From e015bc5d17a49eccaa77b05957992c947e187a64 Mon Sep 17 00:00:00 2001
From: Bram Prieshof <bprieshof@noreply@ictmaatwerk.com>
Date: Thu, 24 Mar 2022 14:24:39 +0000
Subject: [PATCH] Added staged version of DeployTools

This will do windows activation check and setting sytemname on fist boot,
and sets up smb shares and runs updates on the next boot

Designed for when mass deploying an image for other locations
---
 DeployTools/Staged/Enable_Staged-Deploy.cmd   |  21 +++++++
 .../Staged/INK_KickStart_Stage1-Deploy.lnk    | Bin 0 -> 1846 bytes
 .../Staged/INK_KickStart_Stage2-Deploy.lnk    | Bin 0 -> 1846 bytes
 .../Staged/KickStart_Stage1-Deploy.cmd        |  13 +++++
 .../Staged/KickStart_Stage2-Deploy.cmd        |  18 ++++++
 DeployTools/Staged/Stage1-Deploy.ps1          |  43 ++++++++++++++
 DeployTools/Staged/Stage2-Deploy.ps1          |  54 ++++++++++++++++++
 7 files changed, 149 insertions(+)
 create mode 100644 DeployTools/Staged/Enable_Staged-Deploy.cmd
 create mode 100644 DeployTools/Staged/INK_KickStart_Stage1-Deploy.lnk
 create mode 100644 DeployTools/Staged/INK_KickStart_Stage2-Deploy.lnk
 create mode 100644 DeployTools/Staged/KickStart_Stage1-Deploy.cmd
 create mode 100644 DeployTools/Staged/KickStart_Stage2-Deploy.cmd
 create mode 100644 DeployTools/Staged/Stage1-Deploy.ps1
 create mode 100644 DeployTools/Staged/Stage2-Deploy.ps1

diff --git a/DeployTools/Staged/Enable_Staged-Deploy.cmd b/DeployTools/Staged/Enable_Staged-Deploy.cmd
new file mode 100644
index 0000000..b42e921
--- /dev/null
+++ b/DeployTools/Staged/Enable_Staged-Deploy.cmd
@@ -0,0 +1,21 @@
+@echo off
+
+REM ###############################################################
+REM # @description:                                               #
+REM #   Used for enableing "Deploy-FirstBoot.ps1"  on next boot   #
+REM #                                                             #
+REM # @project: IMGSystTools                                      #
+REM # @author: Bram Prieshof                                      #
+REM ###############################################################
+
+
+NET SESSION >nul 2>&1
+IF %ERRORLEVEL% EQU 0 (
+    COPY "C:\SysTools\DeployTools\Staged\INK_KickStart_Stage1-Deploy.lnk" "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\StagedDeploy.lnk"
+    ECHO Enabled FirstBoot Deploy script
+    PAUSE
+) ELSE (
+    ECHO Please run this script as administrator
+    PAUSE
+)
+
diff --git a/DeployTools/Staged/INK_KickStart_Stage1-Deploy.lnk b/DeployTools/Staged/INK_KickStart_Stage1-Deploy.lnk
new file mode 100644
index 0000000000000000000000000000000000000000..41bb0754119b159ff7c0b2633c9a5ab1ed0fa552
GIT binary patch
literal 1846
zcmbVMZETZO6n@IricHpJV=xd`F^~<@(h?%E1R=EB3WKcJHw;PRR!hgax8*Hs8Ql*@
zh?r;si6%M?xCw@@DE=@}W@02@0>75HKpY6jha^)`0-ITY#AH6_cKv{i5V_5H@43%C
z_c`a@b57R+FqKZ=7dWN9sM!xQtki$nnK=0Nii@UQZ?r6Yhx3WDV}-jpf0s5#LE1k1
zJ#8vQh3|TOzx9?YV)^`{880~;-Q`&1b_KFVIb{=^YLU|J=@$4q5}IK|6Tm7=#U$K0
znbL0PvS+8&Z<UkyotQhUwBEa2@S_6>XfXJTQUhk8Da&k&THvYnt*w8(lg_+Z=0P&s
zqQZP*T;>y(=bJnTBTi0(9v<e`viy3Cktc&&!kd9tv+N6^DNT<F`(DNVtco`GIj&!4
z+(`tng+6!`W!R0ykcUla$*2`|tKD^et<!0Duk!#cS>{qQ-%@c`SILV^&XFo@O+hc}
z5J3p~n1?p{Y0UHHgbn#Ov(q-FVt9@WIz?vF*u03dj8;ksMKbV(r?J(-x!w;ZHj}r2
zCmfF&9V&-`^pgbYA|ah>Te49BPFvc>9*XhKb74o|DTAE}H(WgZXz~LOT`iZiK8DM;
zJy3uVq)_!@3eOYC4KplwnalTiZ#NUZm4zhb6jTMJG5s|Pm8Wc^-I8uOTXgUKPT<eM
zPSp<|)ZQGCb-8SD$P;E{F?C5-b}YSwl7rLX>iQLDiYoB#%ujIoQ=qS}5AE&kSe6<^
z+1Ww_2L|xFcLTmb4;~C1#_;ektjxhw-sKOHIsHC=!IXx=u8CLO-NBnLT)5_2P)vM^
zIFhJFDFUbpoJK{404ihwMrk5|nW9oGvjD2J@-5VHDS}ZBv0xPGBN;$lG2ct!qZZEy
zkZ&O`q<~Bus>d^KWpjig_jC-+@4Zty+j4klLerj}zmBgat{hfSk(zB_-EU<j8`#0L
z**M3!YGV>Z?4TsIu<AGYmk4nc;eL|m)>BkmLL@R?1Le1jjnxn#L4wCu(T%}5*G9k$
za;Te&a)cs7^y#9kr2M>o-@h9=E|>%?q9_n=PX19qSqCX{>D!JUF1hhu?a}-FC5IBt
z^QwunchYgr=A0i_uHLPvd`yQ_$zcvDU~zDyHB`C$qjSaI4&YS%FSGi05m&t-53!W;
z{~B%lhRzT2NsmXDc!eUteO(swe6=_3J?dR)KeRlxXD;y;G4N6<zTeg(I^a+>lh%PI
zDg+K}90N9o6ME8!+Y;NFx3@GK7_2FEm!JQ5P0we;O;^m;e<~X`y4t_|yZFPaCtvf;
Ld28O2_J#I8Go)z#

