Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitb4851a1

Browse files
2 parents0e70909 +ec54b3b commitb4851a1

File tree

5 files changed

+144
-51
lines changed

5 files changed

+144
-51
lines changed

‎.vscode/launch.json‎

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
{
2+
// Use IntelliSense to learn about possible attributes.
3+
// Hover to view descriptions of existing attributes.
4+
// For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
5+
"version":"0.2.0",
6+
"configurations": [
7+
{
8+
"name":"PowerShell Launch Current File",
9+
"type":"PowerShell",
10+
"request":"launch",
11+
"script":"${file}",
12+
"args": [],
13+
"cwd":"${file}"
14+
},
15+
{
16+
"name":"PowerShell Launch Current File in Temporary Console",
17+
"type":"PowerShell",
18+
"request":"launch",
19+
"script":"${file}",
20+
"args": [],
21+
"cwd":"${file}",
22+
"createTemporaryIntegratedConsole":true
23+
},
24+
{
25+
"name":"PowerShell Launch Current File w/Args Prompt",
26+
"type":"PowerShell",
27+
"request":"launch",
28+
"script":"${file}",
29+
"args": [
30+
"${command:SpecifyScriptArgs}"
31+
],
32+
"cwd":"${file}"
33+
},
34+
{
35+
"name":"PowerShell Attach to Host Process",
36+
"type":"PowerShell",
37+
"request":"attach"
38+
},
39+
{
40+
"name":"PowerShell Interactive Session",
41+
"type":"PowerShell",
42+
"request":"launch",
43+
"cwd":""
44+
},
45+
{
46+
"name":"PowerShell Attach Interactive Session Runspace",
47+
"type":"PowerShell",
48+
"request":"attach",
49+
"processId":"current"
50+
}
51+
]
52+
}

‎AppOptimizeAndConfig.ps1‎

Lines changed: 50 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,12 @@
77
Utilizes LGPO.exe to apply group policy item where neceassary.
88
Utilizes MDT/SCCM TaskSequence property control
99
Configurable using custom variables in MDT/SCCM
10+
11+
.EXAMPLE
12+
powershell.exe -ExecutionPolicy Bypass -file "AppOptimizeAndConfig.ps1"
13+
1014
.INFO
15+
Script: AppOptimizeAndConfig.ps1
1116
Author: Richard Tracy
1217
Email: richard.tracy@hotmail.com
1318
Twitter: @rick2_1979
@@ -237,7 +242,7 @@ Function Write-LogEntry{
237242
Out-File-InputObject$LogFormat-Append-NoClobber-EncodingDefault-FilePath$OutputLogFile-ErrorAction Stop
238243
}
239244
catch {
240-
Write-Host ("[{0}] [{1}] :: Unable to append log entry to [{1}], error: {2}"-f$LogTimePlusBias,$ScriptSource,$OutputLogFile,$_.Exception.ErrorMessage)-ForegroundColor Red
245+
Write-Host ("[{0}] [{1}] :: Unable to append log entry to [{1}], error: {2}"-f$LogTimePlusBias,$ScriptSource,$OutputLogFile,$_.Exception.Message)-ForegroundColor Red
241246
}
242247
}
243248
End{
@@ -516,17 +521,20 @@ Function Set-SystemSetting {
516521
#verify the registry value has been set
517522
Try{
518523
If(-not(Test-Path ($RegHive+'\'+$RegKeyPath)) ){
519-
Write-LogEntry ("Key was not set; Hardcoding registry keys [{0}\{1}] with value [{2}]"-f ($RegHive+'\'+$RegKeyPath),$RegKeyName,$Value)-Severity0-Source${CmdletName}
520-
New-Item-Path ($RegHive+'\'+$RegKeyPath)-Force-WhatIf:$WhatIfPreference-ErrorAction SilentlyContinue|Out-Null
521-
New-ItemProperty-Path ($RegHive+'\'+$RegKeyPath)-Name$RegKeyName-PropertyType$Type-Value$Value-Force:$Force-WhatIf:$WhatIfPreference-ErrorAction SilentlyContinue-PassThru
524+
Write-LogEntry ("Path was not found; Creating path and setting registry keys [{0}\{1}] with value [{2}]"-f ($RegHive+'\'+$RegKeyPath),$RegKeyName,$Value)-Severity0-Source${CmdletName}
525+
#New-Item -Path ($RegHive +'\'+ $RegKeyPath) -Force -WhatIf:$WhatIfPreference -ErrorAction Stop | Out-Null
526+
New-Item ($RegHive+'\'+$RegKeyPath)-Force:$Force-WhatIf:$WhatIfPreference-ErrorAction Stop|New-ItemProperty-Name$RegKeyName-PropertyType$Type-Value$Value-Force:$Force-ErrorAction Stop|Out-Null
527+
#wait for registry path to popluate (only on slower systems)
528+
#start-sleep 2
529+
#New-ItemProperty -Path ($RegHive +'\'+ $RegKeyPath) -Name $RegKeyName -PropertyType $Type -Value $Value -Force:$Force -WhatIf:$WhatIfPreference -ErrorAction Stop | Out-Null
522530
}
523531
Else{
524-
Write-LogEntry ("Key name not found. Creating key name [{1}] at path [{0}] with value [{2}]"-f ($RegHive+'\'+$RegKeyPath),$RegKeyName,$Value)-Source${CmdletName}
525-
Set-ItemProperty-Path ($RegHive+'\'+$RegKeyPath)-Name$RegKeyName-Value$Value-Force:$Force-WhatIf:$WhatIfPreference-ErrorActionSilentlyContinue-PassThru
532+
Write-LogEntry ("Setting key name [{1}] at path [{0}] with value [{2}]"-f ($RegHive+'\'+$RegKeyPath),$RegKeyName,$Value)-Source${CmdletName}
533+
Set-ItemProperty-Path ($RegHive+'\'+$RegKeyPath)-Name$RegKeyName-Value$Value-Force:$Force-WhatIf:$WhatIfPreference-ErrorActionStop|Out-Null
526534
}
527535
}
528536
Catch{
529-
Write-LogEntry ("Unable toset registry key [{0}\{1}\{2}] with value [{3}]"-f$RegHive,$RegKeyPath,$RegKeyName,$Value)-Severity2-Source${CmdletName}
537+
Write-LogEntry ("Unable toconfigure registry key [{0}\{1}\{2}]. {4}"-f$RegHive,$RegKeyPath,$RegKeyName,$Value,$_.Exception.Message)-Severity3-Source${CmdletName}
530538
}
531539

