Skip to content

Instantly share code, notes, and snippets.

@brianfgonzalez
Last active December 24, 2016 03:07
Show Gist options
  • Save brianfgonzalez/fa0720471ce2f6722d3ced4672e3f47a to your computer and use it in GitHub Desktop.
Save brianfgonzalez/fa0720471ce2f6722d3ced4672e3f47a to your computer and use it in GitHub Desktop.
[CmdletBinding()]
Param([string]$Phase = 'A',[string]$CompName = 'MDT2013U101')
# ============================================================================================
#Script installs MDT 2013 Update 1 release (6.3.8298.0)
# & ADK for Windows 10 (10.1.14393.0)
# ============================================================================================
#Values that can be changed
$deployRoot = "$env:SystemDrive\DeploymentShare" #Specify DeploymentShare local folder path
$deployshareName = "DS" #Specify desired share name
$desiredSecurePassword = 'P@ssw0rd' #Specify Desired secure password for Administrator and AD recovery
$DomainName = "PDEPLOY" #NetBIOS name for Domainname, will be suffixed with .com
# ============================================================================================
#Populate transcript log file path
$transcriptPath = "$env:SystemDrive\tmp\debug.log"
#Populate parent folder of ps modules
$psmodulePath = "$env:WinDir\system32\WindowsPowerShell\v1.0\Modules"
#Begin populating transcript log file
$ErrorActionPreference = 'SilentlyContinue'
$null = Stop-Transcript
$ErrorActionPreference = 'Continue'
Start-Transcript -Path $transcriptPath -Append -NoClobber
#Load common powershell modules
Import-Module -Name "$psmodulePath\NetSecurity\NetSecurity.psd1"
Import-Module -Name "$psmodulePath\SmbShare\SmbShare.psd1"
Import-Module -Name "$psmodulePath\NetTCPIP\NetTCPIP.psd1"
Import-Module -Name "$psmodulePath\ServerManager\ServerManager.psd1"
#Populate full path of script file
$scriptPath = $myInvocation.MyCommand.Definition
#Specify chocoPath
$chocofilePath = "$env:ProgramData\chocolatey\choco.exe"
#Function to add folders into MDT Deployment Shares..
function AddFolder
{
Param ([Parameter(Mandatory=$true)][string]$xmlPath,[Parameter(Mandatory=$true)][string]$nodeName)
#Check if target XML exist
if (!(Test-Path -Path $xmlPath))
{
#If not auto-generated, create a fresh xml
[xml]$xml = '<groups></groups>'
}
else
{
#pull XML content
[xml]$xml = (Get-Content -Path $xmlPath)
}
#Add new content
$newGUID = ([guid]::NewGuid())
[xml]$newNode = @"
<group guid="{$newGUID}" enable="True">
<Name>$nodeName</Name>
</group>
"@
$xml.Item('groups').AppendChild($xml.ImportNode($newNode.group, $true))
$xml.save($xmlPath)
}
#Function to log and call external EXEs
function CallExternalApplication
{
Param ([Parameter(Mandatory=$true)][string]$filePath,[Parameter(Mandatory=$true)][string]$argumentString)
Write-Host "Attempting to run: $filePath $argumentstring"
If (-not (Test-Path -Path $filePath))
{
Write-Host "$filePath not found."
return $false
}
Start-Process -FilePath $filePath -ArgumentList $argumentstring -Wait -NoNewWindow -Verbose
}
#Function to install chocolately and use it to install several applications
function InstallChocoApps
{
#Check if chocolately is already installed
If (-not (Test-Path -Path $chocofilePath))
{
#Check internet connection
If (-not (Test-Connection -ComputerName 'google.com' -Count 1 -Quiet))
{
#Look for localized install of chocolately
If (Get-ChildItem -Path "$env:SystemDrive\chocopkgs\chocolatey*\tools")
{
#Call chocolately local install
. (Get-ChildItem -Path "$env:SystemDrive\chocopkgs\chocolatey*\tools\chocolateyInstall.ps1").FullName
}
else
{
#No localized choco install found, so we must prompt user to get connected and re-run script.
$promptText = "Internet Connection not found AND local choco pkg not found in $env:SystemDrive\chocopkgs" + `
"`r`nRe-run script: c:\tmp\script.ps1"
$null = Add-Type -AssemblyName System.Windows.Forms
$null = [Windows.Forms.MessageBox]::Show($promptText , 'Fatal Error')
ClearRestart
Exit
}
}
else
{
#No localized choco install found, so installing using online ps1
Invoke-WebRequest -Uri 'https://chocolatey.org/install.ps1' -UseBasicParsing | Invoke-Expression -Verbose
}
}
else
{
Write-Host -Message 'Choco already installed... skipping installation..'
}
#Restart transcript as chocoalately init kills transcript
$ErrorActionPreference = 'SilentlyContinue'
$null = Stop-Transcript
$ErrorActionPreference = 'Continue'
Start-Transcript -Path $transcriptPath -Append -NoClobber -Force
#Configure choco install settings
$carg = 'feature enable -n=allowGlobalConfirmation'
CallExternalApplication -filePath $chocofilePath -argumentString $carg
$carg = 'source add --name="local" --source="'+$env:SystemDrive+'\vagrant" --priority="1"'
CallExternalApplication -filePath $chocofilePath -argumentString $carg
#Install Windows ADK for Windows 10 10.1.14393.0 using local source (if avail.)
$carg = 'install windows-adk-winpe --version 10.1.14393.0 --debug --allowunofficial --confirm'
CallExternalApplication -filePath $chocofilePath -argumentString $carg
#Install MDT 2013 update 1 using local source (if avail.)
$carg = 'install mdt --version 6.3.8298.0 --debug --allowunofficial --confirm'
CallExternalApplication -filePath $chocofilePath -argumentString $carg
#Install SCCM Toolkit 2012 R2 using local source (if avail.)
$carg = 'install sccmtoolkit --version 5.0.7958.1000 --debug --allowunofficial --confirm'
CallExternalApplication -filePath $chocofilePath -argumentString $carg
#Install other useful applications from interweb
$carg = 'install hackfont notepadplusplus 7zip.install imagemagick --debug --confirm'
CallExternalApplication -filePath $chocofilePath -argumentString $carg
# Delete ImageMagick desktop shortcut
If (Test-Path -Path "$env:UserProfile\Desktop\ImageMagick Display.lnk")
{
Remove-Item -Path "$env:UserProfile\Desktop\ImageMagick Display.lnk" -Force -Verbose
}
# Set hackfont as default for notepad++
If ((Test-Path -Path "$env:WinDir\Fonts\Hack-Regular.ttf") -and
(Test-Path -Path "${env:ProgramFiles(x86)}\Notepad++\stylers.model.xml"))
{
$path = "${env:ProgramFiles(x86)}\Notepad++\stylers.model.xml"
$xml = [xml](Get-Content -Path $path)
$node = $xml.NotepadPlus.GlobalStyles.WidgetStyle | Where-Object -FilterScript {
$_.name -eq 'Global override'
}
$node.fontName = 'Hack'
$node.fontSize = '11'
$xml.Save($path)
}
# Add notepad++ to path
If (Test-Path -Path "${env:ProgramFiles(x86)}\Notepad++\stylers.model.xml")
{
$carg = 'PATH "'+$env:Path+';'+${env:ProgramFiles(x86)}+'\Notepad++" /M'
CallExternalApplication -filePath "$env:WinDir\System32\setx.exe" -argumentString $carg
}
# Add cmtrace to path
If (Test-Path -Path "${env:ProgramFiles(x86)}\ConfigMgr 2012 Toolkit R2\ClientTools\CMTrace.exe")
{
$carg = 'PATH "'+$env:Path+';'+${env:ProgramFiles(x86)}+'\ConfigMgr 2012 Toolkit R2\ClientTools\" /M'
CallExternalApplication -filePath "$env:WinDir\System32\setx.exe" -argumentString $carg
}
}
function MDTSetup
{
#Populate CustomSettings.ini rules content
$customSettings = @"
;Go here for help on rules: https://technet.microsoft.com/en-us/library/dn781091.aspx
[Settings]
Priority=ProcessFirst,Default
Properties=MyCustomProperty,SpecialDate
[ProcessFirst]
SpecialDate=#DatePart("M",Now) & DatePart("D",Now) & DatePart("YYYY",Now)#
[Default]
;_SMSTSOrgName=Company Name
;_SMSTSPackageName=Sub-Progress Text...
OSInstall=Y
SkipProductKey=YES
SkipSupervisorPass=YES
SkipAdminPassword=YES
AdminPassword=P@ssw0rd
SkipSummary=YES
SkipDomainMembership=YES
JoinWorkgroup=WORKGROUP
SkipUserData=YES
UserDataLocation=NONE
SkipComputerBackup=YES
ComputerBackupLocation=NONE
SkipBitLocker=YES
BDEInstallSuppress=YES
SkipLocaleSelection=YES
SkipTimeZone=YES
KeyboardLocale=en-US
UserLocale=en-US
UILanguage=en-US
TimeZone=035
TimeZoneName=Eastern Standard Time
ApplyGPOPack=NO
SkipCapture=YES
BackupShare=\\$CompName\$deployshareName\Captures
BackupDir=%SpecialDate%.wim
;ProductKey=XXXXX-XXXXX-XXXXX-XXXXX-XXXXX
"@
#Populate Bootstrap.ini rules content
$bsSettings = @"
[Settings]
Priority=Default
[Default]
DeployRoot=\\$CompName\$deployshareName
SkipBDDWelcome=YES
UserDomain=$DomainName
UserID=MDT
Userpassword=$desiredSecurePassword
"@
#Import MDT module
If (Test-Path -Path "$env:ProgramFiles\Microsoft Deployment Toolkit\bin\MicrosoftDeploymentToolkit.psd1")
{
Import-Module -Name "$env:ProgramFiles\Microsoft Deployment Toolkit\bin\MicrosoftDeploymentToolkit.psd1"
}
else
{
#Prompt user that the MDT install failed.
