Added staged version of DeployTools

This will do windows activation check and setting sytemname on fist boot, and sets up smb shares and runs updates on the next boot Designed for when mass deploying an image for other locations
2022-03-24 14:24:39 +00:00
9 changed files with 158 additions and 3 deletions
--- a/DeployTools/Deploy-FirstBoot.ps1
+++ b/DeployTools/Deploy-FirstBoot.ps1
@@ -16,13 +16,16 @@ if (-Not ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdent
 }
 }

+#Disable Windows updates service
+Set-Service -Name "wuauserv" -Status Stopped -StartupType Disabled
+
 Write-Output "Checking activation status..."
 $ta = Get-CimInstance -ClassName SoftwareLicensingProduct -Filter "PartialProductKey IS NOT NULL" | Where-Object -Property Name -Like "Windows*" 
 if ($ta.LicenseStatus -eq 1) {Write-Output "Activation [OK]"} else {Write-Output "Activation [Error, Opening settings]";Start-Process "ms-settings:activation"; pause }

 Write-Output "Getting System name"
-$sysid = Read-Host -Prompt 'Please enter asset ID:' 
-Rename-Computer -NewName "PC$sysid"
+$sysid = Read-Host -Prompt 'Please enter system ID (example: DT001)' 
+Rename-Computer -NewName $sysid
 Write-Output "System name [OK]"