literal 0
HcmV?d00001

diff --git a/DeployTools/Staged/INK_KickStart_Stage2-Deploy.lnk b/DeployTools/Staged/INK_KickStart_Stage2-Deploy.lnk
new file mode 100644
index 0000000000000000000000000000000000000000..e9f32578bdacf6004c4edaeaac044bd31eb23092
GIT binary patch
literal 1846
zcmbVMZETZO6n@IbR<y7#n}eaa3W03VmeLrBRh00StvJkzeZ#;s*=p%n*Os@eb+(C4
zNiflb8A)^)VFL{xiRcd!gdau%Ch}_`3+g~r6iKE61~;>SiOGD<?e?}KGemE5-h1wI
z&wb9h_ng!904$X=_yta@FY5Qg3J3My_V-lneEOp0k&?MjzRtOGu=0egcg)NimgXn(
zd&W|Un!ry@gN|$7nEk_xRy^!>_f=!L<_(!f1?73HP>Za7D{e<Hm(~p<kp|Xa4rbxz
zsjPk_E_*Io{aibX-wD4a#mPT<5kwAY=rH(8Py-gA)ns-i?C`A(tZ&-fO=o_Sd6>-3
zgfL&3mifeYOD#S`ks_x-4^#PdlRuYa<eBi+=oa89lYLnttLKu!-lN#(ni1!f>tCN^
z+!=(il|FbBRoDp+<YBYAE$KkxI;}CNcY9pgvp%5RWPX{<HpTo}-E=SVmbM#>h#`Xb
zgojT0X({sNffL0ybI~@bVt9aY#3?dcCg$awWpq#~D3XDXd@UVz&P_ouv6FcV`J$<W
zkyAMg<)0+f7>mTIc4k@>;Bn?{T#+R2ya+CY{%5fBp~1`3cP2kH<!Xhb4KQ5R_<>T4
zA&a^tSv*LjFs!iSF)rWcy)`C$8w*LwDXa=gXZq_EDo@!$yGQ%vY}u{bud+*qyH)$_
zZn!!o>uTBJkSClJ4|PeGIaXdm#Rv1??fn5?met^m`S0P(K44&A09{>Ocp^KFs<SqP
zhlcQre<O~gAAgM;!szHI9L&KS-sM-4tq2B!r6tX_-kF!RzVOwDF8ml+R!+P`97$B;
z6aiEP-b+P>04ihw#%Usem7-ECvjDS2DYj6@r3l73#DY=ek4ysUip5@RcUs&dK(U3q
z&=fCHVJ0B@7)9>s9$9+wX2U}Jp^+J_yZWzxypFhXSVKi>wwZOmjg@TRC8o{EImJ~c
zlNezKWvE3}zsbKugsT|$Gd#C}qT&)Fk?9(!xMiHIh8PLbJidl*49<l%0`4P+y16Ka
zDKbQ#C(3HdHyhsndt>f`MZhwO0`bD^F9eizm?D?{-TnC`4R1Caxjk5MFx|FzEphfv
zKF)=li{mQPy92fV(jj$nm_rI!931Y5)UJB>eEFwCINkK^g25fcRd2{ctfc(6Mw`B&
zi-Ww|<IyD^r$}(es*=7>dQ$!){?)F7tFpTm5pNd*Kc(ig?fs$yZdEgR9cZOO;J~H{
zU`sR|&lo9ZdVAZ8?QI5z>npYDul79Czkjs#d#mG5SMw%s*U=m0?_56hT;Tp!7T;}O
GX#W9-FKBB3

literal 0
HcmV?d00001

diff --git a/DeployTools/Staged/KickStart_Stage1-Deploy.cmd b/DeployTools/Staged/KickStart_Stage1-Deploy.cmd
new file mode 100644
index 0000000..8e782b0
--- /dev/null
+++ b/DeployTools/Staged/KickStart_Stage1-Deploy.cmd
@@ -0,0 +1,13 @@
+@echo off
+
+REM ##########################################################
+REM # @description:                                          #
+REM #   Opens Stage1-Deploy-FirstBoot.ps1 in powershell with #
+REM #   Process ExecutionPolicy set to Unrestricted          #
+REM #                                                        #
+REM # @project: IMGSystTools                                 #
+REM # @author: Bram Prieshof                                 #
+REM ##########################################################
+
+echo Starting deployment script...
+PowerShell.exe "Set-ExecutionPolicy -Scope Process Unrestricted -Force; C:\SysTools\DeployTools\Staged\Stage1-Deploy.ps1"
\ No newline at end of file
diff --git a/DeployTools/Staged/KickStart_Stage2-Deploy.cmd b/DeployTools/Staged/KickStart_Stage2-Deploy.cmd
new file mode 100644
index 0000000..28d0ebf
--- /dev/null
+++ b/DeployTools/Staged/KickStart_Stage2-Deploy.cmd
@@ -0,0 +1,18 @@
+@echo off
+
+REM ##########################################################
+REM # @description:                                          #
+REM #   Opens cmd script for mounting SMB, when complete     #
+REM #   Stage2-Deploy-FirstBoot.ps1 in powershell with       #
+REM #   Process ExecutionPolicy set to Unrestricted          #
+REM #                                                        #
+REM # @project: IMGSystTools                                 #
+REM # @author: Bram Prieshof                                 #
+REM ##########################################################
+
+echo Starting nas connect script...
+if exist C:\SysTools\DeployTools\MountNAS.cmd start /wait C:\SysTools\DeployTools\MountNAS.cmd
+
+echo Starting deployment script...
+PowerShell.exe "Set-ExecutionPolicy -Scope Process Unrestricted -Force; C:\SysTools\DeployTools\Staged\Stage2-Deploy.ps1"
+
diff --git a/DeployTools/Staged/Stage1-Deploy.ps1 b/DeployTools/Staged/Stage1-Deploy.ps1
new file mode 100644
index 0000000..2267b5b
--- /dev/null
+++ b/DeployTools/Staged/Stage1-Deploy.ps1
@@ -0,0 +1,43 @@
+###############################################################
+# @description:                                               #
+#   Used when image get cloned to new system                  #
+#   For Checking activation status  Setting SystemName        #     
+#   and  enableing stage 2 for mounting NAS on nextboot       #
+#                                                             #
+# @project: IMGSystTools                                      #
+# @author: Bram Prieshof                                      #
+###############################################################
+
+if (-Not ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] 'Administrator')) {
+    if ([int](Get-CimInstance -Class Win32_OperatingSystem | Select-Object -ExpandProperty BuildNumber) -ge 6000) {
+     $CommandLine = $MyInvocation.MyCommand.Path + "`" " + $MyInvocation.UnboundArguments
+     Start-Process -FilePath PowerShell.exe -Verb Runas -ArgumentList " Set-ExecutionPolicy -Scope Process Unrestricted -Force; $CommandLine"
+     Exit
+    }
+   }
+   
+Write-Output "Checking activation status..."
+$ta = Get-CimInstance -ClassName SoftwareLicensingProduct -Filter "PartialProductKey IS NOT NULL" | Where-Object -Property Name -Like "Windows*" 
+if ($ta.LicenseStatus -eq 1) {Write-Output "Activation [OK]"} else {Write-Output "Activation [Error, Opening settings]";Start-Process "ms-settings:activation"; pause }
+
+Write-Output "Getting System name"
+$sysid = Read-Host -Prompt 'Please enter system ID (example: DT100)' 
+Rename-Computer -NewName $sysid
+Write-Output "System name [OK]"
+
+#Remove "Run on login script" if exists
+if (Test-Path "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\StagedDeploy.lnk" -PathType leaf) 
+{Remove-Item "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\StagedDeploy.lnk"}
+
+#Create SecondStage INK
+Copy-Item "C:\SysTools\DeployTools\Staged\INK_KickStart_Stage2-Deploy.lnk" "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\StagedDeploy.lnk"
+
+#Finalizing and poweroff
+Write-Output ""
+Write-Output ""
+Write-Output "The System deployed successfully, and can be powered off"
+
+$confirmation = Read-Host "Do you want to do that now? y/N:"
+if ($confirmation -eq 'y') {
+    Stop-Computer -ComputerName localhost -Force
+}
\ No newline at end of file
diff --git a/DeployTools/Staged/Stage2-Deploy.ps1 b/DeployTools/Staged/Stage2-Deploy.ps1
new file mode 100644
index 0000000..37164f0
--- /dev/null
+++ b/DeployTools/Staged/Stage2-Deploy.ps1
@@ -0,0 +1,54 @@
+#################################################################
+# @description:                                                 #
+#   Used nextboot after stage1 was ran                          #
+#   For running updates for Chocolatry apps and Windows Updates #     
+#                                                               #
+# @project: IMGSystTools                                        #
+# @author: Bram Prieshof                                        #
+#################################################################
+
+if (-Not ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] 'Administrator')) {
+ if ([int](Get-CimInstance -Class Win32_OperatingSystem | Select-Object -ExpandProperty BuildNumber) -ge 6000) {
+  $CommandLine = $MyInvocation.MyCommand.Path + "`" " + $MyInvocation.UnboundArguments
+  Start-Process -FilePath PowerShell.exe -Verb Runas -ArgumentList " Set-ExecutionPolicy -Scope Process Unrestricted -Force; $CommandLine"
+  Exit
+ }
+}
+
+
+
+#Chocolaty software updates
+$confirmSupdates = Read-Host "Run Software updates? (y/n)"
+if ( $confirmSupdates -eq 'y'){
+    Write-Output "Checking Chocolatey package updates"
+    choco upgrade -y all
+    Write-Output " Chocolatey updates [OK]"
+}
+
+$confirmWupdates = Read-Host "Run Windows updates? (y/n)"
+if ( $confirmWupdates -eq 'y'){
+    #Enable Windows updates service
+    Set-Service -Name "wuauserv" -Status Stopped -StartupType Manual
+
+    Write-Output "Checking Windows updates"
+    Import-Module PSWindowsUpdate
+    Get-WUInstall -MicrosoftUpdate -AcceptAll -IgnoreReboot -IgnoreRebootRequired -Install
+    Write-Output " Windows updates [OK]"
+}
+
+#Removing Created Shortcuts
+Remove-Item C:\Users\Public\Desktop\*.lnk
+
+#Remove "Run on login script" if exists
+if (Test-Path "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\StagedDeploy.lnk" -PathType leaf) 
+{Remove-Item "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\StagedDeploy.lnk"}
+
+#Finalizing and reboot
+Write-Output ""
+Write-Output ""
+Write-Output "The System deployed successfully, but it should to be rebooted"
+
+$confirmation = Read-Host "Do you want to do that now? y/N:"
+if ($confirmation -eq 'y') {
+    Restart-Computer -Force
+}