$null = Add-Type -AssemblyName System.Windows.Forms
$null = [Windows.Forms.MessageBox]::Show(
"MDT Install failed, so script is exiting..logpath: $env:SystemDrive\tmp\script.log" , 'Fatal Error')
ClearRestart
Exit
}
#Create DeploymentShare folder
New-Item -Path $deployRoot -ItemType Directory -Force -Verbose
#Create DS network share
New-SmbShare -Name $deployshareName -Path $deployRoot -FullAccess Administrators -Verbose
#Create MDT local user account
$carg = 'user MDT "'+$desiredSecurePassword+'" /add'
CallExternalApplication -filePath "$env:WinDir\System32\net.exe" -argumentString $carg
#Add MDT account to Administrators group
$carg = 'localgroup Administrators MDT /add'
CallExternalApplication -filePath "$env:WinDir\System32\net.exe" -argumentString $carg
#Set MDT account password to never expire
$carg = '/c wmic UserAccount where Name="MDT" set PasswordExpires=False'
CallExternalApplication -filePath "$env:WinDir\System32\cmd.exe" -argumentString $carg
#Create DS using MDT PS provider
New-PSDrive -Name "DS001" -PSProvider "MDTProvider" -Root $deployRoot -Description "DS" `
-NetworkPath "\\$CompName\$deployshareName" | add-MDTPersistentDrive -Verbose
#Update bootstrap to include MDT account
$bsPath = "$deployRoot\Control\Bootstrap.ini"
$csPath = "$deployRoot\Control\CustomSettings.ini"
if (Test-Path -Path $bsPath)
{
Remove-Item -Path $bsPath -Force
}
if (Test-Path -Path $csPath)
{
Remove-Item -Path $csPath -Force
}
Set-Content -Path $bsPath -Value ($bsSettings -replace "\n", "`r`n") -Force
Set-Content -Path $csPath -Value ($customSettings -replace "\n", "`r`n") -Force
#Use imagemagick to create custom PE wallpaper incl. Date & PE arch
If (Test-Path -Path "$env:ProgramFiles\imagemagick*")
{
$imagemagick = (Get-ChildItem -Path "$env:ProgramFiles\imagemagick*\magick.exe").FullName
$datestamp = (Get-Date -Format 'dd-MMM-yyyy HH:mm')
$architecture = "x64"
$fontsize = "14"
$fontfamily = "Tahoma"
$fontstyle = "Normal"
$fontcolor = "Blue"
$carg = 'convert "'+$env:ProgramFiles+'\Microsoft Deployment Toolkit\Samples\Background.bmp"'+`
' -resize "1024x768" -font "'+$fontfamily+'" -style "'+$fontstyle+'" -fill "'+$fontcolor+'" -pointsize "'+$fontsize+`
'" -draw "text 850,180 '''+$architecture+' @ '+$datestamp+'''" "'+$env:SystemDrive+'\DeploymentShare\Background.bmp"'
CallExternalApplication -filePath $imagemagick -argumentString $carg
}
#Update PE settings.xml
$path = "$deployRoot\Control\Settings.xml"
$xml = [xml](Get-Content -Path $path)
$xml.Settings."SupportX86" = "False"
$xml.Settings."Boot.x64.ScratchSpace" = "512"
#Set custom background image (if avail.)
If (Test-Path -Path "$deployRoot\Background.bmp")
{
$xml.Settings."Boot.x64.BackgroundFile" = "$deployRoot\Background.bmp"
}
$xml.Settings."Boot.x64.SelectionProfile" = "Nothing"
$xml.Save($path)
#Perform MDT update
Update-MDTDeploymentShare -Path "DS001:" -Verbose
#Create custom folders in MDT
$Folders = ("Adobe", "Microsoft", "Microsoft\Office", "Oracle", "Panasonic", "Sierra", "Win 7x86", "Win 7x64", "Win 10x64")
ForEach ($a in $Folders )
{
AddFolder -xmlPath "$deployRoot\Control\ApplicationGroups.xml" -nodeName $a
}
$Folders = ("Win 7x86", "Win 7x64", "Win 10x64", "Win 7x86\SF", "Win 7x64\SF", "Win 10x64\SF")
ForEach ($a in $Folders )
{
AddFolder -xmlPath "$deployRoot\Control\OperatingSystemGroups.xml" -nodeName $a
}
$Folders = ("Win 7x86", "Win 7x64", "Win 10x64 (incl. PE Drivers)")
ForEach ($a in $Folders )
{
AddFolder -xmlPath "$deployRoot\Control\DriverGroups.xml" -nodeName $a
}
$Folders = ("Win 7x86", "Win 7x64", "Win 10x64", "Win 7x86\Deploy", "Win 7x64\Deploy", "Win 10x64\Deploy", "Win 7x86\Capture", `
"Win 7x64\Capture", "Win 10x64\Capture", "Development")
ForEach ($a in $Folders )
{
AddFolder -xmlPath "$deployRoot\Control\TaskSequenceGroups.xml" -nodeName $a
}
#Populate Operating System\Catalog folder (if interweb connection avail)
If (Test-Connection -ComputerName "google.com" -Count 1 -Quiet)
{
$catfolderPath = "$deployRoot\Catalogs"
New-Item -Path $catfolderPath -ItemType Directory -Verbose -Force
Invoke-WebRequest -Uri 'https://github.com/boxcutter/windows/raw/master/wsim/win7/x64/install_Windows%207%20ENTERPRISE.clg' `
-OutFile "$catfolderPath\Win7x64Ent.clg" -Verbose
Invoke-WebRequest -Uri 'https://github.com/boxcutter/windows/raw/master/wsim/win7/x64/install_Windows%207%20PROFESSIONAL.clg' `
-OutFile "$catfolderPath\Win7x64Pro.clg" -Verbose
Invoke-WebRequest -Uri 'https://github.com/boxcutter/windows/raw/master/wsim/win7/x86/install_Windows%207%20ENTERPRISE.clg' `
-OutFile "$catfolderPath\Win7x86Ent.clg" -Verbose
Invoke-WebRequest -Uri 'https://github.com/boxcutter/windows/raw/master/wsim/win7/x86/install_Windows%207%20PROFESSIONAL.clg' `
-OutFile "$catfolderPath\Win7x86Pro.clg" -Verbose
Invoke-WebRequest -Uri 'https://github.com/boxcutter/windows/raw/master/wsim/wineval/win10/x64/install_Windows%2010%20Enterprise%20Evaluation.clg' `
-OutFile "$catfolderPath\Win10x64Ent.clg" -Verbose
}
# Copy ISO out to host share
If (Test-Path -Path "$env:SystemDrive\vagrant")
{
Copy-Item -Path "$deployRoot\Boot\LiteTouchPE_x64.iso" -Destination "$env:SystemDrive\vagrant\MDTBootx64.iso" -Force -Verbose
}
}
function DCRoleInstall
{
$SMAdminPassTxt = $desiredSecurePassword
$SMAdminPass = ConvertTo-SecureString -AsPlainText -String $SMAdminPassTxt -Force
Install-WindowsFeature AD-Domain-Services -IncludeManagementTools
Import-Module -Name "$env:WinDir\system32\WindowsPowerShell\v1.0\Modules\ADDSDeployment\ADDSDeployment.psd1"
Install-ADDSForest -CreateDnsDelegation:$false -DatabasePath "$env:SystemDrive\Windows\NTDS" `
-DomainMode "Win2012R2" -DomainName "$DomainName.com" -DomainNetbiosName $DomainName -ForestMode "Win2012R2" `
-InstallDns:$true -LogPath "$env:SystemDrive\Windows\NTDS" -NoRebootOnCompletion:$true `
-SysvolPath "$env:SystemDrive\Windows\SYSVOL" -Force:$true -SafeModeAdministratorPassword $SMAdminPass -Verbose
}
function DHCPWDSRoleInstall
{
#Add MDT user account to "Domain Admins" group. (no longer needed)
#Add-ADGroupMember 'Domain Admins' 'MDT' -Verbose
#Install DHCP role with tools
Install-WindowsFeature -Name "DHCP" -IncludeManagementTools -Verbose
#Install WDS role with tools
Install-WindowsFeature WDS -IncludeManagementTools -Verbose
}
function AddtRoleConfig
{
#Use wdsutil to initialize server
$carg = '/initialize-server /reminst:"'+$env:SystemDrive+'\RemoteInstall"'
CallExternalApplication -filePath "$env:WinDir\System32\wdsutil.exe" -argumentString $carg
#Configure WDS to accept all requests
$carg = "/set-server /answerclients:all"
CallExternalApplication -filePath "$env:WinDir\System32\wdsutil.exe" -argumentString $carg
#Import DHCP powershell module
Import-Module -Name "$env:WinDir\system32\WindowsPowerShell\v1.0\Modules\DhcpServer\DhcpServer.psd1"
#Create 50.100 - 50.200 scope
Add-DhcpServerv4Scope -Name "Bridged" -StartRange "192.168.50.100" -EndRange "192.168.50.250" `
-SubnetMask "255.255.255.0" -Description "Internal Network" -Verbose
#Authorize DHCP in AD
Add-DhcpServerInDC -Verbose
#Restart the WDS server to make sure it starts
Restart-Service -DisplayName "Windows Deployment Services Server" -Verbose
#Import the MDT Litetouch WIM (if avail.)