 #Chocolaty software updates
@@ -35,6 +38,9 @@ if ( $confirmSupdates -eq 'y'){

 $confirmWupdates = Read-Host "Run Windows updates? (y/n)"
 if ( $confirmWupdates -eq 'y'){
+    #Enable Windows updates service
+    Set-Service -Name "wuauserv" -Status Stopped -StartupType Manual
+
    Write-Output "Checking Windows updates"
    Import-Module PSWindowsUpdate
    Get-WUInstall -MicrosoftUpdate -AcceptAll -IgnoreReboot -IgnoreRebootRequired -Install
--- a/DeployTools/Staged/Enable_Staged-Deploy.cmd
+++ b/DeployTools/Staged/Enable_Staged-Deploy.cmd
@@ -0,0 +1,21 @@
+@echo off
+
+REM ###############################################################
+REM # @description:                                               #
+REM #   Used for enableing "Deploy-FirstBoot.ps1"  on next boot   #
+REM #                                                             #
+REM # @project: IMGSystTools                                      #
+REM # @author: Bram Prieshof                                      #
+REM ###############################################################
+
+
+NET SESSION >nul 2>&1
+IF %ERRORLEVEL% EQU 0 (
+    COPY "C:\SysTools\DeployTools\Staged\INK_KickStart_Stage1-Deploy.lnk" "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\StagedDeploy.lnk"
+    ECHO Enabled FirstBoot Deploy script
+    PAUSE
+) ELSE (
+    ECHO Please run this script as administrator
+    PAUSE
+)
+
--- a/DeployTools/Staged/INK_KickStart_Stage1-Deploy.lnk
+++ b/DeployTools/Staged/INK_KickStart_Stage1-Deploy.lnk
--- a/DeployTools/Staged/INK_KickStart_Stage2-Deploy.lnk
+++ b/DeployTools/Staged/INK_KickStart_Stage2-Deploy.lnk
--- a/DeployTools/Staged/KickStart_Stage1-Deploy.cmd
+++ b/DeployTools/Staged/KickStart_Stage1-Deploy.cmd
@@ -0,0 +1,13 @@
+@echo off
+
+REM ##########################################################
+REM # @description:                                          #
+REM #   Opens Stage1-Deploy-FirstBoot.ps1 in powershell with #
+REM #   Process ExecutionPolicy set to Unrestricted          #
+REM #                                                        #
+REM # @project: IMGSystTools                                 #
+REM # @author: Bram Prieshof                                 #
+REM ##########################################################
+
+echo Starting deployment script...
+PowerShell.exe "Set-ExecutionPolicy -Scope Process Unrestricted -Force; C:\SysTools\DeployTools\Staged\Stage1-Deploy.ps1"
--- a/DeployTools/Staged/KickStart_Stage2-Deploy.cmd
+++ b/DeployTools/Staged/KickStart_Stage2-Deploy.cmd
@@ -0,0 +1,18 @@
+@echo off
+
+REM ##########################################################
+REM # @description:                                          #
+REM #   Opens cmd script for mounting SMB, when complete     #
+REM #   Stage2-Deploy-FirstBoot.ps1 in powershell with       #
+REM #   Process ExecutionPolicy set to Unrestricted          #
+REM #                                                        #
+REM # @project: IMGSystTools                                 #
+REM # @author: Bram Prieshof                                 #
+REM ##########################################################
+
+echo Starting nas connect script...
+if exist C:\SysTools\DeployTools\MountNAS.cmd start /wait C:\SysTools\DeployTools\MountNAS.cmd
+
+echo Starting deployment script...
+PowerShell.exe "Set-ExecutionPolicy -Scope Process Unrestricted -Force; C:\SysTools\DeployTools\Staged\Stage2-Deploy.ps1"
+
--- a/DeployTools/Staged/Stage1-Deploy.ps1
+++ b/DeployTools/Staged/Stage1-Deploy.ps1
@@ -0,0 +1,43 @@
+###############################################################
+# @description:                                               #
+#   Used when image get cloned to new system                  #
+#   For Checking activation status  Setting SystemName        #     
+#   and  enableing stage 2 for mounting NAS on nextboot       #
+#                                                             #
+# @project: IMGSystTools                                      #
+# @author: Bram Prieshof                                      #
+###############################################################
+
+if (-Not ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] 'Administrator')) {
+    if ([int](Get-CimInstance -Class Win32_OperatingSystem | Select-Object -ExpandProperty BuildNumber) -ge 6000) {
+     $CommandLine = $MyInvocation.MyCommand.Path + "`" " + $MyInvocation.UnboundArguments
+     Start-Process -FilePath PowerShell.exe -Verb Runas -ArgumentList " Set-ExecutionPolicy -Scope Process Unrestricted -Force; $CommandLine"
+     Exit
+    }
+   }
+   
+Write-Output "Checking activation status..."
+$ta = Get-CimInstance -ClassName SoftwareLicensingProduct -Filter "PartialProductKey IS NOT NULL" | Where-Object -Property Name -Like "Windows*" 
+if ($ta.LicenseStatus -eq 1) {Write-Output "Activation [OK]"} else {Write-Output "Activation [Error, Opening settings]";Start-Process "ms-settings:activation"; pause }
+
+Write-Output "Getting System name"
+$sysid = Read-Host -Prompt 'Please enter system ID (example: DT100)' 
+Rename-Computer -NewName $sysid
+Write-Output "System name [OK]"
+
+#Remove "Run on login script" if exists
+if (Test-Path "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\StagedDeploy.lnk" -PathType leaf) 
+{Remove-Item "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\StagedDeploy.lnk"}
+
+#Create SecondStage INK
+Copy-Item "C:\SysTools\DeployTools\Staged\INK_KickStart_Stage2-Deploy.lnk" "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\StagedDeploy.lnk"
+
+#Finalizing and poweroff
+Write-Output ""
+Write-Output ""
+Write-Output "The System deployed successfully, and can be powered off"
+
+$confirmation = Read-Host "Do you want to do that now? y/N:"
+if ($confirmation -eq 'y') {
+    Stop-Computer -ComputerName localhost -Force
+}
--- a/DeployTools/Staged/Stage2-Deploy.ps1
+++ b/DeployTools/Staged/Stage2-Deploy.ps1
@@ -0,0 +1,54 @@
+#################################################################
+# @description:                                                 #
+#   Used nextboot after stage1 was ran                          #
+#   For running updates for Chocolatry apps and Windows Updates #     
+#                                                               #
+# @project: IMGSystTools                                        #
+# @author: Bram Prieshof                                        #
+#################################################################
+
+if (-Not ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] 'Administrator')) {
+ if ([int](Get-CimInstance -Class Win32_OperatingSystem | Select-Object -ExpandProperty BuildNumber) -ge 6000) {
+  $CommandLine = $MyInvocation.MyCommand.Path + "`" " + $MyInvocation.UnboundArguments
+  Start-Process -FilePath PowerShell.exe -Verb Runas -ArgumentList " Set-ExecutionPolicy -Scope Process Unrestricted -Force; $CommandLine"
+  Exit
+ }
+}
+
+
+
+#Chocolaty software updates
+$confirmSupdates = Read-Host "Run Software updates? (y/n)"
+if ( $confirmSupdates -eq 'y'){
+    Write-Output "Checking Chocolatey package updates"
+    choco upgrade -y all
+    Write-Output " Chocolatey updates [OK]"
+}
+
+$confirmWupdates = Read-Host "Run Windows updates? (y/n)"
+if ( $confirmWupdates -eq 'y'){
+    #Enable Windows updates service
+    Set-Service -Name "wuauserv" -Status Stopped -StartupType Manual
+
+    Write-Output "Checking Windows updates"
+    Import-Module PSWindowsUpdate
+    Get-WUInstall -MicrosoftUpdate -AcceptAll -IgnoreReboot -IgnoreRebootRequired -Install
+    Write-Output " Windows updates [OK]"
+}
+
+#Removing Created Shortcuts
+Remove-Item C:\Users\Public\Desktop\*.lnk
+
+#Remove "Run on login script" if exists
+if (Test-Path "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\StagedDeploy.lnk" -PathType leaf) 
+{Remove-Item "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\StagedDeploy.lnk"}
+
+#Finalizing and reboot
+Write-Output ""
+Write-Output ""
+Write-Output "The System deployed successfully, but it should to be rebooted"
+
+$confirmation = Read-Host "Do you want to do that now? y/N:"
+if ($confirmation -eq 'y') {
+    Restart-Computer -Force
+}
--- a/InstallTools/Choco-PKGS.list
+++ b/InstallTools/Choco-PKGS.list
@@ -1 +1 @@
-7zip;caesium.install;firefox;gimp;inkscape;libreoffice-fresh;notepadplusplus;paint.net;pnggauntlet.install;vlc;vscode.install;xnconvert;googlechrome;pswindowsupdate;git;filezilla;mobaxterm;krita
+7zip;caesium.install;firefox;gimp;handbrake;inkscape;libreoffice-fresh;notepadplusplus;paint.net;pdfsam.install;pnggauntlet.install;vlc;vscode.install;xnconvert.install;googlechrome;pswindowsupdate;git;filezilla;mobaxterm