532540
}
@@ -701,7 +709,12 @@ Function Set-UserSetting {
701709
If ($HiveLoaded-eq$true) {
702710
If($Message){Write-LogEntry ("{0} for User [{1}].."-f$Message,$UserName)}
703711
If($Remove){
704-
Remove-ItemProperty"$RegHive\$($UserProfile.SID)\$RegKeyPath"-Name$RegKeyName-Force:$Force-WhatIf:$WhatIfPreference-ErrorAction SilentlyContinue|Out-Null
712+
Try{
713+
Remove-ItemProperty"$RegHive\$($UserProfile.SID)\$RegKeyPath"-Name$RegKeyName-Force:$Force-WhatIf:$WhatIfPreference-ErrorAction SilentlyContinue|Out-Null
714+
}
715+
Catch{
716+
Write-LogEntry ("Unable to remove registry key [{0}\{1}\{2}]. {4}"-f$RegHive,$RegKeyPath,$RegKeyName,$Value,$_.Exception.Message)-Severity3-Source${CmdletName}
717+
}
705718
}
706719
Else{
707720
Set-SystemSetting-Path"$RegHive\$($UserProfile.SID)\$RegKeyPath"-Name$RegKeyName-Type$Type-Value$Value-Force:$Force-WhatIf:$WhatIfPreference-TryLGPO:$TryLGPO
@@ -720,7 +733,12 @@ Function Set-UserSetting {
720733
Else{
721734
If($Message){Write-LogEntry ("{0} for [{1}].."-f$Message,$ProfileList.UserName)}
722735
If($Remove){
723-
Remove-ItemProperty"$RegHive\$RegKeyPath\$RegKeyPath"-Name$RegKeyName-Force:$Force-WhatIf:$WhatIfPreference-ErrorAction SilentlyContinue|Out-Null
736+
Try{
737+
Remove-ItemProperty"$RegHive\$RegKeyPath\$RegKeyPath"-Name$RegKeyName-Force:$Force-WhatIf:$WhatIfPreference-ErrorAction SilentlyContinue|Out-Null
738+
}
739+
Catch{
740+
Write-LogEntry ("Unable to remove registry key [{0}\{1}\{2}]. {4}"-f$RegHive,$RegKeyPath,$RegKeyName,$Value,$_.Exception.Message)-Severity3-Source${CmdletName}
741+
}
724742
}
725743
Else{
726744
Set-SystemSetting-Path"$RegHive\$RegKeyPath"-Name$RegKeyName-Type$Type-Value$Value-Force:$Force-WhatIf:$WhatIfPreference-TryLGPO:$TryLGPO
@@ -1104,6 +1122,7 @@ If($RemoveAppxPackages)
11041122