If (Test-Path -Path "$deployRoot\Boot\LitetouchPE_x64.wim")
{
Import-WdsBootImage -Path "$deployRoot\Boot\LitetouchPE_x64.wim" -Verbose
}
}
function CallRestart
{
Param ([Parameter(Mandatory=$true)][string]$nextPhase)
#Create batch in StartUp folder for All Users and pass nextPhase argument to powershell script
$path = "$env:ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Continue.bat"
'powershell.exe -File "'+$scriptPath+'" "'+$nextPhase+'"' | Out-File -FilePath $path -Force -Encoding 'default'
#Set up AdminAutoLogon to occur with local Administrator account
$winlogonPath = "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon"
New-ItemProperty -Path $winlogonPath -Name "AutoAdminLogon" -Value "1" -PropertyType String -Force -Verbose
New-ItemProperty -Path $winlogonPath -Name "DefaultUsername" -Value "Administrator" -PropertyType String -Force -Verbose
New-ItemProperty -Path $winlogonPath -Name "DefaultPassword" -Value $desiredSecurePassword -PropertyType String -Force -Verbose
#Stop transcript
$null = Stop-Transcript
#Initiate a foreced restart
Restart-Computer -Force
Exit
}
function ClearRestart
{
#Delete the batch file from the StartUp folder (if exist)
$path = "$env:SystemDrive\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Continue.bat"
if (Test-Path -Path $path)
{
Remove-Item -Path $path -Force -Verbose
}
#Clear AdminAutoLogon entries in registry
$winlogonPath = "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon"
New-ItemProperty -Path $winlogonPath -Name "AutoAdminLogon" -Value "0" -PropertyType String -Force -Verbose
New-ItemProperty -Path $winlogonPath -Name "DefaultUsername" -Value "0" -PropertyType String -Force -Verbose
New-ItemProperty -Path $winlogonPath -Name "DefaultPassword" -Value "0" -PropertyType String -Force -Verbose
}
#MAIN Processing, using $Phase argument with switch statement
switch ($Phase)
{
"A"
{
#ONLY Windows session with \vagrant mapped
Set-NetFirewallProfile -Profile Domain, Public, Private -Enabled False -Verbose
$carg = 'user administrator "'+$desiredSecurePassword+'" /active:yes'
CallExternalApplication -filePath "$env:WinDir\System32\net.exe" -argumentString $carg
#Load DEFAULT hive
$carg = 'load HKLM\ImportedHive "'+$env:SystemDrive+'\Users\Default\NTUSER.DAT"'
CallExternalApplication -filePath "$env:WinDir\System32\reg.exe" -argumentString $carg
$explorerRegPath = "Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced"
#Do not hide extensions for known file types
New-ItemProperty -Path "HKCU:\$explorerRegPath" -Name "HideFileExt" -Value "0" -PropertyType DWORD -Force -Verbose
New-ItemProperty -Path "HKLM:\ImportedHive\$explorerRegPath" -Name "HideFileExt" -Value "0" -PropertyType DWORD -Force -Verbose
#Show Hidden Folders and Files
New-ItemProperty -Path "HKCU:\$explorerRegPath" -Name "Hidden" -Value "1" -PropertyType DWORD -Force -Verbose
New-ItemProperty -Path "HKLM:\ImportedHive\$explorerRegPath" -Name "Hidden" -Value "1" -PropertyType DWORD -Force -Verbose
#Unload DEFAULT hive
$carg = "unload HKLM\ImportedHive"
CallExternalApplication -filePath "$env:WinDir\System32\reg.exe" -argumentString $carg
#Install chocolately, adk, mdt, sccmtoolkit, and optionals
InstallChocoApps
#Create deployment share and perform initial update and folder creations
MDTSetup
#Rename the computer
Rename-Computer -NewName $CompName
#Call restart, which will occur with local Administrator account
CallRestart -nextPhase 'B'
}
"B"
{
If (Test-Path -Path "$env:ProgramFiles\Microsoft Deployment Toolkit\bin\MicrosoftDeploymentToolkit.psd1")
{
Import-Module -Name "$env:ProgramFiles\Microsoft Deployment Toolkit\bin\MicrosoftDeploymentToolkit.psd1"
}
else
{
#Prompt user that the MDT install failed.
$null = Add-Type -AssemblyName System.Windows.Forms
$null = [Windows.Forms.MessageBox]::Show(
"MDT Install failed, so script is exiting..logpath: $env:SystemDrive\tmp\script.log" , 'Fatal Error')
ClearRestart
Exit
}
#Open DS under Administrator credential
New-PSDrive -Name "DS001" -PSProvider "MDTProvider" -Root $deployRoot -Description "DS" `
-NetworkPath "\\$CompName\$deployshareName" | add-MDTPersistentDrive -Verbose
#Call Install Domain Controller function
DCRoleInstall
#Call restart to allow DC install to complete
CallRestart -nextPhase 'C'
}
"C"
{
#Install DHCP and WDS roles
DHCPWDSRoleInstall
#Call restart to allow role installs to complete
CallRestart -nextPhase 'D'
}
"D"
{
#Final configurations of DHCP and WDS roles and copy routine of ISO to tmp folder
AddtRoleConfig
}
}
#Clean up script
ClearRestart
#Copy transcript out to Administrator's desktop
Copy-Item -Path "$env:SystemDrive\tmp\debug.log" -Destination "$env:UserProfile\Desktop\complete.log" -Force -Verbose
#Prompt user that script is complete
$null = Add-Type -AssemblyName System.Windows.Forms
$null = [Windows.Forms.MessageBox]::Show(
"Configuration is complete and ready for use..logpath: $env:UserProfile\Desktop\complete.log" , 'Status')
# SIG # Begin signature block
# MIID1QYJKoZIhvcNAQcCoIIDxjCCA8ICAQExCzAJBgUrDgMCGgUAMGkGCisGAQQB
# gjcCAQSgWzBZMDQGCisGAQQBgjcCAR4wJgIDAQAABBAfzDtgWUsITrck0sYpfvNR
# AgEAAgEAAgEAAgEAAgEAMCEwCQYFKw4DAhoFAAQUXKiZnLsuhbTc4nkI4XTq2oGW
# EdSgggH3MIIB8zCCAVygAwIBAgIQGV1whS0dp55Ja4kN+QjhjTANBgkqhkiG9w0B
# AQUFADAUMRIwEAYDVQQDDAlQYW5hc29uaWMwHhcNMTYxMDIxMDA1MDU1WhcNMjAx
# MDIxMDAwMDAwWjAUMRIwEAYDVQQDDAlQYW5hc29uaWMwgZ8wDQYJKoZIhvcNAQEB
# BQADgY0AMIGJAoGBALfWEBTB138YGtgoagK3+weGx1+h+pMxqyaWfgJ4MJ6uuFL9
# nSsszQNxUevP/+wRnePIaD7b38E1WHj3j1nighfq1zxQh62WxBb5ESmM4KQ2GeNS
# PZZ2idROx7lq2OJiFw50acuOXzXPvZKsrOkQZb/zMhwL1G+8Ym2qIhx1x+OrAgMB
# AAGjRjBEMBMGA1UdJQQMMAoGCCsGAQUFBwMDMB0GA1UdDgQWBBTOSYsiDH5fXX3I
# Osht3cfhXbh5jTAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQEFBQADgYEAhInQ
# oELe27eCwr+kHwxyPxrOCrdUKJsYzwe83thyMzwhfn2McmmLzt+uj4oHkM2i6FXr
# dEG9lwzyJikiBWXkKvH2x7wkcZ2jl9nuKYmMtq5VYyK52pR0WcAb7P9c7TSdPzuJ
# xSiuL52X09cF2KZOTJwDKBQ883gKVFab54y3Se0xggFIMIIBRAIBATAoMBQxEjAQ
# BgNVBAMMCVBhbmFzb25pYwIQGV1whS0dp55Ja4kN+QjhjTAJBgUrDgMCGgUAoHgw
# GAYKKwYBBAGCNwIBDDEKMAigAoAAoQKAADAZBgkqhkiG9w0BCQMxDAYKKwYBBAGC
# NwIBBDAcBgorBgEEAYI3AgELMQ4wDAYKKwYBBAGCNwIBFTAjBgkqhkiG9w0BCQQx
# FgQUyg3J+12HPxvj8vgg0Zr/hFnD59QwDQYJKoZIhvcNAQEBBQAEgYBAUh80ujGb
# qinwWVKa8WzlPzl4vma8QuQZtJ/WLWf3oq0eOnLdnlxPsyHFpbQaE+2vk4ocv/G/
# 0/eEKu5v4eqQosHvZxAyiXWnoDEt0G6pN4BmQk/MqyNm9SPWPh3VSH1/y5ZlL9h8
# bEsagEqBflEXMXuqtCGagr0eJ4IQZCBC1w==
# SIG # End signature block
[CmdletBinding()]
Param([string]$Phase = 'A',[string]$CompName = 'MDT2013U201')
# ============================================================================================
#Script installs MDT 2013 Update 2 release (6.3.8330.1000)
# & ADK for Windows 10 (10.1.14393.0)
# ============================================================================================
#Values that can be changed
$deployRoot = "$env:SystemDrive\DeploymentShare" #Specify DeploymentShare local folder path
$deployshareName = "DS" #Specify desired share name
$desiredSecurePassword = 'P@ssw0rd' #Specify Desired secure password for Administrator and AD recovery
$DomainName = "PDEPLOY" #NetBIOS name for Domainname, will be suffixed with .com
# ============================================================================================
#Populate transcript log file path
$transcriptPath = "$env:SystemDrive\tmp\debug.log"
#Populate parent folder of ps modules
$psmodulePath = "$env:WinDir\system32\WindowsPowerShell\v1.0\Modules"
#Begin populating transcript log file
$ErrorActionPreference = 'SilentlyContinue'
$null = Stop-Transcript
$ErrorActionPreference = 'Continue'
Start-Transcript -Path $transcriptPath -Append -NoClobber
#Load common powershell modules
Import-Module -Name "$psmodulePath\NetSecurity\NetSecurity.psd1"
Import-Module -Name "$psmodulePath\SmbShare\SmbShare.psd1"
Import-Module -Name "$psmodulePath\NetTCPIP\NetTCPIP.psd1"
Import-Module -Name "$psmodulePath\ServerManager\ServerManager.psd1"
#Populate full path of script file
$scriptPath = $myInvocation.MyCommand.Definition
#Specify chocoPath
$chocofilePath = "$env:ProgramData\chocolatey\choco.exe"
#Function to add folders into MDT Deployment Shares..
function AddFolder
{
Param ([Parameter(Mandatory=$true)][string]$xmlPath,[Parameter(Mandatory=$true)][string]$nodeName)
#Check if target XML exist
if (!(Test-Path -Path $xmlPath))
{
#If not auto-generated, create a fresh xml
[xml]$xml = '<groups></groups>'
}
else
{
#pull XML content
[xml]$xml = (Get-Content -Path $xmlPath)
}
#Add new content
$newGUID = ([guid]::NewGuid())
[xml]$newNode = @"
<group guid="{$newGUID}" enable="True">
<Name>$nodeName</Name>
</group>
"@
$xml.Item('groups').AppendChild($xml.ImportNode($newNode.group, $true))
$xml.save($xmlPath)
}
#Function to log and call external EXEs
function CallExternalApplication
{
Param ([Parameter(Mandatory=$true)][string]$filePath,[Parameter(Mandatory=$true)][string]$argumentString)
Write-Host "Attempting to run: $filePath $argumentstring"
If (-not (Test-Path -Path $filePath))
{
Write-Host "$filePath not found."
return $false
}
Start-Process -FilePath $filePath -ArgumentList $argumentstring -Wait -NoNewWindow -Verbose
}
#Function to install chocolately and use it to install several applications
function InstallChocoApps
{
#Check if chocolately is already installed
If (-not (Test-Path -Path $chocofilePath))
{
#Check internet connection
If (-not (Test-Connection -ComputerName 'google.com' -Count 1 -Quiet))
{
#Look for localized install of chocolately
If (Get-ChildItem -Path "$env:SystemDrive\chocopkgs\chocolatey*\tools")
{
#Call chocolately local install
. (Get-ChildItem -Path "$env:SystemDrive\chocopkgs\chocolatey*\tools\chocolateyInstall.ps1").FullName
}
else
{
#No localized choco install found, so we must prompt user to get connected and re-run script.
