------------------------------------------------------------- 1 | 2 | $RemediationRegPath = 'HKLM:\SOFTWARE\Remediations' 3 | 4 | if (Test-Path -Path $RemediationRegPath){ 5 | Remove-Item -Path $RemediationRegPath -Recurse -Force | Out-Null 6 | 7 | } -------------------------------------------------------------------------------- /BlackLotusKB5025885/BlackLotusFunctions.ps1: -------------------------------------------------------------------------------- 1 | $ScriptName = 'blacklotus.garytown.com' 2 | $ScriptVersion = '25.5.15.1' 3 | #Set-ExecutionPolicy Bypass -Force -ErrorAction SilentlyContinue 4 | 5 | Write-Host -ForegroundColor Green "You are running: $ScriptName $ScriptVersion" 6 | Write-host -ForegroundColor Cyan " Docs at: https://github.com/gwblok/garytown/tree/master/BlackLotusKB5025885" 7 | #endregion 8 | 9 | 10 | 11 | write-host -ForegroundColor DarkGray "=========================================================" 12 | write-host -ForegroundColor Cyan "Black Lotus Functions" 13 | 14 | Write-Host -ForegroundColor Green "[+] Function Test-BlackLotusKB5025885Compliance (-Details)" 15 | iex (irm https://raw.githubusercontent.com/gwblok/garytown/refs/heads/master/BlackLotusKB5025885/Test-BlackLotusKB5025885Compliance.ps1) 16 | 17 | Write-Host -ForegroundColor Green "[+] Function Invoke-BlackLotusKB5025885Compliance" 18 | iex (irm https://raw.githubusercontent.com/gwblok/garytown/refs/heads/master/BlackLotusKB5025885/Invoke-BlackLotusKB5025885Compliance.ps1) 19 | 20 | Write-Host -ForegroundColor Green "[+] Function Update-BootMgr2023" 21 | function Update-BootMgr2023 { 22 | iex (irm https://raw.githubusercontent.com/gwblok/garytown/refs/heads/master/BlackLotusKB5025885/Update-BootMgr2023.ps1) 23 | } -------------------------------------------------------------------------------- /BlackLotusKB5025885/ConfigMgr/Black Lotus Monitoring.cab: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/BlackLotusKB5025885/ConfigMgr/Black Lotus Monitoring.cab -------------------------------------------------------------------------------- /BlackLotusKB5025885/ConfigMgr/Black Lotus Remediation.cab: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/BlackLotusKB5025885/ConfigMgr/Black Lotus Remediation.cab -------------------------------------------------------------------------------- /BlackLotusKB5025885/ConfigMgr/KB5025885 - Media Creator.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/BlackLotusKB5025885/ConfigMgr/KB5025885 - Media Creator.zip -------------------------------------------------------------------------------- /BlackLotusKB5025885/ConfigMgr/KB5025885-Prereq-Discovery-SecureBoot.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | #CI Name: "CVE-2023-24932 - KB5025885 - Black Lotus PreReq Secure Boot" 3 | #Detection Method on CI = "Always assume application is installed" 4 | #> 5 | 6 | 7 | #Discovery Script: 8 | <# 9 | Gary Blok & Mike Terrill 10 | KB5025885 Detection Script 11 | PreReq Secure Boot 12 | Version: 25.05.10 13 | #> 14 | 15 | $Compliant = $false 16 | 17 | if (Confirm-SecureBootUEFI -ErrorAction SilentlyContinue) { 18 | $Compliant = $true 19 | } 20 | else { 21 | $Compliant = $false 22 | } 23 | $Compliant 24 | 25 | <# 26 | Compliance Rule 27 | "The value returned by the specified script: Equals" 28 | "the following values: True" 29 | #> -------------------------------------------------------------------------------- /BlackLotusKB5025885/ConfigMgr/KB5025885-Prereq-Discovery-UBR.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | #CI Name: "CVE-2023-24932 - KB5025885 - Black Lotus PreReq UBR" 3 | #Detection Method on CI = "Always assume application is installed" 4 | #> 5 | 6 | 7 | #Discovery Script: 8 | <# 9 | Gary Blok & Mike Terrill 10 | KB5025885 Detection Script 11 | PreReq UBR 12 | Version: 25.05.10 13 | #> 14 | 15 | $Compliant = $false 16 | 17 | #Test if Remediation is applicable 18 | $CurrentOSInfo = Get-Item -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion' 19 | $Build = $CurrentOSInfo.GetValue('CurrentBuild') 20 | [int]$UBR = $CurrentOSInfo.GetValue('UBR') 21 | 22 | #July 2024 UBRs 23 | $JulyPatch = @('19045.4651','22621.3880','22631.3880','26100.1150','26120.1') 24 | $MatchedPatch = $JulyPatch | Where-Object {$_ -match $Build} 25 | [int]$MatchedUBR = $MatchedPatch.split(".")[1] 26 | 27 | if ($UBR -ge $MatchedUBR){ 28 | $Compliant = $true 29 | } 30 | else { 31 | $Compliant = $false 32 | } 33 | $Compliant 34 | 35 | <# 36 | Compliance Rule 37 | "The value returned by the specified script: Equals" 38 | "the following values: True" 39 | #> -------------------------------------------------------------------------------- /BlackLotusKB5025885/ConfigMgr/KB5025885-Step2 - DiscoveryScript-Reboot.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | CI Name: Black Lotus Step 2 3 | Setting Name: Black Lotus Step 2 Reboot 4 | NOTE, this is 2 of 2 Settings for this CI 5 | #> 6 | <# 7 | Gary Blok & Mike Terrill 8 | KB5025885 Reboot Discovery 9 | Step 2 of 4 10 | Version: 25.05.12 11 | #> 12 | 13 | #Check to see if a reboot is required 14 | $taskName = "Secure-Boot-Update" 15 | $taskPath = "\Microsoft\Windows\PI\" 16 | try { 17 | $task = Get-ScheduledTask -TaskName $taskName -TaskPath $taskPath -ErrorAction Stop 18 | $taskInfo = $task | Get-ScheduledTaskInfo 19 | $lastRunResult = $taskInfo.LastTaskResult 20 | 21 | if ($null -ne $lastRunResult) { 22 | if ($lastRunResult -eq 2147942750) { 23 | #Write-Warning "Error 0x8007015E: No action was taken as a system reboot is required." 24 | $Reboot = "Non-compliant" 25 | } 26 | else { 27 | #Write-Warning "LastRunResult is empty. The task may not have run yet or data is unavailable." 28 | $Reboot = "Compliant" 29 | } 30 | } 31 | } 32 | catch { 33 | #Write-Warning "Failed to retrieve task information for $taskName at $taskPath : $_" 34 | #Assume Reboot is compliant 35 | $Reboot = "Compliant" 36 | } 37 | 38 | $Reboot -------------------------------------------------------------------------------- /BlackLotusKB5025885/ConfigMgr/media/ConfigMgrBaselineCompliance-02.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/BlackLotusKB5025885/ConfigMgr/media/ConfigMgrBaselineCompliance-02.png -------------------------------------------------------------------------------- /BlackLotusKB5025885/ConfigMgr/media/ConfigMgrBaselineCompliance-03.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/BlackLotusKB5025885/ConfigMgr/media/ConfigMgrBaselineCompliance-03.png -------------------------------------------------------------------------------- /BlackLotusKB5025885/ConfigMgr/media/ConfigMgrBaselineCompliance.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/BlackLotusKB5025885/ConfigMgr/media/ConfigMgrBaselineCompliance.png -------------------------------------------------------------------------------- /BlackLotusKB5025885/ConfigMgr/media/ConfigMgrNonCompliantCollectionCreation-01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/BlackLotusKB5025885/ConfigMgr/media/ConfigMgrNonCompliantCollectionCreation-01.png -------------------------------------------------------------------------------- /BlackLotusKB5025885/ConfigMgr/media/ConfigMgrNonCompliantCollectionCreation-02.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/BlackLotusKB5025885/ConfigMgr/media/ConfigMgrNonCompliantCollectionCreation-02.png -------------------------------------------------------------------------------- /BlackLotusKB5025885/Intune/readme.md: -------------------------------------------------------------------------------- 1 | # KB5025885 - Black Lotus for Intune 2 | 3 | ## Intune Remediation Script Setup 4 | 5 | ### Monitor Only - PreCheck-BlackLotusStatusMonitor Script 6 | I've created this for you to get a highlevel overview of your devices and their situation without making any changes. It will let you know if the device has any prereq issues (Secure Boot Disabled, or too old of OS), along with the current stage / step of the Remediation process it is currently on. 7 | 8 | ### Change Log 9 | - 25.5.15.12.38 - Updated Intune Scripts -------------------------------------------------------------------------------- /BlackLotusKB5025885/media/BL-InvokeStep3-01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/BlackLotusKB5025885/media/BL-InvokeStep3-01.png -------------------------------------------------------------------------------- /BlackLotusKB5025885/media/BL-InvokeStep3-02-PostInvoke-PreReboot.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/BlackLotusKB5025885/media/BL-InvokeStep3-02-PostInvoke-PreReboot.png -------------------------------------------------------------------------------- /BlackLotusKB5025885/media/BL-Test-01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/BlackLotusKB5025885/media/BL-Test-01.png -------------------------------------------------------------------------------- /BlackLotusKB5025885/media/BootMgrCatch22.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/BlackLotusKB5025885/media/BootMgrCatch22.jpg -------------------------------------------------------------------------------- /CM_LAB/CMPivot-Queries.ps1: -------------------------------------------------------------------------------- 1 | #Good List of Examples: 2 | # https://github.com/svschmit/CMPivot-Queries/blob/main/CMPivot%20Queries.md 3 | 4 | 5 | #Get Info about a computer with a specific event ID 6 | ComputerSystemProduct 7 | | join ( 8 | EventLog('System',1d) 9 | | where EventID == 6013 10 | | order by DateTime desc 11 | | take 1 12 | ) 13 | 14 | #Similar but different 15 | WinEvent('Microsoft-Windows-NlaSvc/Operational', 1d) | summarize countif( (ID == 4205) ) by Device | where (countif_ > 0) | join ComputerSystemProduct 16 | 17 | -------------------------------------------------------------------------------- /CM_LAB/Readme.md: -------------------------------------------------------------------------------- 1 | # ConfigMgr Personal Lab files 2 | 3 | These are scripts and files I use in my own personal lab, stored here for whenever I need, or for others to borrow 4 | 5 | ## Installers - Install before CM - Probably after SQL is installed 6 | 7 | .Net 4.8.1 8 | 9 | https://learn.microsoft.com/en-us/dotnet/framework/install/on-server-2022 10 | 11 | C++ (x86 + x64) to upgrade the ones that SQL or something else put there. 12 | 13 | https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist?view=msvc-170 14 | 15 | 16 | ## Links 17 | Because I always forget where I got things from, so now on my 4th or 5th time, I'm just documnenting it here. 18 | 19 | Guide: 20 | 21 | https://www.recastsoftware.com/resources/building-a-configmgr-lab-from-scratch/ 22 | 23 | Cert Setup (after using the guide above to setup DC & PKI): 24 | 25 | Watch Justin's YouTube Video https://www.youtube.com/watch?v=nChKKM9APAQ 26 | 27 | SQL SPN Kerberos Tool: Use this after you install SQL, before you install ConfigMgr 28 | 29 | https://www.microsoft.com/en-US/download/details.aspx?id=39046 30 | 31 | 32 | ## Things I often forget 33 | Add SYSTEM to SRC Share with full rights, otherwise issues with BootMedia (and other things) 34 | 35 | If anything goes wrong with modifing a WIM or adding Boot Media, etc... it's probably the source share permissions 36 | 37 | ## Post Setup 38 | Edit a couple .NET config files if you're not installing CM to C:\ 39 | 40 | https://www.prajwaldesai.com/fatal-msi-error-bgbisapi-msi-could-not-be-installed/ 41 | 42 | -------------------------------------------------------------------------------- /CM_PowerShell_Snips/Add-CMTrace2Path.ps1: -------------------------------------------------------------------------------- 1 | New-Item -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths" -Name 'cmtrace.exe' -ItemType Registry -ErrorAction SilentlyContinue 2 | Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\cmtrace.exe" -Name '(Default)' -Value "c:\windows\ccm\cmtrace.exe" -ErrorAction SilentlyContinue 3 | New-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\cmtrace.exe" -Name 'Path' -PropertyType string -Value "c:\windows\ccm" -ErrorAction SilentlyContinue 4 | -------------------------------------------------------------------------------- /CM_PowerShell_Snips/AppDetectionMethods.ps1: -------------------------------------------------------------------------------- 1 | <# CM Commandlets in this example: 2 | New-CMDetectionClauseFile 3 | Get-CMDeploymentType 4 | Set-CMScriptDeploymentType -AddDetectionClause 5 | Set-CMScriptDeploymentType -RemoveDetectionClause 6 | #> 7 | 8 | #Create a File Detection Type 9 | $CabName = "v629.cab" 10 | $DetectionFilePath = "$O365Cache\Office\Data" 11 | $DetectionTypeUpdate = New-CMDetectionClauseFile -FileName $CabName -Path $DetectionFilePath -Existence 12 | 13 | #Add New Detection Method to AppDT 14 | $OfficeContentAppName = "Microsoft Office 365 - Content" 15 | $OfficeContentAppDTName = "Office 365 ProPlus - Content" 16 | Get-CMDeploymentType -ApplicationName $OfficeContentAppName -DeploymentTypeName $OfficeContentAppDTName | Set-CMScriptDeploymentType -AddDetectionClause $DetectionTypeUpdate 17 | 18 | #Remove Detection Method from App (This was hard) 19 | #Requires you know the Logical Name of the App (Which the only way I could find was burried in XML) 20 | #Get App Info after updating, then Remove the old Detection (Removes anything that doesn't match the new detection) 21 | $CMDeploymentType = get-CMDeploymentType -ApplicationName $OfficeContentAppName -DeploymentTypeName $OfficeContentAppDTName 22 | [XML]$AppDTXML = $CMDeploymentType.SDMPackageXML 23 | [XML]$AppDTDXML = $AppDTXML.AppMgmtDigest.DeploymentType.Installer.DetectAction.args.Arg[1].'#text' 24 | $DetectionMethods = $AppDTDXML.EnhancedDetectionMethod.Settings.File 25 | $LogicalName = ($DetectionMethods | Where-Object {$_.Filter -ne $CabName}).LogicalName 26 | Get-CMDeploymentType -ApplicationName $OfficeContentAppName -DeploymentTypeName $OfficeContentAppDTName | Set-CMScriptDeploymentType -RemoveDetectionClause $LogicalName 27 | -------------------------------------------------------------------------------- /CM_PowerShell_Snips/AppReset_AllowAppInstallWOBeingDeployed.ps1: -------------------------------------------------------------------------------- 1 | <# Gary Blok @gwblok - Recast Software 2 | 3 | Reset All Applications CheckBox: “Allow this application to be installed from the Install Application task sequence action without being deployed” 4 | Unchecks the box, then Checks it again, then cleans up Application Revision History. 5 | 6 | I had apps that had it checked when imported, yet the TS would fail: Task sequence run from software center fails error 0x80041002 7 | execmgr log pointed to the applications I had associated with the TS. I ran this script and then all was well. 8 | 9 | #> 10 | $CMApps = Get-CMApplication -Fast 11 | 12 | Foreach ($CMApp in $CMApps) 13 | { 14 | Write-Host "Reset $($CMApp.LocalizedDisplayName)" -ForegroundColor Cyan 15 | Set-CMApplication -InputObject $CMApp -AutoInstall:$false 16 | Set-CMApplication -InputObject $CMApp -AutoInstall:$true 17 | $CMAppRevisions = Get-CMApplicationRevisionHistory -InputObject $CMApp | Where-Object {$_.IsLatest -ne “True”} 18 | Foreach ($CMAppRevision in $CMAppRevisions) { 19 | Write-Output “Removing Revision $($CMAppRevision.CIVersion)” 20 | Remove-CMApplicationRevisionHistory -InputObject $CMAppRevision -Force 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /CM_PowerShell_Snips/CMProgramFlagsDecoder.ps1: -------------------------------------------------------------------------------- 1 | <# Gary Blok w/ Help of Nathan Ziehnert 2 | 3 | ConfigMgr Package Program's ProgramFlag decoder ring 4 | https://learn.microsoft.com/en-us/mem/configmgr/develop/reference/core/servers/configure/sms_program-server-wmi-class 5 | 6 | 7 | #> 8 | 9 | #Update this line for your Package & Program 10 | $variable = (Get-CMProgram -PackageId 'MEM00027' -ProgramName "MPAM-FE").ProgramFlags 11 | 12 | [flags()]enum ProgramFlags { 13 | UNKNOWN = 0x00000000 14 | AUTHORIZED_DYNAMIC_INSTALL = 0x00000001 15 | USECUSTOMPROGRESSMSG = 0x00000002 16 | DEFAULT_PROGRAM = 0x00000010 17 | DISABLEMOMALERTONRUNNING = 0x00000020 18 | MOMALERTONFAIL = 0x00000040 19 | RUN_DEPENDANT_ALWAYS = 0x00000080 20 | WINDOWS_CE = 0x00000100 21 | NOT_USED = 0x00000200 22 | COUNTDOWN = 0x00000400 23 | FORCERERUN = 0x00000800 24 | DISABLED = 0x00001000 25 | UNATTENDED = 0x00002000 26 | USERCONTEXT = 0x00004000 27 | ADMINRIGHTS = 0x00008000 28 | EVERYUSER = 0x00010000 29 | NOUSERLOGGEDIN = 0x00020000 30 | OKTOQUIT = 0x00040000 31 | OKTOREBOOT = 0x00080000 32 | USEUNCPATH = 0x00100000 33 | PERSISTCONNECTION = 0x00200000 34 | RUNMINIMIZED = 0x00400000 35 | RUNMAXIMIZED = 0x00800000 36 | HIDEWINDOW = 0x01000000 37 | OKTOLOGOFF = 0x02000000 38 | RUNACCOUNT = 0x04000000 39 | ANY_PLATFORM = 0x08000000 40 | STILL_RUNNING = 0x10000000 41 | SUPPORT_UNINSTALL = 0x20000000 42 | UNSUPPORTED = 0x40000000 43 | SHOW_IN_ARP = 0x80000000 44 | } 45 | 46 | [ProgramFlags]$variable = $variable 47 | foreach ($Flag in [ProgramFlags].GetEnumValues()){ 48 | Write-Host -ForegroundColor Cyan "$Flag : " -NoNewline 49 | 50 | if($Flag -eq [ProgramFlags]::UNKNOWN -and $variable -ne 0) { # Handle the UNKNOWN Case 51 | Write-Host -ForegroundColor Green "False" 52 | } else { 53 | Write-Host -ForegroundColor Green $variable.HasFlag($Flag) 54 | } 55 | } 56 | -------------------------------------------------------------------------------- /CM_PowerShell_Snips/Collections/ExportCollections.ps1: -------------------------------------------------------------------------------- 1 | # Set the current location to be the site code. 2 | Set-Location "$($SiteCode):\" @initParams 3 | 4 | $CollectionExportPath = "\\src\src\CollectionExports" 5 | $LimitingCollectionFilePath = "$CollectionExportPath\LimitingCollections" 6 | Write-Host "Getting Collections .... This can take awhile..." -ForegroundColor Green 7 | $Collections = Get-CMCollection 8 | $LimitingCols = $Collections.LimitToCollectionID | Select-Object -Unique 9 | 10 | Set-Location -Path $env:SystemDrive 11 | Write-Host "Starting to Backup Collections" -ForegroundColor Green 12 | 13 | New-Item -Path $LimitingCollectionFilePath -ItemType Directory -Force | Out-Null 14 | foreach ($LimitingCol in $LimitingCols | Where-Object {$_ -ne ""}){ 15 | Set-Location "$($SiteCode):\" 16 | $WorkingLimitingCol = Get-CMCollection -Id $LimitingCol 17 | if ($WorkingLimitingCol){ 18 | $WorkingLimitingColName = ($WorkingLimitingCol.Name).replace("`'","").replace("`/","") 19 | Write-Host "Limiting Collection: $WorkingLimitingColName" -ForegroundColor Magenta 20 | Export-CMCollection -InputObject $WorkingLimitingCol -ExportFilePath "$LimitingCollectionFilePath\$WorkingLimitingColName).mof" -Force 21 | Set-Location -Path $env:SystemDrive 22 | New-Item -Path "$CollectionExportPath\$WorkingLimitingColName" -ItemType Directory -Force | Out-Null 23 | $LimitedCols = $Collections | Where-Object {$_.LimitToCollectionName -eq $($WorkingLimitingCol.Name)} 24 | Set-Location "$($SiteCode):\" 25 | foreach ($LimitedCol in $LimitedCols){ 26 | $WorkingLimitedCol = Get-CMCollection -Id $LimitedCol.CollectionID 27 | $WorkingLimitedColName = ($WorkingLimitedCol.Name).replace("`'","").replace("`/","") 28 | Write-Host " SubCollection: $WorkingLimitedColName" -ForegroundColor Cyan 29 | Export-CMCollection -InputObject $WorkingLimitedCol -ExportFilePath "$CollectionExportPath\$WorkingLimitingColName\$WorkingLimitedColName.mof" -Force 30 | } 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /CM_PowerShell_Snips/Create-ScheduledTask-TriggerPSScript.ps1: -------------------------------------------------------------------------------- 1 | #Gary Blok | @gwblok | GARYTOWN.COM 2 | #region Create Scheduled Task 3 | [String]$TaskName = "Run PowerShell Script from GitHub Daily & on Event" 4 | 5 | $PSCommand = 'iex (irm https://raw.githubusercontent.com/gwblok/garytown/master/hardware/HP/Docks/Set-HPDockHistory_WMI.ps1)' 6 | 7 | 8 | #Create Scheduled task: 9 | #Action to Trigger: 10 | $action = New-ScheduledTaskAction -Execute "powershell.exe" -Argument "-NoProfile -WindowStyle Hidden -ep bypass -command `"$PSCommand`"" 11 | 12 | #Trigger on Event: 13 | $CIMTriggerClass = Get-CimClass -ClassName MSFT_TaskEventTrigger -Namespace Root/Microsoft/Windows/TaskScheduler:MSFT_TaskEventTrigger 14 | $Trigger = New-CimInstance -CimClass $CIMTriggerClass -ClientOnly 15 | $Trigger.Subscription = @" 16 | 17 | "@ 18 | $Trigger.Delay = 'PT1M' 19 | $Trigger.Enabled = $True 20 | 21 | #Trigger daily as well 22 | $Trigger2 = New-ScheduledTaskTrigger -Daily -At '1:15 PM' -RandomDelay "02:00" -DaysInterval 1 23 | 24 | #Combine Triggers 25 | $triggers = @() 26 | $triggers += $Trigger 27 | $triggers += $Trigger2 28 | 29 | #Run as System 30 | $Prin = New-ScheduledTaskPrincipal -UserId "SYSTEM" -RunLevel Highest 31 | 32 | #Stop Task if runs more than 60 minutes 33 | $Timeout = (New-TimeSpan -Minutes 60) 34 | 35 | #Other Settings on the Task: 36 | $settings = New-ScheduledTaskSettingsSet -RunOnlyIfNetworkAvailable -StartWhenAvailable -DontStopIfGoingOnBatteries -ExecutionTimeLimit $Timeout 37 | 38 | #Create the Task 39 | $task = New-ScheduledTask -Action $action -principal $Prin -Trigger $triggers -Settings $settings 40 | 41 | #Register Task with Windows 42 | Register-ScheduledTask -TaskName $TaskName -InputObject $task -Force -ErrorAction SilentlyContinue 43 | 44 | #endregion 45 | -------------------------------------------------------------------------------- /CM_PowerShell_Snips/Disable_NetBIOS.ps1: -------------------------------------------------------------------------------- 1 | #Used in Task Sequence 2 | $Adapters=(Get-WmiObject -ClassName win32_networkadapterconfiguration ) 3 | Write-Output "____________________________________________________________" 4 | Write-Output "Disabling NetBIOS on Adapters:" 5 | Write-Output "" 6 | Foreach ($adapter in $adapters){ 7 | Write-Output "Service: $($adapter.ServiceName) | Description: $($adapter.Description)" 8 | [VOID]$adapter.settcpipnetbios(2)} 9 | Write-Output "" 10 | Write-Output "Completed disabling NetBIOS" 11 | Write-Output "____________________________________________________________" 12 | -------------------------------------------------------------------------------- /CM_PowerShell_Snips/Function-CMTracelog.ps1: -------------------------------------------------------------------------------- 1 | <# From: https://www.ephingadmin.com/powershell-cmtrace-log-function/ 2 | $LogFilePath = "$env:TEMP\Logs" 3 | $LogFile = "$LogFilePath\SetComputerName.log" 4 | CMTraceLog -Message "Running Script: $ScriptName | Version: $ScriptVersion" -Type 1 -LogFile $LogFile 5 | 6 | #> 7 | function CMTraceLog { 8 | [CmdletBinding()] 9 | Param ( 10 | [Parameter(Mandatory=$false)] 11 | $Message, 12 | [Parameter(Mandatory=$false)] 13 | $ErrorMessage, 14 | [Parameter(Mandatory=$false)] 15 | $Component = "Script", 16 | [Parameter(Mandatory=$false)] 17 | [int]$Type, 18 | [Parameter(Mandatory=$true)] 19 | $LogFile = "$env:ProgramData\Logs\IForgotToName.log" 20 | ) 21 | <# 22 | Type: 1 = Normal, 2 = Warning (yellow), 3 = Error (red) 23 | #> 24 | $Time = Get-Date -Format "HH:mm:ss.ffffff" 25 | $Date = Get-Date -Format "MM-dd-yyyy" 26 | if ($ErrorMessage -ne $null) {$Type = 3} 27 | if ($Component -eq $null) {$Component = " "} 28 | if ($Type -eq $null) {$Type = 1} 29 | $LogMessage = "" 30 | $LogMessage.Replace("`0","") | Out-File -Append -Encoding UTF8 -FilePath $LogFile 31 | } 32 | -------------------------------------------------------------------------------- /CM_PowerShell_Snips/Get-CCMCacheApps.ps1: -------------------------------------------------------------------------------- 1 | Function Get-CCMCacheApps { 2 | $CMObject = New-Object -ComObject 'UIResource.UIResourceMgr' 3 | $CMCacheObjects = $CMObject.GetCacheInfo() 4 | $CIModel = Get-CimInstance -Namespace root/ccm/CIModels -ClassName CCM_AppDeliveryTypeSynclet 5 | $CCMCacheApps = $CMCacheObjects.GetCacheElements() | Where-Object {$_.ContentId -match "Content"} 6 | $AppDatabase = @() 7 | foreach ($App in $CCMCacheApps) 8 | { 9 | $Info = $CIModel | Where-Object {$_.InstallAction.Content.ContentId -eq $App.ContentId} 10 | $ContentID = $app.ContentId 11 | $Location = $app.Location 12 | $ContentVersion = $app.ContentVersion 13 | $ContentSize = $app.ContentSize 14 | $LastReferenceTime = $app.LastReferenceTime 15 | $AppDeliveryTypeId = $info.AppDeliveryTypeId 16 | $AppDTName = $info.AppDeliveryTypeName 17 | $AppDatabaseObject = New-Object PSObject -Property @{ 18 | ContentId = $ContentID 19 | Location = $Location 20 | ContentVersion = $ContentVersion 21 | ContentSize = $ContentSize 22 | LastReferenceTime = $LastReferenceTime 23 | AppDeliveryTypeId = $AppDeliveryTypeId 24 | AppDeliveryTypeName = $AppDTName 25 | } 26 | $AppDatabase += $AppDatabaseObject 27 | } 28 | return $AppDatabase 29 | } 30 | -------------------------------------------------------------------------------- /CM_PowerShell_Snips/Get-CMUpdatePackage-ForSpecificKB.ps1: -------------------------------------------------------------------------------- 1 | #@gwblok - 2020.12.05 2 | #Run on CM Provider Server, or add -computername and your CM Provider 3 | #Put in a KB and get the Upgrade Deployment Package 4 | #Only tested in my lab on a couple KBs 5 | #Might need to tweak to work, honestly don't know. 6 | 7 | $SiteCode = "PS2" 8 | $KB = "KB4586863" 9 | $UPD = Get-CimInstance -Namespace root/SMS/site_$($SiteCode) -ClassName SMS_SoftwareUpdate 10 | $PKG = Get-CimInstance -Namespace root/SMS/site_$($SiteCode) -ClassName SMS_SoftwareUpdatesPackage 11 | $PKGC = Get-CimInstance -Namespace root/SMS/site_$($SiteCode) -ClassName SMS_PackageToContent 12 | $Update = $UPD | Where-Object {$_.LocalizedDisplayName -match $KB} 13 | $UpdateInPackageID = (($PKGC | Where-Object {$_.ContentID -in $update.CI_ID}) | Select-Object -Property "PackageID" -Unique).PackageID 14 | $UpdateInPackage = $PKG | Where-Object {$_.PackageID -eq $UpdateInPackageID} 15 | Write-Output "Searched for $KB" 16 | Write-Output " Found in Software Update Package: $($UpdateInPackage.Name)" 17 | Write-Output " $($UpdateInPackage.PkgSourcePath)" 18 | -------------------------------------------------------------------------------- /CM_PowerShell_Snips/Get-FirstFreeDriveLetter.ps1: -------------------------------------------------------------------------------- 1 | function Get-FirstFreeDriveLetter { 2 | $driveLetters = [System.IO.DriveInfo]::GetDrives() | Where-Object { $_.DriveType -eq 'Fixed' } | Select-Object -ExpandProperty Name 3 | $alphabet = [char[]]([char]'S'..[char]'Z') 4 | $freeLetters = $alphabet | Where-Object { $driveLetters -notcontains "$($_):\" } 5 | if ($freeLetters) { 6 | return $freeLetters[0] 7 | } 8 | else { 9 | return $null 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /CM_PowerShell_Snips/Get-MSKBData.ps1: -------------------------------------------------------------------------------- 1 | #@gwblok @theznerd @recastsoftware 2 | #Grabs Info from MS Website and makes into PSOBject 3 | 4 | Function Get-MSKBData { 5 | $KB = Invoke-WebRequest -Uri https://support.microsoft.com/en-us/help/5008339 6 | $KBs = $KB.Links.innerText | Where-Object {$_ -match "KB\d{7,}"} 7 | 8 | $KBData = @() 9 | 10 | ForEach ($KBInfo in $KBs) 11 | { 12 | if($KBData.KBNumber -notcontains [regex]::Match($KBInfo, "KB\d{7,}").Value) 13 | { 14 | $KBData += [PSCustomObject]@{ 15 | Date = [datetime]::Parse([regex]::Match($KBInfo, "^.*?(?=[—|-])").Value) # matches everything from the start of the string to the first -, assuming the format stays the same) 16 | KBNumber = [regex]::Match($KBInfo, "KB\d{7,}").Value # matches KB + 7+ digits (assuming that the KB is always at least 7 digits) 17 | Build = [regex]::Matches($KBInfo, "\d{5,5}\.\d{1,}").Value # matches 5 digits "." 1+ digits (assuming that the build is always XXXXX.Y..Y) 18 | } 19 | } 20 | } 21 | return $KBData 22 | } 23 | 24 | $KBs = Get-MSKBData 25 | -------------------------------------------------------------------------------- /CM_PowerShell_Snips/Get-TaskSequenceInfo.ps1: -------------------------------------------------------------------------------- 1 | Function Get-TaskSequenceInfo { 2 | $TSInfo = Get-CimInstance -Namespace root/ccm/Policy/Machine/ActualConfig -ClassName CCM_TaskSequence -Filter "PRG_DependentPolicy='False'" 3 | if ($TSInfo -ne $null) 4 | { 5 | write-host "Available Task Sequences:" -ForegroundColor Gray 6 | foreach ($TS in $TSInfo) 7 | { 8 | write-host " $($TS.PKG_Name) | PackageID: $($TS.PKG_PackageID) | DeployID: $($TS.ADV_AdvertisementID)" -ForegroundColor cyan 9 | $Collection = $DeploymentTable | Where-Object {$_.DID -eq $($TS.ADV_AdvertisementID)} 10 | if ($Collection){Write-Host " Deployment Collection: $($Collection.DIDName)" -ForegroundColor Magenta} 11 | $ExHistory = Get-TSExecutionHistory -TSPackageID $TS.PKG_PackageID 12 | if ($ExHistory -eq "Success"){write-host " Execution History: $ExHistory" -ForegroundColor Green} 13 | elseif ($ExHistory -eq "Failure"){write-host " Execution History: $ExHistory" -ForegroundColor Red} 14 | else {write-host " Execution History: $ExHistory" -ForegroundColor yellow} 15 | } 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /CM_PowerShell_Snips/Get-UpdatePackage-ForKB.ps1: -------------------------------------------------------------------------------- 1 | #@gwblok - 2020.12.05 2 | #Run on CM Provider Server, or add -computername and your CM Provider 3 | #Put in a KB and get the Upgrade Deployment Package 4 | #Only tested in my lab on a couple KBs 5 | #Might need to tweak to work, honestly don't know. 6 | 7 | $SiteCode = "PS2" 8 | $KB = "KB4586863" 9 | $UPD = Get-CimInstance -Namespace root/SMS/site_$($SiteCode) -ClassName SMS_SoftwareUpdate 10 | $PKG = Get-CimInstance -Namespace root/SMS/site_$($SiteCode) -ClassName SMS_SoftwareUpdatesPackage 11 | $PKGC = Get-CimInstance -Namespace root/SMS/site_$($SiteCode) -ClassName SMS_PackageToContent 12 | $Update = $UPD | Where-Object {$_.LocalizedDisplayName -match $KB} 13 | $UpdateInPackageID = (($PKGC | Where-Object {$_.ContentID -in $update.CI_ID}) | Select-Object -Property "PackageID" -Unique).PackageID 14 | $UpdateInPackage = $PKG | Where-Object {$_.PackageID -eq $UpdateInPackageID} 15 | Write-Output "Searched for $KB" 16 | Write-Output " Found in Software Update Package: $($UpdateInPackage.Name)" 17 | Write-Output " $($UpdateInPackage.PkgSourcePath)" 18 | -------------------------------------------------------------------------------- /CM_PowerShell_Snips/New-AppShortcut.ps1: -------------------------------------------------------------------------------- 1 | Function New-AppShortcut { 2 | <# Gary Blok | @gwblok | GARYTOWN.COM | 2023.06.02 3 | Creates a shortcut for the exe you provide 4 | 5 | 6 | ex: New-AppShortcut -SourceExePath "C:\Windows\ccm\ClientUX\SCClient.exe" -ShortCutName "Software Center" -Desktop 7 | That will create a shortcut for C:\Windows\ccm\ClientUX\SCClient.exe named Software Center and place it on the Desktop 8 | 9 | 10 | ex: New-AppShortcut -SourceExePath "C:\Windows\system32\wmiexplorer.exe" -ShortCutName "WMIExplorer" 11 | That will create a shortcut for C:\Windows\system32\wmiexplorer.exe named WMIExplorer and place it in the Start Menu 12 | 13 | #> 14 | [CmdletBinding()] 15 | param( 16 | [Parameter(Position=0,mandatory=$true)] 17 | [string]$SourceExePath, 18 | [Parameter(Position=1,mandatory=$true)] 19 | [string]$ShortCutName = "AppName", 20 | [string]$ArgumentsToSourceExe, 21 | [switch]$Desktop 22 | ) 23 | 24 | #Build ShortCut Information 25 | if ($Desktop){ 26 | $ShortCutFolderPath = "$env:Public\Desktop" 27 | } 28 | else { 29 | $ShortCutFolderPath = "$env:ProgramData\Microsoft\Windows\Start Menu\Programs" 30 | } 31 | $DestinationPath = "$ShortCutFolderPath\$($ShortCutName).lnk" 32 | Write-Output "Shortcut Creation Path: $DestinationPath" 33 | 34 | if ($ArgumentsToSourceExe){ 35 | Write-Output "Shortcut = $SourceExePath -$($ArgumentsToSourceExe)" 36 | } 37 | Else { 38 | Write-Output "Shortcut = $SourceExePath" 39 | } 40 | 41 | 42 | #Create Shortcut 43 | $WshShell = New-Object -comObject WScript.Shell 44 | $Shortcut = $WshShell.CreateShortcut($DestinationPath) 45 | $Shortcut.IconLocation = "$SourceExePath, 0" #uses the first icon it finds in the EXE itself 46 | $Shortcut.TargetPath = $SourceExePath 47 | if ($ArgumentsToSourceExe){$Shortcut.Arguments = $ArgumentsToSourceExe} 48 | $Shortcut.Save() 49 | 50 | Write-Output "Shortcut Created" 51 | } 52 | -------------------------------------------------------------------------------- /CM_PowerShell_Snips/Readme.md: -------------------------------------------------------------------------------- 1 | This is setup to capture random CM Code I use, helpful for examples 2 | 3 | The plan will be to add many of these as examples on the MemCM Docs Site. 4 | https://docs.microsoft.com/en-us/mem/configmgr/core/understand/use-docs#bkmk_contribute 5 | -------------------------------------------------------------------------------- /CM_PowerShell_Snips/ScheduledTaskCreation.ps1: -------------------------------------------------------------------------------- 1 | $action = New-ScheduledTaskAction -Execute "cmd.exe" -Argument "/C" 2 | $trigger = New-ScheduledTaskTrigger -Daily -At 1AM 3 | $principal = New-ScheduledTaskPrincipal -UserId "SYSTEM" -LogonType ServiceAccount 4 | $settings = New-ScheduledTaskSettingsSet -Hidden -WakeToRun 5 | $task = New-ScheduledTask -Action $action -Principal $principal -Trigger $trigger -Settings $settings 6 | Register-ScheduledTask "Wake Device" -InputObject $task 7 | -------------------------------------------------------------------------------- /CM_PowerShell_Snips/Sync_CMCollection2ADGroup.ps1: -------------------------------------------------------------------------------- 1 | <# @GWBLOK 2 | 3 | Using Script to Sync CM Collection of Machines to an AD Group. 4 | Why? I'm using the AD Group to target specific group polices. 5 | 6 | Set the Collecton you want to get devices from, and the AD Group you want to place them in. 7 | 8 | 9 | Not tested in Scale 10 | #> 11 | 12 | $CollectionID = "MEM000A9" #Physical Machines 13 | $ADGroup = "Physical_WorkStations" 14 | 15 | # Site configuration 16 | $SiteCode = "MEM" # Site code 17 | $ProviderMachineName = "MEMCM.dev.recastsoftware.dev" # SMS Provider machine name 18 | 19 | if((Get-Module ConfigurationManager) -eq $null) { 20 | Import-Module "$($ENV:SMS_ADMIN_UI_PATH)\..\ConfigurationManager.psd1" 21 | } 22 | # Connect to the site's drive if it is not already present 23 | if((Get-PSDrive -Name $SiteCode -PSProvider CMSite -ErrorAction SilentlyContinue) -eq $null) { 24 | New-PSDrive -Name $SiteCode -PSProvider CMSite -Root $ProviderMachineName 25 | } 26 | # Set the current location to be the site code. 27 | Set-Location "$($SiteCode):\" 28 | 29 | # Script really starts here... 30 | 31 | $ADComputerObject = @() 32 | 33 | #Add Devices from CM Collection to AD Group 34 | $CMDevices = Get-CMDevice -Fast -CollectionId $CollectionID 35 | ForEach ($CMDevice in $CMDevices){ 36 | $ADComputerObject += Get-ADComputer -Identity $CMDevice.name 37 | } 38 | Add-ADGroupMember -Identity $ADGroup -Members $ADComputerObject 39 | 40 | 41 | #Remove any Devices in AD Group that aren't in CM Collection 42 | $ADGroupMembers = Get-ADGroupMember -Identity $ADGroup 43 | foreach ($ADGroupMember in $ADGroupMembers) 44 | { 45 | if ($ADGroupMember.name -notin $ADComputerObject.name) 46 | { 47 | Remove-ADGroupMember -Identity $ADGroup -Members $ADGroupMember -Confirm:$false 48 | } 49 | } 50 | -------------------------------------------------------------------------------- /CM_PowerShell_Snips/SystemVolumeBinFiles.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | #Seems to be broken on Windows 11 22H2 - Need more testers to confirm. 3 | - Works fine if you don't use ISE :-) 4 | 5 | #Should return a list of BIN files on your System Volume 6 | #> 7 | $Volume = Get-Volume | Where-Object {$_.FileSystemType -eq "FAT32" -and $_.DriveType -eq "Fixed"} 8 | $SystemDisk = Get-Disk | Where-Object {$_.IsSystem -eq $true} 9 | $SystemPartition = Get-Partition -DiskNumber $SystemDisk.DiskNumber | Where-Object {$_.IsSystem -eq $true} 10 | $SystemVolume = $Volume | Where-Object {$_.UniqueId -match $SystemPartition.Guid} 11 | $BinFiles = Get-ChildItem -LiteralPath $SystemVolume.path -Recurse | Where-Object {$_.name -match "bin"} 12 | $BinFiles 13 | #$BinFiles | Remove-Item 14 | 15 | $FontFolder = Get-ChildItem -LiteralPath $SystemVolume.path -Recurse | Where-Object {$_.name -match "Font"} 16 | $FontFolder | Get-ChildItem 17 | #$FontFolder | Get-ChildItem | Remove-Item -Force 18 | -------------------------------------------------------------------------------- /CM_PowerShell_Snips/Test-MeteredConnection.ps1: -------------------------------------------------------------------------------- 1 | function Test-MeteredConnection { 2 | #Note, has issues if you have HyperV installed with any other adapters besides the Default 3 | $MeteredConnectionStatus = $null 4 | [void][Windows.Networking.Connectivity.NetworkInformation, Windows, ContentType = WindowsRuntime] 5 | $cost = [Windows.Networking.Connectivity.NetworkInformation]::GetInternetConnectionProfile().GetConnectionCost() 6 | $MeteredConnectionStatus = $cost.ApproachingDataLimit -or $cost.OverDataLimit -or $cost.Roaming -or $cost.BackgroundDataUsageRestricted -or ($cost.NetworkCostType -ne "Unrestricted") 7 | if (!($MeteredConnectionStatus)){$MeteredConnectionStatus = $false} 8 | return $MeteredConnectionStatus 9 | } 10 | -------------------------------------------------------------------------------- /CM_PowerShell_Snips/USMT_Extract.ps1: -------------------------------------------------------------------------------- 1 | < 2 | @gwblok @recastsoftware 3 | #Requires the following files from the USMT Package in the amd64 folder 4 | 5 | migcore.dll 6 | migstore.dll 7 | unbcl.dll 8 | usmtutils.exe 9 | 10 | Assumption is that you put those files on the machine you're using to extract the .MIG file in the folder c:\USMT\x64 11 | 12 | More info: http://docs.recastsoftware.com/BlogDocs/TaskSequence/SCCM_TaskSequence_Step_UserState_ComboStep.html 13 | #> 14 | 15 | 16 | #This key is captured in the CM Console in the \Assets and Compliance\Overview\User State Migration -> User State Recovery Information 17 | $Key = "k9jKO5dD8yz7giskT1sKXmrLwGvD+vxTC6VpKDDKRi+deB1Kcox+gqX7xcGaSXJH6KEYJuxiVnxYPwtKH/y2OxwVOGCT8TkTkGJj8+06+j6cIrKhvX/GptrMmdGLywrr+ycUWJG6vgHtFQthEKkYw5QgkykiepI1B9IG61lZyq6rHYHVOq2ilEiDxXm4rSyxcc6sBoRvfoe6Nfxhx0iPWemK4Vd/jHJH4OpkOtAd5KjsIvEIFuyjUmIxp9TBRen2" 18 | 19 | #Copy the MIG File from the server location to a temp location, or set the location of the $DataFile to the file location on the Server 20 | #$DataFile = "C:\USMT\USMT.MIG" 21 | $DataFile = "\\CM.corp.viamonstra.com\SMPSTOREE_CE6C69CE$\7B7083AB42DE63FE3D17BD04F45520BCB534F521AE79F3C2262B4DDAD8625988\USMT\USMT.MIG" 22 | 23 | #Temporary Place to extract the files so you can grab them 24 | $ExtractPath = "$env:TEMP\USMTExtract" 25 | if (Test-Path $ExtractPath) 26 | { 27 | Remove-Item -Path $ExtractPath -Recurse -Force 28 | $NewFolder = New-Item -Path $ExtractPath -ItemType Directory -Force 29 | } 30 | else{$NewFolder = New-Item -Path $ExtractPath -ItemType Directory -Force} 31 | $logFile = "$ExtractPath\usmtutil.log" 32 | 33 | Start-Process -FilePath $NewFolder 34 | 35 | 36 | #The Path of the usmtutils.exe file 37 | $USMTUtil = "C:\USMT\x64\usmtutils.exe" 38 | 39 | #Trigger the Extract Process 40 | Start-Process -FilePath $USMTUtil -ArgumentList "/extract $DataFile $ExtractPath /c /l:$($logFile) /decrypt /key:$($Key)" 41 | -------------------------------------------------------------------------------- /CM_PowerShell_Snips/Update-CMDistributionPoint.ps1: -------------------------------------------------------------------------------- 1 | #Update Application's Deployment Type Content 2 | $OfficeContentAppName = "Microsoft Office 365 - Content" 3 | $OfficeContentAppDTName = "Office 365 ProPlus - Content" 4 | Update-CMDistributionPoint -ApplicationName $OfficeContentAppName -DeploymentTypeName $OfficeContentAppDTName 5 | -------------------------------------------------------------------------------- /CM_PowerShell_Snips/WindowsFunctions.ps1: -------------------------------------------------------------------------------- 1 | function Get-WindowsRelease { 2 | $CurrentOSInfo = Get-Item -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion' 3 | $WindowsRelease = $CurrentOSInfo.GetValue('ReleaseId') 4 | if ($WindowsRelease -eq "2009"){$WindowsRelease = $CurrentOSInfo.GetValue('DisplayVersion')} 5 | 6 | return $WindowsRelease 7 | } 8 | 9 | function Get-WindowsUBR { 10 | $CurrentOSInfo = Get-Item -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion' 11 | $BuildUBR_CurrentOS = $($CurrentOSInfo.GetValue('CurrentBuild'))+"."+$($CurrentOSInfo.GetValue('UBR')) 12 | 13 | return $BuildUBR_CurrentOS 14 | } 15 | 16 | function Get-WindowsBuild { 17 | $CurrentOSInfo = Get-Item -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion' 18 | return $($CurrentOSInfo.GetValue('CurrentBuild')) 19 | } 20 | -------------------------------------------------------------------------------- /ConfigMgr/Baselines/Active Cache Management.cab: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/ConfigMgr/Baselines/Active Cache Management.cab -------------------------------------------------------------------------------- /ConfigMgr/Baselines/ActiveCacheManagement-CCMCacheDuplicates-Detect.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | Gary Blok | @gwblok | RecastSoftware.com 3 | 4 | .SYNOPSIS 5 | Checks for Duplicate Package IDs in CCMCache, if found, sets Non-compliant 6 | 7 | #> 8 | 9 | $CMObject = New-Object -ComObject 'UIResource.UIResourceMgr' 10 | $CMCacheObjects = $CMObject.GetCacheInfo() 11 | 12 | #Get count of packages with more than one instance 13 | $DuplicatePackageCount = ($CMCacheObjects.GetCacheElements() | Group-Object -Property ContentID | ? {$_.count -gt 1}).Count 14 | 15 | if ($DuplicatePackageCount -ge 1) { 16 | Write-Host "Non-compliant" 17 | } 18 | else { 19 | Write-Host "Compliant" 20 | } 21 | -------------------------------------------------------------------------------- /ConfigMgr/Baselines/CVE-2023-24932/KB5025885 - Remediation.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/ConfigMgr/Baselines/CVE-2023-24932/KB5025885 - Remediation.zip -------------------------------------------------------------------------------- /ConfigMgr/Baselines/CVE-2023-24932/TestApril2024UBR.ps1: -------------------------------------------------------------------------------- 1 | $CurrentOSInfo = Get-Item -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion' 2 | $Build = $CurrentOSInfo.GetValue('CurrentBuild') 3 | [int]$UBR = $CurrentOSInfo.GetValue('UBR') 4 | 5 | #April 2024 UBRs 6 | 7 | $AprilPatch = @('19044.4291','19045.4291','22631.3447','22621.3447','22000.2899') 8 | $MatchedPatch = $AprilPatch | Where-Object {$_ -match $Build} 9 | [int]$MatchedUBR = $MatchedPatch.split(".")[1] 10 | 11 | if ($UBR -ge $MatchedUBR){ 12 | $OSSupported = $true 13 | 14 | } 15 | else { 16 | $OSSupported = $false 17 | } 18 | 19 | $OSSupported 20 | -------------------------------------------------------------------------------- /ConfigMgr/Baselines/CVE-2023-24932/readme.md: -------------------------------------------------------------------------------- 1 | # KB5025885: Dealing with CVE-2023-24932 via Proactive Remediation & Configuration Items 2 | 3 | For more info:
4 | https://garytown.com/kb5025885-dealing-cve-2023-24932-with-proactive-remediation-configuration-items 5 | 6 | 7 | ## Intune Proactive Remediation 8 | 9 | Bugs have been reported, I'm trying to test now, I've uploaded a v2 version with some edits, see scripts for more details.
10 | If anyone knows a good way to manually trigger PRs on endpoints to make testing easier, please let me know! 11 | -------------------------------------------------------------------------------- /ConfigMgr/Baselines/QuickAccess_AddCustomFolders.ps1: -------------------------------------------------------------------------------- 1 | <# Gary Blok @gwblok Recast SOftware 2 | Add Folders Specific Quick Access Folders 3 | 4 | !!!This MUST be run in user context!!! - Set the CI to: Run scripts by using the logged on user credentials 5 | (CI Settings -> Edit -> General Tab) 6 | 7 | Place the folders you want into the $Folders variable. 8 | I've set folders that I use all the time in my lab, like my CM Source location as example & CM Logs 9 | 10 | Change the Variable for Dicovery or Remediation 11 | Discovery = $Remediate = $false 12 | Remediation = $Remediate = $True 13 | 14 | #> 15 | 16 | 17 | $Compliant = $true 18 | $Remediate = $true 19 | 20 | $Namespace = "shell:::{679f85cb-0220-4080-b29b-5540cc05aab6}" 21 | $QuickAccess = New-Object -ComObject shell.application 22 | $RecentFiles = $QuickAccess.Namespace($Namespace).Items() 23 | 24 | $Folders = @("\\src\src$","C:\Windows\CCM\Logs") 25 | 26 | 27 | foreach ($Folder in $Folders) 28 | { 29 | $SelectFolder = $RecentFiles | Where-Object {$_.Path -eq $Folder} 30 | if (!($SelectFolder)){ 31 | $Compliant = $false 32 | } 33 | } 34 | 35 | if ($Compliant -eq $false){ 36 | if ($Remediate -eq $true){ 37 | foreach ($Folder in $Folders) 38 | { 39 | Write-Output "Adding $Folder to Quick Access" 40 | $QuickAccess.Namespace($Folder).Self.InvokeVerb("pintohome") 41 | } 42 | } 43 | else 44 | { 45 | Write-Output "Non-Compliant" 46 | } 47 | } 48 | else 49 | { 50 | Write-Output "Compliant" 51 | } 52 | -------------------------------------------------------------------------------- /ConfigMgr/Baselines/QuickAccess_RemoveDefaultFolders.ps1: -------------------------------------------------------------------------------- 1 | <# Gary Blok @gwblok Recast SOftware 2 | Clears out Specific Quick Access Folders 3 | 4 | !!!This MUST be run in user context!!! - Set the CI to: Run scripts by using the logged on user credentials 5 | (CI Settings -> Edit -> General Tab) 6 | 7 | Place the folders you want removed into the $Folders variable. 8 | My Defaults = Videos, Music, Pictures 9 | 10 | Change the Variable for Dicovery or Remediation 11 | Discovery = $Remediate = $false 12 | Remediation = $Remediate = $True 13 | 14 | #> 15 | 16 | 17 | $Compliant = $true 18 | $Remediate = $false 19 | 20 | $Namespace = "shell:::{679f85cb-0220-4080-b29b-5540cc05aab6}" 21 | $QuickAccess = New-Object -ComObject shell.application 22 | $RecentFiles = $QuickAccess.Namespace($Namespace).Items() 23 | 24 | $Folders = @("Videos", "Music", "Pictures") 25 | 26 | 27 | foreach ($Folder in $Folders) 28 | { 29 | $SelectFolder = $RecentFiles | Where-Object {$_.Path -match $Folder} 30 | if ($SelectFolder){ 31 | $Compliant = $false 32 | } 33 | } 34 | 35 | if ($Compliant -eq $false){ 36 | if ($Remediate -eq $true){ 37 | foreach ($Folder in $Folders) 38 | { 39 | $SelectFolder = $RecentFiles | Where-Object {$_.Path -match $Folder} 40 | if ($SelectFolder){ 41 | Write-Output "Removing $Folder from Quick Access" 42 | $SelectFolder.InvokeVerb("unpinfromhome") 43 | $SelectFolder.InvokeVerb("removefromhome") 44 | } 45 | else { 46 | Write-Output "$Folder does not exsit in Quick Access" 47 | } 48 | } 49 | } 50 | else 51 | { 52 | Write-Output "Non-Compliant" 53 | } 54 | } 55 | else 56 | { 57 | Write-Output "Compliant" 58 | } 59 | 60 | 61 | -------------------------------------------------------------------------------- /ConfigMgr/Baselines/Readme.md: -------------------------------------------------------------------------------- 1 | # ConfigMgr Baselines 2 | 3 | ## Active Cache Management 4 | 5 | These scripts can be used to control and manage your CCMCache 6 | - Set Cache Size based on Drive Size 7 | - This requires that you're not setting it via Client Settings, which will overwrite what this CI does 8 | - You can set the CCMCache size initially when you install the CM Client, then leverage this baseline to dynamcially assign a size or % 9 | - Groom Cache based on Drive Free space, age and type of content. 10 | - Remove Duplicate packages (older versions of same content) 11 | 12 | BranchCache Management coming in the future. 13 | 14 | 15 | ## Package Content Compliance 16 | 17 | This will monitor a specific Task Sequence that is deployed to the device and confirm the Task Sequence Content is in the CCMCache 18 | 19 | ## Sysinternals Suite 20 | 21 | This will download and expand the Suite to "$env:ProgramFiles\SysInternalsSuite\" 22 | Keeps the Suite Updated by downloading and comparing several EXE's verisons against the versions 23 | 24 | ## Quick Access 25 | 26 | This will allow you to modify the Quick Access areas in Explorer. 27 | Not saying you should, but in my lab this is really nice. 28 | In my Lab I modify it Quick Access like so: 29 | - Remove 30 | - Videos 31 | - Music 32 | - Pictures 33 | - Add 34 | - CM Source Server Path | Ex: \\\\CMSource\Source$ 35 | - CM Logs | c:\windows\ccm\logs 36 | 37 | ## Other Baselines 38 | 39 | There will be other items here, I'll try to update the page with some info as I add them... no promises. 40 | -------------------------------------------------------------------------------- /ConfigMgr/Modify-CMBootImage.ps1: -------------------------------------------------------------------------------- 1 | # Requires the script to be run under an administrative account context. 2 | #https://www.deploymentresearch.com/customizing-configmgr-boot-images-with-wmi-and-powershell/ 3 | #Requires -RunAsAdministrator 4 | 5 | # ConfigMgr Site Code and SMS Provider 6 | $SiteCode = "2CM" 7 | $SMSProvider = "2CM.2p.garytown.com" 8 | 9 | # Specify boot image 10 | # Win11 22H2 x64 StifleR 2.10 - 2011 22621.5039_25.03.24 2CM0004B 10.0.22621.5039 5.00.9132.1023 11 | 12 | $BootImageID = "2CM0004B" 13 | 14 | # Get the boot image via WMI 15 | $CMBootImage = Get-WmiObject -ComputerName $SMSProvider -Namespace "root\SMS\site_$($SiteCode)" -Class SMS_BootImagePackage | Where-Object {$_.PackageID -eq $BootImageID} 16 | $BootImage = [wmi]"$($CMBootImage.__PATH)" 17 | 18 | # Add F8 Support in ConfigMgr (needed when ADK version installed is different from Boot Image) 19 | $BootImage.EnableLabShell = $true 20 | $BootImage.Put() 21 | 22 | # Add custom background image 23 | $BackgroundUNCPath = "\\src\src$\Pictures\WinPE-2Pint.jpg" 24 | $BootImage.BackgroundBitmapPath = $BackgroundUNCPath 25 | $BootImage.Put() 26 | -------------------------------------------------------------------------------- /CreateCMPowerShellModulePackage.ps1: -------------------------------------------------------------------------------- 1 | #Run this on a machine that has the MEMCM Console Installed 2 | 3 | #where you want the files copied, this will be the source of the package you create in CM 4 | $PackageSourceFolder = "\\src\src$\Apps\Microsoft\ConfigurationManager\CMConsolePosh" 5 | 6 | 7 | 8 | $ConfigModulePath = (Join-Path $(Split-Path $env:SMS_ADMIN_UI_PATH) ConfigurationManager.psd1) 9 | $ConfigModuleFolder = $(Split-Path $env:SMS_ADMIN_UI_PATH) 10 | # Grab the Commandlet and Copy the files the commandlet directly references... 11 | $ConfigModuleContent = Get-Content -Path $ConfigModulePath 12 | foreach ($Line in $ConfigModuleContent | Where-Object {$_ -Match "AdminUI.PS" -and $_ -notmatch ".XML"}) 13 | { 14 | #Write-Output $Line 15 | $Line = $Line.TrimEnd(",") 16 | $RemoveFront = $Line.Substring("1") 17 | $RemoveEnd = $Line.substring($Line.length -1, 1) 18 | $File = $RemoveFront.TrimEnd($RemoveEnd) 19 | Write-Output $File 20 | if (Test-Path "$($ConfigModuleFolder)\$($File)" -ErrorAction SilentlyContinue) {Copy-Item -Path "$($ConfigModuleFolder)\$($File)" -Destination $PackageSourceFolder -Force} 21 | } 22 | 23 | Copy-Item -Path "$ConfigModuleFolder\*.ps1xml" -Destination $PackageSourceFolder -Force 24 | Copy-Item -Path "$ConfigModuleFolder\*.dll" -Destination $PackageSourceFolder -Force 25 | Copy-Item -Path $ConfigModulePath -Destination $PackageSourceFolder -Force 26 | 27 | 28 | #Test to Confirm you have what you need: 29 | Import-Module "$($PackageSourceFolder)\ConfigurationManager.psd1" 30 | -------------------------------------------------------------------------------- /DEMOS/CBS.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/DEMOS/CBS.zip -------------------------------------------------------------------------------- /DEMOS/CloudScriptsDemo.ps1: -------------------------------------------------------------------------------- 1 | Write-Host "MMS is Great!" -ForegroundColor Red 2 | Write-Host "Twitter UserName: GWBLOK" -ForegroundColor Cyan 3 | Write-Host "Twitter Passwrd: $(New-Guid)" -ForegroundColor Cyan 4 | Write-Host "Twitter Last Logon from $($env:COMPUTERNAME)" -ForegroundColor Cyan 5 | -------------------------------------------------------------------------------- /DEMOS/DISM.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/DEMOS/DISM.zip -------------------------------------------------------------------------------- /Dev/CloudScripts/Install-ZoomIt.ps1: -------------------------------------------------------------------------------- 1 | #GARYTOWN.COM 2 | #Download & Extract to System32 3 | function Install-ZoomIt { 4 | $FileName = "ZoomIt.zip" 5 | $ExpandPath = "$env:windir\temp" 6 | $URL = "https://download.sysinternals.com/files/$FileName" 7 | Write-Output "Downloading $URL" 8 | Invoke-WebRequest -UseBasicParsing -Uri $URL -OutFile $env:TEMP\$FileName 9 | if (Test-Path -Path $env:TEMP\$FileName){Write-Output "Successfully Downloaded"} 10 | else{Write-Output "Failed Downloaded"; exit 255} 11 | Write-Output "Starting Extraction of $FileName to $ExpandPath" 12 | Expand-Archive -Path $env:TEMP\$FileName -DestinationPath $ExpandPath -Force 13 | if (Test-Path -Path $ExpandPath\ZoomIt.exe){ 14 | Write-Output "Successfully Extracted Zip File to temp" 15 | Write-Output "Copying ZoomIt.exe to System32" 16 | Copy-Item -Path "$ExpandPath\ZoomIt.exe" -Destination "$env:windir\system32\ZoomIt.exe" -Force 17 | } 18 | else{Write-Output "Failed Extract"; exit 255} 19 | } -------------------------------------------------------------------------------- /Dev/CloudScripts/LenovoUpdate.ps1: -------------------------------------------------------------------------------- 1 | $Manufacturer = (Get-CimInstance -Namespace root/CIMV2 -ClassName Win32_ComputerSystem).Manufacturer 2 | Write-Output "Manufacturer = $Manufacturer" 3 | if ($Manufacturer -match "Lenovo"){ 4 | iex (irm https://raw.githubusercontent.com/OSDeploy/OSD/master/Public/OSDCloudTS/Install-LenovoApps.ps1) 5 | iex (irm https://sandbox.osdcloud.com) 6 | Install-LenovoVantage 7 | Set-LenovoVantage 8 | Write-Host "Device is Lenovo, attempting to install Module LSUClient" 9 | Install-Module -Name LSUClient -Force 10 | Import-Module -Name LSUClient 11 | Write-Host "Scanning for updates...." 12 | $updates = Get-LSUpdate | Where-Object { $_.Installer.Unattended } 13 | $i = 1 14 | foreach ($update in $updates) { 15 | Write-Host "Installing update $i of $($updates.Count): $($update.Title)" 16 | Install-LSUpdate -Package $update -Verbose 17 | $i++ 18 | } 19 | 20 | $LenovoBackgroundTask = Get-ScheduledTask -TaskName "Background monitor" -ErrorAction SilentlyContinue 21 | if ($LenovoBackgroundTask){ 22 | $LenovoBackgroundTask | Disable-ScheduledTask 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /Dev/CloudScripts/OSDCloud.ps1: -------------------------------------------------------------------------------- 1 | $ComputerSystem = Get-CimInstance -Namespace root/CIMV2 -ClassName Win32_ComputerSystem 2 | $Manufacturer = $ComputerSystem.Manufacturer 3 | $Model = $ComputerSystem.Model 4 | $Serial = Get-CimInstance -Namespace root/CIMV2 -ClassName Win32_BIOS | Select-Object -ExpandProperty SerialNumber 5 | Write-Output "Manufacturer = $Manufacturer | Model = $Model" 6 | Write-Host -ForegroundColor DarkGray "===============================================" 7 | Write-Host -ForegroundColor Cyan " Functions to fun during OSDCloud" 8 | Write-Host -ForegroundColor DarkGray "===============================================" 9 | Write-Host "" 10 | Write-Host -ForegroundColor Green "[+] Function Copy-OSDCloudLogs2OSDCloudUSB" 11 | function Copy-OSDCloudLogs2OSDCloudUSB { 12 | $OSDCloudLogs = "C:\OSDCloud\Logs" 13 | $OSDCloudUSB = (Get-Volume.usb | Where-Object {($_.FileSystemLabel -match 'OSDCloud') -or ($_.FileSystemLabel -match 'BHIMAGE')} | Select-Object -First 1).DriveLetter 14 | if ($OSDCloudUSB){ 15 | $OSDCloudUSBFolder = "$($OSDCloudUSB):\OSDCloud\Logs\$Manufacturer-$Model-$Serial" 16 | if (!(Test-Path $OSDCloudUSBFolder)) { 17 | New-Item -Path $OSDCloudUSBFolder -ItemType Directory -Force | Out-Null 18 | } 19 | Write-Host "Copying OSDCloud Logs to $OSDCloudUSBFolder" 20 | Copy-Item -Path $OSDCloudLogs -Destination $OSDCloudUSBFolder -Recurse -Force 21 | } 22 | } 23 | 24 | 25 | $namespace = "ROOT\HP\InstrumentedBIOS" 26 | $classname = "HP_BIOSEnumeration" 27 | if (Get-CimInstance -ClassName $classname -Namespace $namespace | Where-Object {$_.Name -match "Enhanced BIOS Authentication"}){ 28 | Write-Output "Gathering HP Sure Admin State" 29 | $HPSureAdminState = Get-HPSureAdminState -ErrorAction SilentlyContinue 30 | Write-Output "SureAdminState = $HPSureAdminState" 31 | } 32 | else{ 33 | Write-Output "SureAdminState = Feature Not Available" 34 | } -------------------------------------------------------------------------------- /Dev/CloudScripts/SMSTSPostAction.ps1: -------------------------------------------------------------------------------- 1 | 2 | Start-Transcript -Path C:\windows\CCM\logs\smstspostaction.txt 3 | 4 | iex (irm functions.garytown.com) 5 | Install-Nuget 6 | Install-PackageManagement 7 | Install-Module -Name OSD 8 | Install-ModuleHPCMSL 9 | Set-ThisPC 10 | Set-TimeZoneFromIP 11 | Start-WindowsUpdate 12 | Invoke-UpdateScanMethodMSStore 13 | 14 | Stop-Transcript 15 | 16 | Restart-Computer 17 | -------------------------------------------------------------------------------- /Dev/CloudScripts/SetupCompleteDEV.ps1: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /Dev/CloudScripts/SpecializeDEV.ps1: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /Dev/CloudScripts/StartOSDCloudPreStart.ps1: -------------------------------------------------------------------------------- 1 | #powershell Invoke-Expression -Command (Invoke-RestMethod -Uri https://raw.githubusercontent.com/gwblok/garytown/master/Dev/CloudScripts/StartOSDCloudPreStart.ps1) 2 | Invoke-Expression (Invoke-RestMethod 'sandbox.osdcloud.com') 3 | $Global:MyOSDCloud = [ordered]@{ 4 | Restart = [bool]$False 5 | RecoveryPartition = [bool]$True 6 | DriverPackName = "None" 7 | } 8 | 9 | #Launch OSDCloud 10 | osdcloud-UpdateModuleFilesManually -DevMode $true 11 | Start-OSDCloudGUIDev 12 | -------------------------------------------------------------------------------- /Dev/CloudScripts/TaskSequence.ps1: -------------------------------------------------------------------------------- 1 | #Stuff to make available in a Task Sequence 2 | 3 | Write-Host -ForegroundColor Cyan "Functions for ConfigMgr Task Sequences" 4 | Write-Host -ForegroundColor Green "[+] Function Confirm-TSEnvironmentSetup" 5 | Write-Host -ForegroundColor Green "[+] Function Confirm-TSProgressUISetup" 6 | Write-Host -ForegroundColor Green "[+] Function Get-TSVariables" 7 | Write-Host -ForegroundColor Green "[+] Function Get-TSValue" 8 | Write-Host -ForegroundColor Green "[+] Function Get-TSAllValues" 9 | Write-Host -ForegroundColor Green "[+] Function Set-TSVariable" 10 | Write-Host -ForegroundColor Green "[+] Function Close-TSProgressDialog" 11 | Write-Host -ForegroundColor Green "[+] Function Show-TSActionProgress" 12 | Write-Host -ForegroundColor Green "[+] Function Show-TSProgress" 13 | Write-Host -ForegroundColor Green "[+] Function Show-TSErrorDialog" 14 | Write-Host -ForegroundColor Green "[+] Function Show-TSMessage" 15 | Write-Host -ForegroundColor Green "[+] Function Show-TSRebootDialog" 16 | Write-Host -ForegroundColor Green "[+] Function Show-TSSwapMediaDialog" 17 | 18 | iex (irm 'https://raw.githubusercontent.com/sombrerosheep/TaskSequenceModule/refs/heads/master/SCCM-TSEnvironment.psm1') 19 | 20 | -------------------------------------------------------------------------------- /Dev/FunctionsSnips/Invoke-ScriptNewJob.ps1: -------------------------------------------------------------------------------- 1 | Function Invoke-ScriptNewJob { 2 | 3 | [CmdletBinding()] 4 | param ( 5 | [Parameter(Mandatory = $true)] 6 | [string]$ScriptPath, 7 | [int]$timeoutSeconds = 600, # Default timeout of 10 minutes 8 | [switch]$wait 9 | ) 10 | #Start the Job 11 | if ($ScriptPath -eq $null) { 12 | Write-Host -ForegroundColor Red "Script Path is null, exiting." 13 | return 14 | } 15 | if (!(Test-Path -Path $ScriptPath)) { 16 | Write-Host -ForegroundColor Red "Script Path does not exist, exiting." 17 | return 18 | } 19 | $Code = Get-Content -Path $ScriptPath -Raw 20 | $Installing = Start-Job -ScriptBlock $code 21 | # Report the job ID (for diagnostic purposes) 22 | "Job ID: $($Installing.Id)" 23 | 24 | # Wait for the job to complete or time out 25 | if ($wait) { 26 | Write-Host -ForegroundColor Green "Waiting for job to complete..." 27 | Wait-Job $Installing -Timeout $timeoutSeconds | Out-Null 28 | Receive-Job -Job $Installing 29 | # Check the job state 30 | if ($Installing.State -eq "Completed") { 31 | # Job completed successfully 32 | "Done!" 33 | } elseif ($Installing.State -eq "Running") { 34 | # Job was interrupted due to timeout 35 | "Interrupted" 36 | } else { 37 | # Unexpected job state 38 | "???" 39 | } 40 | 41 | # Clean up the job 42 | Remove-Job -Force $Installing 43 | 44 | #Start-sleep 45 | Start-sleep -seconds 10 46 | } else { 47 | Write-Host -ForegroundColor Green "Job is running in the background. You can check its status later." 48 | Write-Host -ForegroundColor Yellow "This will bypass the timeout and run in the background, never stopping, even if it should" 49 | } 50 | 51 | } -------------------------------------------------------------------------------- /Feature-Updates/ConfigMgrApp/PreInstall/Microsoft.Toolkit.Uwp.Notifications.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/ConfigMgrApp/PreInstall/Microsoft.Toolkit.Uwp.Notifications.dll -------------------------------------------------------------------------------- /Feature-Updates/ConfigMgrApp/PreInstall/readme.txt: -------------------------------------------------------------------------------- 1 | Microsoft.Toolkit.Uwp.Notifications.dll from Here: 2 | https://www.nuget.org/packages/Microsoft.Toolkit.Uwp.Notifications/6.1.1 3 | Used for Progress Toast Notification bar 4 | -------------------------------------------------------------------------------- /Feature-Updates/ConfigMgrApp/RunOnce/Readme.txt: -------------------------------------------------------------------------------- 1 | Holding Location for any RunOnce Scripts -------------------------------------------------------------------------------- /Feature-Updates/ConfigMgrApp/Success/BackgroundImages/lockscreen.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/ConfigMgrApp/Success/BackgroundImages/lockscreen.jpg -------------------------------------------------------------------------------- /Feature-Updates/ConfigMgrApp/Success/BackgroundImages/wallpaper.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/ConfigMgrApp/Success/BackgroundImages/wallpaper.jpg -------------------------------------------------------------------------------- /Feature-Updates/ConfigMgrApp/Success/SystemLogo/logo.bmp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/ConfigMgrApp/Success/SystemLogo/logo.bmp -------------------------------------------------------------------------------- /Feature-Updates/ConfigMgrApp/Success/UserPictures/guest.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/ConfigMgrApp/Success/UserPictures/guest.png -------------------------------------------------------------------------------- /Feature-Updates/ConfigMgrApp/Success/UserPictures/user-192.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/ConfigMgrApp/Success/UserPictures/user-192.png -------------------------------------------------------------------------------- /Feature-Updates/ConfigMgrApp/Success/UserPictures/user-200.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/ConfigMgrApp/Success/UserPictures/user-200.png -------------------------------------------------------------------------------- /Feature-Updates/ConfigMgrApp/Success/UserPictures/user-32.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/ConfigMgrApp/Success/UserPictures/user-32.png -------------------------------------------------------------------------------- /Feature-Updates/ConfigMgrApp/Success/UserPictures/user-40.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/ConfigMgrApp/Success/UserPictures/user-40.png -------------------------------------------------------------------------------- /Feature-Updates/ConfigMgrApp/Success/UserPictures/user-48.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/ConfigMgrApp/Success/UserPictures/user-48.png -------------------------------------------------------------------------------- /Feature-Updates/ConfigMgrApp/Success/UserPictures/user.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/ConfigMgrApp/Success/UserPictures/user.png -------------------------------------------------------------------------------- /Feature-Updates/ConfigMgrApp/Windows-Update-icon-big-256.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/ConfigMgrApp/Windows-Update-icon-big-256.png -------------------------------------------------------------------------------- /Feature-Updates/OSDCloud/Build-OSDCloudOSIndexMap.ps1: -------------------------------------------------------------------------------- 1 | Import-Module -name OSD 2 | 3 | $Indexes = @() 4 | $ESDFilesX64Indexes = Get-OSDCloudOperatingSystemsIndexes -OSArch x64 5 | $ESDFilesARM64Indexes = Get-OSDCloudOperatingSystemsIndexes -OSArch ARM64 6 | 7 | $Indexes += $ESDFilesX64Indexes 8 | $Indexes += $ESDFilesARM64Indexes 9 | 10 | 11 | $ImageIndexDB = @() 12 | $Builds = $Indexes.Build | Select-Object -Unique 13 | $LatestBuild = $Builds | Sort-Object -Descending | Select-Object -First 1 14 | 15 | $CapturePool = $Indexes | Where-Object {$_.Build -eq $LatestBuild} 16 | 17 | 18 | foreach ($Index in $CapturePool){ 19 | $SaveData = $Index | Select-Object -Property Architecture, Language, Activation, Indexes, IndexNames, TotalIndexes 20 | $ImageIndexDB += $SaveData 21 | } 22 | 23 | $ImageIndexDB | Export-Clixml -Path (Join-Path (Get-Module -Name OSD -ListAvailable | Sort-Object Version -Descending | Select-Object -First 1).ModuleBase "Catalogs\CloudOperatingIndexMap.xml") -Force 24 | Import-Clixml -Path (Join-Path (Get-Module -Name OSD -ListAvailable | Sort-Object Version -Descending | Select-Object -First 1).ModuleBase "Catalogs\CloudOperatingIndexMap.xml") | ConvertTo-Json | Out-File (Join-Path (Get-Module -Name OSD -ListAvailable | Sort-Object Version -Descending | Select-Object -First 1).ModuleBase "Catalogs\CloudOperatingIndexMap.json") -Encoding ascii -Width 2000 -Force 25 | -------------------------------------------------------------------------------- /Feature-Updates/OSDCloud/TestBIOSDate.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/OSDCloud/TestBIOSDate.ps1 -------------------------------------------------------------------------------- /Feature-Updates/ProductXML.md: -------------------------------------------------------------------------------- 1 | # Windows 10 2 | Windows 10 Latest Cab: https://go.microsoft.com/fwlink/?LinkId=841361 3 | 4 | Media Creation Tool: https://download.microsoft.com/download/9/e/a/9eac306f-d134-4609-9c58-35d1638c2363/MediaCreationTool22H2.exe 5 | 6 | 22H2 Product Cab [2023-05-10]: https://download.microsoft.com/download/3/c/9/3c959fca-d288-46aa-b578-2a6c6c33137a/products_win10_20230510.cab.cab 7 | 8 | 22H2 Product Cab [2023-12-12]: https://download.microsoft.com/download/7/9/c/79cbc22a-0eea-4a0d-89c0-054a1b3aa8e0/products.cab 9 | 10 | 11 | # Windows 11 12 | Windows 11 Latest CAB: https://go.microsoft.com/fwlink/?LinkId=2156292 13 | 14 | Media Creation Tool: https://software-static.download.prss.microsoft.com/dbazure/988969d5-f34g-4e03-ac9d-1f9786c66749/mediacreationtool.exe 15 | 16 | 21H2 Product Cab: https://download.microsoft.com/download/1/b/4/1b4e06e2-767a-4c9a-9899-230fe94ba530/products_Win11_20211115.cab 17 | 18 | 22H2 Product Cab: https://download.microsoft.com/download/b/1/9/b19bd7fd-78c4-4f88-8c40-3e52aee143c2/products_win11_20230510.cab.cab 19 | 20 | 23H2 GA Product Cab: https://download.microsoft.com/download/e/8/6/e86b4c6f-4ae8-40df-b983-3de63ea9502d/products_win11_202311109.cab 21 | 22 | 23H2 Product Cab: https://download.microsoft.com/download/6/2/b/62b47bc5-1b28-4bfa-9422-e7a098d326d4/products_win11_20231208.cab 23 | 24 | ## Getting the fwlink: 25 | 26 | Using 7Zip, open the MCT.exe -> SetupMgr.dll -> .text file. Search for "f w l" and it will find any fwlinks in the dll. Typically there are 2, and it's been the second one, but feel free to test both. 27 | 28 | ### Snip: 29 | 30 | D o w n l o a d P r o d u c t s X m l p r o d u c t s . c a b h t t p s : / / g o . m i c r o s o f t . c o m / f w l i n k / ? L i n k I d = 6 2 4 7 3 6 h t t p s : / / g o . m i c r o s o f t . c o m / f w l i n k / ? L i n k I d = 2 1 5 6 2 9 2 S e t u p M g r : E x p a n d i n g c a b [ % s ] t o [ % s ] . p r o d u c t s . x m l 31 | -------------------------------------------------------------------------------- /Feature-Updates/SafeGuardHolds/Get-SafeGuardHoldInfo.ps1: -------------------------------------------------------------------------------- 1 | #Gary Blok 2 | #Function used to get SafeGuard Hold information from Endpoint 3 | function Get-SafeGuardHoldInfo { 4 | $UX = Get-ChildItem -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\TargetVersionUpgradeExperienceIndicators" 5 | foreach ($U in $UX){ 6 | $GatedBlockId = $U.GetValue('GatedBlockId') 7 | if ($GatedBlockId){ 8 | if ($GatedBlockId -ne "None"){ 9 | $SafeGuardID = $GatedBlockId 10 | $ALTERNATEDATALINK = Get-ItemPropertyValue -Path 'HKLM:\SOFTWARE\Microsoft\windows\CurrentVersion\OneSettings\compat\appraiser\Settings' -Name 'ALTERNATEDATALINK' 11 | $ALTERNATEDATAVERSION = Get-ItemPropertyValue -Path 'HKLM:\SOFTWARE\Microsoft\windows\CurrentVersion\OneSettings\compat\appraiser\Settings' -Name 'ALTERNATEDATAVERSION' 12 | $SafeGuardInfo = New-Object -TypeName psobject 13 | $SafeGuardInfo | Add-Member -MemberType NoteProperty -Name "SafeGuardID" -Value "$SafeGuardID" -Force 14 | $SafeGuardInfo | Add-Member -MemberType NoteProperty -Name "ALTERNATEDATALINK" -Value "$ALTERNATEDATALINK" -Force 15 | $SafeGuardInfo | Add-Member -MemberType NoteProperty -Name "ALTERNATEDATAVERSION" -Value "$ALTERNATEDATAVERSION" -Force 16 | } 17 | } 18 | } 19 | if (!($SafeGuardID)){ 20 | $SafeGuardID = "NONE" 21 | $SafeGuardInfo = New-Object -TypeName psobject 22 | $SafeGuardInfo | Add-Member -MemberType NoteProperty -Name "SafeGuardID" -Value "$SafeGuardID" -Force 23 | } 24 | return $SafeGuardInfo 25 | } 26 | -------------------------------------------------------------------------------- /Feature-Updates/SafeGuardHolds/Override-SafeGuard.ps1: -------------------------------------------------------------------------------- 1 | $WindowsSafeguardOverridePath = "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" 2 | Write-Output "Setting SafeguardHold Override Registry Value" 3 | New-item -Path $WindowsSafeguardOverridePath -Force | Out-Null 4 | New-ItemProperty -Path "$WindowsSafeguardOverridePath" -Name "DisableWUfBSafeguards" -PropertyType dword -Value 1 -Force | Out-Null 5 | -------------------------------------------------------------------------------- /Feature-Updates/SafeGuardHolds/SafeGuardHoldLookupSample.ps1: -------------------------------------------------------------------------------- 1 | <# Gary Blok @gwblok GARYTOWN.COM 2 | Sample of how to lookup Safe Guard Hold data based on the "database" I built and hosted in JSON here on GitHub 3 | 4 | #> 5 | 6 | $ID = '26062027' 7 | 8 | $SafeGuardJSONURL = 'https://raw.githubusercontent.com/gwblok/garytown/master/Feature-Updates/SafeGuardHolds/SafeGuardHoldDataBase.json' 9 | $SafeGuardData = (Invoke-WebRequest -URI $SafeGuardJSONURL).content | ConvertFrom-Json 10 | $SafeGuardData | Where-Object {$_.SafeguardID -eq $ID} 11 | 12 | 13 | #Previous Backup of the JSON file 14 | $SafeGuardJSONBackupURL = 'https://raw.githubusercontent.com/gwblok/garytown/master/Feature-Updates/SafeGuardHolds/backup/SafeGuardHoldDataBase.json' 15 | $SafeGuardDataBackup = (Invoke-WebRequest -URI $SafeGuardJSONBackupURL).content | ConvertFrom-Json 16 | 17 | $SafeGuardDataBackup | Where-Object {$_.SafeguardID -eq $ID} 18 | 19 | 20 | #Grab Recent SafeGuards new for upgrading to 11 23H2 21 | $23H2 = $SafeGuardData | Where-Object {$_.DEST_OS_GTE -match "23H2"} 22 | 23 | 24 | # This is for the combined database, a lot of duplicate IDs, but the context of the ID can be slightly different. 25 | # The change is typically in the "DEST_OS_GTE / LT" properties & EXE_ID 26 | $SafeGuardCombinedJSONURL = 'https://raw.githubusercontent.com/gwblok/garytown/master/Feature-Updates/SafeGuardHolds/SafeGuardHoldCombinedDataBase.json' 27 | $SafeGuardCombinedData = (Invoke-WebRequest -URI $SafeGuardCombinedJSONURL).content | ConvertFrom-Json 28 | 29 | $SafeGuardCombinedData | Where-Object {$_.SafeguardID -eq $ID} 30 | 31 | 32 | -------------------------------------------------------------------------------- /Feature-Updates/SafeGuardHolds/SafeGuardHoldLookupSample2.ps1: -------------------------------------------------------------------------------- 1 | <# Gary Blok @gwblok GARYTOWN.COM 2 | Sample of how to lookup Safe Guard Hold data based on the "database" I built and hosted in JSON here on GitHub 3 | 4 | #> 5 | 6 | $SafeGuardJSONURL = 'https://raw.githubusercontent.com/gwblok/garytown/master/Feature-Updates/SafeGuardHolds/SafeGuardHoldDataBase.json' 7 | $SafeGuardData = (Invoke-WebRequest -URI $SafeGuardJSONURL).content | ConvertFrom-Json 8 | 9 | <# Single Lookup - Full details 10 | $ID = '29991611' 11 | $SafeGuardData | Where-Object {$_.SafeguardID -eq $ID} 12 | #> 13 | 14 | # Lookup several - Just ID & Name 15 | $SafeGuardIDTable = @( 16 | @{ ID = '41332279'} 17 | @{ ID = '40667045'} 18 | @{ ID = '25178825'} 19 | @{ ID = '41332279'} 20 | @{ ID = '30103339'} 21 | @{ ID = '37820326'} 22 | @{ ID = '29745406'} 23 | @{ ID = '25178825'} 24 | @{ ID = '35004082'} 25 | @{ ID = '37395288'} 26 | @{ ID = '26062027'} 27 | @{ ID = '29991611'} 28 | @{ ID = '30103339'} 29 | @{ ID = '35004082'} 30 | @{ ID = '25465644'} 31 | @{ ID = '27227883'} 32 | @{ ID = '29991611'} 33 | @{ ID = '26490208'} 34 | @{ ID = '41341219'} 35 | @{ ID = '27227883'} 36 | ) 37 | 38 | 39 | 40 | $Values = $SafeGuardIDTable.Values | Sort-Object 41 | 42 | foreach ($ID in $Values){ 43 | $WorkingSGD = $SafeGuardData | Where-Object {$_.SafeguardID -eq $ID} 44 | #$WorkingSGD | Select-Object -Property SafeguardId, AppName, Vendor, DEST_OS_GTE, DEST_OS_LT 45 | #Write-Output "ID: $($WorkingSGD.SafeguardId) | Name: $($WorkingSGD.AppName) - $($WorkingSGD.VENDOR) | DesOS: >= $($WorkingSGD.DEST_OS_GTE) < $($WorkingSGD.DEST_OS_LT)" 46 | 47 | Write-Output "ID: $($WorkingSGD.SafeguardId) | Name: $($WorkingSGD.AppName) - $($WorkingSGD.VENDOR)" 48 | 49 | } 50 | 51 | -------------------------------------------------------------------------------- /Feature-Updates/SafeGuardHolds/SafeGuardHoldLookupSampleLOCALTEST.ps1: -------------------------------------------------------------------------------- 1 | <# Gary Blok @gwblok GARYTOWN.COM 2 | Sample of how to lookup Safe Guard Hold data based on the "database" I built and hosted in JSON here on GitHub 3 | 4 | #> 5 | 6 | $ID = '26062027' 7 | 8 | 9 | #Just Build on D Drive: 10 | $SafeGuardJSONURL = "D:\SafeGuard\AppraiserDatabase\SafeGuardHoldDataBase.json" 11 | $SafeGuardDataLocal = Get-Content -Path $SafeGuardJSONURL | ConvertFrom-Json 12 | $SafeGuardDataLocal.count 13 | 14 | #Current on GiHubt 15 | $SafeGuardJSONURL = 'https://raw.githubusercontent.com/gwblok/garytown/master/Feature-Updates/SafeGuardHolds/SafeGuardHoldDataBase.json' 16 | $SafeGuardData = (Invoke-WebRequest -URI $SafeGuardJSONURL).content | ConvertFrom-Json 17 | $SafeGuardData.count 18 | 19 | #Previous Backup of the JSON file 20 | $SafeGuardJSONBackupURL = 'https://raw.githubusercontent.com/gwblok/garytown/master/Feature-Updates/SafeGuardHolds/backup/SafeGuardHoldDataBase.json' 21 | $SafeGuardDataBackup = (Invoke-WebRequest -URI $SafeGuardJSONBackupURL).content | ConvertFrom-Json 22 | $SafeGuardDataBackup.count 23 | 24 | 25 | #Grab Recent SafeGuards new for upgrading to 11 23H2 26 | $23H2 = $SafeGuardData | Where-Object {$_.DEST_OS_GTE -match "23H2"} 27 | 28 | 29 | # This is for the combined database, a lot of duplicate IDs, but the context of the ID can be slightly different. 30 | # The change is typically in the "DEST_OS_GTE / LT" properties & EXE_ID 31 | $SafeGuardCombinedJSONURL = 'https://raw.githubusercontent.com/gwblok/garytown/master/Feature-Updates/SafeGuardHolds/SafeGuardHoldCombinedDataBase.json' 32 | $SafeGuardCombinedData = (Invoke-WebRequest -URI $SafeGuardCombinedJSONURL).content | ConvertFrom-Json 33 | 34 | $SafeGuardCombinedData | Where-Object {$_.SafeguardID -eq $ID} 35 | 36 | 37 | -------------------------------------------------------------------------------- /Feature-Updates/SafeGuardHolds/media/BuildScript.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/SafeGuardHolds/media/BuildScript.png -------------------------------------------------------------------------------- /Feature-Updates/SafeGuardHolds/media/CMPivot.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/SafeGuardHolds/media/CMPivot.png -------------------------------------------------------------------------------- /Feature-Updates/SafeGuardHolds/media/Demo1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/SafeGuardHolds/media/Demo1.png -------------------------------------------------------------------------------- /Feature-Updates/SafeGuardHolds/media/RemoveDups.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/SafeGuardHolds/media/RemoveDups.png -------------------------------------------------------------------------------- /Feature-Updates/SafeGuardHolds/media/RemoveDups2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/SafeGuardHolds/media/RemoveDups2.png -------------------------------------------------------------------------------- /Feature-Updates/SafeGuardHolds/media/RemoveDups3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/SafeGuardHolds/media/RemoveDups3.png -------------------------------------------------------------------------------- /Feature-Updates/SafeGuardHolds/media/RunScript.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/SafeGuardHolds/media/RunScript.png -------------------------------------------------------------------------------- /Feature-Updates/SafeGuardHolds/media/RunScript1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/SafeGuardHolds/media/RunScript1.png -------------------------------------------------------------------------------- /Feature-Updates/SafeGuardHolds/media/RunScript2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/SafeGuardHolds/media/RunScript2.png -------------------------------------------------------------------------------- /Feature-Updates/SafeGuardHolds/sdb2xml.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/SafeGuardHolds/sdb2xml.exe -------------------------------------------------------------------------------- /Feature-Updates/media/FeatureUpdates01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/media/FeatureUpdates01.png -------------------------------------------------------------------------------- /Feature-Updates/media/FeatureUpdates02.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/media/FeatureUpdates02.png -------------------------------------------------------------------------------- /Feature-Updates/media/FeatureUpdates03.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/media/FeatureUpdates03.png -------------------------------------------------------------------------------- /Feature-Updates/media/FeatureUpdates04.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/media/FeatureUpdates04.png -------------------------------------------------------------------------------- /Feature-Updates/media/FeatureUpdates05.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/media/FeatureUpdates05.png -------------------------------------------------------------------------------- /Feature-Updates/media/FeatureUpdates06.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/media/FeatureUpdates06.png -------------------------------------------------------------------------------- /Feature-Updates/media/FeatureUpdates07.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/media/FeatureUpdates07.png -------------------------------------------------------------------------------- /Feature-Updates/media/FeatureUpdates08.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/media/FeatureUpdates08.png -------------------------------------------------------------------------------- /Feature-Updates/media/FeatureUpdates09.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/media/FeatureUpdates09.png -------------------------------------------------------------------------------- /Feature-Updates/media/FeatureUpdates10.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Feature-Updates/media/FeatureUpdates10.png -------------------------------------------------------------------------------- /GraphAPI/GraphTest.ps1: -------------------------------------------------------------------------------- 1 | # Install the Microsoft.Graph module if not already installed 2 | if (-not (Get-Module -ListAvailable -Name Microsoft.Graph)) { 3 | Install-Module -Name Microsoft.Graph -Scope CurrentUser -Force 4 | } 5 | 6 | # Import the Microsoft.Graph module 7 | Import-Module Microsoft.Graph 8 | 9 | # Define the required scopes 10 | $scopes = @("https://graph.microsoft.com/.default") 11 | 12 | # Authenticate and get the access token 13 | $tenantId = "YOUR_TENANT_ID" 14 | $clientId = "YOUR_CLIENT_ID" 15 | $clientSecret = "YOUR_CLIENT_SECRET" 16 | 17 | $body = @{ 18 | grant_type = "client_credentials" 19 | scope = $scopes -join " " 20 | client_id = $clientId 21 | client_secret = $clientSecret 22 | } 23 | 24 | $response = Invoke-RestMethod -Method Post -Uri "https://login.microsoftonline.com/$tenantId/oauth2/v2.0/token" -ContentType "application/x-www-form-urlencoded" -Body $body 25 | $accessToken = $response.access_token 26 | 27 | # Set the authorization header 28 | $headers = @{ 29 | Authorization = "Bearer $accessToken" 30 | } 31 | 32 | # Search for Windows release information 33 | $uri = "https://graph.microsoft.com/v1.0/deviceManagement/windowsAutopilotDeploymentProfiles" 34 | $response = Invoke-RestMethod -Method Get -Uri $uri -Headers $headers 35 | 36 | # Output the response 37 | $response.value | ForEach-Object { 38 | Write-Output "Name: $_.displayName" 39 | Write-Output "Description: $_.description" 40 | Write-Output "Assigned Devices: $_.assignedDevicesCount" 41 | Write-Output "-----------------------------" 42 | } -------------------------------------------------------------------------------- /HopeForUsedComputers/Hope For Used Computers - Flyer.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/HopeForUsedComputers/Hope For Used Computers - Flyer.pdf -------------------------------------------------------------------------------- /HopeForUsedComputers/Hope for Used Computers PDF.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/HopeForUsedComputers/Hope for Used Computers PDF.pdf -------------------------------------------------------------------------------- /HopeForUsedComputers/readme.md: -------------------------------------------------------------------------------- 1 | # Hope for Used Computers 2 | 3 | This area is where I post items I use to rebuild computer that are donated. 4 | -------------------------------------------------------------------------------- /Intune/Add-Item2HostsFileDetect.ps1: -------------------------------------------------------------------------------- 1 | 2 | 3 | #This Script will be used to add computer names & IPs to the hosts file 4 | $Servers2Add = @( 5 | @{SERVERNAME = "2PSR210 " ; IPAddress = "192.168.20.25"} 6 | @{SERVERNAME = "2PSR210.2p.garytown.com" ; IPAddress = "192.168.20.25"} 7 | @{SERVERNAME = "2PStifleRMOM " ; IPAddress = "192.168.20.10"} 8 | @{SERVERNAME = "2PStifleRMOM.2p.garytown.com" ; IPAddress = "192.168.20.10"} 9 | ) 10 | 11 | 12 | #Get IP Address and run if IP Address starts with 192.168.1 13 | $IPAddress = (Get-NetIPAddress -AddressFamily IPv4 | Where-Object { $_.IPAddress -like "192.168.1.*" }).IPAddress 14 | if (-not $IPAddress) { 15 | Write-Output "The script will not run because the IP address does not start with 192.168.1." 16 | exit 17 | } 18 | Write-Output "IP address starts with 192.168.1. Proceeding with the script..." 19 | 20 | 21 | function Test-HostFileEntry{ 22 | param ( 23 | [string]$ServerName, 24 | [string]$IPAddress 25 | ) 26 | 27 | $HostFilePath = "$env:SystemRoot\System32\drivers\etc\hosts" 28 | $HostFileEntry = "$ServerName $IPAddress" 29 | 30 | # Check if the entry already exists in the hosts file 31 | if (Select-String -Path $HostFilePath -Pattern $ServerName) { 32 | 33 | Write-Output "Entry for $ServerName already exists in the hosts file." 34 | return $true 35 | } else { 36 | Write-Output "Entry for $ServerName does not exist in the hosts file." 37 | return $false 38 | } 39 | } 40 | 41 | # Loop through each server and add the entry to the hosts file 42 | foreach ($Server in $Servers2Add) { 43 | $ServerName = $Server.SERVERNAME 44 | $IPAddress = $Server.IPAddress 45 | if ((Test-HostFileEntry -ServerName $ServerName -IPAddress $IPAddress) -eq $false) { 46 | Write-Output "Does not exist, Triggering Remediation" 47 | exit 1 48 | } 49 | } 50 | -------------------------------------------------------------------------------- /Intune/Get-AzureTenantDisplayNameFromClient.ps1: -------------------------------------------------------------------------------- 1 | Function Get-AzureTenantDisplayNameFromClient { 2 | $Items = Get-ChildItem -path HKLM:\SYSTEM\CurrentControlSet\Control\CloudDomainJoin\TenantInfo 3 | foreach ($Item in $Items){ 4 | $Item.GetValue("DisplayName") 5 | } 6 | } -------------------------------------------------------------------------------- /Intune/Install-CMTrace-Detect.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | Gary Blok - @gwblok - GARYTOWN.COM 3 | .Synopsis 4 | Proactive Remediation for CMTrace to be on endpoint 5 | #> 6 | $AppName = "CMTrace" 7 | $FileName = "CMTrace.exe" 8 | $InstallPath = "$env:windir\system32" 9 | $AppPath = "$InstallPath\$FileName" 10 | 11 | <# 12 | if (Test-Path -Path $AppPath){ 13 | $CMTraceInstalledInfo = Get-Item -Path $AppPath 14 | $CMTraceInstalledSize = $CMTraceInstalledInfo.Length 15 | if (!($CMTraceInstalledSize -eq $CMTraceDownloadSize)){ 16 | Write-Output "CMTrace is installed, but needs Update" 17 | exit 1 18 | } 19 | } 20 | #> 21 | if (!(Test-Path -Path $AppPath)){ 22 | Write-Output "$AppName Not Found, Exit 1" 23 | exit 1 24 | } 25 | else { 26 | Write-Output "$AppName Already Installed" 27 | } -------------------------------------------------------------------------------- /Intune/Install-PowerShellMSI-Detect.ps1: -------------------------------------------------------------------------------- 1 | #https://raw.githubusercontent.com/PowerShell/PowerShell/master/tools/install-powershell.ps1 2 | 3 | 4 | function Get-InstalledApps 5 | { 6 | if (![Environment]::Is64BitProcess) { 7 | $regpath = 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*' 8 | } 9 | else { 10 | $regpath = @( 11 | 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*' 12 | 'HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*' 13 | ) 14 | } 15 | Get-ItemProperty $regpath | .{process{if($_.DisplayName -and $_.UninstallString) { $_ } }} | Select DisplayName, Publisher, InstallDate, DisplayVersion, UninstallString |Sort DisplayName 16 | } 17 | 18 | $AppCurrentInstall = Get-InstalledApps | Where-Object {$_.DisplayName -match "PowerShell 7-"} 19 | [version]$AppCurrentInstallVersion = $AppCurrentInstall.DisplayVersion 20 | if ($null -eq $AppCurrentInstallVersion){ 21 | [version]$AppCurrentInstallVersion = '0.0.0.1' 22 | } 23 | [Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12 24 | 25 | $tempDir = Join-Path ([System.IO.Path]::GetTempPath()) ([System.IO.Path]::GetRandomFileName()) 26 | $null = New-Item -ItemType Directory -Path $tempDir -Force -ErrorAction SilentlyContinue 27 | 28 | $metadata = Invoke-RestMethod https://raw.githubusercontent.com/PowerShell/PowerShell/master/tools/metadata.json 29 | $release = $metadata.ReleaseTag -replace '^v' 30 | [Version]$NewRelease = $release 31 | $NewRelease = [version]::new($NewRelease.Major, $NewRelease.Minor, $(if($NewRelease.Build -eq -1){0}else{$NewRelease.Build}), $(if($NewRelease.Revision -eq -1){0}else{$NewRelease.Revision})) 32 | if ([Version]$NewRelease -match [version]$AppCurrentInstallVersion){ 33 | Write-Output "PowerShell already current: $NewRelease" 34 | exit 0 35 | } 36 | else { 37 | Write-Output "PowerShell not current! Installed: $AppCurrentInstallVersion | Available: $NewRelease" 38 | exit 1 39 | } 40 | -------------------------------------------------------------------------------- /Intune/Install-WMIExplorer-Detect.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | Gary Blok - @gwblok - GARYTOWN.COM 3 | .Synopsis 4 | Proactive Remediation for WMIExplorer to be on endpoint 5 | 6 | .Description 7 | Downloads WMIExplorer from GitHub, Copies to System32 if it's not already there 8 | #> 9 | $AppName = "WMIExplorer" 10 | $FileName = "WMIExplorer.zip" 11 | $ExpandPath = "$env:windir\system32" 12 | $URL = "https://github.com/vinaypamnani/wmie2/releases/download/v2.0.0.2/WmiExplorer_2.0.0.2.zip" 13 | $AppPath = "$ExpandPath\WMIExplorer.exe" 14 | 15 | 16 | if (!(Test-Path -Path $AppPath)){ 17 | Write-Output "$AppName Not Found, Exit 1" 18 | exit 1 19 | } 20 | else { 21 | Write-Output "$AppName Already Installed" 22 | } 23 | -------------------------------------------------------------------------------- /Intune/Intune-EnableRDP-Detect.ps1: -------------------------------------------------------------------------------- 1 | #Gary Blok | GARYTOWN.COM | @GWBLOK 2 | #Enable RDP Detect Script 3 | 4 | <# 5 | $TSKeyPath = 'HKLM:\System\CurrentControlSet\Control\Terminal Server' 6 | 7 | $RegValues = @( 8 | @{Name = "fDenyTSConnections"; Value = 0} 9 | #@{Name = "updateRDPStatus"; Value = 1} 10 | ) 11 | #Test RPD Reg Values for Enabled 12 | foreach ($Reg in $RegValues){ 13 | $Reg.Name 14 | $TestValue = Get-ItemPropertyValue -Path $TSKeyPath -name $Reg.Name -ErrorAction SilentlyContinue 15 | if ($TestValue -ne $Reg.Value){ 16 | Write-Output "exit 1" 17 | } 18 | } 19 | #> 20 | 21 | #Test for Remote Connections Allowed 22 | if ((Get-WmiObject -Class "Win32_TerminalServiceSetting" -Namespace root\CIMV2\TerminalServices).AllowTSConnections -ne 1){ 23 | exit 1 24 | } 25 | 26 | 27 | #Test NLA for Disabled 28 | if ((Get-WmiObject -class "Win32_TSGeneralSetting" -Namespace root\cimv2\terminalservices -Filter "TerminalName='RDP-tcp'").UserAuthenticationRequired -ne 0){ 29 | exit 1 30 | } 31 | -------------------------------------------------------------------------------- /Intune/Intune-EnableRDP-Remediate.ps1: -------------------------------------------------------------------------------- 1 | #Gary Blok | GARYTOWN.COM | @GWBLOK 2 | #Enable RDP Remediation Script 3 | 4 | #Enable RDP 5 | (Get-WmiObject -Class "Win32_TerminalServiceSetting" -Namespace root\CIMV2\TerminalServices).SetAllowTSConnections(1,1) 6 | 7 | #Disable NLA 8 | (Get-WmiObject -class "Win32_TSGeneralSetting" -Namespace root\CIMV2\TerminalServices -Filter "TerminalName='RDP-tcp'").SetUserAuthenticationRequired(0) 9 | 10 | #Restart Service 11 | Enable-NetFirewallRule -DisplayGroup “Remote Desktop” 12 | Restart-Service -Force -Name "TermService" 13 | -------------------------------------------------------------------------------- /Intune/IntuneExtendedLoggingDetect.ps1: -------------------------------------------------------------------------------- 1 | #Code from https://github.com/byteben/MEM/blob/main/Create-IntuneExtendedLogging.ps1 2 | 3 | # Define the registry path 4 | $regPath = "HKLM:\SOFTWARE\Microsoft\IntuneWindowsAgent\Logging" 5 | $regValues = @("LogMaxHistory,4", "LogMaxSize,4194304") # 4 logs at 4MB each 6 | 7 | # Check if the path exists, if not, create it 8 | if (-not (Test-Path -Path $regPath)) { 9 | exit 1 10 | } 11 | 12 | # Create or set the registry values 13 | $CurrentRegValues = Get-Item -Path $regPath 14 | 15 | Foreach ($reg in $regValues) { 16 | $name, $value = $reg -split ',' 17 | #Write-Host "Testing $Name for Value: $Value" 18 | if ($CurrentRegValues.GetValue($name) -ne $value){ 19 | exit 1 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /Intune/IntuneExtendedLoggingRemediation.ps1: -------------------------------------------------------------------------------- 1 | #Code 100% from https://github.com/byteben/MEM/blob/main/Create-IntuneExtendedLogging.ps1 2 | #Thanks Ben! 3 | 4 | # Define the registry path 5 | $regPath = "HKLM:\SOFTWARE\Microsoft\IntuneWindowsAgent\Logging" 6 | $regValues = @("LogMaxHistory,4", "LogMaxSize,4194304") # 4 logs at 4MB each 7 | 8 | # Check if the path exists, if not, create it 9 | if (-not (Test-Path -Path $regPath)) { 10 | Try { 11 | New-Item -Path $regPath -Force -ErrorAction Stop 12 | } 13 | Catch { 14 | Write-Warning ("Unable to create registry path {0}: {1}" -f $regPath, $_.Exception.Message) 15 | } 16 | } 17 | 18 | # Create or set the registry values 19 | Try { 20 | Foreach ($reg in $regValues) { 21 | $name, $value = $reg -split ',' 22 | New-ItemProperty -Path $regPath -Name $name -Value $value -PropertyType "String" -Force -ErrorAction Stop 23 | } 24 | } 25 | Catch { 26 | Write-Warning ("Unable to create registry value {0} at {1}: {2}" -f $name, $regPath, $_.Exception.Message) 27 | } 28 | -------------------------------------------------------------------------------- /Intune/LowDiskSpace_Detection.ps1: -------------------------------------------------------------------------------- 1 | #GARYTOWN.COM - @GWBLOK 2 | #Detection script for Low Disk Space 3 | # Set the Min Free Space to what you want.. make sure you update both this and the remdiation script to the same value 4 | 5 | $MinFreeSpace = 25GB 6 | Function Get-FreeSpace {$DriveInfo = Get-CimInstance Win32_LogicalDisk -Filter "DeviceID='$($env:SystemDrive)'"; $Global:FreeSpace = $DriveInfo.FreeSpace; return $FreeSpace} 7 | if ((Get-FreeSpace) -lt $MinFreeSpace){exit 1} 8 | 9 | #Directories I just don't want on my machines If they exist, I want to delete them. This is a detection script, so if they exist, it will return a 1 and the remediation script will run. If they don't exist, it will return a 0 and the remediation script won't run. 10 | $Directories = @("C:\Drivers","C:\OSDCloud") 11 | foreach ($Directory in $Directories){ 12 | if (Test-Path $Directory){ 13 | exit 1 14 | } 15 | } -------------------------------------------------------------------------------- /Intune/PSModule-HPCMSL-Detect.ps1: -------------------------------------------------------------------------------- 1 | #2020.04.20 - @gwblok - GARYTOWN.COM 2 | #Discovery Script 3 | $ModuleName = "HPCMSL" 4 | 5 | #No Changes Below this Point ---------------------------- 6 | [version]$RequiredVersion = (Find-Module -Name $ModuleName).Version 7 | $InstalledVersion = [Version](Get-InstalledModule -Name $ModuleName -ErrorAction SilentlyContinue).Version 8 | if (!($InstalledVersion)){$InstalledVersion = '0.0.0'} 9 | if ($InstalledVersion -ge $RequiredVersion){Write-Output "Compliant"} 10 | else{ 11 | Write-Output "Required Version: $RequiredVersion" 12 | Write-Output "Installed Version: $InstalledVersion" 13 | exit 1 14 | } 15 | -------------------------------------------------------------------------------- /Intune/PSModule-NuGet-Detect.ps1: -------------------------------------------------------------------------------- 1 | #2020.04.20 - @gwblok - GARYTOWN.COM 2 | #Discovery Script 3 | $ModuleName = "NuGet" 4 | 5 | #No Changes Below this Point ---------------------------- 6 | [version]$RequiredVersion = (Find-PackageProvider -Name $ModuleName -Force).Version 7 | $InstalledVersion = [Version](Get-PackageProvider -Name $ModuleName -ErrorAction SilentlyContinue).Version 8 | if (!($InstalledVersion)){$InstalledVersion = '1.0.0.1'} 9 | if ($InstalledVersion -ge $RequiredVersion){Write-Output "Compliant"} 10 | else{ 11 | Write-Output "Version: $InstalledVersion" 12 | Exit 1 13 | } 14 | -------------------------------------------------------------------------------- /Intune/PSModule-PowerShellGet-Detect.ps1: -------------------------------------------------------------------------------- 1 | #2020.04.20 - @gwblok - GARYTOWN.COM 2 | #Discovery Script 3 | $ModuleName = "PowerShellGet" 4 | 5 | #No Changes Below this Point ---------------------------- 6 | [version]$RequiredVersion = (Find-PackageProvider -Name $ModuleName -Force).Version 7 | $InstalledVersion = [Version](Get-PackageProvider -Name $ModuleName -ErrorAction SilentlyContinue).Version 8 | if (!($InstalledVersion)){$InstalledVersion = '1.0.0.1'} 9 | if ($InstalledVersion -ge $RequiredVersion){Write-Output "Compliant"} 10 | else{ 11 | Write-Output "Version: $InstalledVersion" 12 | exit 1 13 | } 14 | -------------------------------------------------------------------------------- /Intune/SchedTask-ShutdownNightly-Detect.ps1: -------------------------------------------------------------------------------- 1 | $TaskName = "Shutdown Computer Daily 6PM" 2 | $Compliance = $true 3 | 4 | 5 | 6 | $GetTask = Get-ScheduledTask -TaskName $TaskName -ErrorAction SilentlyContinue 7 | if (!($GetTask)){ 8 | $Compliance = $false 9 | } 10 | else { #Based on settings I set in the scheduled task. This is how you'd overwrite the task in the future if you deside to change a setting. 11 | if ($GetTask.Settings.ExecutionTimeLimit -ne 'PT1H'){$Compliance = $false} 12 | if ($GetTask.Settings.RestartInterval -ne 'PT1H'){$Compliance = $false} 13 | if ($GetTask.Settings.RestartCount -ne 3){$Compliance = $false} 14 | if ($GetTask.Actions.Execute -ne "shutdown.exe"){$Compliance = $false} 15 | if ($GetTask.Principal.RunLevel -ne "Highest"){$Compliance = $false} 16 | #if ($GetTask.Settings.MultipleInstances -ne 'IgnoreNew'){$Compliance = $false} 17 | } 18 | 19 | if ($Compliance -eq $false){ 20 | $Compliance 21 | Exit 1 22 | } 23 | -------------------------------------------------------------------------------- /Intune/SchedTask-ShutdownNightly-Remediate.ps1: -------------------------------------------------------------------------------- 1 | $TaskName = "Shutdown Computer Daily 6PM" 2 | $Compliance = $true 3 | 4 | 5 | 6 | $GetTask = Get-ScheduledTask -TaskName $TaskName -ErrorAction SilentlyContinue 7 | if (!($GetTask)){ 8 | $Compliance = $false 9 | } 10 | else { #Based on settings I set in the scheduled task. This is how you'd overwrite the task in the future if you deside to change a setting. 11 | if ($GetTask.Settings.ExecutionTimeLimit -ne 'PT1H'){$Compliance = $false} 12 | if ($GetTask.Settings.RestartInterval -ne 'PT1H'){$Compliance = $false} 13 | if ($GetTask.Settings.RestartCount -ne 3){$Compliance = $false} 14 | if ($GetTask.Actions.Execute -ne "shutdown.exe"){$Compliance = $false} 15 | if ($GetTask.Principal.RunLevel -ne "Highest"){$Compliance = $false} 16 | #if ($GetTask.Settings.MultipleInstances -ne 'IgnoreNew'){$Compliance = $false} 17 | } 18 | 19 | if ($Compliance -eq $false){ 20 | 21 | #$A = New-ScheduledTaskAction -Execute "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Argument 'Stop-Computer -Force' 22 | $A = New-ScheduledTaskAction -Execute "shutdown.exe" -Argument '-s -f -t 120' 23 | $T = New-ScheduledTaskTrigger -Daily -DaysInterval 1 -At 6PM 24 | $P = New-ScheduledTaskPrincipal "NT Authority\System" -RunLevel Highest 25 | $S = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries -ExecutionTimeLimit (New-TimeSpan -Hours 1) -RestartCount 3 -RestartInterval (New-TimeSpan -Hours 1) 26 | $S.CimInstanceProperties.Item('MultipleInstances').Value = 3 27 | $task = New-ScheduledTask -Action $A -Trigger $T -Principal $P -Settings $S 28 | Register-ScheduledTask -TaskName $TaskName -InputObject $Task -Force 29 | 30 | } 31 | else { 32 | Write-Output "Compliance: $Compliance" 33 | } 34 | -------------------------------------------------------------------------------- /OSD/AppendUnattendXML.ps1: -------------------------------------------------------------------------------- 1 | $CurrentUnattendLocation = "C:\Users\GaryBlok\OneDrive - 2Pint Software\unattend.xml" 2 | 3 | [XML]$XML = get-content $CurrentUnattendLocation 4 | $XML.unattend.settings.component 5 | $NewSpecializeNodeElement = $XML.CreateElement("RunSynchronousCommand") 6 | 7 | $NewSpecializeNodeElement.SetAttribute("Order", "1") #Set the Order to 1 8 | $NewSpecializeNodeElement.SetAttribute("Path", "cmd /c echo Hello World > C:\HelloWorld.txt") #Set the Path to the command you want to run 9 | $XML.unattend.settings.component | Where-Object {$_.name -eq "Microsoft-Windows-Deployment"} | ForEach-Object { 10 | $_.appendChild($NewSpecializeNodeElement) 11 | } 12 | 13 | 14 | $XML.Save("C:\Users\GaryBlok\OneDrive - 2Pint Software\unattendTest.xml") -------------------------------------------------------------------------------- /OSD/Apply-UWPDriverPack.ps1: -------------------------------------------------------------------------------- 1 | #Requires HPCMSL Already installed during your OSD Process. 2 | 3 | Start-Transcript -Path "$env:windir\Debug\ApplyHPUWPDriverPack.txt" 4 | if (!(Test-Path -Path "c:\drivers\uwp\")){New-Item -Path "c:\drivers\uwp\" -ItemType Directory -Force | Out-Null} 5 | Write-Host "Download UWP Apps to c:\drivers\uwp" 6 | $UWPDP = New-HPUWPDriverPack -Path "c:\drivers\uwp\" 7 | 8 | $InstallScript = Get-ChildItem -Path "c:\drivers\uwp\" -Filter InstallAllApps.cmd -Recurse 9 | Write-Host "Start Installing UWP Apps - $($InstallScript.FullName)" 10 | Start-Process CMD.EXE -ArgumentList "/c $($InstallScript.FullName)" -Wait 11 | Stop-Transcript 12 | -------------------------------------------------------------------------------- /OSD/BGInfo/BGINFO_DL_Launch.ps1: -------------------------------------------------------------------------------- 1 | #GARYTOWN.COM 2 | #Download & Extract to System32 3 | $FileName = "BGInfo.zip" 4 | $ExpandPath = "$env:windir\system32" 5 | $URL = "https://download.sysinternals.com/files/$FileName" 6 | Write-Output "Downloading $URL" 7 | Invoke-WebRequest -UseBasicParsing -Uri $URL -OutFile $env:TEMP\$FileName 8 | if (Test-Path -Path $env:TEMP\$FileName){Write-Output "Successfully Downloaded"} 9 | else{Write-Output "Failed Downloaded"; exit 255} 10 | Write-Output "Starting Extraction of $FileName to $ExpandPath" 11 | Expand-Archive -Path $env:TEMP\$FileName -DestinationPath $ExpandPath -Force 12 | if (Test-Path -Path $ExpandPath){Write-Output "Successfully Extracted Zip File"} 13 | else{Write-Output "Failed Extract"; exit 255} 14 | 15 | 16 | #Upload your own .bgi template file and then download it. 17 | Invoke-WebRequest -UseBasicParsing -Uri "https://raw.githubusercontent.com/gwblok/garytown/master/OSD/BGInfo/WinPE-TSStarted.bgi" -OutFile "$env:TEMP\WinPE_BGInfo.bgi" 18 | 19 | #Create Process Vars 20 | $BGinfoPath = "$ExpandPath\bginfo64.exe" 21 | $BGInfoArgs = "$env:TEMP\WinPE_BGInfo.bgi /nolicprompt /silent /timer:0" 22 | 23 | 24 | #Start BG Info 25 | Start-Process -FilePath $BGinfoPath -ArgumentList $BGInfoArgs -PassThru 26 | 27 | #Fix Refresh on 24H2 Boot Image 28 | if (get-process -name WallpaperHost -ErrorAction SilentlyContinue) { 29 | Start-Sleep -Milliseconds 300 30 | Stop-Process -Name WallpaperHost -Force 31 | Start-Sleep -Milliseconds 300 32 | if (Test-Path -Path $env:SystemRoot\System32\WallpaperHost.exe) { 33 | Start-Process -FilePath $env:SystemRoot\System32\WallpaperHost.exe -PassThru 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /OSD/BGInfo/BGInfoBootMediaPreStart.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/BGInfo/BGInfoBootMediaPreStart.png -------------------------------------------------------------------------------- /OSD/BGInfo/BGInfoFolder.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/BGInfo/BGInfoFolder.png -------------------------------------------------------------------------------- /OSD/BGInfo/BGInfoInWinPE.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/BGInfo/BGInfoInWinPE.png -------------------------------------------------------------------------------- /OSD/BGInfo/BGInfoInWinPEinTS.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/BGInfo/BGInfoInWinPEinTS.png -------------------------------------------------------------------------------- /OSD/BGInfo/BGInfoTS01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/BGInfo/BGInfoTS01.png -------------------------------------------------------------------------------- /OSD/BGInfo/BGInfoTS02.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/BGInfo/BGInfoTS02.png -------------------------------------------------------------------------------- /OSD/BGInfo/BGInfoTS03.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/BGInfo/BGInfoTS03.png -------------------------------------------------------------------------------- /OSD/BGInfo/Readme.md: -------------------------------------------------------------------------------- 1 | # BGInfo for ConfigMgr OSD - Prestart Command 2 | 3 | ## Prestart Commands 4 | cmd.exe /c powershell.exe -executionpolicy bypass .\BGInfoRegBuilder.ps1 5 | 6 | ## TS Run Command Line Step to Trigger BGInfo 7 | bginfo64.exe WinPE-TSStarted.bgi /nolicprompt /silent /timer:0 8 | 9 | ## Folder 10 | - Bginfo64.exe 11 | - WinPE-PreStart.bgi | Used during Pre-Start 12 | - BGInfoRegBuilder.ps1 | Used during Pre-Start 13 | - WinPE-TSStarted.bgi | Used once Task Sequence has started, after Gather Step 14 | - BGInfoRegBuilderTS.ps1 | Used once Task Sequence has started, after Gather Step 15 | 16 | ## Updates 17 | - 2022.02.09 - Added additional Fields (Manufacturer, Model, UniqueID) 18 | - 2022.02.09 - Added 2nd set of files for Once the TS Starts, requires Gather Step run. 19 | - https://github.com/gwblok/garytown/blob/master/OSD/gather.ps1 20 | 21 | 22 | ### Pre-Start 23 | [![BGInfoInWinPE.png](BGInfoInWinPE.png)](BGInfoInWinPE.png) 24 | 25 | ### In Task Sequence 26 | [![BGInfoInWinPEinTS](BGInfoInWinPEinTS.png)](BGInfoInWinPEinTS.png) 27 | 28 | ### Source Folder 29 | [![Folder](BGInfoFolder.png)](BGInfoFolder.png) 30 | 31 | ### Boot Media 32 | [![CMBootImage](BGInfoBootMediaPreStart.png)](BGInfoBootMediaPreStart.png) 33 | 34 | ## In the Task Sequence 35 | 36 | [![BGInfoTS02](BGInfoTS02.png)](BGInfoTS02.png) 37 | [![BGInfoTS03](BGInfoTS03.png)](BGInfoTS03.png) 38 | [![BGInfoTS01](BGInfoTS01.png)](BGInfoTS01.png) 39 | -------------------------------------------------------------------------------- /OSD/BGInfo/WinPE-PreStart.bgi: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/BGInfo/WinPE-PreStart.bgi -------------------------------------------------------------------------------- /OSD/BGInfo/WinPE-TSStarted.bgi: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/BGInfo/WinPE-TSStarted.bgi -------------------------------------------------------------------------------- /OSD/BIOS/BIOSGatherPackage/BIOS_Status_Confirm.ps1: -------------------------------------------------------------------------------- 1 | #GWBLOK 2 | #Future Updates to pull Registry path from TS Vars instead of hardcode 3 | 4 | $tsenv = New-Object -ComObject Microsoft.SMS.TSEnvironment 5 | $RegistryPathWaaS = "HKLM:SOFTWARE\WaaS" 6 | if ($TSENV.Value("CURRENTBIOSVERSION")) 7 | { 8 | $CurrentBIOSVer = $TSENV.Value("CURRENTBIOSVERSION") 9 | $TargetBIOSVersion = $TSENV.Value("TARGETBIOSVERSION") 10 | if (test-path $RegistryPathWaaS\BIOS\$TargetBIOSVersion) 11 | { 12 | $LastStatus = Get-ItemPropertyValue -path $RegistryPathWaaS -Name 'BIOSUpgradeStatus' -ErrorAction SilentlyContinue 13 | $LastUpgradeTo = Get-ItemPropertyValue -path $RegistryPathWaaS -Name 'BIOSUpgradeTo' -ErrorAction SilentlyContinue 14 | if ($CurrentBIOSVer -eq $LastUpgradeTo) 15 | { 16 | if ($LastStatus -ne "Success") 17 | { 18 | Write-Output "BIOS on Machine is Current, but last Status = failed... Updating Status to Success" 19 | New-ItemProperty -Path $RegistryPathWaaS -Name "BIOSUpgradeStatus" -Value "Success" -Force | Out-Null 20 | } 21 | } 22 | else 23 | { 24 | Write-Output "BIOS is not at Target BIOS Version - Considered FAILURE" 25 | } 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /OSD/BIOS/BIOSGatherPackage/Set_BIOS_Path_Variable.ps1: -------------------------------------------------------------------------------- 1 | #Mike Terrill 2 | $tsenv = New-Object -ComObject Microsoft.SMS.TSEnvironment 3 | $TSCACHE = "_SMSTSPackageCacheLocation" + $tsenv.Value('BIOSPACKAGE') 4 | $CCMCACHE = "_SMSTS" + $tsenv.Value('BIOSPACKAGE') 5 | if ($tsenv.Value($TSCACHE)) {$tsenv.Value('BIOS01') = $tsenv.Value($TSCACHE)} 6 | if ($tsenv.Value($CCMCACHE)) {$tsenv.Value('BIOS01') = $tsenv.Value($CCMCACHE)} 7 | write-output "BIOS01:$($tsenv.Value('BIOS01'))" 8 | -------------------------------------------------------------------------------- /OSD/BIOS/BIOSGatherPackage/Setting_Path_to_FlashBIN.ps1: -------------------------------------------------------------------------------- 1 | Write-Output "---------------------------------------" 2 | write-OutPut "Staring Script in TS Step: Setting Path to FlashBIN" 3 | $tsenv = New-Object -ComObject Microsoft.SMS.TSEnvironment 4 | $UEFI = $tsenv.Value("_SMSTSBootUEFI") 5 | $path = $tsenv.Value("BIOS01") 6 | 7 | if ($UEFI -eq "TRUE"){ 8 | Write-Output "Detected running in UEFI" 9 | } 10 | else{ 11 | Write-Output "Detected running in LEGACY BIOS MODE" 12 | } 13 | 14 | 15 | $cs = gwmi -Class 'Win32_ComputerSystem' 16 | If ($cs.Manufacturer -eq 'HP' -or $cs.Manufacturer -eq 'Hewlett-Packard') { 17 | Write-Output "Detected Manufacturer is HP" 18 | $biosfile = Get-Item -Path "$path\*.bin" 19 | $tsenv.Value('FLASHLOG') = "$($biosfile.name).log" 20 | } 21 | elseif ($cs.Manufacturer -eq 'Dell Inc.') { 22 | Write-Output "Detected Manufacturer is DELL" 23 | $biosfile = Get-Item -Path "$path\*.exe" | Where-Object {$_.Name -ne 'Flash64W.exe'} 24 | $tsenv.Value('FLASHLOG') = "$($biosfile.name).log" 25 | } 26 | $tsenv.Value("FLASHBIN") = $biosfile.fullname 27 | Write-Output "Set FLASHBIN to $($biosfile.fullname)" 28 | Write-Output "---------------------------------------" 29 | -------------------------------------------------------------------------------- /OSD/BIOS/BIOSModule.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/BIOS/BIOSModule.zip -------------------------------------------------------------------------------- /OSD/BIOS/Dell Utilities/BIOSIntf.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/BIOS/Dell Utilities/BIOSIntf.dll -------------------------------------------------------------------------------- /OSD/BIOS/Dell Utilities/Flash64W.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/BIOS/Dell Utilities/Flash64W.exe -------------------------------------------------------------------------------- /OSD/BIOS/Dell Utilities/cctk.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/BIOS/Dell Utilities/cctk.exe -------------------------------------------------------------------------------- /OSD/BIOS/Dell Utilities/dchapi64.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/BIOS/Dell Utilities/dchapi64.dll -------------------------------------------------------------------------------- /OSD/BIOS/Dell Utilities/dchbas64.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/BIOS/Dell Utilities/dchbas64.dll -------------------------------------------------------------------------------- /OSD/BIOS/HP Script Library PowerShell Module for WinPE/HP.PowershellModules/LoadHPScriptLibrary.ps1: -------------------------------------------------------------------------------- 1 | try 2 | { 3 | $tsenv = New-Object -COMObject Microsoft.SMS.TSEnvironment 4 | } 5 | catch 6 | { 7 | Write-Verbose "Not running in a task sequence." 8 | } 9 | 10 | $PSPath = $env:PSModulePath.Split(";") 11 | $PSPath = $PSPath | Where-Object {$_ -like "*:\Program Files\WindowsPowerShell*"} 12 | $CopyDestination = $PSPath.Substring(0,$PSPath.Length-8) 13 | 14 | Copy-Item ".\HP.PowershellModules\Modules" -Destination $CopyDestination -Recurse -Force 15 | Copy-Item ".\HP.PowershellModules\Scripts" -Destination $CopyDestination -Recurse -Force 16 | 17 | $tsenv.value('HPCMSL') = $true 18 | -------------------------------------------------------------------------------- /OSD/BIOS/HP Script Library PowerShell Module for WinPE/HP.PowershellModules/Modules/HP.Firmware/MSAL_4.19.0/net45/Microsoft.Identity.Client.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/BIOS/HP Script Library PowerShell Module for WinPE/HP.PowershellModules/Modules/HP.Firmware/MSAL_4.19.0/net45/Microsoft.Identity.Client.dll -------------------------------------------------------------------------------- /OSD/BIOS/HP Script Library PowerShell Module for WinPE/HP.PowershellModules/Modules/HP.Firmware/MSAL_4.19.0/netcoreapp2.1/Microsoft.Identity.Client.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/BIOS/HP Script Library PowerShell Module for WinPE/HP.PowershellModules/Modules/HP.Firmware/MSAL_4.19.0/netcoreapp2.1/Microsoft.Identity.Client.dll -------------------------------------------------------------------------------- /OSD/BIOS/HP Script Library PowerShell Module for WinPE/HP.PowershellModules/Modules/HP.Firmware/MSAL_4.36.2/net45/Microsoft.Identity.Client.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/BIOS/HP Script Library PowerShell Module for WinPE/HP.PowershellModules/Modules/HP.Firmware/MSAL_4.36.2/net45/Microsoft.Identity.Client.dll -------------------------------------------------------------------------------- /OSD/BIOS/HP Script Library PowerShell Module for WinPE/HP.PowershellModules/Modules/HP.Firmware/MSAL_4.36.2/netcoreapp2.1/Microsoft.Identity.Client.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/BIOS/HP Script Library PowerShell Module for WinPE/HP.PowershellModules/Modules/HP.Firmware/MSAL_4.36.2/netcoreapp2.1/Microsoft.Identity.Client.dll -------------------------------------------------------------------------------- /OSD/BIOS/HP Script Library PowerShell Module for WinPE/HP.PowershellModules/Modules/HP.Firmware/dfmbios32.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/BIOS/HP Script Library PowerShell Module for WinPE/HP.PowershellModules/Modules/HP.Firmware/dfmbios32.dll -------------------------------------------------------------------------------- /OSD/BIOS/HP Script Library PowerShell Module for WinPE/HP.PowershellModules/Modules/HP.Firmware/dfmbios64.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/BIOS/HP Script Library PowerShell Module for WinPE/HP.PowershellModules/Modules/HP.Firmware/dfmbios64.dll -------------------------------------------------------------------------------- /OSD/BIOS/HP Script Library PowerShell Module for WinPE/HP.PowershellModules/Modules/HP.Notifications/assets/img.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/BIOS/HP Script Library PowerShell Module for WinPE/HP.PowershellModules/Modules/HP.Notifications/assets/img.jpg -------------------------------------------------------------------------------- /OSD/BIOS/HP Script Library PowerShell Module for WinPE/HP.PowershellModules/Modules/HP.Notifications/assets/logo.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/BIOS/HP Script Library PowerShell Module for WinPE/HP.PowershellModules/Modules/HP.Notifications/assets/logo.jpg -------------------------------------------------------------------------------- /OSD/CloudOSD/CMTrace.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/CloudOSD/CMTrace.exe -------------------------------------------------------------------------------- /OSD/CloudOSD/CalcRequiredFree.ps1: -------------------------------------------------------------------------------- 1 | [CmdletBinding()] 2 | Param ( 3 | 4 | [Parameter(Mandatory=$false)] 5 | [int]$RequiredFree = 20 6 | ) 7 | 8 | $SystemDrive = ($env:SystemDrive).Replace(":","") 9 | $OSVolume = Get-Volume -DriveLetter $SystemDrive 10 | 11 | #Get Disk in GB 12 | $OSVolumeSize = $OSVolume.Size /1024 /1024 /1024 13 | 14 | #Calculate Required Free Space in GB based on RequiredFree percentage 15 | $RequiredFreeGB = $OSVolumeSize * $RequiredFree / 100 16 | #Round RequiredFreeGB 17 | $RequiredFreeGB = [math]::Round($RequiredFreeGB, 0) 18 | 19 | #Get Free Space in GB 20 | $OSVolumeFreeSpace = $OSVolume.SizeRemaining /1024 /1024 /1024 21 | #Round OSVolumeFreeSpace 22 | $OSVolumeFreeSpace = [math]::Round($OSVolumeFreeSpace, 0) 23 | 24 | $Return = ($RequiredFree -gt $OSVolumeFreeSpace) 25 | 26 | return $Return -------------------------------------------------------------------------------- /OSD/CloudOSD/ConfigMgrDesktopIcons.ps1: -------------------------------------------------------------------------------- 1 | #Gary Blok | @gwblok | Recast Software 2 | #Create ConfigMgr Control Panel Shortcut & Software Center Shortcut on Desktop 3 | 4 | #Build ShortCut Information 5 | $SourceExe = "$env:windir\system32\control.exe" 6 | $ArgumentsToSourceExe = "smscfgrc" 7 | $DestinationPath = "$env:Public\Desktop\ConfigMgr Panel.lnk" 8 | 9 | #Create Shortcut 10 | $WshShell = New-Object -comObject WScript.Shell 11 | $Shortcut = $WshShell.CreateShortcut($DestinationPath) 12 | $Shortcut.IconLocation = "C:\Windows\System32\SHELL32.dll, 14" 13 | $Shortcut.TargetPath = $SourceExe 14 | $Shortcut.Arguments = $ArgumentsToSourceExe 15 | $Shortcut.Save() 16 | 17 | write-output "Creating ConfigMgr Control Panel Icon on Desktop" 18 | 19 | 20 | #Build ShortCut Information 21 | $SourceExe = "$env:windir\CCM\ClientUX\SCClient.exe" 22 | $ArgumentsToSourceExe = "softwarecenter:Page=AvailableSoftware" 23 | $DestinationPath = "$env:Public\Desktop\Software Center.lnk" 24 | 25 | #Create Shortcut 26 | $WshShell = New-Object -comObject WScript.Shell 27 | $Shortcut = $WshShell.CreateShortcut($DestinationPath) 28 | $Shortcut.TargetPath = $SourceExe 29 | $Shortcut.Arguments = $ArgumentsToSourceExe 30 | $Shortcut.Save() 31 | 32 | write-output "Creating ConfigMgr Software Center Icon on Desktop" 33 | -------------------------------------------------------------------------------- /OSD/CloudOSD/Control.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/CloudOSD/Control.zip -------------------------------------------------------------------------------- /OSD/CloudOSD/CopyCMTrace.ps1: -------------------------------------------------------------------------------- 1 | <# Add CMTrace MDT 2 | Gary Blok @gwblok Recast Software 3 | Used with OSDCloud Edition OSD 4 | #> 5 | 6 | #Download WallPaper from GitHub 7 | $CMTraceURL = "https://github.com/gwblok/garytown/raw/master/OSD/CloudOSD/CMTrace.exe" 8 | Invoke-WebRequest -UseBasicParsing -Uri $CMTraceURL -OutFile "$env:TEMP\CMTrace.exe" 9 | 10 | #Copy the CMTrace into place 11 | if (Test-Path -Path "$env:TEMP\CMTrace.exe"){ 12 | Write-Output "Running Command: Copy-Item .\CMTrace.exe C:\Windows\system32\CMTrace.exe -Force -Verbose" 13 | Copy-Item "$env:TEMP\CMTrace.exe" "$env:windir\system32\CMTrace.exe" -Force -Verbose 14 | } 15 | else 16 | { 17 | Write-Output "Did not find CMTrace.exe in temp folder - Please confirm URL" 18 | } 19 | 20 | exit $exitcode 21 | -------------------------------------------------------------------------------- /OSD/CloudOSD/CopyJson.ps1: -------------------------------------------------------------------------------- 1 | <# Add JSON MDT 2 | Gary Blok @gwblok Recast Software 3 | 4 | Used with OSDCloud Edition OSD 5 | 6 | #> 7 | 8 | $tsenv = new-object -comobject Microsoft.SMS.TSEnvironment 9 | $OSDisk = $tsenv.value("osdisk") 10 | 11 | 12 | #Download WallPaper from GitHub 13 | $JSONURL = "https://github.com/gwblok/garytown/raw/master/OSD/CloudOSD/Pilot.json" 14 | Invoke-WebRequest -UseBasicParsing -Uri $JSONURL -OutFile "$env:TEMP\Pilot.json" 15 | 16 | #Copy the JOSN file into place 17 | if (Test-Path -Path "$env:TEMP\Pilot.json"){ 18 | Write-Output "Running Command: Copy-Item .\Pilot.json $OSDisk\Windows\Provisioning\Autopilot\AutopilotConfigurationFile.json -Force -Verbose" 19 | Copy-Item "$env:TEMP\Pilot.json" "$OSDisk\Windows\Provisioning\Autopilot\AutopilotConfigurationFile.json" -Force -Verbose 20 | } 21 | else 22 | { 23 | Write-Output "Did not find Pilot.json in temp folder - Please confirm URL" 24 | } 25 | 26 | 27 | exit $exitcode 28 | -------------------------------------------------------------------------------- /OSD/CloudOSD/FormatRAWDisks.ps1: -------------------------------------------------------------------------------- 1 | #Gets Readout and Prints to console (SMSTSLog) Before Changes 2 | get-disk 3 | 4 | #Change CD Drive to A Drive temporary 5 | $cd = Get-WMIObject -Class Win32_CDROMDrive -ErrorAction Stop 6 | if ($cd){ 7 | $driveletter = $cd.drive 8 | $DriveInfo = Get-CimInstance -class win32_volume | Where-Object {$_.DriveLetter -eq $driveletter} |Set-CimInstance -Arguments @{DriveLetter='A:'} 9 | } 10 | #Get RAW Disks and Format 11 | $RAWDisks = get-disk | Where-Object {$_.PartitionStyle -eq "RAW" -and $_.BusType -ne "USB"} 12 | foreach ($Disk in $RAWDisks)#{} 13 | { 14 | $Size = [math]::Round($Disk.size / 1024 / 1024 / 1024) 15 | Initialize-Disk -PartitionStyle GPT -Number $Disk.Number 16 | New-Partition -DiskNumber $Disk.Number -AssignDriveLetter -UseMaximumSize | 17 | Format-Volume -FileSystem NTFS -NewFileSystemLabel "Storage-$($size)GB" -Confirm:$false 18 | } 19 | 20 | if ($cd){ 21 | #Set CD to next available Drive Letter 22 | $AllLetters = 67..90 | ForEach-Object {[char]$_ + ":"} 23 | $UsedLetters = get-wmiobject win32_logicaldisk | select -expand deviceid 24 | $FreeLetters = $AllLetters | Where-Object {$UsedLetters -notcontains $_} 25 | $CDDriveLetter = $FreeLetters | select-object -First 1 26 | $DriveInfo = Get-CimInstance -class win32_volume | Where-Object {$_.DriveLetter -eq "A:"} |Set-CimInstance -Arguments @{DriveLetter=$CDDriveLetter} 27 | } 28 | #Gets Readout and Prints to console (SMSTSLog) After Changes 29 | get-disk 30 | -------------------------------------------------------------------------------- /OSD/CloudOSD/OSDCloudTaskSequence.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/CloudOSD/OSDCloudTaskSequence.zip -------------------------------------------------------------------------------- /OSD/CloudOSD/Pilot.json: -------------------------------------------------------------------------------- 1 | { 2 | "CloudAssignedDomainJoinMethod": 0, 3 | "CloudAssignedDeviceName": "Recast-%RAND:5%", 4 | "CloudAssignedAutopilotUpdateTimeout": 1800000, 5 | "CloudAssignedForcedEnrollment": 1, 6 | "Version": 2049, 7 | "CloudAssignedTenantId": "f0f531dc-d350-4bc5-9e7e-e219e4bb351b", 8 | "CloudAssignedAutopilotUpdateDisabled": 1, 9 | "ZtdCorrelationId": "4337dddf-b2c2-46d5-a377-2db4d4d426a4", 10 | "Comment_File": "Profile Recast Software Auto Pilot Profile", 11 | "CloudAssignedAadServerData": "{\"ZeroTouchConfig\":{\"CloudAssignedTenantUpn\":\"\",\"ForcedEnrollment\":1,\"CloudAssignedTenantDomain\":\"recastsoftwareblog.onmicrosoft.com\"}}", 12 | "CloudAssignedOobeConfig": 1310, 13 | "CloudAssignedTenantDomain": "recastsoftwareblog.onmicrosoft.com", 14 | "CloudAssignedLanguage": "os-default" 15 | } 16 | -------------------------------------------------------------------------------- /OSD/CloudOSD/ScheduleOSDCloudPost.ps1: -------------------------------------------------------------------------------- 1 | $action = (New-ScheduledTaskAction -Execute "cmd.exe" -Argument "/c rd c:\_SMSTaskSequence /S /Q"), (New-ScheduledTaskAction -Execute "cmd.exe" -Argument "/c rd c:\MININT /S /Q"),(New-ScheduledTaskAction -Execute "cmd.exe" -Argument "/c schtasks.exe/Delete /TN OSDCloudPost /F") 2 | $trigger = New-ScheduledTaskTrigger -AtStartup 3 | $settings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries 4 | $task = New-ScheduledTask -Action $action -Trigger $trigger -Settings $settings -Description "OSDCloud Cleanup" 5 | Register-ScheduledTask OSDCloudPost -InputObject $task -User SYSTEM 6 | -------------------------------------------------------------------------------- /OSD/CloudOSD/ServiceUI.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/CloudOSD/ServiceUI.exe -------------------------------------------------------------------------------- /OSD/CloudOSD/Update-PowerShellGet.ps1: -------------------------------------------------------------------------------- 1 | <# GARY BLOK - RecastSoftware.com @gwblok 2 | 2022.02.15 3 | 4 | Update PowerShellGet and PackageManagement 5 | #> 6 | 7 | $WorkingDir = $env:TEMP 8 | 9 | #PowerShellGet from PSGallery URL 10 | if (!(Get-Module -Name PowerShellGet)){ 11 | $PowerShellGetURL = "https://psg-prod-eastus.azureedge.net/packages/powershellget.2.2.5.nupkg" 12 | Invoke-WebRequest -UseBasicParsing -Uri $PowerShellGetURL -OutFile "$WorkingDir\powershellget.2.2.5.zip" 13 | $Null = New-Item -Path "$WorkingDir\2.2.5" -ItemType Directory -Force 14 | Expand-Archive -Path "$WorkingDir\powershellget.2.2.5.zip" -DestinationPath "$WorkingDir\2.2.5" 15 | $Null = New-Item -Path "$env:ProgramFiles\WindowsPowerShell\Modules\PowerShellGet" -ItemType Directory -ErrorAction SilentlyContinue 16 | Move-Item -Path "$WorkingDir\2.2.5" -Destination "$env:ProgramFiles\WindowsPowerShell\Modules\PowerShellGet\2.2.5" 17 | Remove-Item -Path "$env:ProgramFiles\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1" -Recurse -force 18 | } 19 | 20 | #PackageManagement from PSGallery URL 21 | if (!(Get-Module -Name PackageManagement)){ 22 | $PackageManagementURL = "https://psg-prod-eastus.azureedge.net/packages/packagemanagement.1.4.7.nupkg" 23 | Invoke-WebRequest -UseBasicParsing -Uri $PackageManagementURL -OutFile "$WorkingDir\packagemanagement.1.4.7.zip" 24 | $Null = New-Item -Path "$WorkingDir\1.4.7" -ItemType Directory -Force 25 | Expand-Archive -Path "$WorkingDir\packagemanagement.1.4.7.zip" -DestinationPath "$WorkingDir\1.4.7" 26 | $Null = New-Item -Path "$env:ProgramFiles\WindowsPowerShell\Modules\PackageManagement" -ItemType Directory -ErrorAction SilentlyContinue 27 | Move-Item -Path "$WorkingDir\1.4.7" -Destination "$env:ProgramFiles\WindowsPowerShell\Modules\PackageManagement\1.4.7" 28 | } 29 | -------------------------------------------------------------------------------- /OSD/CloudOSD/UserPics/Readme.md: -------------------------------------------------------------------------------- 1 | # User Images, used to replace Windows Default 2 | 3 | These are used in OSD to overwrite the ones in Windows. This will allow you to use a company logo. This only works on machines using 100% on-prem AD. If you're using Microsoft Accounts, it will not matter. 4 | -------------------------------------------------------------------------------- /OSD/CloudOSD/UserPics/guest.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/CloudOSD/UserPics/guest.png -------------------------------------------------------------------------------- /OSD/CloudOSD/UserPics/user-192.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/CloudOSD/UserPics/user-192.png -------------------------------------------------------------------------------- /OSD/CloudOSD/UserPics/user-200.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/CloudOSD/UserPics/user-200.png -------------------------------------------------------------------------------- /OSD/CloudOSD/UserPics/user-32.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/CloudOSD/UserPics/user-32.png -------------------------------------------------------------------------------- /OSD/CloudOSD/UserPics/user-40.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/CloudOSD/UserPics/user-40.png -------------------------------------------------------------------------------- /OSD/CloudOSD/UserPics/user-48.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/CloudOSD/UserPics/user-48.png -------------------------------------------------------------------------------- /OSD/CloudOSD/UserPics/user.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/CloudOSD/UserPics/user.png -------------------------------------------------------------------------------- /OSD/CloudOSD/lockscreen.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/CloudOSD/lockscreen.jpg -------------------------------------------------------------------------------- /OSD/CloudOSD/logo.bmp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/CloudOSD/logo.bmp -------------------------------------------------------------------------------- /OSD/CloudOSD/wallpaper.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/CloudOSD/wallpaper.jpg -------------------------------------------------------------------------------- /OSD/CreateConfigMgrDesktopShortcut.ps1: -------------------------------------------------------------------------------- 1 | <# Gary Blok @gwblok - Recast Software 2 | Creates a shortcut on the desktop for the ConfigMgr Control Panel Applet 3 | I use this in my lab / test machines. 4 | #> 5 | #Build ShortCut Information 6 | $SourceExe = "$env:windir\system32\control.exe" 7 | $ArgumentsToSourceExe = "smscfgrc" 8 | $DestinationPath = "$env:Public\Desktop\ConfigMgr Panel.lnk" 9 | 10 | #Create Shortcut 11 | $WshShell = New-Object -comObject WScript.Shell 12 | $Shortcut = $WshShell.CreateShortcut($DestinationPath) 13 | $Shortcut.IconLocation = "C:\Windows\System32\SHELL32.dll, 14" 14 | $Shortcut.TargetPath = $SourceExe 15 | $Shortcut.Arguments = $ArgumentsToSourceExe 16 | $Shortcut.Save() 17 | 18 | write-output "Creating ConfigMgr Control Panel Icon on Desktop" 19 | -------------------------------------------------------------------------------- /OSD/CustomTSLogging/CustomTSLogging.ps1: -------------------------------------------------------------------------------- 1 | <# Gary Blok @GWBLOK RecastSoftware.com 2 | Used for Logging during the Task Sequence - Run PowerShell Step 3 | 4 | Function Stolen from: https://www.ephingadmin.com/powershell-cmtrace-log-function/ 5 | Could this be cleaner, I'm sure... does it work, yes. 6 | 7 | -Message 'Running Software Updates' -Type 1 -Component 'Software Updates' -logfile %_SMSTSLogPath%\%LogFileName% 8 | -Message 'Failed Installing M365' -Type 3 -Component 'App Installations' -logfile 'C:\Windows\Temp\TSApps.log' 9 | 10 | #> 11 | 12 | [CmdletBinding()] 13 | Param ( 14 | [Parameter(Mandatory=$true)] 15 | $Message, 16 | [Parameter(Mandatory=$false)] 17 | $ErrorMessage, 18 | [Parameter(Mandatory=$true)] 19 | $Component, 20 | [Parameter(Mandatory=$true)] 21 | [int]$Type, 22 | [Parameter(Mandatory=$false)] 23 | $LogFile 24 | ) 25 | 26 | function CMTraceLog { 27 | [CmdletBinding()] 28 | Param ( 29 | [Parameter(Mandatory=$false)] 30 | $Message, 31 | [Parameter(Mandatory=$false)] 32 | $ErrorMessage, 33 | [Parameter(Mandatory=$false)] 34 | $Component, 35 | [Parameter(Mandatory=$false)] 36 | [int]$Type, 37 | [Parameter(Mandatory=$true)] 38 | $LogFile 39 | ) 40 | <# 41 | Type: 1 = Normal, 2 = Warning (yellow), 3 = Error (red) 42 | #> 43 | $Time = Get-Date -Format "HH:mm:ss.ffffff" 44 | $Date = Get-Date -Format "MM-dd-yyyy" 45 | if ($ErrorMessage -ne $null) {$Type = 3} 46 | if ($Component -eq $null) {$Component = " "} 47 | if ($Type -eq $null) {$Type = 1} 48 | $LogMessage = "" 49 | $LogMessage.Replace("`0","") | Out-File -Append -Encoding UTF8 -FilePath $LogFile 50 | } 51 | 52 | CMTraceLog -Message "$Message" -Type $type -Component $Component -LogFile $LogFile 53 | -------------------------------------------------------------------------------- /OSD/CustomTSLogging/Readme.md: -------------------------------------------------------------------------------- 1 | # Task Sequence Custom Logging Steps 2 | 3 | Not saying this should be your main way for custom logging, but it's been really helpful in a pinch. 4 | 5 | This code is 100% stolen from Ryan: https://www.ephingadmin.com/powershell-cmtrace-log-function and used in a unique way. 6 | 7 | ## In the Task Sequence 8 | 9 | [![TSLogging01](TSLogging01.png)](TSLogging01.png) 10 | [![TSLogging02](TSLogging02.png)](TSLogging02.png) 11 | 12 | ## Demo 13 | 14 | [![TSLogging03](TSLogging03.png)](TSLogging03.png) -------------------------------------------------------------------------------- /OSD/CustomTSLogging/TSLogging01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/CustomTSLogging/TSLogging01.png -------------------------------------------------------------------------------- /OSD/CustomTSLogging/TSLogging02.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/CustomTSLogging/TSLogging02.png -------------------------------------------------------------------------------- /OSD/CustomTSLogging/TSLogging03.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/CustomTSLogging/TSLogging03.png -------------------------------------------------------------------------------- /OSD/DefenderUpdater/DefenderUpdate01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/DefenderUpdater/DefenderUpdate01.png -------------------------------------------------------------------------------- /OSD/DefenderUpdater/DefenderUpdate02.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/DefenderUpdater/DefenderUpdate02.png -------------------------------------------------------------------------------- /OSD/DefenderUpdater/DefenderUpdate03.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/DefenderUpdater/DefenderUpdate03.png -------------------------------------------------------------------------------- /OSD/DefenderUpdater/readme.md: -------------------------------------------------------------------------------- 1 | # Windows Defender Package Update Automation 2 | 3 | Based on Johan's Script & [Jorgen's Blog](https://ccmexec.com/2016/01/download-and-deploy-windows-defender-definitions-for-windows-10-during-osd/) 4 | 5 | Includes Scheduled Task that runs daily & Script that updates a package. 6 | 7 | To use: 8 | - Decide where you want to store the script. 9 | - Update the XML for the Scheduled task to where you store the script 10 | - Import the Scheduled Task, leverage a gSMA account or other service account with permissions to both CM & the Package Location 11 | - Account with access to file share & CM 12 | - Scheduled task runs on machine with CM Console (So it has access to the PS Commandlets) 13 | - These requirements are NOT the same as Johan's script which doesn't leverage the CM PS Commandlets 14 | 15 | Once you have this setup, you can add steps to your Task Sequence to leverage the updated Defender Defs. Look to Jorgen's blog in the link above for more details about integration. 16 | 17 | ## Scheduled Task: 18 | ``` 19 | In my lab, I'm just using a user account, but in Production, I'm using a gSMA account. 20 | ``` 21 | 22 | [![Defender Updater 01](DefenderUpdate01.png)](DefenderUpdate01.png) 23 | 24 | ## Log File: 25 | 26 | [![Defender Updater 02](DefenderUpdate02.png)](DefenderUpdate02.png) 27 | 28 | ## Package in Console: 29 | 30 | [![Defender Updater 03](DefenderUpdate03.png)](DefenderUpdate03.png) 31 | -------------------------------------------------------------------------------- /OSD/LanguagePackModule-TS.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/LanguagePackModule-TS.zip -------------------------------------------------------------------------------- /OSD/ModelSupportTS-CM2103.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/ModelSupportTS-CM2103.zip -------------------------------------------------------------------------------- /OSD/Set-DarkModeTheme-Logon.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | Yeah, so this is setting Dark Mode Theme at login. 3 | I couldn't get the registry values to stick during OSD, so I'm trying this. 4 | Alot of Default User profile reg values aren't sticking on Win 11 24H2, so I'm giving this a shot. 5 | #> 6 | 7 | $A = New-ScheduledTaskAction -Execute "C:\Windows\Resources\Themes\themeA.theme" 8 | $T = New-ScheduledTaskTrigger -AtLogOn 9 | $P = New-ScheduledTaskPrincipal -GroupId "BUILTIN\Users" -RunLevel Limited 10 | $task = New-ScheduledTask -Action $A -Trigger $T -Principal $P -Settings $S 11 | $S = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries -ExecutionTimeLimit (New-TimeSpan -Hours 1) -RestartCount 3 -RestartInterval (New-TimeSpan -Hours 1) 12 | $task = New-ScheduledTask -Action $A -Trigger $T -Principal $P -Settings $S 13 | Register-ScheduledTask -TaskName "Dark Mode on Logon" -InputObject $Task 14 | -------------------------------------------------------------------------------- /OSD/Set-DiskNumber.ps1: -------------------------------------------------------------------------------- 1 | #Script Returns the Disk Number for the Desired Disk for installing Windows to during OSD 2 | #https://garytown.com/osd-with-multi-disk-configs 3 | #https://learn.microsoft.com/en-us/windows-hardware/drivers/storage/msft-disk 4 | 5 | #issue where in WinPE it randomly doesn't show the disk, like 1 in 100... 6 | $Disks = Get-Disk 7 | if (!($Disks)){ 8 | restart-service smphost 9 | start-sleep 5 10 | } 11 | 12 | $BusTypes = @('NVMe', 'SATA') 13 | #if can't find NVMe, grab something else, but NOT these! 14 | $BusTypesSkip = @("Fiber Channel", "USB", "iSCSI", "Storage Spaces") 15 | #minimum size advised for system build (OS + programs + data) 16 | $MinSize = 200GB 17 | $DiskProps = { $_.BusType -in $BusTypes -and $_.BusType -notin $BusTypesSkip -and $_.Size -ge $MinSize } 18 | $Disks = Get-Disk | Where-Object $DiskProps 19 | if (-not ($Disks)) { 20 | restart-service smphost 21 | Start-Sleep -Seconds 5 22 | $Disks = Get-Disk | Where-Object $DiskProps 23 | } 24 | if (-not $Disks) { exit '0x80070490'} #unable to find a volume 25 | $DiskNumber = ($Disks | Sort-Object Size | Select-Object -First 1).Number 26 | return $DiskNumber 27 | -------------------------------------------------------------------------------- /OSD/Set-StaticIPVars.ps1: -------------------------------------------------------------------------------- 1 | #This will grab the current IP Info from the adapter and make sure they are set on the variables. 2 | $NetworkInfo = Get-CimInstance Win32_NetworkAdapterConfiguration | Where-Object {$_.DHCPEnabled -eq $false} 3 | 4 | 5 | #Setup TS Environment 6 | try 7 | { 8 | $tsenv = New-Object -COMObject Microsoft.SMS.TSEnvironment 9 | } 10 | catch 11 | { 12 | Write-Verbose "Not running in a task sequence." 13 | } 14 | 15 | $tsenv.value('OSDAdapter0IPAddressList') = $NetworkInfo.IPAddress[0] 16 | $tsenv.value('OSDAdapter0SubnetMask') = $NetworkInfo.IPSubnet[0] 17 | $tsenv.value('OSDAdapter0Gateways') = $NetworkInfo.DefaultIPGateway[0] 18 | $tsenv.value('OSDAdapter0DNSServerList') = $NetworkInfo.DNSServerSearchOrder[0] 19 | $tsenv.value('OSDAdapter0DNSSuffix') = $NetworkInfo.DNSDomainSuffixSearchOrder[0] 20 | 21 | if ($NetworkInfo.DHCPEnabled -eq $false) 22 | { 23 | $tsenv.value('OSDAdapterCount') = 1 24 | $tsenv.value('OSDAdapter0EnableDHCP') = $false 25 | } 26 | else {$tsenv.value('OSDAdapter0EnableDHCP') = $true} 27 | 28 | 29 | -------------------------------------------------------------------------------- /OSD/SplashScreen/Create-Runspaces.ps1: -------------------------------------------------------------------------------- 1 | # Calls the script that creates the OS upgrade background into a runspace, one per detected screen 2 | 3 | Add-Type -AssemblyName System.Windows.Forms 4 | $Screens = [System.Windows.Forms.Screen]::AllScreens 5 | $PSInstances = New-Object System.Collections.ArrayList 6 | Foreach ($Screen in $screens) { 7 | $PowerShell = [Powershell]::Create() 8 | [void]$PowerShell.AddScript({Param($ScriptLocation, $DeviceName); powershell.exe -ExecutionPolicy Bypass -WindowStyle Hidden -File "$ScriptLocation\Create-FullScreenBackground-Variable.ps1" -DeviceName $DeviceName}) 9 | [void]$PowerShell.AddArgument($PSScriptRoot) 10 | [void]$PowerShell.AddArgument($Screen.DeviceName) 11 | [void]$PSInstances.Add($PowerShell) 12 | [void]$PowerShell.BeginInvoke() 13 | } 14 | # Wait for runspace execution 15 | Start-Sleep -Seconds 10 16 | 17 | # Keep the process alive until each splash screen is closed 18 | Do { 19 | Start-Sleep -Seconds 5 20 | } 21 | Until ($PSInstances.InvocationStateInfo.State -notcontains "Running") 22 | -------------------------------------------------------------------------------- /OSD/SplashScreen/ServiceUI.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/SplashScreen/ServiceUI.exe -------------------------------------------------------------------------------- /OSD/SplashScreen/Show-OSUpgradeBackground-Variable.ps1: -------------------------------------------------------------------------------- 1 | # Create a new PS process to call the "Show-OSUpgradeBackground" script, to avoid blocking the continuation of task sequence 2 | 3 | $Process = New-Object System.Diagnostics.Process 4 | $Process.StartInfo.UseShellExecute = $false 5 | $Process.StartInfo.FileName = "PowerShell.exe" 6 | $Process.StartInfo.Arguments = " -File ""$PSScriptRoot\Create-Runspaces.ps1""" 7 | $Process.StartInfo.CreateNoWindow = $true 8 | $Process.Start() 9 | -------------------------------------------------------------------------------- /OSD/SplashScreen/bin/MahApps.Metro.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/SplashScreen/bin/MahApps.Metro.dll -------------------------------------------------------------------------------- /OSD/SplashScreen/bin/System.Windows.Interactivity.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/SplashScreen/bin/System.Windows.Interactivity.dll -------------------------------------------------------------------------------- /OSD/TS-AppMapping/AppMapping.JSON: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "ComputerName": "HP-PD-600-G4", 4 | "SerialNumber": "MXL9082PF7", 5 | "Apps": ["Visual Studio Code", "WMI Explorer", "VLC"] 6 | }, 7 | { 8 | "ComputerName": "HP-ED-800-G6", 9 | "SerialNumber": "MXL2521TYG", 10 | "Apps": ["HP TechPulse", "Visual Studio Code", "WMI Explorer", "VLC"] 11 | } 12 | ] 13 | -------------------------------------------------------------------------------- /OSD/TS-AppMapping/AppMapping.ps1: -------------------------------------------------------------------------------- 1 | [CmdletBinding()] 2 | Param ( 3 | [Parameter(Mandatory=$false)] 4 | $AppMatchingPath# = "\\src\src$\Packages\AppMapping" 5 | ) 6 | 7 | if ($AppMatchingPath){ 8 | Write-Output "AppMatchingPath of JSON File: $AppMatchingPath" 9 | $AppMatchingFile = Get-ChildItem -path $AppMatchingPath -Filter *.JSON 10 | 11 | if ($AppMatchingFile){ 12 | Write-Output "Found $($AppMatchingFile.FullName) JSON file to import" 13 | try { 14 | $AppMapping = Get-Content -Path $AppMatchingFile.FullName | ConvertFrom-Json 15 | } 16 | catch { 17 | Write-Output "Failed to import JSON" 18 | Get-Content -Path $AppMatchingFile.FullName | ConvertFrom-Json 19 | exit 1 20 | } 21 | $SerialNumber = (Get-WmiObject win32_bios).Serialnumber 22 | Write-Output "Matching JSON info on $SerialNumber" 23 | $MatchingApps = ($AppMapping | Where-Object {$_.SerialNumber -match $SerialNumber}).Apps 24 | if ($MatchingApps){ 25 | Write-Output "Found Match in JSON, starting App Variable Creation" 26 | $Counter = 1 27 | 28 | # Connect to TS Environment 29 | $tsenv = New-Object -COMObject Microsoft.SMS.TSEnvironment 30 | 31 | #Loop through Apps 32 | foreach ($App in $MatchingApps){ 33 | $Number = "{0:D2}" -f $Counter 34 | New-Variable -Name "App$($Number)" -Value $App 35 | $tsenv.Value("App$($Number)") = $App 36 | $Counter ++ 37 | #Record Variable Name & Value to SMSTSLog 38 | Get-Variable -Name "App$($Number)" 39 | } 40 | } 41 | } 42 | else { 43 | Write-Output "Did not find a JSON File in $AppMatchingPath" 44 | } 45 | 46 | } 47 | else { 48 | Write-Output "No AppMatchingPath Provided" 49 | } 50 | 51 | -------------------------------------------------------------------------------- /OSD/TS-AppMapping/AppMapping01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/TS-AppMapping/AppMapping01.png -------------------------------------------------------------------------------- /OSD/TS-AppMapping/AppMapping02.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/TS-AppMapping/AppMapping02.png -------------------------------------------------------------------------------- /OSD/TS-AppMapping/AppMapping03.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/TS-AppMapping/AppMapping03.png -------------------------------------------------------------------------------- /OSD/TS-AppMapping/AppMapping04.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/TS-AppMapping/AppMapping04.png -------------------------------------------------------------------------------- /OSD/TS-AppMapping/AppMapping05.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/TS-AppMapping/AppMapping05.png -------------------------------------------------------------------------------- /OSD/TS-AppMapping/AppMapping06.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/TS-AppMapping/AppMapping06.png -------------------------------------------------------------------------------- /OSD/TS-AppMapping/AppMappingAppInstalls.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSD/TS-AppMapping/AppMappingAppInstalls.zip -------------------------------------------------------------------------------- /OSD/TroubleShootingSteps/Get-HardwareDevicesAndDrivers.ps1: -------------------------------------------------------------------------------- 1 | <# Gary Blok - @gwblok - GARYTOWN.COM 2 | 3 | Get-HardwareDevicesAndDrivers 4 | 5 | 25.5.12 - Adopted for Task Sequence PowerShell Step 6 | #> 7 | [CmdletBinding()] 8 | param ( 9 | [Parameter(Mandatory = $false)] 10 | [String]$logPath = "C:\Windows\Temp", 11 | [Parameter(Mandatory = $false)] 12 | [String]$logFile = "HardwareDevicesAndDrivers.log" 13 | ) 14 | 15 | Function Get-HardwareDevicesAndDrivers { 16 | try { 17 | $devices = Get-CimInstance -ClassName Win32_PnPSignedDriver | Select-Object DeviceName, DriverVersion, Manufacturer, DriverProviderName, DriverDate 18 | 19 | if ($devices) { 20 | Write-Output "Hardware Devices and Associated Drivers:" 21 | foreach ($device in $devices) { 22 | Write-Output "Device: $($device.DeviceName)" 23 | Write-Output " Manufacturer: $($device.Manufacturer)" 24 | Write-Output " Driver Version: $($device.DriverVersion)" 25 | Write-Output " Driver Provider: $($device.DriverProviderName)" 26 | Write-Output " Driver Date: $($device.DriverDate)" 27 | Write-Output "" 28 | } 29 | } else { 30 | Write-Output "No hardware devices or drivers found." 31 | } 32 | } catch { 33 | Write-Output "Error retrieving hardware devices and drivers: $($_.Exception.Message)" 34 | } 35 | } 36 | 37 | 38 | #Create log directory if it doesn't exist 39 | if (Test-Path -path $logPath) { 40 | Write-Output "Log directory already exists: $logPath" 41 | } else { 42 | New-Item -Path $logPath -ItemType Directory -Force | Out-Null 43 | Write-Output "Created log directory: $logPath" 44 | } 45 | 46 | #Create Logs with Information 47 | Get-HardwareDevicesAndDrivers | Out-File -FilePath "$logPath\Gather-$logFile " -Append -Force 48 | -------------------------------------------------------------------------------- /OSD/TroubleShootingSteps/Get-TSVarsSafeDump.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | Name: TSVarsSafeDump.ps1 3 | Version: 1.0 4 | Author: Johan Schrewelius, Onevinn AB 5 | Date: 2016-11-24 6 | Command: powershell.exe -executionpolicy bypass -file TSVarsSafeDump.ps1 7 | Usage: Run in SCCM Task Sequence to Dump TS-Varibles to disk ("_SMSTSLogPath"). 8 | Variables known to contain sensitive information will be excluded. 9 | Config: List of variables to exclude, edit as needed: 10 | $ExcludeVariables = @('_OSDOAF','_SMSTSReserved','_SMSTSTaskSequence') 11 | #> 12 | 13 | [CmdletBinding()] 14 | param ( 15 | [Parameter(Mandatory = $false)] 16 | [String]$logPath = "C:\Windows\Temp" 17 | ) 18 | 19 | # Config Start 20 | 21 | $ExcludeVariables = @('_OSDOAF','_SMSTSReserved','_SMSTSTaskSequence') 22 | 23 | # Config End 24 | 25 | $tsenv = New-Object -COMObject Microsoft.SMS.TSEnvironment 26 | #$logPath = $tsenv.Value("_SMSTSLogPath") 27 | $now = Get-Date -Format "yyyy-MM-dd-HH-mm-ss" 28 | $logFile = "TSVariables-$now.log" 29 | $logFileFullName = Join-Path -Path $logPath -ChildPath $logFile 30 | 31 | function MatchArrayItem { 32 | param ( 33 | [array]$Arr, 34 | [string]$Item 35 | ) 36 | 37 | $result = ($null -ne ($Arr | ? { $Item -match $_ })) 38 | return $result 39 | } 40 | 41 | $tsenv.GetVariables() | % { 42 | if(!(MatchArrayItem -Arr $ExcludeVariables -Item $_)) { 43 | "$_ = $($tsenv.Value($_))" | Out-File -FilePath $logFileFullName -Append 44 | } 45 | } 46 | -------------------------------------------------------------------------------- /OSDCloud/SurfaceRecovery.ps1: -------------------------------------------------------------------------------- 1 | $SurfaceProXWin1122H2URL = 'https://surface.downloads.prss.microsoft.com/dbazure/SurfaceProX_2021_BMR_16020_11.4.1.zip' 2 | 3 | 4 | $MSIPath = "C:\Users\GaryBlok\Downloads\SurfacePro9-5G_Win11_22621_24.033.36032.0.msi" 5 | msiexec /a $MSIPath /qb TARGETDIR='C:\OSDCloudARM64\WinPEDrivers' 6 | -------------------------------------------------------------------------------- /OSDCloud/UpdateOSDCloudUSB.ps1: -------------------------------------------------------------------------------- 1 | Update-Module -name OSD -Force 2 | import-module -name OSD -Force 3 | 4 | #Clear old OSD Modules from WorkSpace 5 | $CloudWorkSpace = Get-OSDCloudWorkspace 6 | Remove-Item -Path "$CloudWorkSpace\PowerShell\Offline\Modules\OSD" -Force -Recurse -ErrorAction SilentlyContinue 7 | 8 | #Clear old OSD Modules from Flash Drives 9 | $FlashDrives = get-volume | Where-Object {$_.DriveType -eq "Removable"} 10 | Foreach ($FlashDrive in $FlashDrives){ 11 | if (test-path -path "$($FlashDrive.DriveLetter)\OSDCloud\PowerShell\Offline\Modules\OSD"){ 12 | Remove-Item -Path "$($FlashDrive.DriveLetter)\OSDCloud\PowerShell\Offline\Modules\OSD" -Force -Recurse -ErrorAction SilentlyContinue 13 | 14 | } 15 | } 16 | 17 | 18 | Edit-OSDCloudWinPE #Updates the latest version of OSD module in the WinPE boot image 19 | Update-OSDCloudUSB -PSUpdate #Updates the USB Stick with the latest PS Modules & Boot Image that was just updated. 20 | -------------------------------------------------------------------------------- /OSDCloud/media/OCM01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSDCloud/media/OCM01.png -------------------------------------------------------------------------------- /OSDCloud/media/OCM02.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSDCloud/media/OCM02.png -------------------------------------------------------------------------------- /OSDCloud/media/OCM03.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSDCloud/media/OCM03.png -------------------------------------------------------------------------------- /OSDCloud/media/OCM04.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSDCloud/media/OCM04.png -------------------------------------------------------------------------------- /OSDCloud/media/OCM05.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSDCloud/media/OCM05.png -------------------------------------------------------------------------------- /OSDCloud/media/OCM06.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSDCloud/media/OCM06.png -------------------------------------------------------------------------------- /OSDCloud/media/OCM07.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/OSDCloud/media/OCM07.png -------------------------------------------------------------------------------- /Office365/Icons/Access.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Office365/Icons/Access.png -------------------------------------------------------------------------------- /Office365/Icons/M365.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Office365/Icons/M365.png -------------------------------------------------------------------------------- /Office365/Icons/Project.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Office365/Icons/Project.png -------------------------------------------------------------------------------- /Office365/Icons/Visio.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Office365/Icons/Visio.png -------------------------------------------------------------------------------- /Office365/Icons/readme.md: -------------------------------------------------------------------------------- 1 | Icon Files 2 | -------------------------------------------------------------------------------- /Office365/o365_Content_DetectionMethod.ps1: -------------------------------------------------------------------------------- 1 | #This is the detection Method for the Content Application 2 | #It looks for the Application Name, then checks to confirm it is in the CCM Cache, and that setup.exe is in the O365_Cache folder. 3 | 4 | $O365ContentAssignmentName = "Office 365 ProPlus Content" #This is the App Deployment Type Name, not the actual app Name 5 | $O365_CacheLocation = "$env:ProgramData\O365_Cache\setup.exe" 6 | $CIModel = Get-CimInstance -Namespace root/ccm/CIModels -ClassName CCM_AppDeliveryTypeSynclet | Where-Object {$_.AppDeliveryTypeName -match $O365ContentAssignmentName} 7 | $ContentID = $CIModel.InstallAction.Content.ContentId | Sort-Object -Unique 8 | $Cache = Get-CimInstance -Namespace root/ccm/SoftMgmtAgent -ClassName CacheInfoEx | Where-Object {$_.ContentID -eq $ContentID} 9 | $CacheComplete = $Cache.ContentComplete 10 | if ($CacheComplete -eq "TRUE" -and (Test-Path -Path $O365_CacheLocation)){Write-Output "True"} 11 | else{} 12 | -------------------------------------------------------------------------------- /Office365/simple/Readme.md: -------------------------------------------------------------------------------- 1 | These files are if you want to do a more traditional install, where you do not have a "PreCache" App, and include the content in each of the installers themselves. 2 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # garytown 2 | GaryTown Scripts, Downloads, Etc 3 | -------------------------------------------------------------------------------- /ResetTSlite.ps1: -------------------------------------------------------------------------------- 1 | #2019.12.24 - Help Reset TS's that are having issues starting. "Stuck at Installing..." 2 | 3 | if (Get-WmiObject -Namespace Root\CCM\SoftMgmtAgent -Class CCM_TSExecutionRequest) 4 | { 5 | Write-output "Removing TS Excustion Request from WMI" 6 | Get-WmiObject -Namespace Root\CCM\SoftMgmtAgent -Class CCM_TSExecutionRequest | Remove-WmiObject 7 | Get-CimInstance -Namespace root/ccm -ClassName SMS_MaintenanceTaskRequests | Remove-CimInstance 8 | Set-Service smstsmgr -StartupType manual 9 | Start-Service smstsmgr 10 | Start-Sleep -Seconds 5 11 | if ((Get-Process CcmExec -ea SilentlyContinue) -ne $Null) {Get-Process CcmExec | Stop-Process -Force} 12 | if ((Get-Process TSManager -ea SilentlyContinue) -ne $Null) {Get-Process TSManager| Stop-Process -Force} 13 | Start-Sleep -Seconds 5 14 | Start-Service ccmexec 15 | Start-Sleep -Seconds 5 16 | Start-Service smstsmgr 17 | restart-service ccmexec -force -ErrorAction SilentlyContinue 18 | Start-Process -FilePath C:\windows\ccm\CcmEval.exe 19 | start-sleep -Seconds 15 20 | #Invoke Machine Policy 21 | Invoke-WMIMethod -Namespace root\ccm -Class SMS_CLIENT -Name TriggerSchedule "{00000000-0000-0000-0000-000000000021}" |Out-Null 22 | Invoke-WMIMethod -Namespace root\ccm -Class SMS_CLIENT -Name TriggerSchedule "{00000000-0000-0000-0000-000000000022}" |Out-Null 23 | 24 | } 25 | Else {Write-output "No TS Excustion Request in WMI"} 26 | -------------------------------------------------------------------------------- /RunScripts/AddRemoveLocalGroup.ps1: -------------------------------------------------------------------------------- 1 | #SDE Add User to Local Group 2 | #v2.3 2020.03.06 - Complete rewrite- switched from net localgroup to all powershell 3 | #v2.2 2019.09.13 - Added Option to Delete Account 4 | #v2.1 2019.08.20 - Added Write-Ouput Statements 5 | #v2.0 2018.08.15 6 | #Add Account to Local Admin Group Of Machine (Break Glass Alternative) 7 | 8 | [CmdletBinding()] 9 | Param ( 10 | [Parameter(Mandatory=$true)][string] $UserID, 11 | [Parameter(Mandatory=$false)][string] $LocalGroup = "administrators", 12 | [Parameter(Mandatory=$false)][string] $Domain = "viamonstra", 13 | [Parameter(Mandatory=$false)][ValidateSet("ADD","REMOVE")][string] $Action= "REMOVE" 14 | ) 15 | 16 | $User = Get-LocalGroupMember -Group $LocalGroup -Member "$($Domain)\$($UserID)" -ErrorAction SilentlyContinue 17 | 18 | if ($Action -eq "REMOVE") 19 | { 20 | if ($User) 21 | { 22 | Remove-LocalGroupMember -Group $LocalGroup -Member "$($Domain)\$($UserID)" 23 | $User = Get-LocalGroupMember -Group $LocalGroup -Member "$($Domain)\$($UserID)" -ErrorAction SilentlyContinue 24 | if ($User){Write-Output "Failed to Remove User $UserID"} 25 | else {Write-Output "Successfully removed $UserID from $LocalGroup"} 26 | } 27 | else {Write-Output "User $UserID was not in group $LocalGroup"} 28 | } 29 | 30 | if ($Action -eq "ADD") 31 | { 32 | if ($User) 33 | { 34 | Write-Output "User $UserID was already in group $LocalGroup" 35 | } 36 | else { 37 | Add-LocalGroupMember -Group $LocalGroup -Member "$($Domain)\$($UserID)" -ErrorAction SilentlyContinue 38 | $User = Get-LocalGroupMember -Group $LocalGroup -Member "$($Domain)\$($UserID)" -ErrorAction SilentlyContinue 39 | if ($User){Write-Output "Successfully Added $UserID to $LocalGroup"} 40 | else {Write-Output "Failed to Add $UserID to $LocalGroup "} 41 | } 42 | } 43 | 44 | -------------------------------------------------------------------------------- /RunScripts/Rename-Computer.ps1: -------------------------------------------------------------------------------- 1 | Param 2 | ( 3 | [parameter(Mandatory=$true,ValueFromPipeline=$false)] 4 | [string]$NewName, 5 | 6 | [Parameter(Mandatory=$false,ValueFromPipeline=$false)] 7 | [ValidateSet("TRUE","FALSE")] 8 | [string]$RebootNow = "FALSE" 9 | ) 10 | 11 | 12 | Rename-Computer -NewName $NewName -Force 13 | if ($RebootNow -eq "TRUE"){Restart-Computer -Force} 14 | -------------------------------------------------------------------------------- /RunScripts/Run-ScheduledTask.ps1: -------------------------------------------------------------------------------- 1 | #Trigger Scheduled Task 2 | # Gary Blok - GARYTOWN.COM 3 | 4 | [CmdletBinding()] 5 | Param ( 6 | [Parameter(Mandatory=$true)][string]$TaskName = "Microsoft Compatibility Appraiser" 7 | ) 8 | 9 | $Task = Get-ScheduledTask -TaskName $TaskName -ErrorAction SilentlyContinue 10 | if ($Task -ne $null){ 11 | Write-Output "Triggering Task $($Task.TaskName)" 12 | Start-ScheduledTask -InputObject $Task 13 | } 14 | else { 15 | Write-Output "No Task found with name: $TaskName" 16 | } 17 | -------------------------------------------------------------------------------- /RunScripts/Start-TaskSequence/StartTS01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/RunScripts/Start-TaskSequence/StartTS01.png -------------------------------------------------------------------------------- /RunScripts/Start-TaskSequence/StartTS02.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/RunScripts/Start-TaskSequence/StartTS02.png -------------------------------------------------------------------------------- /RunScripts/Start-TaskSequence/StartTS03.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/RunScripts/Start-TaskSequence/StartTS03.png -------------------------------------------------------------------------------- /RunScripts/Start-TaskSequence/StartTS05.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/RunScripts/Start-TaskSequence/StartTS05.png -------------------------------------------------------------------------------- /SQL/DeviceInfoByCollection.sql: -------------------------------------------------------------------------------- 1 | /* 2 | GARY BLOK - @gwblok - GARYTOWN.COM 3 | ComputerName 4 | LastHWScan 5 | Days Since HW Scan 6 | Serial Number 7 | Product 8 | Model 9 | 10 | Limit by Collection 11 | 12 | */ 13 | 14 | 15 | 16 | SELECT DISTINCT SYS.Netbios_Name0 as 'Computer Name' 17 | ,WS.LastHWScan 18 | ,DATEDIFF(day,WS.LastHWScan,GETDATE()) as 'Days Since HWScan' 19 | ,SE.SerialNumber0 AS [Serial Number] 20 | ,bb.Product0 21 | ,cs.Model0 AS Model 22 | 23 | FROM v_GS_WORKSTATION_STATUS WS 24 | LEFT JOIN v_R_System SYS ON WS.ResourceID = SYS.ResourceID 25 | LEFT JOIN v_GS_COMPUTER_SYSTEM cs ON CS.ResourceID = SYS.ResourceID 26 | LEFT JOIN dbo.v_GS_SYSTEM_ENCLOSURE SE ON SE.ResourceID = SYS.ResourceID 27 | Join v_GS_BASEBOARD bb on bb.ResourceID = SYS.ResourceID 28 | join dbo.v_FullCollectionMembership FCM on FCM.ResourceID = SYS.ResourceID 29 | 30 | Where 31 | FCM.CollectionId = 'MCM00035' 32 | -------------------------------------------------------------------------------- /SQL/HP/HPBIOSSpecificSetting.sql: -------------------------------------------------------------------------------- 1 | /* 2 | GARY BLOK - @gwblok - GARYTOWN.COM 3 | 4 | First off... I'm not a SQL Person, I can cobble stuff together that works in my lab, so I have no idea how this performs at scale. 5 | There are probably better ways to do this... 6 | 7 | This Query ASSUMES you are collecting HP BIOS Data: 8 | v_GS_HPBIOS_BIOSENUMERATION 9 | v_GS_HPBIOS_BIOSSTRING 10 | 11 | https://garytown.com/hp-devices-inventory-bios-settings-in-configmgr 12 | 13 | */ 14 | 15 | 16 | 17 | SELECT DISTINCT SYS.Netbios_Name0 as 'Computer Name' 18 | ,WS.LastHWScan 19 | ,DATEDIFF(day,WS.LastHWScan,GETDATE()) as 'Days Since HWScan' 20 | ,HPBE.ResourceID 21 | ,HPBE.Name0 22 | ,HPBE.CurrentValue0 23 | 24 | FROM v_GS_WORKSTATION_STATUS WS 25 | INNER JOIN v_R_System SYS ON WS.ResourceID = SYS.ResourceID 26 | INNER JOIN v_GS_HPBIOS_BIOSENUMERATION HPBE ON HPBE.ResourceID = SYS.ResourceID 27 | 28 | where HPBE.Name0 = 'Intel Active Management Technology (AMT)' 29 | and HPBE.CurrentValue0 = 'Enable' 30 | -------------------------------------------------------------------------------- /SQL/HP/HPBIOSWiFiProfile.sql: -------------------------------------------------------------------------------- 1 | /* 2 | GARY BLOK - @gwblok - GARYTOWN.COM 3 | 4 | First off... I'm not a SQL Person, I can cobble stuff together that works in my lab, so I have no idea how this performs at scale. 5 | There are probably better ways to do this... 6 | 7 | This Query ASSUMES you are collecting HP BIOS Data: 8 | v_GS_HPBIOS_BIOSENUMERATION 9 | v_GS_HPBIOS_BIOSSTRING 10 | 11 | https://garytown.com/hp-devices-inventory-bios-settings-in-configmgr 12 | 13 | */ 14 | SELECT SYS.Netbios_Name0 as 'Computer Name' 15 | ,WS.LastHWScan 16 | ,DATEDIFF(day,WS.LastHWScan,GETDATE()) as 'Days Since HWScan' 17 | ,HPBS.Name0 18 | ,HPBS.Value0 19 | FROM v_GS_WORKSTATION_STATUS WS 20 | INNER JOIN v_R_System SYS ON WS.ResourceID = SYS.ResourceID 21 | INNER JOIN v_GS_HPBIOS_BIOSSTRING HPBS on HPBS.ResourceID = SYS.ResourceID 22 | 23 | where HPBS.Name0 like 'Preboot Wi-Fi Profile %' 24 | and HPBS.Name0 <> 'Preboot Wi-Fi Profile Set Status' 25 | and HPBS.Value0 <> '{"SSID":null,"Type":null}' 26 | -------------------------------------------------------------------------------- /SQL/ModelCount.sql: -------------------------------------------------------------------------------- 1 | SELECT 2 | cs.Model0 AS Model, 3 | COUNT(*) AS Count 4 | ,bb.Product0 5 | FROM 6 | v_GS_COMPUTER_SYSTEM cs 7 | join v_GS_BASEBOARD bb on bb.ResourceID = cs.ResourceID 8 | where cs.Model0 not like 'Virt%' 9 | and cs.Model0 not like 'HVM%' 10 | 11 | GROUP BY cs.Model0,bb.Product0 12 | 13 | --HAVING COUNT(*) > 50 14 | 15 | order by Count(*) DESC; 16 | -------------------------------------------------------------------------------- /SoftwareUpdates/Install-Update.ps1: -------------------------------------------------------------------------------- 1 | Function Install-Update { 2 | [CmdletBinding()] 3 | Param ( 4 | [Parameter(Mandatory=$true)] 5 | $UpdatePath 6 | ) 7 | 8 | $scratchdir = 'C:\OSDCloud\Temp' 9 | if (!(Test-Path -Path $scratchdir)){ 10 | new-item -Path $scratchdir | Out-Null 11 | } 12 | 13 | if ($env:SystemDrive -eq "X:"){ 14 | $Process = "X:\Windows\system32\Dism.exe" 15 | $DISMArg = "/Image:C:\ /Add-Package /PackagePath:$UpdatePath /ScratchDir:$scratchdir /Quiet /NoRestart" 16 | } 17 | else { 18 | $Process = "C:\Windows\system32\Dism.exe" 19 | $DISMArg = "/Online /Add-Package /PackagePath:$UpdatePath /ScratchDir:$scratchdir /Quiet /NoRestart" 20 | } 21 | 22 | 23 | Write-Output "Starting Process of $Process -ArgumentList $DismArg -Wait" 24 | $DISM = Start-Process $Process -ArgumentList $DISMArg -Wait -PassThru 25 | 26 | return $DISM.ExitCode 27 | } 28 | 29 | 30 | $23H2EnablementCabURL = "https://raw.githubusercontent.com/gwblok/garytown/master/SoftwareUpdates/Windows11.0-kb5027397-x64.cab" 31 | Invoke-WebRequest -UseBasicParsing -Uri $23H2EnablementCabURL -OutFile "$env:TEMP\Windows11.0-kb5027397-x64.cab" 32 | 33 | if (Test-Path -Path "$env:TEMP\Windows11.0-kb5027397-x64.cab"){ 34 | Install-Update -UpdatePath "$env:TEMP\Windows11.0-kb5027397-x64.cab" 35 | } 36 | -------------------------------------------------------------------------------- /SoftwareUpdates/Windows10.0-KB4517245-x64.cab: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/SoftwareUpdates/Windows10.0-KB4517245-x64.cab -------------------------------------------------------------------------------- /SoftwareUpdates/Windows10.0-KB5003791-x64.cab: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/SoftwareUpdates/Windows10.0-KB5003791-x64.cab -------------------------------------------------------------------------------- /SoftwareUpdates/Windows11.0-kb5027397-x64.cab: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/SoftwareUpdates/Windows11.0-kb5027397-x64.cab -------------------------------------------------------------------------------- /SoftwareUpdates/readme.md: -------------------------------------------------------------------------------- 1 | # Updates I've downloaded in my CM Lab that I wanted access to 2 | -------------------------------------------------------------------------------- /TaskSequenceSteps2Excel/media/TS2E01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/TaskSequenceSteps2Excel/media/TS2E01.png -------------------------------------------------------------------------------- /TaskSequenceSteps2Excel/media/TS2E02.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/TaskSequenceSteps2Excel/media/TS2E02.png -------------------------------------------------------------------------------- /TaskSequenceSteps2Excel/media/TS2E03.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/TaskSequenceSteps2Excel/media/TS2E03.png -------------------------------------------------------------------------------- /TaskSequenceSteps2Excel/readme.md: -------------------------------------------------------------------------------- 1 | # Task Sequence Steps to Excel 2 | 3 | Updated again, completely wrote it over making functions to make future scripts easier. 4 | 5 | Now it will create a Excel Doc with 3 sheets 6 | 7 | - General Info about TS 8 | - TS reference Items 9 | - TS Steps 10 | 11 | Also created a script that will dump info about Boot Images 12 | 13 | [![TS2E 01](media/TS2E01.png)](media/TS2E01.png) 14 | [![TS2E 02](media/TS2E02.png)](media/TS2E02.png) 15 | [![TS2E 03](media/TS2E03.png)](media/TS2E03.png) 16 | -------------------------------------------------------------------------------- /WaaS/CompatScan_CheckReadinessResults.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | GARY BLOK 3 | This script will go through the task sequence variables and grab any that are related to the CM Check Readiness Step (2002 or higher). 4 | It then populates anything that failed into an array that can be used for reporting in the Task Sequnece 5 | 6 | #> 7 | try{$tsenv = New-Object -COMObject Microsoft.SMS.TSEnvironment} 8 | catch{Write-Verbose "Not running in a task sequence."} 9 | $CheckReadiness = (New-Object -COMObject Microsoft.SMS.TSEnvironment).GetVariables() | Where-Object {$_ -Like "_TS_CR*"} 10 | $LogPath = $tsenv.Value('_SMSTSLogPath') 11 | $LogFile = "$LogPath\SMSTS_CheckReadiness.log" 12 | $registryPath = "HKLM:\$($tsenv.Value('RegistryPath'))\$($tsenv.Value('SMSTS_BUILD'))" 13 | $CheckReadinessDatabase = @() 14 | foreach ($Check in $CheckReadiness) 15 | { 16 | $Value = $tsenv.value($Check) 17 | $Friendly = ($Check.ToString()).replace("_TS_CR", "") 18 | $CheckReadinessDatabaseObject = New-Object PSObject -Property @{ 19 | Variable = $check 20 | Value = $Value 21 | Friendly = $Friendly 22 | } 23 | #Take the PS Object and append the Database Array 24 | $CheckReadinessDatabase += $CheckReadinessDatabaseObject 25 | } 26 | 27 | $CheckReadinessFails = $CheckReadinessDatabase | Where-Object {$_.Value -eq 0} 28 | if ($CheckReadinessFails -ne $null) 29 | { 30 | Write-Host "Check Readiness Fails" -ForegroundColor Red 31 | Write-Output $CheckReadinessFails 32 | if ($CheckReadinessFails.Count -gt 1) 33 | { 34 | $CRFailString = $CheckReadinessFails.Friendly -join ", " 35 | $tsenv.Value('ErrorMessage') = "Failed Check Readiness Tests: $CRFailString" 36 | } 37 | else 38 | { 39 | $CRFailString = $CheckReadinessFails.Friendly 40 | $tsenv.Value('ErrorMessage') = "Failed Check Readiness Test: $CRFailString" 41 | } 42 | $tsenv.Value('CRFailString') = $CRFailString 43 | } 44 | 45 | -------------------------------------------------------------------------------- /WaaS/Detect_RSATInstalled.ps1: -------------------------------------------------------------------------------- 1 | <# @gwblok - https://garytown.com/waas-1909-ts-download 2 | This script is meant to be used in the TS to set the variable RSAT_Installed to either TRUE or FALSE in a "Run PowerShell" Step 3 | #> 4 | 5 | $RSAT_FoD = Get-WindowsCapability -Online | Where-Object Name -like 'RSAT*' 6 | 7 | Foreach ($RSAT_FoD_Item in $RSAT_FoD) 8 | 9 | { 10 | if ($RSAT_FoD_Item.State -eq "Installed") 11 | { 12 | $RSATInstalled = $TRUE 13 | } 14 | } 15 | 16 | if ($RSATInstalled -eq $TRUE) 17 | { 18 | Write-Output "TRUE" 19 | } 20 | else 21 | { 22 | Write-Output "FALSE" 23 | } 24 | -------------------------------------------------------------------------------- /Windows10.0-KB4517245-x64.cab: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/Windows10.0-KB4517245-x64.cab -------------------------------------------------------------------------------- /hardware/ChassisType.ps1: -------------------------------------------------------------------------------- 1 | $DesktopChassisTypes = @("3","4","5","6","7","13","15","16","35") 2 | $LatopChassisTypes = @("8","9","10","11","12","14","18","21","30","31") 3 | 4 | $chassi = gwmi -Class 'Win32_SystemEnclosure' 5 | if ($chassi.ChassisTypes -in $LatopChassisTypes){ 6 | $IsLaptop = $true 7 | } 8 | else { 9 | $IsLaptop = $false 10 | } 11 | if ($chassi.ChassisTypes -in $DesktopChassisTypes){ 12 | $IsDesktop = $true 13 | } 14 | else { 15 | $IsDesktop = $false 16 | } 17 | -------------------------------------------------------------------------------- /hardware/Dell/BIOSManagement/Get-DellPSProvider.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | Contains botht he Detection & Remediation for installing the Dell PS Provider 3 | to be used with the other scripts for setting Dell settings that require the PS Provder (older hardware that doesn't have native WMI bios management 4 | 5 | #> 6 | #Detection 7 | $DellProviderInstalled = Get-InstalledModule -Name DellBIOSProvider -ErrorAction SilentlyContinue 8 | if ($DellProviderInstalled){ 9 | $Compliance = "Compliant" 10 | } 11 | else{ 12 | $Compliance = "Non-Compliant" 13 | } 14 | Write-Output $Compliance 15 | 16 | #Remediation 17 | $DellProviderInstalled = Get-InstalledModule -Name DellBIOSProvider -ErrorAction SilentlyContinue 18 | if (!($DellProviderInstalled)){ 19 | Install-Module -Name DellBIOSProvider -Force -AcceptLicense -Repository PSGallery -SkipPublisherCheck 20 | } 21 | -------------------------------------------------------------------------------- /hardware/Get-DellSystemTypeID.ps1: -------------------------------------------------------------------------------- 1 | $DCM = (Get-WmiObject -Namespace 'root\cimv2\sms' -Query "SELECT * FROM SMS_InstalledSoftware where ARPDisplayName like 'Dell Command%'").ProductVersion 2 | $Manufacturer = (Get-WmiObject -Class:Win32_ComputerSystem).Manufacturer 3 | $ComputerModel = (Get-WmiObject -Class:Win32_ComputerSystem).Model 4 | if ($Manufacturer -match "Dell") 5 | { 6 | $SystemTypeID = ((Get-CimInstance -Namespace root/DCIM/SYSMAN -ClassName DCIM_ComputerSystem).OtherIdentifyingInfo[2]).replace("DCIM:","") 7 | if ($DCM){Write-Output "$Manufacturer | $ComputerModel | $SystemTypeID | DCM: $DCM"} 8 | else{Write-Output "$Manufacturer | $ComputerModel | TypeID N\A | DCM N\A"} 9 | } 10 | -------------------------------------------------------------------------------- /hardware/Get-IntelProcInfo.ps1: -------------------------------------------------------------------------------- 1 | $Processor = (Get-CimInstance -ClassName Win32_Processor).Name 2 | $ProcID = $Processor.Split(" ") | where-Object {$_ -match "-"} 3 | $ProcBrand = $ProcID.Split("-")[0] 4 | $ProcTemp = $ProcID.Split("-")[1] 5 | $ProcSuffix = $ProcTemp.Substring($ProcSuffix.Length -1,1) 6 | $ProcSKU = ($ProcTemp.Substring($ProcSuffix.Length -4,4)).SubString(0,3) 7 | $ProcGen = $ProcTemp.Substring(0,$ProcSuffix.Length -4) 8 | -------------------------------------------------------------------------------- /hardware/HP/ConfigItems/HPCMSLModule-Discovery.ps1: -------------------------------------------------------------------------------- 1 | #2020.04.20 - @gwblok - GARYTOWN.COM 2 | #Discovery Script 3 | $ModuleName = "HPCMSL" 4 | 5 | #No Changes Below this Point ---------------------------- 6 | [version]$RequiredVersion = (Find-Module -Name $ModuleName).Version 7 | $InstalledVersion = [Version](Get-InstalledModule -Name $ModuleName -ErrorAction SilentlyContinue).Version 8 | if (!($InstalledVersion)){$InstalledVersion = '1.0.0.1'} 9 | if ($InstalledVersion -ge $RequiredVersion){Write-Output "Compliant"} 10 | else{Write-Output "Version: $InstalledVersion"} 11 | -------------------------------------------------------------------------------- /hardware/HP/ConfigItems/HPManagementBaseline/HPBIOSSettingCI-Sample_Discovery.ps1: -------------------------------------------------------------------------------- 1 | #Discovery Script - Gary Blok | @gwblok | Recast Software 2 | $SettingName = "Wake On LAN" 3 | $DesiredValue = "Boot to Hard Drive" 4 | 5 | 6 | #Don't Change below this line 7 | 8 | Function Get-HPBIOSSettingWMI { 9 | [CmdletBinding()] 10 | Param ( 11 | [Parameter(Mandatory=$true)] 12 | $SettingName 13 | ) 14 | 15 | $BIOS= Get-WmiObject -class hp_biossettinginterface -Namespace "root\hp\instrumentedbios" 16 | $BIOSSetting = Get-CimInstance -class hp_biossetting -Namespace "root\hp\instrumentedbios" 17 | $CurrentValue = ($BIOSSetting | ?{ $_.Name -eq $SettingName }).CurrentValue 18 | if ($CurrentValue -ne $Null){return $CurrentValue} 19 | else{Write-Output "BIOS Setting: $SettingName is NOT Available on this Hardware"} 20 | } 21 | 22 | $CurrentValue = Get-HPBIOSSettingWMI -SettingName $SettingName 23 | if ($CurrentValue -eq $DesiredValue) 24 | {return "Compliant"} 25 | elseif ($CurrentValue -match "NOT Available") 26 | {return "Compliant"} 27 | else{return "Non-Compliant"} 28 | -------------------------------------------------------------------------------- /hardware/HP/ConfigItems/HPManagementBaseline/HPBiosUpdateComplianceDiscovery.ps1: -------------------------------------------------------------------------------- 1 | <#Detection on CI: 2 | #Requires HPCMSL already Installed. 3 | $HPCMSLVers = Get-InstalledModule -Name "HPCMSL" -ErrorAction SilentlyContinue 4 | if ((Get-CimInstance -Namespace root/cimv2 -ClassName Win32_ComputerSystem).Manufacturer -like "H*"){$IsHP = $true} 5 | 6 | if ($HPCMSLVers -ne $Null -and $IsHP -eq $true) 7 | { 8 | Write-Output "HP with HPCMSL" 9 | } 10 | #> 11 | #Discovery Script Below: 12 | #Check if HP Bios is Current 13 | 14 | [version]$BIOSVersionInstalled = Get-HPBIOSVersion 15 | [version]$BIOSVersionAvailableOnline = (Get-HPBIOSUpdates -latest).Ver 16 | 17 | if ($BIOSVersionInstalled -lt $BIOSVersionAvailableOnline) 18 | {Write-Output "Has $($BIOSVersionInstalled), Needs: $($BIOSVersionAvailableOnline)"} 19 | else {Write-Output "Compliant"} 20 | -------------------------------------------------------------------------------- /hardware/HP/ConfigItems/HPManagementBaseline/Readme.md: -------------------------------------------------------------------------------- 1 | # HP Management Baseline 2 | 3 | This baseline is setup to management HP Machines by installing HPCMSL and required componets along with set BIOS Settings and keep the BIOS Current. 4 | -------------------------------------------------------------------------------- /hardware/HP/ConfigItems/NuGetModule-Discovery.ps1: -------------------------------------------------------------------------------- 1 | #2020.04.20 - @gwblok - GARYTOWN.COM 2 | #Discovery Script 3 | $ModuleName = "NuGet" 4 | 5 | #No Changes Below this Point ---------------------------- 6 | [version]$RequiredVersion = (Find-PackageProvider -Name $ModuleName -Force).Version 7 | $InstalledVersion = [Version](Get-PackageProvider -Name $ModuleName -ErrorAction SilentlyContinue).Version 8 | if (!($InstalledVersion)){$InstalledVersion = '1.0.0.1'} 9 | if ($InstalledVersion -ge $RequiredVersion){Write-Output "Compliant"} 10 | else{Write-Output "Version: $InstalledVersion"} 11 | -------------------------------------------------------------------------------- /hardware/HP/ConfigItems/PkgMgmt-PowerShellGet-ModuleUpdate-Detect.ps1: -------------------------------------------------------------------------------- 1 | $Compliance = "Compliant" 2 | if (!(Get-Module -Name PowerShellGet)){Import-Module -Name PowerShellGet} 3 | if((Get-Module -Name PowerShellGet).Version -ge "2.2.5"){ 4 | if (Test-Path "C:\Program Files\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1"){ 5 | $Compliance = "Non-Compliant" 6 | } 7 | } 8 | else{ 9 | $Compliance ="Non-Compliant" 10 | } 11 | 12 | if (!(Get-Module -Name PackageManagement)){Import-Module -Name PackageManagement} 13 | if ((Get-Module -Name PackageManagement).Version -ge "1.4.7"){ 14 | if (Test-Path "C:\Program Files\WindowsPowerShell\Modules\PackageManagement\1.0.0.1"){ 15 | $Compliance = "Non-Compliant" 16 | } 17 | } 18 | else{ 19 | $Compliance = "Non-Compliant" 20 | } 21 | 22 | Write-Output $Compliance 23 | -------------------------------------------------------------------------------- /hardware/HP/ConfigItems/PowerShellGetModule-Discovery.ps1: -------------------------------------------------------------------------------- 1 | #2020.04.20 - @gwblok - GARYTOWN.COM 2 | #Discovery Script 3 | $ModuleName = "PowerShellGet" 4 | 5 | #No Changes Below this Point ---------------------------- 6 | [version]$RequiredVersion = (Find-Module -Name $ModuleName).Version 7 | $InstalledVersion = [Version](Get-InstalledModule -Name $ModuleName -ErrorAction SilentlyContinue).Version 8 | if (!($InstalledVersion)){$InstalledVersion = '1.0.0.1'} 9 | if ($InstalledVersion -ge $RequiredVersion){Write-Output "Compliant"} 10 | else{Write-Output "Version: $InstalledVersion"} 11 | -------------------------------------------------------------------------------- /hardware/HP/ConfigItems/Readme.md: -------------------------------------------------------------------------------- 1 | # HPCMSL installation and update via ConfigMgr Baseline 2 | 3 | Updated 2023.03.08 4 | 5 | ## Use CIs:
6 | 7 | ### PackageManagement 1.4.7 & PowerShellGet 2.2.5 8 | PkgMgmt-PowerShellGet-ModuleUpdate-Detect.ps1
9 | PkgMgmt-PowerShellGet-ModuleUpdate-Remediate.ps1
10 | 11 | ### HPCMSL Latest: 12 | HPCMSLModule-Discovery.ps1
13 | HPCMSLModule-Remediation.ps1
14 | -------------------------------------------------------------------------------- /hardware/HP/ConfigMgr_DriverPackManagement.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | Blog Post Planning 3 | 4 | Connect to CM Database - capture HP Models w/ Platform 5 | - Get unique Platform 6 | - Compare to HPIA Support 7 | - Build List of devices 8 | - Get Win11 Support or not 9 | - If Win 11 Support - Create Driver Pack / Offline Repo for Win11 10 | - If Win 10 Support - Create Driver Pack / Offline Repo for Win10 11 | - Tag Package 12 | - Update Driver Variable Module to include Win11 or Win10 Support info 13 | - Create Driver Package with Online / Offline Folders - WIM 14 | 15 | Simple Version 16 | - Manually Create Model List in the PowerShell Script w/ Windows Support Version 17 | - Creates Packages 18 | - Traditional Driver Pack 19 | - Offline Repo 20 | 21 | 22 | 23 | 24 | 25 | 26 | #> 27 | -------------------------------------------------------------------------------- /hardware/HP/CreateBIOSUpdateListJSON.ps1: -------------------------------------------------------------------------------- 1 | $HPDevices = Get-HPDeviceDetails -match * 2 | $BIOSUpdateHistory = @() 3 | $Count = 0 4 | foreach ($HPDevice in $HPDevices){ 5 | $Count ++ 6 | 7 | [String]$Model = $HPDevice.Name 8 | [String]$ProductID = $HPDevice.SystemID 9 | Write-Host "Recording $Count of $($HPDevices.Count) | $Model - $ProductID" -ForegroundColor Green 10 | $AvailableUpdates = Get-HPBIOSUpdates -Platform $ProductID -ErrorAction SilentlyContinue 11 | if ($AvailableUpdates){ 12 | $ModelUpdateObject = [PSCustomObject]@{ 13 | Model = $Model 14 | ProductID = $ProductID 15 | BIOSUpdates = [System.Collections.ArrayList]@() 16 | } 17 | foreach ($Update in $AvailableUpdates){ 18 | [VOID]$ModelUpdateObject.BIOSUpdates.Add([PSCustomObject]@{ 19 | Version = $Update.Ver 20 | Date = $UPdate.Date 21 | BIN = $Update.Bin 22 | }) 23 | 24 | } 25 | $BIOSUpdateHistory += $ModelUpdateObject 26 | } 27 | } 28 | 29 | write-host "Creating JSON File" 30 | 31 | $Json = $BIOSUpdateHistory | ConvertTo-Json -Depth 10 | Out-File C:\windows\Temp\HPBIOSJSON.JSON 32 | -------------------------------------------------------------------------------- /hardware/HP/Docks/HPDocks.HWInvConfigurationMOF.txt: -------------------------------------------------------------------------------- 1 | #pragma namespace ("\\\\.\\root\\cimv2") 2 | #pragma deleteclass("HP_Docks", NOFAIL) 3 | [dynamic, provider("RegProv"), ClassContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\HP\\HP Firmware Installer")] 4 | Class HP_Docks 5 | { 6 | [key] string KeyName; 7 | [PropertyContext("AvailablePackageVersion")] String AvailablePackageVersion; 8 | [PropertyContext("InstalledPackageVersion")] String InstalledPackageVersion; 9 | [PropertyContext("ErrorCode")] Uint32 ErrorCode; 10 | [PropertyContext("LastInstalled")] String LastInstalled; 11 | [PropertyContext("MACAddress")] String MACAddress; 12 | [PropertyContext("LastUpdateRun")] String LastUpdateRun; 13 | [PropertyContext("LastUpdateStatus")] String LastUpdateStatus; 14 | [PropertyContext("LastChecked")] String LastChecked; 15 | }; 16 | -------------------------------------------------------------------------------- /hardware/HP/Docks/HPDocks.HWInvExt.mof: -------------------------------------------------------------------------------- 1 | #pragma namespace ("\\\\.\\root\\cimv2\\SMS") 2 | #pragma deleteclass("HP_Docks", NOFAIL) 3 | [SMS_Report(TRUE),SMS_Group_Name("HP_Docks"),SMS_Class_ID("HP_Docks")] 4 | Class HP_Docks: SMS_Class_Template 5 | { 6 | [SMS_Report(TRUE),key] string KeyName; 7 | [SMS_Report(TRUE)] String AvailablePackageVersion; 8 | [SMS_Report(TRUE)] String InstalledPackageVersion; 9 | [SMS_Report(TRUE)] Uint32 ErrorCode; 10 | [SMS_Report(TRUE)] String LastInstalled; 11 | [SMS_Report(TRUE)] String MACAddress; 12 | [SMS_Report(TRUE)] String LastUpdateRun; 13 | [SMS_Report(TRUE)] String LastUpdateStatus; 14 | [SMS_Report(TRUE)] String LastChecked; 15 | }; 16 | -------------------------------------------------------------------------------- /hardware/HP/Docks/Readme.md: -------------------------------------------------------------------------------- 1 | # HP Dock Functions and Information 2 | 3 | Blog Posts:
4 | [HP Dock Registry & Inventory with ConfigMgr](https://garytown.com/hp-dock-registry-inventory-with-configmgr)
5 | [HP Dock WMI Provider Deployment & Inventory with ConfigMgr](https://garytown.com/hp-dock-wmi-provider-deployment-inventory-with-configmgr)
6 | [Updating HP Docks with Intune or ConfigMgr using PowerShell](https://garytown.com/updating-hp-docks-with-intune-or-configmgr-using-powershell)
7 | 8 | [HP Dock ConfigMgr Global Condition](https://garytown.com/hp-dock-configmgr-global-condition)
9 | [HP Docks Update via ConfigMgr App Model](https://garytown.com/hp-docks-update-via-configmgr-app-model)
10 | Main function that is used by all of the processes: Function_Get-HPDockUpdaterDetails.ps1
11 | 12 | To check for newer firmware: HPDock_FirmwareLookup.ps1
13 | 14 | ## Intune Proactive Remediation 15 | Detection / Remediation: HPDockUpdater_Intune_ConfigMgr.ps1 *
16 | * Requires that you copy the Function into the script, contents from: Function_Get-HPDockUpdaterDetails.ps1 17 | 18 | 19 | ## ConfigMgr Configuration Item 20 | 21 | Detection Script (Not Discovery): HPDockUpdaterCI_DetectionScript.ps1
22 | Discovery / Remediation: HPDockUpdater_Intune_ConfigMgr.ps1 *
23 | * Requires that you copy the Function into the script, contents from: Function_Get-HPDockUpdaterDetails.ps1 24 | 25 | 26 | ## ConfigMgr Hardware Inventory 27 | [HP Dock Registry & Inventory with ConfigMgr](https://garytown.com/hp-dock-registry-inventory-with-configmgr)
28 | MOF file information:
29 | * HPDocks.HWInvConfigurationMOF.txt | Add the contents of this file to your configuration.mof 30 | * HPDocks.HWInvExt.mof | download and import this into your Default Settings Policy 31 | 32 | See the blog post for details 33 | -------------------------------------------------------------------------------- /hardware/HP/Docks/TB2Workaround.ps1: -------------------------------------------------------------------------------- 1 | #TB2 Workaround created for George 2 | 3 | $DockInfo = Get-HPDockUpdateDetails 4 | if ($DockInfo){ 5 | $SPPath = "C:\SWSetup\dockfirmware\$($DockInfo.SoftpaqNumber)" 6 | if (Test-Path -Path $SPPath){ 7 | $UpdaterPath = "$SPPath\Firmware\Cypress\Dependency\ezpd_dockupdatefw.exe" 8 | if (Test-Path -Path $UpdaterPath){ 9 | Write-Host -ForegroundColor Cyan "Starting Updater $UpdaterPath" 10 | $UpdateArgs = "-i $SPPath\Firmware\Cypress\Dependency\hp_hook_secure_cy_sign.bin -vid 03F0 -pid 0667 -rescan 5 -t 240000" 11 | $UpdateProcess = Start-Process -FilePath $UpdaterPath -ArgumentList $UpdateArgs -PassThru -Wait -NoNewWindow 12 | Start-Sleep -Seconds 1 13 | $IntelTBUpdater = "$SPPath\Firmware\Intel\ThunderboltUpdaterDevice.CMD.exe" 14 | Write-Host -ForegroundColor Cyan "Starting Updater $UpdaterPath" 15 | $UpdateProcess2 = Start-Process -FilePath $IntelTBUpdater -ArgumentList "-u" -PassThru -Wait -NoNewWindow 16 | 17 | } 18 | else { 19 | Write-Host -ForegroundColor Red "Unable to find Updater Tool $UpdaterPath" 20 | } 21 | } 22 | else { 23 | Write-Host "Unable to find Extracted Softpaq $($DockInfo.SoftpaqNumber)" 24 | } 25 | } 26 | else { 27 | Write-Host -ForegroundColor Red "Unable to find Dock Info" 28 | } 29 | -------------------------------------------------------------------------------- /hardware/HP/EMPS/Snips.ps1: -------------------------------------------------------------------------------- 1 | #Get a list of all Platforms 2 | Get-HPDeviceDetails -Match * 3 | 4 | #Find information based on Model Name 5 | Get-HPDeviceDetails -Match "HP Z2 Mini G4" 6 | 7 | #Find driver pack for your specific platform & OS Build 8 | Get-SoftpaqList -Platform 8458 -Os win11 -OsVer 21H2 -Category Driverpack 9 | 10 | 11 | function Get-HPDeviceFamilyPlatformDetails { 12 | [CmdletBinding(DefaultParameterSetName='Family')] 13 | param ( 14 | [parameter(Mandatory=$false, 15 | ParameterSetName="Family")] 16 | [String] 17 | $biosFamily, 18 | 19 | [parameter(Mandatory=$false, 20 | ParameterSetName="SystemID")] 21 | [String] 22 | $platform 23 | 24 | ) 25 | #$PSCmdlet.ParameterSetName 26 | $ConnectPlatformsURL = 'https://hpconnectformem-prod.hpbp.io/platforms' 27 | if (Test-WebConnection){ 28 | $content = (invoke-webrequest -Uri $ConnectPlatformsURL).content | Convertfrom-Json 29 | 30 | if ($biosFamily){ 31 | 32 | $Content | Where-Object {$_.biosFamily -eq $biosFamily} 33 | } 34 | elseif ($platform){ 35 | $Content | Where-Object {$_.systemId -eq $platform} 36 | } 37 | else{ 38 | $content 39 | } 40 | } 41 | else { 42 | Write-Output "This function requires internet connection" 43 | } 44 | } -------------------------------------------------------------------------------- /hardware/HP/HPBIOSJSON.JSON: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/hardware/HP/HPBIOSJSON.JSON -------------------------------------------------------------------------------- /hardware/HP/HPIA-BlogSeries-2024/CMTS-RunHPIAStep.ps1: -------------------------------------------------------------------------------- 1 | 2 | param( 3 | [Parameter(Mandatory=$false)] 4 | [string]$RepoLocation, 5 | [Parameter(Mandatory=$false)] 6 | [string]$CacheDir = "$env:TEMP\HPIACache", 7 | [Parameter(Mandatory=$false)] 8 | [string]$ToolLocation, 9 | [Parameter(Mandatory=$false)] 10 | [string]$LogLocation = "C:\Drivers" 11 | 12 | ) 13 | 14 | 15 | if (!(Test-Path -Path $LogLocation)){ 16 | New-Item -Path $LogLocation -ItemType Directory -Force | Out-Null 17 | } 18 | if (!(Test-Path -Path $CacheDir)){ 19 | New-Item -Path $CacheDir -ItemType Directory -Force | Out-Null 20 | } 21 | 22 | $TaskSequenceProgressUi = New-Object -ComObject "Microsoft.SMS.TSProgressUI" #Connect to TS Progress UI 23 | $TaskSequenceProgressUi.CloseProgressDialog() #Close Progress Bar 24 | 25 | 26 | Write-Output "============================================================" 27 | Write-Output "" 28 | Write-Output "RepoLocation: $($RepoLocation)" 29 | Write-Output "LogLocation: $($LogLocation)" 30 | Write-Output "CacheDir: $($CacheDir)" 31 | Write-Output "ToolLocation: $($ToolLocation)" 32 | 33 | Write-Output "" 34 | 35 | $ToolPath = "$ToolLocation\HPImageAssistant.exe" 36 | if (!(Test-Path -Path $ToolPath)){ 37 | Write-Output "Unable to find $ToolPath" 38 | Exit 256 39 | } 40 | 41 | $ToolArg = "/Operation:Analyze /Action:Install /Selection:All /silent /ReportFolder:`"$LogLocation`" /SoftpaqDownloadFolder:`"$CacheDir`" /Offlinemode:`"$RepoLocation`" /Noninteractive /debug" 42 | 43 | Write-Output "Start-Process -FilePath $ToolPath -ArgumentList $ToolArg -Wait -PassThru" 44 | $Process = Start-Process -FilePath $ToolPath -ArgumentList $ToolArg -Wait -PassThru 45 | 46 | 47 | Write-Output "ExitCode: $($Process.ExitCode)" 48 | 49 | Write-Output "" 50 | Write-Output "============================================================" 51 | -------------------------------------------------------------------------------- /hardware/HP/HPIA-BlogSeries-2024/HP_Logo_clear.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/hardware/HP/HPIA-BlogSeries-2024/HP_Logo_clear.png -------------------------------------------------------------------------------- /hardware/HP/HPIA-BlogSeries-2024/readme.md: -------------------------------------------------------------------------------- 1 | # PowerShell Scripts to Creating Packages and Content in CM 2 | 3 | These scripts are for creating packages in CM, adding content, and updating a TS to manage them. 4 | 5 | For details go to my blog 6 | https://garytown.com/osd-hp-image-assistant-revisited-an-overview 7 | -------------------------------------------------------------------------------- /hardware/HP/HPIA-RefFileTS/HPIA_Task_Sequence.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/hardware/HP/HPIA-RefFileTS/HPIA_Task_Sequence.zip -------------------------------------------------------------------------------- /hardware/HP/HPIA/Driver Updates via HPIA.cab: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/hardware/HP/HPIA/Driver Updates via HPIA.cab -------------------------------------------------------------------------------- /hardware/HP/HPIA/HPIA Scheduled Task Setup.cab: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/hardware/HP/HPIA/HPIA Scheduled Task Setup.cab -------------------------------------------------------------------------------- /hardware/HP/HPIA/HPIA-CI-Setup-Discovery.ps1: -------------------------------------------------------------------------------- 1 | <# CI Detection - Tests if Script is there and the Scheduled Task is there... 2 | If not.. it reports non-compliance. 3 | 4 | Remediation Script: https://github.com/gwblok/garytown/blob/master/hardware/HP/HPIA/HPIA-AutoUpdate-Setup.ps1 5 | 6 | 7 | 8 | #> 9 | $Compliance = "Compliant" 10 | $ScriptStagingFolder = "$env:ProgramFiles\HP\HPIA" 11 | 12 | [String]$TaskName = "HP Image Assistant Update Service" 13 | if (!(Get-ScheduledTask -TaskName $TaskName -ErrorAction SilentlyContinue)){ 14 | $Compliance = "Non-Compliant" 15 | } 16 | 17 | if (!(Test-Path "$ScriptStagingFolder\HPIAUpdateService.ps1")){ 18 | $Compliance = "Non-Compliant" 19 | } 20 | 21 | Return $Compliance 22 | -------------------------------------------------------------------------------- /hardware/HP/HPIA/HPIA.garytown.com.ps1: -------------------------------------------------------------------------------- 1 | Write-Host "Creating HPIA Functions" -ForegroundColor Green 2 | Write-Host " [+] Write-CMTraceLog" -ForegroundColor Gray 3 | Write-Host " [+] Get-HPIALatestVersion" -ForegroundColor Gray 4 | Write-Host " [+] Install-HPIA" -ForegroundColor Gray 5 | Write-Host " [+] Invoke-HPIA" -ForegroundColor Gray 6 | Write-Host " [+] Get-HPIAXMLResult" -ForegroundColor Gray 7 | Write-Host " [+] Get-HPIAJSONResult" -ForegroundColor Gray 8 | iex (irm https://raw.githubusercontent.com/OSDeploy/OSD/master/Public/OSDCloudTS/Invoke-HPIA.ps1) 9 | 10 | Write-Host "" 11 | write-host "Demo Functions" -ForegroundColor Green 12 | Write-Host " [+] Get-MMSDemo1 - Softpaq Automation Demo" -ForegroundColor Gray 13 | Write-Host " [+] Get-MMSDemo2 - Notification Demo" -ForegroundColor Gray 14 | Write-Host " [+] Get-MMSDemo3 - BIOS Update Method Demo" -ForegroundColor Gray 15 | Write-Host " [+] Get-MMSDemo4 - Create Offline Repo Demo" -ForegroundColor Gray 16 | Write-Host " [+] Get-MMSDemo5 - Max Driver Pack Demo" -ForegroundColor Gray 17 | iex (irm mms24demo.garytown.com) 18 | 19 | -------------------------------------------------------------------------------- /hardware/HP/HPIA/media/Get-HPIALatestVersion.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/hardware/HP/HPIA/media/Get-HPIALatestVersion.png -------------------------------------------------------------------------------- /hardware/HP/HPIA/media/readme.md: -------------------------------------------------------------------------------- 1 | Just placeholder for images 2 | -------------------------------------------------------------------------------- /hardware/HP/MIK/readme.md: -------------------------------------------------------------------------------- 1 | # HP MIK Client Install / Updater Configuration Items 2 | 3 | CI Detection Method:
4 | 5 | ```PowerShell 6 | $Manufacturer = (Get-WmiObject -Class:Win32_ComputerSystem).Manufacturer 7 | if ($Manufacturer -match "HP"){Write-Output $Manufacturer} 8 | elseif ($Manufacturer -match "Hewlett"){Write-Output $Manufacturer} 9 | else{} 10 | ``` 11 | Compliance Rule:
12 | Rule Type: Value [Drop down]
13 | Operator: Equals [Drop down]
14 | Values: Compliant [String Entry]
15 | 16 | Settings: Discovery Script
17 | https://github.com/gwblok/garytown/blob/master/hardware/HP/MIK/MIKClient_CI_Discovery.ps1 18 | 19 | Settings: Remediation Script
20 | https://github.com/gwblok/garytown/blob/master/hardware/HP/MIK/MIKClient_CI_Remediation.ps1 21 |
22 |
23 | Remdiation Script for ConfigMgr CI 24 |
25 | Checks for:
26 | - HP MIK Version 27 | - HPIA Version 28 | 29 | - Test for HPCMSL - Installs specialized version based on HP Connect if HPCMSL is not already loaded on device. 30 | - This happens even in Discovery Script, as the Discovery relies on HPCMSL 31 | - Installs to: C:\Program Files\HPConnect\hp-cmsl-wl 32 | 33 | 34 | 35 | Make sure to keep the $MIKSoftpaqID information current 36 | https://ftp.ext.hp.com/pub/caps-softpaq/cmit/HPMIK.html 37 | -------------------------------------------------------------------------------- /hardware/HP/SureRecover/CI/HPClientsBaseline.cab: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/hardware/HP/SureRecover/CI/HPClientsBaseline.cab -------------------------------------------------------------------------------- /hardware/HP/SureRecover/CI/Readme.md: -------------------------------------------------------------------------------- 1 | Contains the Baseline from my Lab exported with all of the BIOS Settings required for solution. 2 | Import the CAB file into CM. 3 | 4 | Otherwise you can grab the main scripts the single CI for setting the WiFi Profile in the BIOS Settings, rest of the items you'll have to create on your own. 5 | -------------------------------------------------------------------------------- /hardware/HP/SureRecover/CI/WiFiSetup-CI-DetectionMethod.ps1: -------------------------------------------------------------------------------- 1 | <# HP - Set WiFi Profiles into BIOS for use with Sure Recover - Baseline - ConfigMgr - CI Detection Methods 2 | Gary Blok - HP - @gwblok 3 | 4 | This script is used as the CI's detection to determine if it should even run the CI or not on a system (Not the Detection script under Settings) 5 | 6 | This will only allow the CI to run on the computer if: 7 | 1) Device is HP 8 | 2) Device is configured to store WiFi Info in BIOS 9 | 3) Has an active WiFi Profile 10 | 11 | 12 | #> 13 | 14 | 15 | function Get-HPBIOSSettingWMI([string]$SettingName) { 16 | $bios = Get-CimInstance -Namespace root/hp/InstrumentedBIOS -ClassName HP_BIOSSetting 17 | $Setting = $bios | Where-Object {$_.Name -eq $SettingName} 18 | return $Setting 19 | } 20 | Function Get-WiFiActiveProfileSSID { 21 | $Interfaces = netsh wlan show interfaces 22 | try { 23 | $ActiveProfile = ($Interfaces | Select-String "Profile"| Where-Object {$_ -notmatch "Connection"}).ToString().Split(":") | Select-Object -Last 1 -ErrorAction SilentlyContinue 24 | } 25 | catch{} 26 | if ($ActiveProfile){ 27 | $ActiveProfile = $ActiveProfile.Trim() 28 | return $ActiveProfile 29 | } 30 | } 31 | 32 | $Baseboard = Get-CimInstance -ClassName Win32_Baseboard 33 | #Confirm Device is HP 34 | If (($Baseboard.Manufacturer -match "HP") -or ($Baseboard.Manufacturer -match "Hewlett")) { 35 | #Confirm Device is capable of storing WiFi in BIOS 36 | if (Get-HPBIOSSettingWMI -SettingName "Preboot Wi-Fi Profile 1"){ 37 | #Check for an Active WiFi Connection 38 | Get-WiFiActiveProfileSSID 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /hardware/HP/SureRecover/HPSRAdminGuide.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/hardware/HP/SureRecover/HPSRAdminGuide.pdf -------------------------------------------------------------------------------- /hardware/HP/SureRecover/HPSRAgentWithinCorporateFirewall.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/hardware/HP/SureRecover/HPSRAgentWithinCorporateFirewall.pdf -------------------------------------------------------------------------------- /hardware/HP/SureRecover/PR/WiFiBIOSPreReqs-PR-DetectionScript.ps1: -------------------------------------------------------------------------------- 1 | <# HP - Set BIOS Settings for use with PreBoot WiFi - Proactive Remediations via Intune 2 | Detection Script 3 | Gary Blok - HP - @gwblok 4 | 5 | #> 6 | 7 | $BIOSSettingTable_WiFi = @( 8 | @{ Setting = 'Preboot Wi-Fi Master Auto Connect'; Value = 'Enable'} 9 | @{ Setting = 'Fast Boot'; Value = 'Disable'} 10 | @{ Setting = 'Intel Active Management Technology (AMT)'; Value = 'Disable'} 11 | ) 12 | 13 | function Get-HPBIOSSettingWMI([string]$SettingName) { 14 | $bios = Get-CimInstance -Namespace root/hp/InstrumentedBIOS -ClassName HP_BIOSSetting 15 | $Setting = $bios | Where-Object {$_.Name -eq $SettingName} 16 | return $Setting 17 | } 18 | 19 | 20 | foreach ($Setting in $BIOSSettingTable_WiFi){ 21 | $BIOSSetting = $Setting.Setting 22 | $DesiredValue = $Setting.Value 23 | $BIOSInfo = Get-HPBIOSSettingWMI -SettingName $BIOSSetting 24 | if ($BIOSInfo){ 25 | if ($BIOSInfo.CurrentValue -ne $DesiredValue){ 26 | exit 1 #Exit 1 to Start Remediation 27 | } 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /hardware/HP/SureRecover/PR/WiFiBIOSPreReqs-PR-RemediationScript.ps1: -------------------------------------------------------------------------------- 1 | <# HP - Set BIOS Settings for use with PreBoot WiFi - Proactive Remediations via Intune 2 | Remediation Script 3 | Gary Blok - HP - @gwblok 4 | 5 | #> 6 | 7 | $BIOSSettingTable_WiFi = @( 8 | @{ Setting = 'Preboot Wi-Fi Master Auto Connect'; Value = 'Enable'} 9 | @{ Setting = 'Fast Boot'; Value = 'Disable'} 10 | @{ Setting = 'Intel Active Management Technology (AMT)'; Value = 'Disable'} 11 | ) 12 | 13 | function Get-HPBIOSSettingWMI([string]$SettingName) { 14 | $bios = Get-CimInstance -Namespace root/hp/InstrumentedBIOS -ClassName HP_BIOSSetting 15 | $Setting = $bios | Where-Object {$_.Name -eq $SettingName} 16 | return $Setting 17 | } 18 | 19 | function Set-HPBIOSSettingWMI([string]$SettingName, [string]$Value, [string]$BIOSPassword){ 20 |     $bios = Get-WmiObject -Namespace root/HP/InstrumentedBIOS -Class HP_BIOSSettingInterface 21 | $BIOSSetting = gwmi -class hp_biossetting -Namespace "root\hp\instrumentedbios" 22 | If (($BIOSSetting | ?{ $_.Name -eq 'Setup Password' }).IsSet -eq 0) 23 | { 24 | $Result = $BIOS.SetBIOSSetting($SettingName,$Value) 25 | } 26 | elseif (($BIOSSetting | ?{ $_.Name -eq 'Setup Password' }).IsSet -eq 1) 27 | { 28 | $PW = "$BIOSPW" 29 | $Result = $BIOS.SetBIOSSetting($SettingName,$Value,$PW) 30 | } 31 |     32 | } 33 | 34 | 35 | foreach ($Setting in $BIOSSettingTable_WiFi){ 36 | $BIOSSetting = $Setting.Setting 37 | $DesiredValue = $Setting.Value 38 | $BIOSInfo = Get-HPBIOSSettingWMI -SettingName $BIOSSetting 39 | if ($BIOSInfo){ 40 | if ($BIOSInfo.CurrentValue -ne $DesiredValue){ 41 | Write-Output "$BIOSSetting | Current Value: $($BIOSInfo.CurrentValue)" 42 | Write-Output " Setting to $DesiredValue" 43 | Set-HPBIOSSettingWMI -SettingName $BIOSSetting -Value $DesiredValue 44 | } 45 | } 46 | } 47 | 48 | -------------------------------------------------------------------------------- /hardware/HP/SureRecover/readme.md: -------------------------------------------------------------------------------- 1 | # HP Sure Recover Setup 2 | 3 | 4 | Check out the corresponding blog posts:
5 | [https://garytown.com/category/hp/sure-recover](https://garytown.com/category/hp/sure-recover) 6 | 7 | Scripts will help guide you through setting up a custom Sure Recover Process
8 | They are explained in detail at GARYTOWN.COM 9 | 10 | Scripts to add WiFi Settings from the full OS into BIOS
11 | PR - Folder includes the Intune Proactive Remediation
12 | CI - Folder inlcude the 3 scripts for a ConfigMgr CI
13 | - Scripts supporting WPA2 only, no fancy stuff. 14 | -------------------------------------------------------------------------------- /hardware/HP/Test-HPIASupport.ps1: -------------------------------------------------------------------------------- 1 | function Test-HPIASupport ([string]$PlatformID){ 2 | 3 | $CabPath = "$env:TEMP\platformList.cab" 4 | $XMLPath = "$env:TEMP\platformList.xml" 5 | $PlatformListCabURL = "https://hpia.hpcloud.hp.com/ref/platformList.cab" 6 | if (!(Test-Path $CabPath)){ 7 | Invoke-WebRequest -Uri $PlatformListCabURL -OutFile $CabPath -UseBasicParsing 8 | } 9 | if (!(Test-Path $XMLPath)){ 10 | $Expand = expand $CabPath $XMLPath 11 | } 12 | [xml]$XML = Get-Content $XMLPath 13 | $Platforms = $XML.ImagePal.Platform.SystemID 14 | if ($PlatformID){ 15 | $MachinePlatform = $PlatformID 16 | } 17 | else { 18 | $MachinePlatform = (Get-CimInstance -Namespace root/cimv2 -ClassName Win32_BaseBoard).Product 19 | } 20 | if ($MachinePlatform -in $Platforms){$HPIASupport = $true} 21 | else {$HPIASupport = $false} 22 | 23 | return $HPIASupport 24 | } 25 | -------------------------------------------------------------------------------- /hardware/Lenovo/EMPS/SU-InstallBIOSUpdates.ps1: -------------------------------------------------------------------------------- 1 | #Taken directly from the Lenovo SU Helper documentation: https://blog.lenovocdrt.com/su-helper-use-cases-in-a-modern-world/#scenario-on-demand-bios-update 2 | 3 | # Define SU Helper variables 4 | $basePath = "$env:ProgramFiles\Lenovo\SUHelper" 5 | $suHelperPath = Join-Path -Path $basePath -ChildPath "SUHelper.exe" 6 | $suParams = @('-autoupdate', '-packagetype', '3') # Specifying Package Type 3 to filter only BIOS updates (https://docs.lenovocdrt.com/guides/cv/suhelper/#-packagetype-string) 7 | 8 | # Check if SUHelper.exe exists 9 | if (-Not (Test-Path $suHelperPath)) 10 | { 11 | Write-Error "SUHelper.exe not found at $suHelperPath." 12 | #exit 1 13 | } 14 | 15 | try 16 | { 17 | # Fetch applicable updates 18 | $applicableUpdates = Get-CimInstance -Namespace root/Lenovo -ClassName Lenovo_Updates | Where-Object { $_.Status -eq "Applicable" } 19 | 20 | # Check for BIOS update 21 | $biosUpdateAvailable = $applicableUpdates | Where-Object { $_.Title -match "BIOS" } 22 | 23 | if (-Not $biosUpdateAvailable) 24 | { 25 | Write-Output "No BIOS update available." 26 | exit 0 27 | } 28 | else 29 | { 30 | Write-Output "BIOS update available to install. Triggering SU Helper." 31 | } 32 | 33 | # Start the SU Helper process 34 | $process = Start-Process -FilePath $suHelperPath -ArgumentList $suParams -NoNewWindow -PassThru -Wait 35 | $process.WaitForExit() 36 | 37 | if ($process.ExitCode -ne 0) 38 | { 39 | Write-Error "SUHelper.exe exited with code $($process.ExitCode)." 40 | #exit 1 41 | } 42 | } 43 | catch 44 | { 45 | Write-Error "Error occurred: $_" 46 | #exit 1 47 | } -------------------------------------------------------------------------------- /hardware/Readme.md: -------------------------------------------------------------------------------- 1 | CreateCMPackages_BIOS_Drivers: Creates Packages for Dell & HP Models for BIOS & Drivers based on a Hash Table (You fill in info) 2 | 3 | Dell_PopulateCMPackage: Looks to the Packages in CM to see what Dell Models you have, then downloads the BIOS 4 | 5 | HP_PopulateCMPackage: Looks to the Packages in CM to see what HP Models you have, then downloads the BIOS - Leverages HPCMSL 6 | -------------------------------------------------------------------------------- /hardware/Temp/Temp1.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/hardware/Temp/Temp1.ps1 -------------------------------------------------------------------------------- /images/BackGround.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/images/BackGround.jpg -------------------------------------------------------------------------------- /images/Design.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/images/Design.png -------------------------------------------------------------------------------- /images/GARYTOWN_LOGO_Innovation.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/images/GARYTOWN_LOGO_Innovation.png -------------------------------------------------------------------------------- /images/_868a8e47-a528-4cd4-9a12-c27b4272950a.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/images/_868a8e47-a528-4cd4-9a12-c27b4272950a.jpg -------------------------------------------------------------------------------- /images/_957e0259-e644-4341-aa93-5bb6622d03f5.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gwblok/garytown/c275935f10d1d4da6978df9bc02882114f706144/images/_957e0259-e644-4341-aa93-5bb6622d03f5.jpg -------------------------------------------------------------------------------- /images/readme.md: -------------------------------------------------------------------------------- 1 | # GARYTOWN Images 2 | 3 | Images used in Intune, OSD, etc. 4 | --------------------------------------------------------------------------------