Detect autopilot session

 

Ensuring that some apps only install during autopilot is not easily accomplished, you can use the below powershell script as a requirement rule in Intune for the application.This ensure it'll only proceed when the PC is going through autopilot.

 

$username = "defaultuser0"
$currentuser = (Get-Process -IncludeUserName -Name explorer | Select-Object -ExpandProperty UserName).Split('\')[1]

if ($currentuser -eq $username)
{
    Write-Output 1
    Exit 0
}
else {
    exit 1
}

Code42 proactive remediation - Check for last successful backup

There is no easy way to script a check on code42 being active and working on windows PCs. One way is to use the logs to read if Code42 is backing up recently.

 

#By tausif for FICO

###############
if ((Get-Service Code42Service).Status -eq "Running")
{
    #get code42 logged in user
    if (Test-Path "$env:ALLUSERSPROFILE\CrashPlan\.identity")
    {
        $c42currentuser  = (Get-Content $env:ALLUSERSPROFILE\CrashPlan\.identity) | Select-String -Pattern "username"
        #Get last backup date
        ##################################################################################
        $todaysdate = Get-Date -UFormat "%m/%d/%y"
        $dt = [DateTIme]$todaysdate
        $todayminus60 = $dt.AddDays(-60)
        $logdatepattern = "\d{2}/\d{2}/\d{2}"
        if (Test-Path "$env:ALLUSERSPROFILE\CrashPLan\Log\history.log.0") 
        {
            $lastlinedateonhistorylog = (Get-Content $env:ALLUSERSPROFILE\CrashPLan\Log\history.log.0)[-1] | Select-String -Pattern $logdatepattern | foreach {$_.Matches.Groups[0].Value}

            $patcompletedbackuptoprecloud = "Completed backup to PROe Cloud"
            $backupcompleteline = (Get-Content $env:ALLUSERSPROFILE\CrashPlan\Log\history.log.0 | Select-String -Pattern $patcompletedbackuptoprecloud )[-1]
            $backuppaths = (Get-Content $env:ALLUSERSPROFILE\CrashPLan\Log\app.log)|  Select-String -pattern  "backupPaths  "
            $lastbackupdate = [string]$backupcompleteline | Select-String -Pattern $logdatepattern | foreach {$_.Matches.Groups[0].Value}
            $ndt = [DateTIme]$lastbackupdate
            $dayssincelastbackup = (New-TimeSpan -Start $ndt -End $dt).TotalDays

            ######

            If ($dayssincelastbackup -ge "30")
            {
               
                Write-Output "More than $dayssincelastbackup since last backup, Last back up date: $lastbackupdate, C42 logged on $c42currentuser, $backuppaths"
    
                exit 1
            }
            else
            {
                Write-Output "Days since last backup $dayssincelastbackup, Last back up date: $lastbackupdate, C42 logged on $c42currentuser, $backuppaths"
                exit 0
            }
        }
        else
        {
            Write-Output "No history of successful backup"
            exit 1
        }


    }
    else
    {
        Write-Output "No User logged in"
        exit 1
    }
}
else
{
    Write-Output "Code42 Service not running"
    exit 1
}