$promptText = ('Internet Connection not found AND local choco pkg not found in '+$env:SystemDrive+'\chocopkgs'+`
'`r`nRe-run script: c:\tmp\script.ps1')
$null = Add-Type -AssemblyName System.Windows.Forms
$null = [Windows.Forms.MessageBox]::Show($promptText , 'Fatal Error')
ClearRestart
Exit
}
}
else
{
#No localized choco install found, so installing using online ps1
Invoke-WebRequest -Uri 'https://chocolatey.org/install.ps1' -UseBasicParsing | Invoke-Expression -Verbose
}
}
else
{
Write-Host -Message 'Choco already installed... skipping installation..'
}
#Restart transcript as chocoalately init kills transcript
$ErrorActionPreference = 'SilentlyContinue'
$null = Stop-Transcript
$ErrorActionPreference = 'Continue'
Start-Transcript -Path $transcriptPath -Append -NoClobber -Force
#Configure choco install settings
$carg = 'feature enable -n=allowGlobalConfirmation'
CallExternalApplication -filePath $chocofilePath -argumentString $carg
$carg = 'source add --name="local" --source="'+$env:SystemDrive+'\vagrant" --priority="1"'
CallExternalApplication -filePath $chocofilePath -argumentString $carg
#Install Windows ADK for Windows 10 10.1.14393.0 using local source (if avail.)
$carg = 'install windows-adk-winpe --version 10.1.14393.0 --debug --allowunofficial --confirm'
CallExternalApplication -filePath $chocofilePath -argumentString $carg
#Install MDT 2013 update 2 using local source (if avail.)
$carg = 'install mdt --version 6.3.8330.1000 --debug --allowunofficial --confirm'
CallExternalApplication -filePath $chocofilePath -argumentString $carg
#Install SCCM Toolkit 2012 R2 using local source (if avail.)
$carg = 'install sccmtoolkit --version 5.0.7958.1000 --debug --allowunofficial --confirm'
CallExternalApplication -filePath $chocofilePath -argumentString $carg
#Install other useful applications from interweb
$carg = 'install hackfont notepadplusplus 7zip.install imagemagick --debug --confirm'
CallExternalApplication -filePath $chocofilePath -argumentString $carg
# Delete ImageMagick desktop shortcut
If (Test-Path -Path "$env:UserProfile\Desktop\ImageMagick Display.lnk")
{
Remove-Item -Path "$env:UserProfile\Desktop\ImageMagick Display.lnk" -Force -Verbose
}
# Set hackfont as default for notepad++
If ((Test-Path -Path "$env:WinDir\Fonts\Hack-Regular.ttf") -and
(Test-Path -Path "${env:ProgramFiles(x86)}\Notepad++\stylers.model.xml"))
{
$path = "${env:ProgramFiles(x86)}\Notepad++\stylers.model.xml"
$xml = [xml](Get-Content -Path $path)
$node = $xml.NotepadPlus.GlobalStyles.WidgetStyle | Where-Object -FilterScript {
$_.name -eq 'Global override'
}
$node.fontName = 'Hack'
$node.fontSize = '11'
$xml.Save($path)
}
# Add notepad++ to path
If (Test-Path -Path "${env:ProgramFiles(x86)}\Notepad++\stylers.model.xml")
{
$carg = 'PATH "'+$env:Path+';'+${env:ProgramFiles(x86)}+'\Notepad++" /M'
CallExternalApplication -filePath "$env:WinDir\System32\setx.exe" -argumentString $carg
}
# Add cmtrace to path
If (Test-Path -Path "${env:ProgramFiles(x86)}\ConfigMgr 2012 Toolkit R2\ClientTools\CMTrace.exe")
{
$carg = 'PATH "'+$env:Path+';'+${env:ProgramFiles(x86)}+'\ConfigMgr 2012 Toolkit R2\ClientTools\" /M'
CallExternalApplication -filePath "$env:WinDir\System32\setx.exe" -argumentString $carg
}
}
function MDTSetup
{
#Populate CustomSettings.ini rules content
$customSettings = @"
;Go here for help on rules: https://technet.microsoft.com/en-us/library/dn781091.aspx
[Settings]
Priority=ProcessFirst,Default
Properties=MyCustomProperty,SpecialDate
[ProcessFirst]
SpecialDate=#DatePart("M",Now) & DatePart("D",Now) & DatePart("YYYY",Now)#
[Default]
;_SMSTSOrgName=Company Name
;_SMSTSPackageName=Sub-Progress Text...
OSInstall=Y
SkipProductKey=YES
SkipSupervisorPass=YES
SkipAdminPassword=YES
AdminPassword=P@ssw0rd
SkipSummary=YES
SkipDomainMembership=YES
JoinWorkgroup=WORKGROUP
SkipUserData=YES
UserDataLocation=NONE
SkipComputerBackup=YES
ComputerBackupLocation=NONE
SkipBitLocker=YES
BDEInstallSuppress=YES
SkipLocaleSelection=YES
SkipTimeZone=YES
KeyboardLocale=en-US
UserLocale=en-US
UILanguage=en-US
TimeZone=035
TimeZoneName=Eastern Standard Time
ApplyGPOPack=NO
SkipCapture=YES
BackupShare=\\$CompName\$deployshareName\Captures
BackupDir=%SpecialDate%.wim
;ProductKey=XXXXX-XXXXX-XXXXX-XXXXX-XXXXX
"@
#Populate Bootstrap.ini rules content
$bsSettings = @"
[Settings]
Priority=Default
[Default]
DeployRoot=\\$CompName\$deployshareName
SkipBDDWelcome=YES
UserDomain=$DomainName
UserID=MDT
Userpassword=$desiredSecurePassword
"@
#Import MDT module
If (Test-Path -Path "$env:ProgramFiles\Microsoft Deployment Toolkit\bin\MicrosoftDeploymentToolkit.psd1")
{
Import-Module -Name "$env:ProgramFiles\Microsoft Deployment Toolkit\bin\MicrosoftDeploymentToolkit.psd1"
}
else
{
#Prompt user that the MDT install failed.
$null = Add-Type -AssemblyName System.Windows.Forms
$null = [Windows.Forms.MessageBox]::Show(
"MDT Install failed, so script is exiting..logpath: $env:SystemDrive\tmp\script.log" , 'Fatal Error')
ClearRestart
Exit
}
#Create DeploymentShare folder
New-Item -Path $deployRoot -ItemType Directory -Force -Verbose
#Create DS network share
New-SmbShare -Name $deployshareName -Path $deployRoot -FullAccess Administrators -Verbose
#Create MDT local user account
$carg = 'user MDT "'+$desiredSecurePassword+'" /add'
CallExternalApplication -filePath "$env:WinDir\System32\net.exe" -argumentString $carg
#Add MDT account to Administrators group
$carg = 'localgroup Administrators MDT /add'
CallExternalApplication -filePath "$env:WinDir\System32\net.exe" -argumentString $carg
#Set MDT account password to never expire
$carg = '/c wmic UserAccount where Name="MDT" set PasswordExpires=False'
CallExternalApplication -filePath "$env:WinDir\System32\cmd.exe" -argumentString $carg
#Create DS using MDT PS provider
New-PSDrive -Name "DS001" -PSProvider "MDTProvider" -Root $deployRoot -Description "DS" `
-NetworkPath "\\$CompName\$deployshareName" | add-MDTPersistentDrive -Verbose
#Update bootstrap to include MDT account
$bsPath = "$deployRoot\Control\Bootstrap.ini"
$csPath = "$deployRoot\Control\CustomSettings.ini"
if (Test-Path -Path $bsPath)
{
Remove-Item -Path $bsPath -Force
}
if (Test-Path -Path $csPath)
{
Remove-Item -Path $csPath -Force
}
Set-Content -Path $bsPath -Value ($bsSettings -replace "\n", "`r`n") -Force
Set-Content -Path $csPath -Value ($customSettings -replace "\n", "`r`n") -Force
#Use imagemagick to create custom PE wallpaper incl. Date & PE arch
If (Test-Path -Path "$env:ProgramFiles\imagemagick*")
{
$imagemagick = (Get-ChildItem -Path "$env:ProgramFiles\imagemagick*\magick.exe").FullName
$datestamp = (Get-Date -Format 'dd-MMM-yyyy HH:mm')
$architecture = "x64"
$fontsize = "14"
$fontfamily = "Tahoma"
$fontstyle = "Normal"
$fontcolor = "Blue"
$carg = 'convert "'+$env:ProgramFiles+'\Microsoft Deployment Toolkit\Samples\Background.bmp"'+`
' -resize "1024x768" -font "'+$fontfamily+'" -style "'+$fontstyle+'" -fill "'+$fontcolor+'" -pointsize "'+$fontsize+`
'" -draw "text 850,180 '''+$architecture+' @ '+$datestamp+'''" "'+$env:SystemDrive+'\DeploymentShare\Background.bmp"'
CallExternalApplication -filePath $imagemagick -argumentString $carg
}
#Update PE settings.xml
$path = "$deployRoot\Control\Settings.xml"
$xml = [xml](Get-Content -Path $path)
$xml.Settings."SupportX86" = "False"
$xml.Settings."Boot.x64.ScratchSpace" = "512"
#Set custom background image (if avail.)
