2023-06-22 20:56:43 +00:00
|
|
|
. "$PSScriptRoot/../Scripts/Context.ps1";
|
2023-06-28 20:08:20 +00:00
|
|
|
$uacDisablerName = "PortValhalla UAC Disabler";
|
2023-06-28 20:28:22 +00:00
|
|
|
$cleanupName = "PortValhalla Cleanup";
|
2023-06-22 20:56:43 +00:00
|
|
|
|
|
|
|
|
function New-PersonalUser([Context] $context)
|
|
|
|
|
{
|
|
|
|
|
if (-not (Get-LocalUser $context.UserName))
|
|
|
|
|
{
|
2023-06-23 12:04:46 +00:00
|
|
|
Write-Host "Creating Personal User";
|
|
|
|
|
|
2023-06-22 21:36:45 +00:00
|
|
|
while ($true) {
|
|
|
|
|
Write-Host (
|
|
|
|
|
[string]::Join(
|
|
|
|
|
"`n",
|
|
|
|
|
"So... Windows is too dumb to create users which are bound to a Microsoft Account.",
|
|
|
|
|
"Thus, you have to do it by yourself.",
|
|
|
|
|
"So sorry..."));
|
|
|
|
|
|
2023-06-23 10:34:12 +00:00
|
|
|
$users = Get-LocalUser | ForEach-Object { $_.Name };
|
2023-06-23 00:34:53 +00:00
|
|
|
Write-Host "Following users exist already:"
|
|
|
|
|
Write-Host $users;
|
2023-06-22 21:36:45 +00:00
|
|
|
Read-Host "Please hit enter once you're done...";
|
|
|
|
|
|
2023-06-22 21:39:49 +00:00
|
|
|
$user = Get-LocalUser | Where-Object { -not ($users -contains $_.Name) } | Select-Object -Last 1;
|
2023-06-22 20:56:43 +00:00
|
|
|
|
2023-06-22 21:36:45 +00:00
|
|
|
if ($user) {
|
2023-06-22 22:20:30 +00:00
|
|
|
Write-Information "Found New User:";
|
|
|
|
|
Write-Information $user;
|
2023-06-22 21:36:45 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
2023-06-22 20:56:43 +00:00
|
|
|
|
2023-06-23 18:16:47 +00:00
|
|
|
Write-Information "Renaming the new User to $($context.UserName)";
|
2023-06-26 22:57:24 +00:00
|
|
|
Rename-LocalUser $user $context.UserName;
|
2023-06-28 20:36:40 +00:00
|
|
|
Add-LocalGroupMember -Group "Administrators" -Member $user && Set-LocalUser $context.AdminName -Password (ConvertTo-SecureString -AsPlainText "Admin") && Disable-LocalUser $context.AdminName;
|
2023-06-23 18:16:47 +00:00
|
|
|
|
|
|
|
|
Write-Host "Registering setup script for all new users";
|
|
|
|
|
$context.RegisterNewUserReboot();
|
2023-06-28 20:10:23 +00:00
|
|
|
|
|
|
|
|
Write-Information "Enabling UAC for the next login (Microsoft Account login won't work otherwise, lol)";
|
2023-06-28 09:48:08 +00:00
|
|
|
Enable-UACNextLogin;
|
2023-06-28 20:10:23 +00:00
|
|
|
|
|
|
|
|
Write-Information "Disabling Auto login";
|
2023-06-25 16:26:06 +00:00
|
|
|
$context.RemoveAutologin();
|
2023-06-25 16:11:30 +00:00
|
|
|
Restart-Computer;
|
2023-06-25 16:11:56 +00:00
|
|
|
exit;
|
2023-06-22 20:56:43 +00:00
|
|
|
}
|
2023-06-28 20:28:22 +00:00
|
|
|
elseif ((Get-ScheduledTask $uacDisablerName))
|
|
|
|
|
{
|
|
|
|
|
while ((Get-ScheduledTask $uacDisablerName) -ne "Ready")
|
|
|
|
|
{
|
|
|
|
|
Start-Sleep 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$taskInfo = Get-ScheduledTask $uacDisablerName;
|
|
|
|
|
|
|
|
|
|
if ($taskInfo.LastTaskResult -ne 0)
|
|
|
|
|
{
|
|
|
|
|
Write-Error "Disabling UAC was unsuccessful.";
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Start-ScheduledTask $cleanupName;
|
2023-06-28 20:50:39 +00:00
|
|
|
Enable-CurrentUserAutologon $context;
|
2023-06-28 20:50:59 +00:00
|
|
|
|
|
|
|
|
Write-Information "Removing Admin Account";
|
|
|
|
|
Get-CimInstance -ClassName "Win32_UserProfile" -Filter "SID = $((Get-LocalUser $context.AdminName).SID)" | Remove-CimInstance;
|
|
|
|
|
|
|
|
|
|
Write-Host "Rebooting";
|
|
|
|
|
$context.Reboot();
|
2023-06-28 20:28:22 +00:00
|
|
|
}
|
2023-06-22 20:56:43 +00:00
|
|
|
}
|
2023-06-28 09:48:08 +00:00
|
|
|
|
|
|
|
|
function Enable-UACNextLogin() {
|
|
|
|
|
$keyPath = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System";
|
|
|
|
|
$propertyName = "EnableLUA";
|
2023-06-28 10:35:06 +00:00
|
|
|
$null = Set-ItemProperty "$keyPath" -Name "$propertyName" -Value 1;
|
2023-06-28 09:48:08 +00:00
|
|
|
|
2023-06-28 20:06:35 +00:00
|
|
|
$action = New-ScheduledTaskAction -Execute "pwsh.exe" -Argument (
|
|
|
|
|
[string]::Join(
|
|
|
|
|
" ",
|
|
|
|
|
@(
|
|
|
|
|
"-c",
|
2023-06-28 20:07:18 +00:00
|
|
|
"Set-ItemProperty `"$keyPath`" -Name `"$propertyName`" -Value 0;")));
|
2023-06-28 19:20:59 +00:00
|
|
|
|
2023-06-28 09:48:08 +00:00
|
|
|
$trigger = New-ScheduledTaskTrigger -AtLogOn;
|
|
|
|
|
$principal = New-ScheduledTaskPrincipal -UserId "SYSTEM" -RunLevel Highest;
|
|
|
|
|
$task = New-ScheduledTask -Action $action -Principal $principal -Trigger $trigger;
|
2023-06-28 20:08:20 +00:00
|
|
|
$null = Register-ScheduledTask $uacDisablerName -InputObject $task;
|
2023-06-28 20:28:22 +00:00
|
|
|
|
|
|
|
|
$action = New-ScheduledTaskAction -Execute "pwsh.exe" -Argument (
|
|
|
|
|
[string]::Join(
|
|
|
|
|
" ",
|
|
|
|
|
@(
|
|
|
|
|
"-c",
|
|
|
|
|
"Unregister-ScheduledTask -Force $uacDisablerName;",
|
|
|
|
|
"Unregister-ScheduledTask -Force $cleanupName;")));
|
|
|
|
|
|
|
|
|
|
$task = New-ScheduledTask -Action $action -Principal $principal;
|
|
|
|
|
$null = Register-ScheduledTask $cleanupName -InputObject $task;
|
2023-06-28 09:48:08 +00:00
|
|
|
}
|
2023-06-28 20:50:39 +00:00
|
|
|
|
|
|
|
|
function Enable-CurrentUserAutologon([Context] $context)
|
|
|
|
|
{
|
|
|
|
|
Add-Type -assemblyname System.DirectoryServices.AccountManagement;
|
|
|
|
|
Write-Information "Re-Enabling Autologin for Current User";
|
|
|
|
|
$principalContext = [System.DirectoryServices.AccountManagement.PrincipalContext]::new("Machine");
|
|
|
|
|
|
|
|
|
|
while ($true)
|
|
|
|
|
{
|
|
|
|
|
$password = Read-Host "Please enter the password of your user" -MaskInput;
|
|
|
|
|
|
|
|
|
|
if ($principalContext.ValidateCredentials($context.UserName, $password))
|
|
|
|
|
{
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
Write-Error "The specified password is incorrect!";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$context.SetAutologin($context.UserName, $password);
|
|
|
|
|
}
|