Remove Box tools-per user install

	$exitCode = 0
	if (![System.Environment]::Is64BitProcess)
	{
	# start new PowerShell as x64 bit process, wait for it and gather exit code and standard error output
	$sysNativePowerShell = "$($PSHOME.ToLower().Replace("syswow64", "sysnative"))\powershell.exe"
	$pinfo = New-Object System.Diagnostics.ProcessStartInfo
	$pinfo.FileName = $sysNativePowerShell
	$pinfo.Arguments = "-ex bypass -file `"$PSCommandPath`""
	$pinfo.RedirectStandardError = $true
	$pinfo.RedirectStandardOutput = $true
	$pinfo.CreateNoWindow = $true
	$pinfo.UseShellExecute = $false
	$p = New-Object System.Diagnostics.Process
	$p.StartInfo = $pinfo
	$p.Start() | Out-Null
	$exitCode = $p.ExitCode
	$stderr = $p.StandardError.ReadToEnd()
	if ($stderr) { Write-Error -Message $stderr }
	}
	else
	{
	# start logging to TEMP in file "scriptname".log
	Start-Transcript -Path "$env:TEMP\$($(Split-Path $PSCommandPath -Leaf).ToLower().Replace(".ps1", ".log"))" | Out-Null
	function Execute-AsLoggedOnUser($Command,$Hidden=$true) {
	$csharpCode = @"
	using System;
	using System.Runtime.InteropServices;
	namespace murrayju.ProcessExtensions
	{
	public static class ProcessExtensions
	{
	#region Win32 Constants
	private const int CREATE_UNICODE_ENVIRONMENT = 0x00000400;
	private const int CREATE_NO_WINDOW = 0x08000000;
	private const int CREATE_NEW_CONSOLE = 0x00000010;
	private const uint INVALID_SESSION_ID = 0xFFFFFFFF;
	private static readonly IntPtr WTS_CURRENT_SERVER_HANDLE = IntPtr.Zero;
	#endregion
	#region DllImports
	[DllImport("advapi32.dll", EntryPoint = "CreateProcessAsUser", SetLastError = true, CharSet = CharSet.Ansi, CallingConvention = CallingConvention.StdCall)]
	private static extern bool CreateProcessAsUser(
	IntPtr hToken,
	String lpApplicationName,
	String lpCommandLine,
	IntPtr lpProcessAttributes,
	IntPtr lpThreadAttributes,
	bool bInheritHandle,
	uint dwCreationFlags,
	IntPtr lpEnvironment,
	String lpCurrentDirectory,
	ref STARTUPINFO lpStartupInfo,
	out PROCESS_INFORMATION lpProcessInformation);
	[DllImport("advapi32.dll", EntryPoint = "DuplicateTokenEx")]
	private static extern bool DuplicateTokenEx(
	IntPtr ExistingTokenHandle,
	uint dwDesiredAccess,
	IntPtr lpThreadAttributes,
	int TokenType,
	int ImpersonationLevel,
	ref IntPtr DuplicateTokenHandle);
	[DllImport("userenv.dll", SetLastError = true)]
	private static extern bool CreateEnvironmentBlock(ref IntPtr lpEnvironment, IntPtr hToken, bool bInherit);
	[DllImport("userenv.dll", SetLastError = true)]
	[return: MarshalAs(UnmanagedType.Bool)]
	private static extern bool DestroyEnvironmentBlock(IntPtr lpEnvironment);
	[DllImport("kernel32.dll", SetLastError = true)]
	private static extern bool CloseHandle(IntPtr hSnapshot);
	[DllImport("kernel32.dll")]
	private static extern uint WTSGetActiveConsoleSessionId();
	[DllImport("Wtsapi32.dll")]
	private static extern uint WTSQueryUserToken(uint SessionId, ref IntPtr phToken);
	[DllImport("wtsapi32.dll", SetLastError = true)]
	private static extern int WTSEnumerateSessions(
	IntPtr hServer,
	int Reserved,
	int Version,
	ref IntPtr ppSessionInfo,
	ref int pCount);
	#endregion
	#region Win32 Structs
	private enum SW
	{
	SW_HIDE = 0,
	SW_SHOWNORMAL = 1,
	SW_NORMAL = 1,
	SW_SHOWMINIMIZED = 2,
	SW_SHOWMAXIMIZED = 3,
	SW_MAXIMIZE = 3,
	SW_SHOWNOACTIVATE = 4,
	SW_SHOW = 5,
	SW_MINIMIZE = 6,
	SW_SHOWMINNOACTIVE = 7,
	SW_SHOWNA = 8,
	SW_RESTORE = 9,
	SW_SHOWDEFAULT = 10,
	SW_MAX = 10
	}
	private enum WTS_CONNECTSTATE_CLASS
	{
	WTSActive,
	WTSConnected,
	WTSConnectQuery,
	WTSShadow,
	WTSDisconnected,
	WTSIdle,
	WTSListen,
	WTSReset,
	WTSDown,
	WTSInit
	}
	[StructLayout(LayoutKind.Sequential)]
	private struct PROCESS_INFORMATION
	{
	public IntPtr hProcess;
	public IntPtr hThread;
	public uint dwProcessId;
	public uint dwThreadId;
	}
	private enum SECURITY_IMPERSONATION_LEVEL
	{
	SecurityAnonymous = 0,
	SecurityIdentification = 1,
	SecurityImpersonation = 2,
	SecurityDelegation = 3,
	}
	[StructLayout(LayoutKind.Sequential)]
	private struct STARTUPINFO
	{
	public int cb;
	public String lpReserved;
	public String lpDesktop;
	public String lpTitle;
	public uint dwX;
	public uint dwY;
	public uint dwXSize;
	public uint dwYSize;
	public uint dwXCountChars;
	public uint dwYCountChars;
	public uint dwFillAttribute;