If (Test-Path -Path "$deployRoot\Background.bmp")
{
$xml.Settings."Boot.x64.BackgroundFile" = "$deployRoot\Background.bmp"
}
$xml.Settings."Boot.x64.SelectionProfile" = "Nothing"
$xml.Save($path)
#Perform MDT update
Update-MDTDeploymentShare -Path "DS001:" -Verbose
#Create custom folders in MDT
$Folders = ("Adobe", "Microsoft", "Microsoft\Office", "Oracle", "Panasonic", "Sierra", "Win 7x86", "Win 7x64", "Win 10x64")
ForEach ($a in $Folders )
{
AddFolder -xmlPath "$deployRoot\Control\ApplicationGroups.xml" -nodeName $a
}
$Folders = ("Win 7x86", "Win 7x64", "Win 10x64", "Win 7x86\SF", "Win 7x64\SF", "Win 10x64\SF")
ForEach ($a in $Folders )
{
AddFolder -xmlPath "$deployRoot\Control\OperatingSystemGroups.xml" -nodeName $a
}
$Folders = ("Win 7x86", "Win 7x64", "Win 10x64 (incl. PE Drivers)")
ForEach ($a in $Folders )
{
AddFolder -xmlPath "$deployRoot\Control\DriverGroups.xml" -nodeName $a
}
$Folders = ("Win 7x86", "Win 7x64", "Win 10x64", "Win 7x86\Deploy", "Win 7x64\Deploy", "Win 10x64\Deploy", "Win 7x86\Capture", `
"Win 7x64\Capture", "Win 10x64\Capture", "Development")
ForEach ($a in $Folders )
{
AddFolder -xmlPath "$deployRoot\Control\TaskSequenceGroups.xml" -nodeName $a
}
#Populate Operating System\Catalog folder (if interweb connection avail)
If (Test-Connection -ComputerName "google.com" -Count 1 -Quiet)
{
$catfolderPath = "$deployRoot\Catalogs"
New-Item -Path $catfolderPath -ItemType Directory -Verbose -Force
Invoke-WebRequest -Uri 'https://github.com/boxcutter/windows/raw/master/wsim/win7/x64/install_Windows%207%20ENTERPRISE.clg' `
-OutFile "$catfolderPath\Win7x64Ent.clg" -Verbose
Invoke-WebRequest -Uri 'https://github.com/boxcutter/windows/raw/master/wsim/win7/x64/install_Windows%207%20PROFESSIONAL.clg' `
-OutFile "$catfolderPath\Win7x64Pro.clg" -Verbose
Invoke-WebRequest -Uri 'https://github.com/boxcutter/windows/raw/master/wsim/win7/x86/install_Windows%207%20ENTERPRISE.clg' `
-OutFile "$catfolderPath\Win7x86Ent.clg" -Verbose
Invoke-WebRequest -Uri 'https://github.com/boxcutter/windows/raw/master/wsim/win7/x86/install_Windows%207%20PROFESSIONAL.clg' `
-OutFile "$catfolderPath\Win7x86Pro.clg" -Verbose
Invoke-WebRequest -Uri 'https://github.com/boxcutter/windows/raw/master/wsim/wineval/win10/x64/install_Windows%2010%20Enterprise%20Evaluation.clg' `
-OutFile "$catfolderPath\Win10x64Ent.clg" -Verbose
}
# Copy ISO out to host share
If (Test-Path -Path "$env:SystemDrive\vagrant")
{
Copy-Item -Path "$deployRoot\Boot\LiteTouchPE_x64.iso" -Destination "$env:SystemDrive\vagrant\MDTBootx64.iso" -Force -Verbose
}
}
function DCRoleInstall
{
$SMAdminPassTxt = $desiredSecurePassword
$SMAdminPass = ConvertTo-SecureString -AsPlainText -String $SMAdminPassTxt -Force
Install-WindowsFeature AD-Domain-Services -IncludeManagementTools
Import-Module -Name "$env:WinDir\system32\WindowsPowerShell\v1.0\Modules\ADDSDeployment\ADDSDeployment.psd1"
Install-ADDSForest -CreateDnsDelegation:$false -DatabasePath "$env:SystemDrive\Windows\NTDS" `
-DomainMode "Win2012R2" -DomainName "$DomainName.com" -DomainNetbiosName $DomainName -ForestMode "Win2012R2" `
-InstallDns:$true -LogPath "$env:SystemDrive\Windows\NTDS" -NoRebootOnCompletion:$true `
-SysvolPath "$env:SystemDrive\Windows\SYSVOL" -Force:$true -SafeModeAdministratorPassword $SMAdminPass -Verbose
}
function DHCPWDSRoleInstall
{
#Add MDT user account to "Domain Admins" group. (no longer needed)
#Add-ADGroupMember 'Domain Admins' 'MDT' -Verbose
#Install DHCP role with tools
Install-WindowsFeature -Name "DHCP" -IncludeManagementTools -Verbose
#Install WDS role with tools
Install-WindowsFeature WDS -IncludeManagementTools -Verbose
}
function AddtRoleConfig
{
#Use wdsutil to initialize server
$carg = '/initialize-server /reminst:"'+$env:SystemDrive+'\RemoteInstall"'
CallExternalApplication -filePath "$env:WinDir\System32\wdsutil.exe" -argumentString $carg
#Configure WDS to accept all requests
$carg = "/set-server /answerclients:all"
CallExternalApplication -filePath "$env:WinDir\System32\wdsutil.exe" -argumentString $carg
#Import DHCP powershell module
Import-Module -Name "$env:WinDir\system32\WindowsPowerShell\v1.0\Modules\DhcpServer\DhcpServer.psd1"
#Create 50.100 - 50.200 scope
Add-DhcpServerv4Scope -Name "Bridged" -StartRange "192.168.50.100" -EndRange "192.168.50.250" `
-SubnetMask "255.255.255.0" -Description "Internal Network" -Verbose
#Authorize DHCP in AD
Add-DhcpServerInDC -Verbose
#Restart the WDS server to make sure it starts
Restart-Service -DisplayName "Windows Deployment Services Server" -Verbose
#Import the MDT Litetouch WIM (if avail.)
If (Test-Path -Path "$deployRoot\Boot\LitetouchPE_x64.wim")
{
Import-WdsBootImage -Path "$deployRoot\Boot\LitetouchPE_x64.wim" -Verbose
}
}
function CallRestart
{
Param ([Parameter(Mandatory=$true)][string]$nextPhase)
#Create batch in StartUp folder for All Users and pass nextPhase argument to powershell script
$path = "$env:ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Continue.bat"
'powershell.exe -File "'+$scriptPath+'" "'+$nextPhase+'"' | Out-File -FilePath $path -Force -Encoding 'default'
#Set up AdminAutoLogon to occur with local Administrator account
$winlogonPath = "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon"
New-ItemProperty -Path $winlogonPath -Name "AutoAdminLogon" -Value "1" -PropertyType String -Force -Verbose
New-ItemProperty -Path $winlogonPath -Name "DefaultUsername" -Value "Administrator" -PropertyType String -Force -Verbose
New-ItemProperty -Path $winlogonPath -Name "DefaultPassword" -Value $desiredSecurePassword -PropertyType String -Force -Verbose
#Stop transcript
$null = Stop-Transcript
#Initiate a foreced restart
Restart-Computer -Force
Exit
}
function ClearRestart
{
#Delete the batch file from the StartUp folder (if exist)
$path = "$env:SystemDrive\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Continue.bat"
if (Test-Path -Path $path)
{
Remove-Item -Path $path -Force -Verbose
}
#Clear AdminAutoLogon entries in registry
$winlogonPath = "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon"
New-ItemProperty -Path $winlogonPath -Name "AutoAdminLogon" -Value "0" -PropertyType String -Force -Verbose
New-ItemProperty -Path $winlogonPath -Name "DefaultUsername" -Value "0" -PropertyType String -Force -Verbose
New-ItemProperty -Path $winlogonPath -Name "DefaultPassword" -Value "0" -PropertyType String -Force -Verbose
}
#MAIN Processing, using $Phase argument with switch statement
switch ($Phase)
{
"A"
{
#ONLY Windows session with \vagrant mapped
Set-NetFirewallProfile -Profile Domain, Public, Private -Enabled False -Verbose
$carg = 'user administrator "'+$desiredSecurePassword+'" /active:yes'
CallExternalApplication -filePath "$env:WinDir\System32\net.exe" -argumentString $carg
#Load DEFAULT hive
$carg = 'load HKLM\ImportedHive "'+$env:SystemDrive+'\Users\Default\NTUSER.DAT"'
CallExternalApplication -filePath "$env:WinDir\System32\reg.exe" -argumentString $carg
$explorerRegPath = "Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced"
#Do not hide extensions for known file types
New-ItemProperty -Path "HKCU:\$explorerRegPath" -Name "HideFileExt" -Value "0" -PropertyType DWORD -Force -Verbose
New-ItemProperty -Path "HKLM:\ImportedHive\$explorerRegPath" -Name "HideFileExt" -Value "0" -PropertyType DWORD -Force -Verbose
#Show Hidden Folders and Files
New-ItemProperty -Path "HKCU:\$explorerRegPath" -Name "Hidden" -Value "1" -PropertyType DWORD -Force -Verbose
New-ItemProperty -Path "HKLM:\ImportedHive\$explorerRegPath" -Name "Hidden" -Value "1" -PropertyType DWORD -Force -Verbose
#Unload DEFAULT hive
$carg = "unload HKLM\ImportedHive"
CallExternalApplication -filePath "$env:WinDir\System32\reg.exe" -argumentString $carg
#Install chocolately, adk, mdt, sccmtoolkit, and optionals
InstallChocoApps
#Create deployment share and perform initial update and folder creations
MDTSetup
#Rename the computer
Rename-Computer -NewName $CompName
#Call restart, which will occur with local Administrator account
CallRestart -nextPhase 'B'
}
"B"
{
If (Test-Path -Path "$env:ProgramFiles\Microsoft Deployment Toolkit\bin\MicrosoftDeploymentToolkit.psd1")
{
Import-Module -Name "$env:ProgramFiles\Microsoft Deployment Toolkit\bin\MicrosoftDeploymentToolkit.psd1"
}
else
{
#Prompt user that the MDT install failed.
$null = Add-Type -AssemblyName System.Windows.Forms
$null = [Windows.Forms.MessageBox]::Show(
"MDT Install failed, so script is exiting..logpath: $env:SystemDrive\tmp\script.log" , 'Fatal Error')
ClearRestart
Exit
}
#Open DS under Administrator credential
New-PSDrive -Name "DS001" -PSProvider "MDTProvider" -Root $deployRoot -Description "DS" `
-NetworkPath "\\$CompName\$deployshareName" | add-MDTPersistentDrive -Verbose
#Call Install Domain Controller function
DCRoleInstall
#Call restart to allow DC install to complete
CallRestart -nextPhase 'C'
}
"C"
{
#Install DHCP and WDS roles
DHCPWDSRoleInstall
#Call restart to allow role installs to complete
CallRestart -nextPhase 'D'
}
"D"
{
#Final configurations of DHCP and WDS roles and copy routine of ISO to tmp folder
AddtRoleConfig
}
}
#Clean up script
ClearRestart
#Copy transcript out to Administrator's desktop
Copy-Item -Path "$env:SystemDrive\tmp\debug.log" -Destination "$env:UserProfile\Desktop\complete.log" -Force -Verbose
#Prompt user that script is complete
$null = Add-Type -AssemblyName System.Windows.Forms
$null = [Windows.Forms.MessageBox]::Show(
"Configuration is complete and ready for use..logpath: $env:UserProfile\Desktop\complete.log" , 'Status')
# SIG # Begin signature block
# MIID1QYJKoZIhvcNAQcCoIIDxjCCA8ICAQExCzAJBgUrDgMCGgUAMGkGCisGAQQB
# gjcCAQSgWzBZMDQGCisGAQQBgjcCAR4wJgIDAQAABBAfzDtgWUsITrck0sYpfvNR
# AgEAAgEAAgEAAgEAAgEAMCEwCQYFKw4DAhoFAAQUXKiZnLsuhbTc4nkI4XTq2oGW
# EdSgggH3MIIB8zCCAVygAwIBAgIQGV1whS0dp55Ja4kN+QjhjTANBgkqhkiG9w0B
# AQUFADAUMRIwEAYDVQQDDAlQYW5hc29uaWMwHhcNMTYxMDIxMDA1MDU1WhcNMjAx
# MDIxMDAwMDAwWjAUMRIwEAYDVQQDDAlQYW5hc29uaWMwgZ8wDQYJKoZIhvcNAQEB
# BQADgY0AMIGJAoGBALfWEBTB138YGtgoagK3+weGx1+h+pMxqyaWfgJ4MJ6uuFL9
# nSsszQNxUevP/+wRnePIaD7b38E1WHj3j1nighfq1zxQh62WxBb5ESmM4KQ2GeNS
# PZZ2idROx7lq2OJiFw50acuOXzXPvZKsrOkQZb/zMhwL1G+8Ym2qIhx1x+OrAgMB
# AAGjRjBEMBMGA1UdJQQMMAoGCCsGAQUFBwMDMB0GA1UdDgQWBBTOSYsiDH5fXX3I
# Osht3cfhXbh5jTAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQEFBQADgYEAhInQ
# oELe27eCwr+kHwxyPxrOCrdUKJsYzwe83thyMzwhfn2McmmLzt+uj4oHkM2i6FXr
# dEG9lwzyJikiBWXkKvH2x7wkcZ2jl9nuKYmMtq5VYyK52pR0WcAb7P9c7TSdPzuJ
# xSiuL52X09cF2KZOTJwDKBQ883gKVFab54y3Se0xggFIMIIBRAIBATAoMBQxEjAQ
# BgNVBAMMCVBhbmFzb25pYwIQGV1whS0dp55Ja4kN+QjhjTAJBgUrDgMCGgUAoHgw
# GAYKKwYBBAGCNwIBDDEKMAigAoAAoQKAADAZBgkqhkiG9w0BCQMxDAYKKwYBBAGC
# NwIBBDAcBgorBgEEAYI3AgELMQ4wDAYKKwYBBAGCNwIBFTAjBgkqhkiG9w0BCQQx
# FgQUyg3J+12HPxvj8vgg0Zr/hFnD59QwDQYJKoZIhvcNAQEBBQAEgYBAUh80ujGb
# qinwWVKa8WzlPzl4vma8QuQZtJ/WLWf3oq0eOnLdnlxPsyHFpbQaE+2vk4ocv/G/
# 0/eEKu5v4eqQosHvZxAyiXWnoDEt0G6pN4BmQk/MqyNm9SPWPh3VSH1/y5ZlL9h8
# bEsagEqBflEXMXuqtCGagr0eJ4IQZCBC1w==
# SIG # End signature block
[CmdletBinding()]
Param([string]$Phase = 'A',[string]$CompName = 'MDT01')
# ============================================================================================
#Values that can be changed
$deployRoot = "$env:SystemDrive\DeploymentShare" #Specify DeploymentShare local folder path
$deployshareName = "DS" #Specify desired share name
$desiredSecurePassword = 'P@ssw0rd' #Specify Desired secure password for Administrator and AD recovery
# ============================================================================================
#Populate transcript log file path
$transcriptPath = "$env:SystemDrive\tmp\debug.log"
#Populate parent folder of ps modules
$psmodulePath = "$env:WinDir\system32\WindowsPowerShell\v1.0\Modules"
#Begin populating transcript log file
$ErrorActionPreference = 'SilentlyContinue'
$null = Stop-Transcript
$ErrorActionPreference = 'Continue'
Start-Transcript -Path $transcriptPath -Append -NoClobber
#Load common powershell modules
Import-Module -Name "$psmodulePath\NetSecurity\NetSecurity.psd1"
Import-Module -Name "$psmodulePath\SmbShare\SmbShare.psd1"
Import-Module -Name "$psmodulePath\NetTCPIP\NetTCPIP.psd1"
Import-Module -Name "$psmodulePath\ServerManager\ServerManager.psd1"
#Populate full path of script file
$scriptPath = $myInvocation.MyCommand.Definition
#Specify chocoPath
$chocofilePath = "$env:ProgramData\chocolatey\choco.exe"
#Function to add folders into MDT Deployment Shares..
function AddFolder
{
Param ([Parameter(Mandatory=$true)][string]$xmlPath,[Parameter(Mandatory=$true)][string]$nodeName)
#Check if target XML exist
if (!(Test-Path -Path $xmlPath))
{
#If not auto-generated, create a fresh xml
[xml]$xml = '<groups></groups>'
}
else
{
#pull XML content
[xml]$xml = (Get-Content -Path $xmlPath)
}
#Add new content
$newGUID = ([guid]::NewGuid())
[xml]$newNode = @"
<group guid="{$newGUID}" enable="True">
<Name>$nodeName</Name>
</group>
"@
$xml.Item('groups').AppendChild($xml.ImportNode($newNode.group, $true))
$xml.save($xmlPath)
}
#Function to log and call external EXEs
function CallExternalApplication
{
Param ([Parameter(Mandatory=$true)][string]$filePath,[Parameter(Mandatory=$true)][string]$argumentString)
Write-Host "Attempting to run: $filePath $argumentstring"
If (-not (Test-Path -Path $filePath))
{
Write-Host "$filePath not found."
return $false
}
Start-Process -FilePath $filePath -ArgumentList $argumentstring -Wait -NoNewWindow -Verbose
}
#Function to install chocolately and use it to install several applications
function InstallChocoApps
{
#Check if chocolately is already installed
If (-not (Test-Path -Path $chocofilePath))
{
#Check internet connection
If (-not (Test-Connection -ComputerName 'google.com' -Count 1 -Quiet))
{
#Look for localized install of chocolately
If (Get-ChildItem -Path "$env:SystemDrive\chocopkgs\chocolatey*\tools")
{
#Call chocolately local install
. (Get-ChildItem -Path "$env:SystemDrive\chocopkgs\chocolatey*\tools\chocolateyInstall.ps1").FullName
}
else
{
#No localized choco install found, so we must prompt user to get connected and re-run script.
$promptText = "Internet Connection not found AND local choco pkg not found in $env:SystemDrive\chocopkgs" + `
"`r`nRe-run script: c:\tmp\script.ps1"
$null = Add-Type -AssemblyName System.Windows.Forms
$null = [Windows.Forms.MessageBox]::Show($promptText , 'Fatal Error')
ClearRestart
Exit
}
}
else
{
#No localized choco install found, so installing using online ps1
Invoke-WebRequest -Uri 'https://chocolatey.org/install.ps1' -UseBasicParsing | Invoke-Expression -Verbose
}
}
else
{
Write-Host -Message 'Choco already installed... skipping installation..'
}
#Restart transcript as chocoalately init kills transcript
$ErrorActionPreference = 'SilentlyContinue'
$null = Stop-Transcript
$ErrorActionPreference = 'Continue'
Start-Transcript -Path $transcriptPath -Append -NoClobber -Force
#Configure choco install settings
$carg = 'feature enable -n=allowGlobalConfirmation'
CallExternalApplication -filePath $chocofilePath -argumentString $carg
#Install Windows ADK for Windows 10 using web source (if avail.)
$carg = 'install windows-adk-winpe --debug --allowunofficial --confirm'
CallExternalApplication -filePath $chocofilePath -argumentString $carg
#Install MDT 2013 update 2 using web source (if avail.)
$carg = 'install mdt --debug --allowunofficial --confirm'
CallExternalApplication -filePath $chocofilePath -argumentString $carg
#Install SCCM Toolkit 2012 R2 using web source (if avail.)
$carg = 'install sccmtoolkit --debug --allowunofficial --confirm'
CallExternalApplication -filePath $chocofilePath -argumentString $carg
#Install other useful applications from interweb
$carg = 'install hackfont notepadplusplus 7zip.install imagemagick --debug --confirm'
CallExternalApplication -filePath $chocofilePath -argumentString $carg
# Delete ImageMagick desktop shortcut
If (Test-Path -Path "$env:UserProfile\Desktop\ImageMagick Display.lnk")
{
Remove-Item -Path "$env:UserProfile\Desktop\ImageMagick Display.lnk" -Force -Verbose
}
# Set hackfont as default for notepad++
If ((Test-Path -Path "$env:WinDir\Fonts\Hack-Regular.ttf") -and
(Test-Path -Path "${env:ProgramFiles(x86)}\Notepad++\stylers.model.xml"))
{
$path = "${env:ProgramFiles(x86)}\Notepad++\stylers.model.xml"
$xml = [xml](Get-Content -Path $path)
$node = $xml.NotepadPlus.GlobalStyles.WidgetStyle | Where-Object -FilterScript {
$_.name -eq 'Global override'
}
$node.fontName = 'Hack'
$node.fontSize = '11'
$xml.Save($path)
}
# Add notepad++ to path
If (Test-Path -Path "${env:ProgramFiles(x86)}\Notepad++\stylers.model.xml")
{
$carg = 'PATH "'+$env:Path+';'+${env:ProgramFiles(x86)}+'\Notepad++" /M'
CallExternalApplication -filePath "$env:WinDir\System32\setx.exe" -argumentString $carg
}
# Add cmtrace to path
If (Test-Path -Path "${env:ProgramFiles(x86)}\ConfigMgr 2012 Toolkit R2\ClientTools\CMTrace.exe")
{
$carg = 'PATH "'+$env:Path+';'+${env:ProgramFiles(x86)}+'\ConfigMgr 2012 Toolkit R2\ClientTools\" /M'
CallExternalApplication -filePath "$env:WinDir\System32\setx.exe" -argumentString $carg
}
}
function MDTSetup
{
#Populate CustomSettings.ini rules content
$customSettings = @"
;Go here for help on rules: https://technet.microsoft.com/en-us/library/dn781091.aspx
[Settings]
Priority=ProcessFirst,Default
Properties=MyCustomProperty,SpecialDate
[ProcessFirst]
SpecialDate=#DatePart("M",Now) & DatePart("D",Now) & DatePart("YYYY",Now)#
[Default]
;_SMSTSOrgName=Company Name
;_SMSTSPackageName=Sub-Progress Text...
OSInstall=Y
SkipProductKey=YES
SkipSupervisorPass=YES
SkipAdminPassword=YES
AdminPassword=P@ssw0rd
SkipSummary=YES
SkipDomainMembership=YES
JoinWorkgroup=WORKGROUP
SkipUserData=YES
UserDataLocation=NONE
SkipComputerBackup=YES
ComputerBackupLocation=NONE
SkipBitLocker=YES
BDEInstallSuppress=YES
SkipLocaleSelection=YES
SkipTimeZone=YES
KeyboardLocale=en-US
UserLocale=en-US
UILanguage=en-US
TimeZone=035
TimeZoneName=Eastern Standard Time
ApplyGPOPack=NO
SkipCapture=YES
BackupShare=\\$CompName\$deployshareName\Captures
BackupDir=%SpecialDate%.wim
;ProductKey=XXXXX-XXXXX-XXXXX-XXXXX-XXXXX
"@
#Populate Bootstrap.ini rules content
$bsSettings = @"
[Settings]
Priority=Default
[Default]
DeployRoot=\\$CompName\$deployshareName
SkipBDDWelcome=YES
UserDomain=$CompName
UserID=MDT
Userpassword=$desiredSecurePassword
"@
#Import MDT module
If (Test-Path -Path "$env:ProgramFiles\Microsoft Deployment Toolkit\bin\MicrosoftDeploymentToolkit.psd1")
{
Import-Module -Name "$env:ProgramFiles\Microsoft Deployment Toolkit\bin\MicrosoftDeploymentToolkit.psd1"
}
else
{
#Prompt user that the MDT install failed.
$null = Add-Type -AssemblyName System.Windows.Forms
$null = [Windows.Forms.MessageBox]::Show(
"MDT Install failed, so script is exiting..logpath: $env:SystemDrive\tmp\script.log" , 'Fatal Error')
ClearRestart
Exit
}
#Create DeploymentShare folder
New-Item -Path $deployRoot -ItemType Directory -Force -Verbose
#Create DS network share
New-SmbShare -Name $deployshareName -Path $deployRoot -FullAccess Administrators -Verbose
#Create MDT local user account
$carg = 'user MDT "'+$desiredSecurePassword+'" /add'
CallExternalApplication -filePath "$env:WinDir\System32\net.exe" -argumentString $carg
#Add MDT account to Administrators group
$carg = 'localgroup Administrators MDT /add'
CallExternalApplication -filePath "$env:WinDir\System32\net.exe" -argumentString $carg
#Set MDT account password to never expire
$carg = '/c wmic UserAccount where Name="MDT" set PasswordExpires=False'
CallExternalApplication -filePath "$env:WinDir\System32\cmd.exe" -argumentString $carg
#Create DS using MDT PS provider
New-PSDrive -Name "DS001" -PSProvider "MDTProvider" -Root $deployRoot -Description "DS" `
-NetworkPath "\\$CompName\$deployshareName" | add-MDTPersistentDrive -Verbose
#Update bootstrap to include MDT account
$bsPath = "$deployRoot\Control\Bootstrap.ini"
$csPath = "$deployRoot\Control\CustomSettings.ini"
if (Test-Path -Path $bsPath)
{
Remove-Item -Path $bsPath -Force
}
if (Test-Path -Path $csPath)
{
Remove-Item -Path $csPath -Force
}
Set-Content -Path $bsPath -Value ($bsSettings -replace "\n", "`r`n") -Force
Set-Content -Path $csPath -Value ($customSettings -replace "\n", "`r`n") -Force
#Use imagemagick to create custom PE wallpaper incl. Date & PE arch
If (Test-Path -Path "$env:ProgramFiles\imagemagick*")
{
$imagemagick = (Get-ChildItem -Path "$env:ProgramFiles\imagemagick*\magick.exe").FullName
$datestamp = (Get-Date -Format 'dd-MMM-yyyy HH:mm')
$architecture = "x64"
$fontsize = "14"
$fontfamily = "Tahoma"
$fontstyle = "Normal"
$fontcolor = "Blue"
$carg = 'convert "'+$env:ProgramFiles+'\Microsoft Deployment Toolkit\Samples\Background.bmp"'+`
' -resize "1024x768" -font "'+$fontfamily+'" -style "'+$fontstyle+'" -fill "'+$fontcolor+'" -pointsize "'+$fontsize+`
'" -draw "text 850,180 '''+$architecture+' @ '+$datestamp+'''" "'+$env:SystemDrive+'\DeploymentShare\Background.bmp"'
CallExternalApplication -filePath $imagemagick -argumentString $carg
}
#Update PE settings.xml
$path = "$deployRoot\Control\Settings.xml"
$xml = [xml](Get-Content -Path $path)
$xml.Settings."SupportX86" = "False"
$xml.Settings."Boot.x64.ScratchSpace" = "512"
#Set custom background image (if avail.)
If (Test-Path -Path "$deployRoot\Background.bmp")
{
$xml.Settings."Boot.x64.BackgroundFile" = "$deployRoot\Background.bmp"
}
$xml.Settings."Boot.x64.SelectionProfile" = "Nothing"
$xml.Save($path)
#Perform MDT update
Update-MDTDeploymentShare -Path "DS001:" -Verbose
#Create custom folders in MDT
$Folders = ("Adobe", "Microsoft", "Microsoft\Office", "Oracle", "Panasonic", "Sierra", "Win 7x86", "Win 7x64", "Win 10x64")
ForEach ($a in $Folders )
{
AddFolder -xmlPath "$deployRoot\Control\ApplicationGroups.xml" -nodeName $a
}
$Folders = ("Win 7x86", "Win 7x64", "Win 10x64", "Win 7x86\SF", "Win 7x64\SF", "Win 10x64\SF")
ForEach ($a in $Folders )
{
AddFolder -xmlPath "$deployRoot\Control\OperatingSystemGroups.xml" -nodeName $a
}
$Folders = ("Win 7x86", "Win 7x64", "Win 10x64 (incl. PE Drivers)")
ForEach ($a in $Folders )
{
AddFolder -xmlPath "$deployRoot\Control\DriverGroups.xml" -nodeName $a
}
$Folders = ("Win 7x86", "Win 7x64", "Win 10x64", "Win 7x86\Deploy", "Win 7x64\Deploy", "Win 10x64\Deploy", "Win 7x86\Capture", `
"Win 7x64\Capture", "Win 10x64\Capture", "Development")
ForEach ($a in $Folders )
{
AddFolder -xmlPath "$deployRoot\Control\TaskSequenceGroups.xml" -nodeName $a
}
#Populate Operating System\Catalog folder (if interweb connection avail)
If (Test-Connection -ComputerName "google.com" -Count 1 -Quiet)
{
$catfolderPath = "$deployRoot\Catalogs"
New-Item -Path $catfolderPath -ItemType Directory -Verbose -Force
Invoke-WebRequest -Uri 'https://github.com/boxcutter/windows/raw/master/wsim/win7/x64/install_Windows%207%20ENTERPRISE.clg' `
-OutFile "$catfolderPath\Win7x64Ent.clg" -Verbose
Invoke-WebRequest -Uri 'https://github.com/boxcutter/windows/raw/master/wsim/win7/x64/install_Windows%207%20PROFESSIONAL.clg' `
-OutFile "$catfolderPath\Win7x64Pro.clg" -Verbose
Invoke-WebRequest -Uri 'https://github.com/boxcutter/windows/raw/master/wsim/win7/x86/install_Windows%207%20ENTERPRISE.clg' `
-OutFile "$catfolderPath\Win7x86Ent.clg" -Verbose
Invoke-WebRequest -Uri 'https://github.com/boxcutter/windows/raw/master/wsim/win7/x86/install_Windows%207%20PROFESSIONAL.clg' `
-OutFile "$catfolderPath\Win7x86Pro.clg" -Verbose
Invoke-WebRequest -Uri 'https://github.com/boxcutter/windows/raw/master/wsim/wineval/win10/x64/install_Windows%2010%20Enterprise%20Evaluation.clg' `
-OutFile "$catfolderPath\Win10x64Ent.clg" -Verbose
}
# Copy ISO out to host share
If (Test-Path -Path "$env:SystemDrive\vagrant")
{
Copy-Item -Path "$deployRoot\Boot\LiteTouchPE_x64.iso" -Destination "$env:SystemDrive\vagrant\MDTBootx64.iso" -Force -Verbose
}
}
function CallRestart
{
Param ([Parameter(Mandatory=$true)][string]$nextPhase)
#Create batch in StartUp folder for All Users and pass nextPhase argument to powershell script
$path = "$env:ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Continue.bat"
'powershell.exe -File "'+$scriptPath+'" "'+$nextPhase+'"' | Out-File -FilePath $path -Force -Encoding 'default'
#Set up AdminAutoLogon to occur with local Administrator account
$winlogonPath = "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon"
New-ItemProperty -Path $winlogonPath -Name "AutoAdminLogon" -Value "1" -PropertyType String -Force -Verbose
New-ItemProperty -Path $winlogonPath -Name "DefaultUsername" -Value "Administrator" -PropertyType String -Force -Verbose
New-ItemProperty -Path $winlogonPath -Name "DefaultPassword" -Value $desiredSecurePassword -PropertyType String -Force -Verbose
#Stop transcript
$null = Stop-Transcript
#Initiate a foreced restart
Restart-Computer -Force
Exit
}
function ClearRestart
{
#Delete the batch file from the StartUp folder (if exist)
$path = "$env:SystemDrive\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Continue.bat"
if (Test-Path -Path $path)
{
Remove-Item -Path $path -Force -Verbose
}
#Clear AdminAutoLogon entries in registry
$winlogonPath = "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon"
New-ItemProperty -Path $winlogonPath -Name "AutoAdminLogon" -Value "0" -PropertyType String -Force -Verbose
New-ItemProperty -Path $winlogonPath -Name "DefaultUsername" -Value "0" -PropertyType String -Force -Verbose
New-ItemProperty -Path $winlogonPath -Name "DefaultPassword" -Value "0" -PropertyType String -Force -Verbose
}
#MAIN Processing, using $Phase argument with switch statement
switch ($Phase)
{
"A"
{
#ONLY Windows session with \vagrant mapped
Set-NetFirewallProfile -Profile Domain, Public, Private -Enabled False -Verbose
$carg = 'user administrator "'+$desiredSecurePassword+'" /active:yes'
CallExternalApplication -filePath "$env:WinDir\System32\net.exe" -argumentString $carg
#Load DEFAULT hive
$carg = 'load HKLM\ImportedHive "'+$env:SystemDrive+'\Users\Default\NTUSER.DAT"'
CallExternalApplication -filePath "$env:WinDir\System32\reg.exe" -argumentString $carg
$explorerRegPath = "Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced"
#Do not hide extensions for known file types
New-ItemProperty -Path "HKCU:\$explorerRegPath" -Name "HideFileExt" -Value "0" -PropertyType DWORD -Force -Verbose
New-ItemProperty -Path "HKLM:\ImportedHive\$explorerRegPath" -Name "HideFileExt" -Value "0" -PropertyType DWORD -Force -Verbose
#Show Hidden Folders and Files
New-ItemProperty -Path "HKCU:\$explorerRegPath" -Name "Hidden" -Value "1" -PropertyType DWORD -Force -Verbose
New-ItemProperty -Path "HKLM:\ImportedHive\$explorerRegPath" -Name "Hidden" -Value "1" -PropertyType DWORD -Force -Verbose
#Unload DEFAULT hive
$carg = "unload HKLM\ImportedHive"
CallExternalApplication -filePath "$env:WinDir\System32\reg.exe" -argumentString $carg
#Install chocolately, adk, mdt, sccmtoolkit, and optionals
InstallChocoApps
#Create deployment share and perform initial update and folder creations
MDTSetup
#Rename the computer
Rename-Computer -NewName $CompName
#Call restart, which will occur with local Administrator account
CallRestart -nextPhase 'B'
}
"B"
{
If (Test-Path -Path "$env:ProgramFiles\Microsoft Deployment Toolkit\bin\MicrosoftDeploymentToolkit.psd1")
{
Import-Module -Name "$env:ProgramFiles\Microsoft Deployment Toolkit\bin\MicrosoftDeploymentToolkit.psd1"
}
else
{
#Prompt user that the MDT install failed.
$null = Add-Type -AssemblyName System.Windows.Forms
$null = [Windows.Forms.MessageBox]::Show(
"MDT Install failed, so script is exiting..logpath: $env:SystemDrive\tmp\script.log" , 'Fatal Error')
ClearRestart
Exit
}
#Open DS under Administrator credential
New-PSDrive -Name "DS001" -PSProvider "MDTProvider" -Root $deployRoot -Description "DS" `
-NetworkPath "\\$CompName\$deployshareName" | add-MDTPersistentDrive -Verbose
}
}
#Clean up script
ClearRestart
#Copy transcript out to Administrator's desktop
Copy-Item -Path "$env:SystemDrive\tmp\debug.log" -Destination "$env:UserProfile\Desktop\complete.log" -Force -Verbose
#Prompt user that script is complete
$null = Add-Type -AssemblyName System.Windows.Forms
$null = [Windows.Forms.MessageBox]::Show(
"Configuration is complete and ready for use..logpath: $env:UserProfile\Desktop\complete.log" , 'Status')
# -*- mode: ruby -*-
# vi: set ft=ruby :
# local: vagrant up --provision-with a,c
# web: vagrant up --provision-with b,c
# other commands:
# vagrant up --no-provision
# vagrant snapshot save "clean"
# vagrant reload --provision-with a,c
# vagrant snapshot restore "clean" --no-provision
machine_name = "MDT2013U201"
gist_url="https://gist.githubusercontent.com/brianfgonzalez/fa0720471ce2f6722d3ced4672e3f47a/raw/0362070e2fb335ff9f778b2d3eacaaa595490941/mdt.ps1"
Vagrant.configure("2") do |config|
config.vm.box = "brianfgonzalez/winserver12r2"
config.vm.box_check_update = false
config.vm.network "private_network", ip: "192.168.50.2", virtualbox__intnet: "intnet"
config.vm.boot_timeout = 1200
#config.vm.hostname = machine_name
config.vm.synced_folder "chocopkgs", "/chocopkgs", create: true,
mount_options: ["dmode=755,fmode=755"]
config.vm.provider :virtualbox do |v, override|
v.gui = true
v.name = machine_name
v.memory = "4096"
v.cpus = "2"
v.customize ["modifyvm", :id, "--ostype", "Windows2012_64"]
v.customize ["modifyvm", :id, "--groups", "/"]
v.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
v.customize ["modifyvm", :id, "--audio", "none"]
v.customize ["modifyvm", :id, "--clipboard", "bidirectional"]
v.customize ["modifyvm", :id, "--draganddrop", "hosttoguest"]
v.customize ["modifyvm", :id, "--usb", "off"]
v.customize ["modifyvm", :id, "--chipset", "ich9"]
v.customize ["modifyvm", :id, "--nictype1", "82540EM"]
v.customize ["modifyvm", :id, "--nictype2", "82540EM"]
v.customize ["modifyvm", :id, "--cableconnected2", "on"]
# Sets input key to Right-Alt key for toughbooks usage
v.customize ["setextradata", "global", "GUI/Input/HostKeyCombination", "165"]
v.customize ["setextradata", "global", "GUI/SuppressMessages", "all"]
#Fixes associated with the time sync with virtualbox
v.customize ["guestproperty", "set", :id, "/VirtualBox/GuestAdd/VBoxService/--timesync-set-threshold", "1000"]
end
config.vm.provider :virtualbox do |v, override|
v.gui = true
v.name = machine_name
v.memory = "4096"
v.cpus = "2"
v.customize ["modifyvm", :id, "--ostype", "Windows2012_64"]
v.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
v.customize ["modifyvm", :id, "--audio", "none"]
v.customize ["modifyvm", :id, "--clipboard", "bidirectional"]
v.customize ["modifyvm", :id, "--draganddrop", "hosttoguest"]
v.customize ["modifyvm", :id, "--usb", "off"]
v.customize ["modifyvm", :id, "--chipset", "ich9"]
v.customize ["modifyvm", :id, "--nictype1", "82540EM"]
v.customize ["modifyvm", :id, "--nictype2", "82540EM"]
v.customize ["modifyvm", :id, "--cableconnected2", "on"]
# Sets input key to Right-Alt key for toughbooks usage
v.customize ["setextradata", "global", "GUI/Input/HostKeyCombination", "165"]
v.customize ["setextradata", "global", "GUI/SuppressMessages", "all"]
#Fixes associated with the time sync with virtualbox
v.customize ["guestproperty", "set", :id, "/VirtualBox/GuestAdd/VBoxService/--timesync-set-threshold", "1000"]
end
["vmware_fusion", "vmware_workstation", "vmware_desktop"].each do |provider|
config.vm.provider :provider do |v, override|
v.gui = true
v.name = machine_name
v.vmx["memsize"] = "4096"
v.vmx["numvcpus"] = "2"
v.vmx["cpuid.coresPerSocket"] = "1"
v.vmx["ethernet0.virtualDev"] = "vmxnet3"
v.vmx["RemoteDisplay.vnc.enabled"] = "false"
v.vmx["RemoteDisplay.vnc.port"] = "5900"
v.vmx["scsi0.virtualDev"] = "lsisas1068"
end
end
#Use this command to list all time zones: tzutil /l | more
config.vm.provision "shell", privileged:"true", powershell_elevated_interactive:"true",
name: "force timezone set", inline:'tzutil.exe /s "Eastern Standard Time"'
#Provision section
config.vm.provision "a", type: "file", source: "script.ps1", destination: "/tmp/script.ps1"
config.vm.provision "b", type: "shell", privileged:"true", powershell_elevated_interactive:"true",
inline: 'iwr -Uri "'+gist_url+'" -OutFile "\tmp\script.ps1"'
config.vm.provision "c", type: "shell", privileged:"true", powershell_elevated_interactive:"true",
inline: 'saps powershell.exe "\tmp\script.ps1 -CompName '+machine_name+'"'
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment