Recently, we needed to start building select machines off of our domain for special projects. This meant that group policies would not be applied. I use GPOs to set PowerShell settings on all of the machines. With these machines no longer getting GPOs applied, PowerShell scripts would no longer execute correctly because some of my scripts also use a module I push via GPO and the execution policy was not updated. This lead me to write, with the help and ease of Sapien's PowerShell Studio, the script below that will set the execution policy, configure the RunAs Administrator, configure additional paths for PowerShell modules, and copies PowerShell modules over. This gets executed after the first windows updates are applied in the task sequencing. If the script is executed manually, there is an output screen that shows if each setting is a success or failure.
To use this script, you will need to update/verify lines 212, 217, 224, and 225. Of course, if you don't want all of those things to change, you can comment some of them out.
You can download the script from here.
To use this script, you will need to update/verify lines 212, 217, 224, and 225. Of course, if you don't want all of those things to change, you can comment some of them out.
You can download the script from here.
1: <#
2: .SYNOPSIS
3: Configure PowerShell
4:
5: .DESCRIPTION
6: Configure PowerShell execution policy and install PowerShell modules.
7:
8: .DESCRIPTION
9: A description of the file.
10:
11: .PARAMETER PSConsoleTitle
12: Title of the PowerShell Console
13:
14: .EXAMPLE
15: powershell.exe -executionpolicy bypass -file ConfigurePowerShell.ps1
16:
17: .NOTES
18: ===========================================================================
19: Created with: SAPIEN Technologies, Inc., PowerShell Studio 2016 v5.2.122
20: Created on: 5/18/2016 12:12 PM
21: Created by: Mick Pletcher
22: Organization:
23: Filename: ConfigurePowerShell.ps1
24: ===========================================================================
25: #>
26: [CmdletBinding()]
27: param
28: (
29: [string]$PSConsoleTitle = 'PowerShell Configuration'
30: )
31:
32: function Set-ConsoleTitle {
33: <#
34: .SYNOPSIS
35: Console Title
36:
37: .DESCRIPTION
38: Sets the title of the PowerShell Console
39:
40: .PARAMETER ConsoleTitle
41: Title of the PowerShell Console
42:
43: .NOTES
44: Additional information about the function.
45: #>
46:
47: [CmdletBinding()]
48: param
49: (
50: [Parameter(Mandatory = $true)][String]$ConsoleTitle
51: )
52:
53: $host.ui.RawUI.WindowTitle = $ConsoleTitle
54: }
55:
56: function Get-RelativePath {
57: <#
58: .SYNOPSIS
59: Get the relative path
60:
61: .DESCRIPTION
62: Returns the location of the currently running PowerShell script
63:
64: .NOTES
65: Additional information about the function.
66: #>
67:
68: [CmdletBinding()][OutputType([string])]
69: param ()
70:
71: $Path = (split-path $SCRIPT:MyInvocation.MyCommand.Path -parent) + "\"
72: Return $Path
73: }
74:
75: function Set-RegistryKeyValue {
76: <#
77: .SYNOPSIS
78: Test if a registry value exists
79:
80: .DESCRIPTION
81: This tests to see if a registry value exists by using the get-itemproperty and therefore returning a boolean value if the cmdlet executes successfully.
82:
83: .PARAMETER RegKeyName
84: Registry key name
85:
86: .PARAMETER RegKeyValue
87: Value within the registry key
88:
89: .PARAMETER RegKeyData
90: The data pertaining to the registry key value
91:
92: .PARAMETER DisplayName
93: Name to be used to display on the status window
94:
95: #>
96:
97: [CmdletBinding()]
98: param
99: (
100: [Parameter(Mandatory = $true)][ValidateNotNullOrEmpty()]$RegKeyName,
101: [Parameter(Mandatory = $true)][ValidateNotNullOrEmpty()]$RegKeyValue,
102: [Parameter(Mandatory = $true)][ValidateNotNullOrEmpty()]$RegKeyData,
103: [string]$DisplayName = $null
104: )
105:
106: If ($DisplayName -ne $null) {
107: Write-Host "Setting"$DisplayName"....." -NoNewline
108: }
109: $NoOutput = New-PSDrive -Name HKCR -PSProvider Registry -Root HKEY_CLASSES_ROOT
110: $Key = Get-Item -LiteralPath $RegKeyName -ErrorAction SilentlyContinue
111: If ($Key -ne $null) {
112: If ($RegKeyValue -eq '(Default)') {
113: $Value = Get-ItemProperty $RegKey '(Default)' | Select-Object -ExpandProperty '(Default)'
114: } else {
115: $Value = $Key.GetValue($RegKeyValue, $null)
116: }
117: If ($Value -ne $RegKeyData) {
118: Set-ItemProperty -Path $RegKeyName -Name $RegKeyValue -Value $RegKeyData -Force
119: }
120:
121: } else {
122: $NoOutput = New-Item -Path $RegKeyName -Force
123: $NoOutput = New-ItemProperty -Path $RegKeyName -Name $RegKeyValue -Value $RegKeyData -Force
124: }
125: If ($RegKeyValue -eq '(Default)') {
126: $Value = Get-ItemProperty $RegKey '(Default)' | Select-Object -ExpandProperty '(Default)'
127: } else {
128: $Value = $Key.GetValue($RegKeyValue, $null)
129: }
130: If ($DisplayName -ne $null) {
131: If ($Value -eq $RegKeyData) {
132: Write-Host "Success" -ForegroundColor Yellow
133: } else {
134: Write-Host "Failed" -ForegroundColor Red
135: Write-Host $Value
136: Write-Host $RegKeyData
137: }
138: }
139: }
140:
141: function Copy-Files {
142: <#
143: .SYNOPSIS
144: Copy-Files
145:
146: .DESCRIPTION
147: This will copy specified file(s)
148:
149: .PARAMETER SourceDirectory
150: Directory containing the source file(s)
151:
152: .PARAMETER DestinationDirectory
153: Directory where the source file(s) will be copied to
154:
155: .PARAMETER FileFilter
156: Either a specific filename or a wildcard specifying what to copy
157:
158: .EXAMPLE
159: Copy-Files -SourceDirectory 'c:\windows' -DestinationDirectory 'd:\windows' -FileFilter '*.exe'
160: Copy-Files -SourceDirectory 'c:\windows' -DestinationDirectory 'd:\windows' -FileFilter 'INSTALL.LOG'
161:
162: .NOTES
163: Additional information about the function.
164: #>
165:
166: [CmdletBinding()]
167: param
168: (
169: [Parameter(Mandatory = $true)][ValidateNotNullOrEmpty()][String]$SourceDirectory,
170: [Parameter(Mandatory = $true)][ValidateNotNullOrEmpty()][String]$DestinationDirectory,
171: [ValidateNotNullOrEmpty()][String]$FileFilter
172: )
173:
174: $Dest = $DestinationDirectory
175: If ((Test-Path $DestinationDirectory) -eq $false) {
176: $NoOutput = New-Item -Path $DestinationDirectory -ItemType Directory -Force
177: }
178: $Files = Get-ChildItem $SourceDirectory -Filter $FileFilter
179: If ($Files.Count -eq $null) {
180: Write-Host "Copy"$Files.Name"....." -NoNewline
181: Copy-Item $Files.FullName -Destination $Dest -Force
182: $Test = $Dest + "\" + $Files.Name
183: If (Test-Path $Test) {
184: Write-Host "Success" -ForegroundColor Yellow
185: } else {
186: Write-Host "Failed" -ForegroundColor Red
187: }
188: } else {
189: For ($i = 0; $i -lt $Files.Count; $i++) {
190: $File = $Files[$i].FullName
191: Write-Host "Copy"$Files[$i].Name"....." -NoNewline
192: Copy-Item $File -Destination $Dest -Force
193: $Test = $Dest + "\" + $Files[$i].Name
194: If (Test-Path $Test) {
195: Write-Host "Success" -ForegroundColor Yellow
196: } else {
197: Write-Host "Failed" -ForegroundColor Red
198: }
199: }
200: }
201: }
202:
203: Clear-Host
204: #Set the title of the PowerShell console
205: Set-ConsoleTitle -ConsoleTitle $PSConsoleTitle
206:
207: #Define the relative path
208: $RelativePath = Get-RelativePath
209:
210: #Configure additional paths for PowerShell modules
211: $RegKey = 'HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\Environment'
212: $RegValue = $env:SystemRoot + '\system32\WindowsPowerShell\v1.0\Modules\;' + $env:ProgramFiles + '\windowspowershell\modules'
213: Set-RegistryKeyValue -DisplayName "PSModulePath" -RegKeyName $RegKey -RegKeyValue 'PSModulePath' -RegKeyData $RegValue
214:
215: #Set the PowerShell execution policy
216: $RegKey = 'HKLM:\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell'
217: Set-RegistryKeyValue -DisplayName "ExecutionPolicy" -RegKeyName $RegKey -RegKeyValue 'ExecutionPolicy' -RegKeyData 'RemoteSigned'
218:
219: #Configure PowerShell RunAs Administrator
220: $RegKey = 'HKCR:\Microsoft.PowerShellScript.1\Shell\runas\command'
221: Set-RegistryKeyValue -DisplayName "RunAs Administrator" -RegKeyName $RegKey -RegKeyValue '(Default)' -RegKeyData '"c:\windows\system32\windowspowershell\v1.0\powershell.exe" -noexit "%1"'
222:
223: #Copy PowerShell Modules
224: $ModuleFolder = $env:ProgramFiles + "\WindowsPowerShell\Modules\Deployment"
225: Copy-Files -SourceDirectory $RelativePath -DestinationDirectory $ModuleFolder -FileFilter "Deployment.psm1"
226:
0 comments:
Post a Comment