	public uint dwFlags;
	public short wShowWindow;
	public short cbReserved2;
	public IntPtr lpReserved2;
	public IntPtr hStdInput;
	public IntPtr hStdOutput;
	public IntPtr hStdError;
	}
	private enum TOKEN_TYPE
	{
	TokenPrimary = 1,
	TokenImpersonation = 2
	}
	[StructLayout(LayoutKind.Sequential)]
	private struct WTS_SESSION_INFO
	{
	public readonly UInt32 SessionID;
	[MarshalAs(UnmanagedType.LPStr)]
	public readonly String pWinStationName;
	public readonly WTS_CONNECTSTATE_CLASS State;
	}
	#endregion
	// Gets the user token from the currently active session
	private static bool GetSessionUserToken(ref IntPtr phUserToken)
	{
	var bResult = false;
	var hImpersonationToken = IntPtr.Zero;
	var activeSessionId = INVALID_SESSION_ID;
	var pSessionInfo = IntPtr.Zero;
	var sessionCount = 0;
	// Get a handle to the user access token for the current active session.
	if (WTSEnumerateSessions(WTS_CURRENT_SERVER_HANDLE, 0, 1, ref pSessionInfo, ref sessionCount) != 0)
	{
	var arrayElementSize = Marshal.SizeOf(typeof(WTS_SESSION_INFO));
	var current = pSessionInfo;
	for (var i = 0; i < sessionCount; i++)
	{
	var si = (WTS_SESSION_INFO)Marshal.PtrToStructure((IntPtr)current, typeof(WTS_SESSION_INFO));
	current += arrayElementSize;
	if (si.State == WTS_CONNECTSTATE_CLASS.WTSActive)
	{
	activeSessionId = si.SessionID;
	}
	}
	}
	// If enumerating did not work, fall back to the old method
	if (activeSessionId == INVALID_SESSION_ID)
	{
	activeSessionId = WTSGetActiveConsoleSessionId();
	}
	if (WTSQueryUserToken(activeSessionId, ref hImpersonationToken) != 0)
	{
	// Convert the impersonation token to a primary token
	bResult = DuplicateTokenEx(hImpersonationToken, 0, IntPtr.Zero,
	(int)SECURITY_IMPERSONATION_LEVEL.SecurityImpersonation, (int)TOKEN_TYPE.TokenPrimary,
	ref phUserToken);
	CloseHandle(hImpersonationToken);
	}
	return bResult;
	}
	public static bool StartProcessAsCurrentUser(string cmdLine, bool visible, string appPath = null, string workDir = null)
	{
	var hUserToken = IntPtr.Zero;
	var startInfo = new STARTUPINFO();
	var procInfo = new PROCESS_INFORMATION();
	var pEnv = IntPtr.Zero;
	int iResultOfCreateProcessAsUser;
	startInfo.cb = Marshal.SizeOf(typeof(STARTUPINFO));
	try
	{
	if (!GetSessionUserToken(ref hUserToken))
	{
	throw new Exception("StartProcessAsCurrentUser: GetSessionUserToken failed.");
	}
	uint dwCreationFlags = CREATE_UNICODE_ENVIRONMENT | (uint)(visible ? CREATE_NEW_CONSOLE : CREATE_NO_WINDOW);
	startInfo.wShowWindow = (short)(visible ? SW.SW_SHOW : SW.SW_HIDE);
	startInfo.lpDesktop = "winsta0\\default";
	if (!CreateEnvironmentBlock(ref pEnv, hUserToken, false))
	{
	throw new Exception("StartProcessAsCurrentUser: CreateEnvironmentBlock failed.");
	}
	if (!CreateProcessAsUser(hUserToken,
	appPath, // Application Name
	cmdLine, // Command Line
	IntPtr.Zero,
	IntPtr.Zero,
	false,
	dwCreationFlags,
	pEnv,
	workDir, // Working directory
	ref startInfo,
	out procInfo))
	{
	throw new Exception("StartProcessAsCurrentUser: CreateProcessAsUser failed.\n");
	}
	iResultOfCreateProcessAsUser = Marshal.GetLastWin32Error();
	}
	finally
	{
	CloseHandle(hUserToken);
	if (pEnv != IntPtr.Zero)
	{
	DestroyEnvironmentBlock(pEnv);
	}
	CloseHandle(procInfo.hThread);
	CloseHandle(procInfo.hProcess);
	}
	return true;
	}
	}
	}
	"@
	# Compiling the source code as csharp
	$compilerParams = [System.CodeDom.Compiler.CompilerParameters]::new()
	$compilerParams.ReferencedAssemblies.AddRange(('System.Runtime.InteropServices.dll', 'System.dll'))
	$compilerParams.CompilerOptions = '/unsafe'
	$compilerParams.GenerateInMemory = $True
	Add-Type -TypeDefinition $csharpCode -Language CSharp -CompilerParameters $compilerParams
	# Adding powershell executeable to the command
	$Command = '{0}\System32\WindowsPowerShell\v1.0\powershell.exe -executionPolicy bypass {1}' -f $($env:windir),$Command
	# Adding double slashes to the command paths, as this is required.
	$Command = $Command.Replace("\","\\")
	# Execute a process as the currently logged on user.
	# Absolute paths required if running as SYSTEM!
	if($Hidden) { #running the command hidden
	$runCommand = [murrayju.ProcessExtensions.ProcessExtensions]::StartProcessAsCurrentUser($Command,$false)
	}else{ #running the command visible
	$runCommand = [murrayju.ProcessExtensions.ProcessExtensions]::StartProcessAsCurrentUser($Command,$true)
	}
	if ($runCommand) {
	return "Executed `"$Command`" as loggedon user"
	} else {
	throw "Something went wrong when executing process as currently logged-on user"
	}
	}
	Function Get-InstalledSoftware {
	Param(
	[Alias('Computer','ComputerName','HostName')]
	[Parameter(ValueFromPipeline=$True,ValueFromPipelineByPropertyName=$true,Mandatory=$false,Position=1)]
	[string[]]$Name = $env:COMPUTERNAME
	)
	Begin{
	$lmKeys = "Software\Microsoft\Windows\CurrentVersion\Uninstall","SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall"
	$lmReg = [Microsoft.Win32.RegistryHive]::LocalMachine
	$cuKeys = "Software\Microsoft\Windows\CurrentVersion\Uninstall"
	$cuReg = [Microsoft.Win32.RegistryHive]::CurrentUser
	}
	Process{
	if (!(Test-Connection -ComputerName $Name -count 1 -quiet)) {
	Write-Error -Message "Unable to contact $Name. Please verify its network connectivity and try again." -Category ObjectNotFound -TargetObject $Computer
	Break
	}
	$masterKeys = @()
	$remoteCURegKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($cuReg,$Name)
	$remoteLMRegKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($lmReg,$Name)
	foreach ($key in $lmKeys) {
	$regKey = $remoteLMRegKey.OpenSubkey($key)
	foreach ($subName in $regKey.GetSubkeyNames()) {
	foreach($sub in $regKey.OpenSubkey($subName)) {
	$masterKeys += (New-Object PSObject -Property @{
	"ComputerName" = $Name
	"Name" = $sub.GetValue("displayname")
	"SystemComponent" = $sub.GetValue("systemcomponent")
	"ParentKeyName" = $sub.GetValue("parentkeyname")
	"Version" = $sub.GetValue("DisplayVersion")
	"UninstallCommand" = $sub.GetValue("UninstallString")
	"InstallDate" = $sub.GetValue("InstallDate")
	"RegPath" = $sub.ToString()
	})
	}
	}
	}
	foreach ($key in $cuKeys) {
	$regKey = $remoteCURegKey.OpenSubkey($key)
	if ($regKey -ne $null) {
	foreach ($subName in $regKey.getsubkeynames()) {
	foreach ($sub in $regKey.opensubkey($subName)) {
	$masterKeys += (New-Object PSObject -Property @{
	"ComputerName" = $Computer
	"Name" = $sub.GetValue("displayname")
	"SystemComponent" = $sub.GetValue("systemcomponent")
	"ParentKeyName" = $sub.GetValue("parentkeyname")
	"Version" = $sub.GetValue("DisplayVersion")
	"UninstallCommand" = $sub.GetValue("UninstallString")
	"InstallDate" = $sub.GetValue("InstallDate")
	"RegPath" = $sub.ToString()
	})
	}
	}
	}
	}
	$woFilter = {$null -ne $_.name -AND $_.SystemComponent -ne "1" -AND $null -eq $_.ParentKeyName}
	$props = 'Name','Version','ComputerName','Installdate','UninstallCommand','RegPath'
	$masterKeys = ($masterKeys | Where-Object $woFilter | Select-Object $props | Sort-Object Name)
	$masterKeys
	}
	End{}
	}
	$boxtoolsuninstallcommand = (Get-InstalledSoftware | where { $_.Name -match "Box Tools"}).UninstallCommand
	If ($boxtoolsuninstallcommand -ne $null)
	{
	$boxtoolsuninstallcommand = $boxtoolsuninstallcommand.Trim()
	$boxtoolsuninstallcommand = $boxtoolsuninstallcommand -Replace "msiexec.exe","" -Replace "/I","" -Replace "/X",""
	$boxtoolsuninstallcommand = $boxtoolsuninstallcommand.Trim()
	$boxtoolsuninstallcommand = "/X " + $boxtoolsuninstallcommand + " /quiet"
	Write-Host $boxtoolsuninstallcommand
	$uninstall = "-command & {Start-Process 'C:\Windows\system32\msiexec.exe' -ArgumentList '$boxtoolsuninstallcommand' -Wait}"
	Execute-AsLoggedOnUser -Command $uninstall
	Write-Host "Removed old box tools"
	}
	else {
	Write-Host "Box tools was not previously installed"
	}
	$boxmsi = "https://e3.boxcdn.net/box-installers/boxedit/win/currentrelease/BoxToolsInstaller-AdminInstall.msi"
	$outFile = "$env:TEMP\BoxToolsInstaller-AdminInstall.msi"
	$msilog = "$env:TEMP\BoxToolsInstaller-AdminInstall.log"
	(New-Object System.Net.WebClient).DownloadFile($boxmsi, $outFile)
	Start-Sleep -Seconds 20
	if (Test-Path $outFile)
	{
	Write-Host "Box tools installer Downloaded"
	$arguments = @(
	"/i"
	"`"$outFile`""
	"/qn"
	"/l*v"
	"`"$msilog`""
	)
	$boxinstall = Start-Process msiexec -ArgumentList $arguments -wait -PassThru
	Write-Host "Installed box tools with exitcode $($boxinstall.Exitcode)"
	Start-Sleep -Seconds 20
	Remove-Item $outFile
	Write-Host "Removed box installer."
	}
	else
	{
	Write-Host "box msi installer failed to download"
	}
	Stop-Transcript | Out-Null
	}
	exit $exitCode

view raw boxtools hosted with ❤ by GitHub

SCCM - Install dell drivers dynamically during OSD

The below script may be used in an SCCM task to download Dell drivers from :
"http://en.community.dell.com/techcenter/enterprise-client/w/wiki/2065.dell-command-deploy-driver-packs-for-enterprise-client-os-deployment" to a PC being imaged.

Create a Dell group in the task sequence
Run the Powershell Script to filter dell systems with the WMI query as shown below.

The next step should run the powershell script shown below

Add another step to install dell drivers as using dism

The powershell script is shown below:

#By Tausif for FICO
#download dell drivers directly and install during the SCCM task sequence.

#Logging function borrowed from Mikael Nystrom 
Function Import-SMSTSENV
{
 try
 {
  $tsenv = New-Object -COMObject Microsoft.SMS.TSEnvironment
  Write-Output "$ScriptName - tsenv is $tsenv "
  $MDTIntegration = "YES"
  
  #$tsenv.GetVariables() | % { Write-Output "$ScriptName - $_ = $($tsenv.Value($_))" }
 }
 catch
 {
  Write-Output "$ScriptName - Unable to load Microsoft.SMS.TSEnvironment"
  Write-Output "$ScriptName - Running in standalonemode"
  $MDTIntegration = "NO"
 }
 Finally
 {
  if ($MDTIntegration -eq "YES")
  {
   $Logpath = $tsenv.Value("LogPath")
   $LogFile = $Logpath + "\" + "$ScriptName.log"
   
  }
  Else
  {
   $Logpath = $env:TEMP
   $LogFile = $Logpath + "\" + "$ScriptName.txt"
  }
 }
}
Function Start-Logging
{
 start-transcript -path $LogFile -Force
}
Function Stop-Logging
{
 Stop-Transcript
}

# Set Vars
$SCRIPTDIR = split-path -parent $MyInvocation.MyCommand.Path
$SCRIPTNAME = split-path -leaf $MyInvocation.MyCommand.Path
$SOURCEROOT = "$SCRIPTDIR\Source"
$LANG = (Get-Culture).Name
$OSV = $Null
$ARCHITECTURE = $env:PROCESSOR_ARCHITECTURE

#Try to Import SMSTSEnv
. Import-SMSTSENV

#Start Transcript Logging
. Start-Logging


#Output base info
Write-Output ""
Write-Output "$ScriptName - ScriptDir: $ScriptDir"
Write-Output "$ScriptName - SourceRoot: $SOURCEROOT"
Write-Output "$ScriptName - ScriptName: $ScriptName"
Write-Output "$ScriptName - Log: $LogFile"



Function Set-RegistryKey
{
 [CmdletBinding()]
 Param(
 [Parameter(Mandatory=$True,HelpMessage="Please Enter Registry Item Path",Position=1)]
 $Path,
 [Parameter(Mandatory=$True,HelpMessage="Please Enter Registry Item Name",Position=2)]
 $Name,
 [Parameter(Mandatory=$True,HelpMessage="Please Enter Registry Property Item Value",Position=3)]
 $Value,
 [Parameter(Mandatory=$False,HelpMessage="Please Enter Registry Property Type",Position=4)]
 $PropertyType = "DWORD"
 )
 
 # If path does not exist, create it
 If( (Test-Path $Path) -eq $False ) {
 
 $newItem = New-Item -Path $Path -Force
 
 } 
 
 # Update registry value, create it if does not exist (DWORD is default)
 $itemProperty = Get-ItemProperty -Path $Path -Name $Name -ErrorAction SilentlyContinue
 If($itemProperty -ne $null) {
 $itemProperty = Set-ItemProperty -Path $Path -Name $Name -Value $Value
 } Else {
 
 $itemProperty = New-ItemProperty -Path $Path -Name $Name -Value $Value -PropertyType $PropertyType
 }
 
}





 Function Get-OSVersion() {
# Version numbers as per http://www.gaijin.at/en/lstwinver.php
$osVersion = "Version not listed"
$os = (Get-WmiObject -class Win32_OperatingSystem)
Switch (($os.Version).Substring(0,3)) {
    "5.1" { $osVersion = "XP" }
    "5.2" { $osVersion = "2003" }
    "6.0" { If ($os.ProductType -eq 1) { $osVersion = "Vista" } Else { $osVersion = "2008" } }
    "6.1" { If ($os.ProductType -eq 1) { $osVersion = "Windows 7" } Else { $osVersion = "2008R2" } }
    "6.2" { If ($os.ProductType -eq 1) { $osVersion = "Windows 8" } Else { $osVersion = "2012" } }
    # 8.1/2012R2 version detection can be broken, and show up as "6.2", as per http://www.sapien.com/blog/2014/04/02/microsoft-windows-8-1-breaks-version-api/
    "6.3" { If ($os.ProductType -eq 1) { $osVersion = "Windows 8.1" } Else { $osVersion = "2012R2" } }
    "10." { If ($os.ProductType -eq 1) { $osVersion = "Windows 10" } Else { $osVersion = "2016" } }
}
return $osVersion
}

$osversion = Get-OSVersion
Write-Output "$osversion - Log: $LogFile"
$Model = (Get-WmiObject Win32_ComputerSystem).Model
Write-Output "$Model - Log: $LogFile"

### Disable IE First Run Wizard and RSS Feeds this is needed to Invoke-Webrequest will work without running IE for the first time.
Set-RegistryKey -Path "HKLM:\SOFTWARE\Policies\Microsoft\Internet Explorer\Main" -Name "DisableFirstRunCustomize" -Value 1


# Remove the "E" prefix character from Latitude models due to some dodgy Dell URLs...
If ($Model.ToCharArray()[0] -eq "E" -and $Model -notmatch "Embedded")
{
 $Model = $Model.Replace("E", "")
 Write-Output "Model name set to $Model - Log: $LogFile"
}

# Find the specific wiki page for the model from the main wiki page
$URI = "http://en.community.dell.com/techcenter/enterprise-client/w/wiki/2065.dell-command-deploy-driver-packs-for-enterprise-client-os-deployment"
Write-Output "URI set to $URI - Log: $LogFile"
$html = Invoke-WebRequest $URI -ErrorAction Stop -TimeoutSec 1800
Write-Output "$URL queried successfully - Log: $LogFile"
$Href = $HTML.AllElements | Where {$_.innerText -match ("$Model" + " W") -and $_.innerText -match "Windows 10" -and $_.innerText -match "Driver" -and $_.tagName -eq "A"} | Select -ExpandProperty href
If (!$Href)
{
 Write-Output "No Wiki page found for $Model and $OperatingSystem.- Log: $LogFile"
    Return
}
Write-Output "Wiki page found for $Model and $OperatingSystem. - $Href - Log: $LogFile"
# Find the download URL from the model
$URI = "http://en.community.dell.com/$Href"

Write-Output "URI updated to $URI - Log: $LogFile"
Try
{
    $HTML = Invoke-WebRequest -Uri $URI -ErrorAction Stop
    $CabDownloadLink = $HTML.AllElements | Where {$_.innerHTML -match "Download Now" -and $_.tagName -eq "A"} | Select -ExpandProperty href
 #Return $CabDownloadLink
 Write-Output "Cab download link set to $CabDownloadLink - Log: $LogFile"
}
Catch
{
 $_
 Write-Output "Cab download not found- Log: $LogFile"
    Return
}

$CABfilename = $CabDownloadLink.Substring($CabDownloadLink.LastIndexOf("/") + 1)
Write-Output "Cab file name is $CABfilename - Log: $LogFile"
$drivedownloaddirectory = "C:\Temp"

if(!(Test-Path -Path $drivedownloaddirectory )){
 New-Item -ItemType directory -Path $drivedownloaddirectory
 Write-Output "$drivedownloaddirectory created - Log: $LogFile"
}

$CABDestinationpath = "$drivedownloaddirectory\$CABfilename"
Write-Output "The CAB will be downloaded to $CABDestinationpath - Log: $LogFile"
Try
{
    # Begin the download
    $WebClient = New-Object System.Net.WebClient
    $WebClient.DownloadFile($CabDownloadLink, $CABDestinationpath)
}
Catch
{
 $Stopwatch.Stop()
 Write-Output "Failed to download file - Log: $LogFile"
    $_
    Return

}




$DriverSourceCab = (Get-ChildItem $drivedownloaddirectory).FullName
$DriverExtractDest = "$drivedownloaddirectory\Extracted"


if(!(Test-Path -Path $DriverExtractDest )){
 New-Item -ItemType directory -Path $DriverExtractDest
 Write-Output "Created the $DriverExtractDest directory - Log: $LogFile"
}

Expand "$DriverSourceCab" -F:* "$DriverExtractDest"
<#
#Copy-Item "C:\Windows\System32\pnputil.exe" "X:\Windows\System32"
$driverinfs = get-childitem -path $DriverExtractDest -recurse -filter *.inf
foreach ($inf in $driverinfs)
 
{
    Write-Host "Injecting driver $inf"
    #pnputil -i -a $inf.FullName
}

#this part does not work because for some reason it throws a memory error, will replace this with:

DISM.exe /Image:%OSDTargetSystemDrive%\ /Add-Driver /Driver:c:\Temp\Extracted /Recurse /logpath:%_SMSTSLogPath%\dism.log
#>
. Stop-Logging

This script logs to SMSTS.log directly and the dism step can log to wherever you'd like it to.

Add another step to delete the Extracted drivers and downloaded drivers as needed.

Powershell - Download and install Java using powershell

I got tired of updating the JRE package for our windows task sequences and used powershell to scrape for web-links from https://www.java.com/en/download/manual.jsp and install it silently.

	<#
	.NOTES
	===========================================================================
	Created with: SAPIEN Technologies, Inc., PowerShell Studio 2017 v5.4.138
	Created on: 5/2/2017 12:31 PM
	Created by: tausifkhan
	Organization: FICO
	Filename:
	===========================================================================
	.DESCRIPTION
	download and install java from the java download link.
	#>
	$PSScriptRoot = ($MyInvocation.MyCommand.Path | Split-Path | Resolve-Path).ProviderPath
	#check https://www.java.com/en/download/manual.jsp for windows JRE download links and install
	$javax64install = ((Invoke-WebRequest –Uri 'https://www.java.com/en/download/manual.jsp').Links | Where-Object { $_.innerHTML -eq "Windows Offline (64-bit)" }).href
	$javax86install = ((Invoke-WebRequest –Uri 'https://www.java.com/en/download/manual.jsp').Links | Where-Object { $_.innerHTML -eq "Windows Offline" }).href
	#logging variables.
	$logdir = "$($env:ALLUSERSPROFILE)\InstallLogs"
	$Logfile = "$($logdir)\install_java_$(get-date -format `"yyyyMMdd_hhmmsstt`").log"
	Function LogWrite($string, $color)
	{
	if ($Color -eq $null) { $color = "white" }
	write-host $string -foregroundcolor $color
	$string | out-file -Filepath $logfile -append
	}
	if (!(Test-Path -Path $logdir))
	{
	New-Item -ItemType directory -Path $logdir
	}
	$javax64 = "$PSScriptRoot\javaX64.exe"
	$javax86 = "$PSScriptRoot\javax86.exe"
	if (Get-Command 'Invoke-Webrequest')
	{
	Invoke-WebRequest $javax64install -OutFile $javax64 -PassThru
	Invoke-WebRequest $javax86install -OutFile $javax86 -PassThru
	}
	else
	{
	$WebClient = New-Object System.Net.WebClient
	$WebClient.DownloadFile($javax64install, $javax64)
	$WebClient.DownloadFile($javax86install, $javax86)
	}
	If (Test-Path $javax64) {
	$javax64install = Start-Process -FilePath $javax64 -ArgumentList "/s INSTALL_SILENT=1 STATIC=0 AUTO_UPDATE=0 WEB_JAVA=1 WEB_JAVA_SECURITY_LEVEL=H WEB_ANALYTICS=0 EULA=0 REBOOT=0 NOSTARTMENU=0 SPONSORS=0 /L $Logfile" -Wait -Verbose -PassThru
	Start-Sleep -s 35
	if ($javax64install.ExitCode -eq 0) {
	LogWrite "Successfully Installed Java RE X64, removing installer" -color yellow
	remove-item $javax64 -Force
	}
	else {
	Logwrite "Java 64 bit installer exited with exit code $($javax64install.ExitCode)" -color red
	}
	}
	else {
	LogWrite "Cannot find $javax64" -color red
	}
	If (Test-Path $javax86) {
	$javax86install = Start-Process -FilePath $javax86 -ArgumentList "/s INSTALL_SILENT=1 STATIC=0 AUTO_UPDATE=0 WEB_JAVA=1 WEB_JAVA_SECURITY_LEVEL=H WEB_ANALYTICS=0 EULA=0 REBOOT=0 NOSTARTMENU=0 SPONSORS=0 /L $Logfile" -Wait -Verbose -PassThru
	Start-Sleep -s 35
	if ($javax86install.ExitCode -eq 0) {
	LogWrite "Successfully Installed Java RE X86, removing installer" -color yellow
	remove-item $javax86 -Force
	}
	else {
	Logwrite "Java 32 bit installer exited with exit code $($javax86install.ExitCode)" -color red
	}
	}
	else {
	LogWrite "Cannot find $javax86" -color red
	}

view raw jre-install.ps1 hosted with ❤ by GitHub

Delete DEPROVISIONED okta users using API

Okta tombstones its users and does not delete them automatically when they are deactivated in AD. I use the below script to run on schedule with an okta API token to delete users:
You'll need the okta powershell module install and be a super user on okta :
https://github.com/okta/oktasdk-csharp/tree/master/Okta.Core.Automation/

#Import module okta
Import-Module Okta.Core.Automation
 
#COnnect to okta  using token and domain
Connect-Okta -Token alphanumerictoken -FullDomain "https://domain.okta.com"
 
 
###################Logging function
$Logfile = "$env:ProgramData\InstallLogs\DeleteOktaUsers_$(get-date -format `"yyyyMMdd_hhmmsstt`").log"
Function LogWrite($string, $color)
{
   if ($Color -eq $null) {$color = "white"}
   write-host $string -foregroundcolor $color
   $string | out-file -Filepath $Logfile -append
}
 
if ((Test-Path -path C:\ProgramData\InstallLogs\) -ne $True)
{
New-Item C:\ProgramData\InstallLogs\ -type directory
}
 
########################################
 
 
#get a list of all DEPROVISIONED users
$AllUsers = Get-OktaUser -Filter 'status eq "DEPROVISIONED"'


#list neatly in a csv file located in C:\programdata\InstallLogs
$AllUsers | Select @{L="FirstName";E={$_.profile.firstName}},`
@{L="LastName";E={$_.profile.lastName}},`
@{L="UserName";E={$_.profile.login}},`
@{L="ID";E={$_.id}},@{L="UserStatus";E={$_.Status}} | FT | Out-File "$env:ProgramData\InstallLogs\deprovisionedusers_$(get-date -format `"yyyyMMdd_hhmmsstt`").csv"
 
 
#loop through the list of deprovisioned users and delete log deletions to the logfile
foreach($user in $AllUsers){
   
    Delete-OktaUser $user.Profile.Login
    If($? -eq "True") {
     LogWrite "Successfully deleted user $user" green
     }
}

Office for mac autodicover error with okta -

You see the following error when signing into Office for mac 2016 with okta SSO enabled for office 365:



Update Outlook for mac 2016 to version 15.30 and above
Run the following command on your terminal and hit enter:

defaults write com.microsoft.Outlook DisableModernAuth -bool YES

Then check if the following location is updated ~/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/Main Profile/Caches/

You might need to remove and re-add your exchange account on outlook.