11051123
$p=1
11061124
$c=0
1125+
$d=0
11071126
# Loop through the list of appx packages
11081127
foreach ($Appin$AppArrayList) {
11091128

@@ -1113,49 +1132,57 @@ If($RemoveAppxPackages)
11131132
}
11141133
else {
11151134
# Gather package names
1116-
$AppPackageFullName=Get-AppxPackage-Name$App.Name|Select-Object-ExpandProperty PackageFullName
1135+
$AppPackageDetails=Get-AppxPackage-AllUsers-Name$App.Name
11171136

1118-
$AppProvisioningPackageName=Get-AppxProvisionedPackage-Online|Where-Object {$_.DisplayName-like$App.Name }|Select-Object-ExpandProperty PackageName
1137+
$AppProvisioningPackageName=Get-AppxProvisionedPackage-Online|Where-Object {$_.DisplayName-like$AppPackageDetails.Name }|Select-Object-ExpandProperty PackageName
11191138

11201139
# Attempt to remove AppxPackage
1121-
if ($null-ne$AppPackageFullName) {
1122-
Show-ProgressStatus-Message ("Removing application package: {0}"-f$App.Name)-Step$p-MaxStep$AppArrayList.count
1140+
if ($null-ne$AppPackageDetails) {
1141+
Show-ProgressStatus-Message ("Removing application package: {0}"-f$AppPackageDetails.Name)-Step$p-MaxStep$AppArrayList.count
11231142

11241143
try {
1125-
Remove-AppxPackage-Package$AppPackageFullName-ErrorAction Stop|Out-Null
1144+
Remove-AppxPackage-AllUsers-Package$AppPackageDetails.PackageFullName-ErrorAction Stop|Out-Null
11261145

1127-
Write-LogEntry-Message ("Successfully removed application package: {0}"-f$App.Name)-Outhost
1146+
Write-LogEntry-Message ("Successfully removed application package: {0}"-f$AppPackageDetails.PackageFullName)-Outhost
11281147
$c++
11291148
}
11301149
catch [System.Exception] {
1131-
Write-LogEntry-Message ("Failed removing AppxPackage: {0}"-f$_.Message)-Severity3-Outhost
1150+
Write-LogEntry-Message ("Failed removing AppxPackage: {0}"-f$_)-Severity3-Outhost
1151+
}
1152+
Finally{
1153+
Write-LogEntry-Message ("--------------------------------------------------" )-Outhost
11321154
}
11331155
}
11341156
else {
1135-
Write-LogEntry-Message ("Unable to locate AppxPackage for app: {0}"-f$App.Name)-Outhost
1157+
Write-LogEntry-Message ("Unable to locate AppxPackage for app: {0}"-f$AppPackageDetails.Name)-Outhost
11361158
}
11371159

11381160
# Attempt to remove AppxProvisioningPackage
1139-
if ($null-eq$AppProvisioningPackageName) {
1140-
Write-LogEntry-Message ("Removing applicationprovisioning package: {0}"-f$AppProvisioningPackageName)
1161+
if ($null-ne$AppProvisioningPackageName) {
1162+
Write-LogEntry-Message ("Removing applicationPROVISIONED package: {0}"-f$AppProvisioningPackageName)
11411163
try {
11421164
Remove-AppxProvisionedPackage-PackageName$AppProvisioningPackageName-Online-ErrorAction Stop|Out-Null
1143-
Write-LogEntry-Message ("Successfully removed application provisioning package: {0}"-f$AppProvisioningPackageName)-Outhost
1165+
Write-LogEntry-Message ("Successfully removed application PROVISIONED package: {0}"-f$AppProvisioningPackageName)-Outhost
1166+
$d++
11441167
}
11451168
catch [System.Exception] {
1146-
Write-LogEntry-Message ("Failed removing Appx Provisioning Package: {0}"-f$_.Message)-Severity3-Outhost
1169+
Write-LogEntry-Message ("Failed removing Appx PROVISIONED Package: {0}"-f$_)-Severity3-Outhost
1170+
}
1171+
Finally{
1172+
Write-LogEntry-Message ("--------------------------------------------------" )-Outhost
11471173
}
11481174
}
11491175
else {
1150-
Write-LogEntry-Message ("Unable to locate AppxProvisioning Package for app: {0}"-f$App.Name)-Outhost
1176+
Write-LogEntry-Message ("Unable to locate AppxPROVISIONED Package for app: {0}"-f$AppPackageDetails.Name)-Outhost
11511177
}
11521178

11531179
}
11541180

11551181
$p++
11561182
}
11571183

1158-
Write-LogEntry-Message ("Removed {0} built-in AppxPackage and AppxProvisioningPackage"-f$c)-Outhost
1184+
Write-LogEntry-Message ("Removed {0} All Users App Package's"-f$c)-Outhost
1185+
Write-LogEntry-Message ("Removed {0} built-in App PROVISIONED Package's"-f$d)-Outhost
11591186
}
11601187
Else{$stepCounter++}
11611188

‎Svr16OptimizeAndConfig.ps1‎

310 Bytes
Binary file not shown.

‎Win10OptimizeAndConfig.ps1‎

Lines changed: 21 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,11 @@
88
Utilizes MDT/SCCM TaskSequence property control
99
Configurable using custom variables in MDT/SCCM
1010
11+
.EXAMPLE
12+
powershell.exe -ExecutionPolicy Bypass -file "Win10OptimizeAndConfig.ps1"
13+
1114
.INFO
15+
Script: Win10OptimizeAndConfig.ps1
1216
Author: Richard Tracy
1317
Email: richard.tracy@hotmail.com
1418
Twitter: @rick2_1979
@@ -349,7 +353,7 @@ Function Write-LogEntry{
349353
Out-File-InputObject$LogFormat-Append-NoClobber-EncodingDefault-FilePath$OutputLogFile-ErrorAction Stop
350354
}
351355
catch {
352-
Write-Host ("[{0}] [{1}] :: Unable to append log entry to [{1}], error: {2}"-f$LogTimePlusBias,$ScriptSource,$OutputLogFile,$_.Exception.ErrorMessage)-ForegroundColor Red
356+
Write-Host ("[{0}] [{1}] :: Unable to append log entry to [{1}], error: {2}"-f$LogTimePlusBias,$ScriptSource,$OutputLogFile,$_.Exception.Message)-ForegroundColor Red
353357
}
354358
}
355359
End{
@@ -486,7 +490,7 @@ Function Set-Bluetooth{
486490
Await ($bluetooth.SetStateAsync($DeviceStatus)) ([Windows.Devices.Radios.RadioAccessStatus])|Out-Null
487491
}
488492
Catch{
489-
Write-LogEntry ("Unable to configure Bluetooth Settings: {0}"-f$_.Exception.ErrorMessage)-Severity3-Source${CmdletName}
493+
Write-LogEntry ("Unable to configure Bluetooth Settings: {0}"-f$_.Exception.Message)-Severity3-Source${CmdletName}
490494
}
491495
Finally{
492496
#If ((Get-Service bthserv).Status -eq 'Stopped') { Start-Service bthserv }
@@ -670,28 +674,31 @@ Function Set-SystemSetting {
670674
}
671675
Catch{
672676
If($TryLGPO-and$LGPOExe){
673-
Write-LogEntry ("LGPO failed to run. exit code: {0}.Hardcoding registry keys [{1}\{2}\{3}]"-f$result.ExitCode,$RegHive,$RegKeyPath,$RegKeyName)-Severity3-Source${CmdletName}
677+
Write-LogEntry ("LGPO failed to run. exit code: {0}.Setting registry keys [{1}\{2}\{3}] instead"-f$result.ExitCode,$RegHive,$RegKeyPath,$RegKeyName)-Severity3-Source${CmdletName}
674678
}
675679
}
676680
Finally
677681
{
678682
#wait for LGPO file to finish generating
679683
start-sleep1
680-
684+
681685
#verify the registry value has been set
682686
Try{
683687
If(-not(Test-Path ($RegHive+'\'+$RegKeyPath)) ){
684-
Write-LogEntry ("Key was not set; Hardcoding registry keys [{0}\{1}] with value [{2}]"-f ($RegHive+'\'+$RegKeyPath),$RegKeyName,$Value)-Severity0-Source${CmdletName}
685-
New-Item-Path ($RegHive+'\'+$RegKeyPath)-Force-WhatIf:$WhatIfPreference-ErrorAction SilentlyContinue|Out-Null
686-
New-ItemProperty-Path ($RegHive+'\'+$RegKeyPath)-Name$RegKeyName-PropertyType$Type-Value$Value-Force:$Force-WhatIf:$WhatIfPreference-ErrorAction SilentlyContinue-PassThru
688+
Write-LogEntry ("Path was not found; Creating path and setting registry keys [{0}\{1}] with value [{2}]"-f ($RegHive+'\'+$RegKeyPath),$RegKeyName,$Value)-Severity0-Source${CmdletName}
689+
#New-Item -Path ($RegHive +'\'+ $RegKeyPath) -Force -WhatIf:$WhatIfPreference -ErrorAction Stop | Out-Null
690+
New-Item ($RegHive+'\'+$RegKeyPath)-Force:$Force-WhatIf:$WhatIfPreference-ErrorAction Stop|New-ItemProperty-Name$RegKeyName-PropertyType$Type-Value$Value-Force:$Force-ErrorAction Stop|Out-Null
691+
#wait for registry path to popluate (only on slower systems)
692+
#start-sleep 2
693+
#New-ItemProperty -Path ($RegHive +'\'+ $RegKeyPath) -Name $RegKeyName -PropertyType $Type -Value $Value -Force:$Force -WhatIf:$WhatIfPreference -ErrorAction Stop | Out-Null
687694
}
688695
Else{
689-
Write-LogEntry ("Key name not found. Creating key name [{1}] at path [{0}] with value [{2}]"-f ($RegHive+'\'+$RegKeyPath),$RegKeyName,$Value)-Source${CmdletName}
690-
Set-ItemProperty-Path ($RegHive+'\'+$RegKeyPath)-Name$RegKeyName-Value$Value-Force:$Force-WhatIf:$WhatIfPreference-ErrorActionSilentlyContinue-PassThru
696+
Write-LogEntry ("Setting key name [{1}] at path [{0}] with value [{2}]"-f ($RegHive+'\'+$RegKeyPath),$RegKeyName,$Value)-Source${CmdletName}
697+
Set-ItemProperty-Path ($RegHive+'\'+$RegKeyPath)-Name$RegKeyName-Value$Value-Force:$Force-WhatIf:$WhatIfPreference-ErrorActionStop|Out-Null
691698
}
692699
}
693700
Catch{
694-
Write-LogEntry ("Unable toset registry key [{0}\{1}\{2}] with value [{3}]"-f$RegHive,$RegKeyPath,$RegKeyName,$Value)-Severity2-Source${CmdletName}
701+
Write-LogEntry ("Unable toconfigure registry key [{0}\{1}\{2}]. {4}"-f$RegHive,$RegKeyPath,$RegKeyName,$Value,$_.Exception.Message)-Severity3-Source${CmdletName}
695702
}
696703

697704
}
@@ -2592,7 +2599,7 @@ If ($EnableWinRM)
25922599

25932600
}
25942601
Catch{
2595-
Write-LogEntry ("Unable to setup WinRM: {0}"-f$_.Exception.ErrorMessage)-Severity3
2602+
Write-LogEntry ("Unable to setup WinRM: {0}"-f$_.Exception.Message)-Severity3
25962603
}
25972604
}
25982605
Else{$stepCounter++}
@@ -2735,7 +2742,7 @@ If($EnableCredGuard)
27352742
Write-LogEntry"Successfully enabled Microsoft-Hyper-V-HyperVisor feature"
27362743
}
27372744
catch [System.Exception] {
2738-
Write-LogEntry ("An error occured when enabling Microsoft-Hyper-V-HyperVisor.Error: -f$_")-Severity3
2745+
Write-LogEntry ("An error occured when enabling Microsoft-Hyper-V-HyperVisor.{0}"-f$_)-Severity3
27392746
}
27402747

27412748
try {
@@ -2744,7 +2751,7 @@ If($EnableCredGuard)
27442751
Write-LogEntry"Successfully enabled IsolatedUserMode feature"
27452752
}
27462753
catch [System.Exception] {
2747-
Write-LogEntry ("An error occured when enabling IsolatedUserMode.Error: -f$_")-Severity3
2754+
Write-LogEntry ("An error occured when enabling IsolatedUserMode.{0}"-f$_)-Severity3
27482755
}
27492756
}
27502757

@@ -2759,7 +2766,7 @@ If($EnableCredGuard)
27592766
Set-SystemSetting-Path'HKLM:\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity'-Name'Enabled'-Type DWord-Value1-Force
27602767
Set-SystemSetting-Path'HKLM:\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity'-Name'Locked'-Type DWord-Value0-Force
27612768

2762-
Write-LogEntry"STIG Rule ID: SV-78089r7_rule ::Enabling Credential Guard on domain-joined systems"
2769+
Write-LogEntry"Enabling Credential Guard on domain-joined systems"
27632770
Set-SystemSetting-Path'HKLM:\SYSTEM\CurrentControlSet\Control\Lsa'-Name'LsaCfgFlags'-Type DWord-Value1-Force
27642771

27652772
$DeviceGuardProperty=Get-CimInstance –ClassName Win32_DeviceGuard –Namespace root\Microsoft\Windows\DeviceGuard

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp