Refactor user creation script
This commit is contained in:
parent
0246633c68
commit
04c6ef125f
1 changed files with 50 additions and 41 deletions
|
|
@ -9,6 +9,9 @@ $uacDisablerTriggerProperty = "UACDisablerTrigger";
|
||||||
function New-PersonalUser([Context] $context, [string] $userName)
|
function New-PersonalUser([Context] $context, [string] $userName)
|
||||||
{
|
{
|
||||||
$userStageProperty = "UserStage";
|
$userStageProperty = "UserStage";
|
||||||
|
$creationStage = "Create";
|
||||||
|
$disableUACStage = "DisableUAC";
|
||||||
|
$adminRemovalStage = "RemoveAdmin";
|
||||||
|
|
||||||
$null = New-Module {
|
$null = New-Module {
|
||||||
Get-UserStage {
|
Get-UserStage {
|
||||||
|
|
@ -21,61 +24,67 @@ function New-PersonalUser([Context] $context, [string] $userName)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (-not (Get-LocalUser $userName -ErrorAction SilentlyContinue))
|
switch (Get-UserStage) {
|
||||||
{
|
{ $_ -in $null,$creationStage } {
|
||||||
Write-Host "Creating Personal User";
|
Set-UserStage $creationStage;
|
||||||
|
|
||||||
while ($true) {
|
if (-not (Get-LocalUser $userName -ErrorAction SilentlyContinue)) {
|
||||||
Write-Host (
|
Write-Host "Creating Personal User ``$userName``";
|
||||||
[string]::Join(
|
|
||||||
"`n",
|
|
||||||
"So... Windows is too dumb to create users which are bound to a Microsoft Account.",
|
|
||||||
"Thus, you have to do it by yourself.",
|
|
||||||
"So sorry..."));
|
|
||||||
|
|
||||||
$users = Get-LocalUser | ForEach-Object { $_.Name };
|
while ($true) {
|
||||||
Write-Host "Following users exist already:"
|
Write-Host (
|
||||||
Write-Host $users;
|
[string]::Join(
|
||||||
Read-Host "Please hit enter once you're done...";
|
"`n",
|
||||||
|
"So... Windows is too dumb to create users which are bound to a Microsoft Account.",
|
||||||
|
"Thus, you have to do it by yourself.",
|
||||||
|
"So sorry..."));
|
||||||
|
|
||||||
$user = Get-LocalUser | Where-Object { -not ($users -contains $_.Name) } | Select-Object -Last 1;
|
$users = Get-LocalUser | ForEach-Object { $_.Name };
|
||||||
|
Write-Host "Following users exist already:"
|
||||||
|
Write-Host $users;
|
||||||
|
Read-Host "Please hit enter once you're done...";
|
||||||
|
|
||||||
if ($user) {
|
$user = Get-LocalUser | Where-Object { -not ($users -contains $_.Name) } | Select-Object -Last 1;
|
||||||
Write-Information "Found New User:";
|
|
||||||
Write-Information $user;
|
if ($user) {
|
||||||
break;
|
Write-Information "Found New User:";
|
||||||
|
Write-Information $user;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
Write-Information "Renaming the new User to $userName";
|
||||||
|
Rename-LocalUser $user $userName;
|
||||||
|
|
||||||
|
Add-LocalGroupMember -Group "Administrators" -Member $user &&
|
||||||
|
Set-LocalUser $context.AdminName -Password (ConvertTo-SecureString -AsPlainText "Admin") &&
|
||||||
|
Disable-LocalUser $context.AdminName;
|
||||||
|
|
||||||
|
Write-Host "Registering setup script for all new users";
|
||||||
|
$context.RegisterNewUserReboot();
|
||||||
|
|
||||||
|
Write-Information "Enabling UAC for the next login (Microsoft Account login won't work otherwise, lol)";
|
||||||
|
Enable-UACNextLogin $context;
|
||||||
|
|
||||||
|
Write-Information "Disabling Auto login";
|
||||||
|
$context.RemoveAutologin();
|
||||||
|
Set-UserStage $disableUACStage;
|
||||||
|
Restart-Computer -Force;
|
||||||
|
exit;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
$disableUACStage {
|
||||||
Write-Information "Renaming the new User to $userName";
|
|
||||||
Rename-LocalUser $user $userName;
|
|
||||||
Add-LocalGroupMember -Group "Administrators" -Member $user && Set-LocalUser $context.AdminName -Password (ConvertTo-SecureString -AsPlainText "Admin") && Disable-LocalUser $context.AdminName;
|
|
||||||
|
|
||||||
Write-Host "Registering setup script for all new users";
|
|
||||||
$context.RegisterNewUserReboot();
|
|
||||||
|
|
||||||
Write-Information "Enabling UAC for the next login (Microsoft Account login won't work otherwise, lol)";
|
|
||||||
Enable-UACNextLogin $context;
|
|
||||||
|
|
||||||
Write-Information "Disabling Auto login";
|
|
||||||
$context.RemoveAutologin();
|
|
||||||
Set-UserStage "DisableUAC";
|
|
||||||
Restart-Computer -Force;
|
|
||||||
exit;
|
|
||||||
}
|
|
||||||
|
|
||||||
switch (Get-UserStage) {
|
|
||||||
"DisableUAC" {
|
|
||||||
Enable-PersonalUserAutologon $context $userName;
|
Enable-PersonalUserAutologon $context $userName;
|
||||||
$context.RegisterReboot();
|
$context.RegisterReboot();
|
||||||
Set-UserStage "RemoveAdmin";
|
Set-UserStage $adminRemovalStage;
|
||||||
Start-EventDrivenTask $context.Get($uacDisablerTriggerProperty);
|
Start-EventDrivenTask $context.Get($uacDisablerTriggerProperty);
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
"RemoveAdmin" {
|
$adminRemovalStage {
|
||||||
Write-Information "Removing Admin Account";
|
Write-Information "Removing Admin Account";
|
||||||
Get-CimInstance -ClassName "Win32_UserProfile" -Filter "SID = '$((Get-LocalUser $context.AdminName).SID)'" | Remove-CimInstance;
|
Get-CimInstance -ClassName "Win32_UserProfile" -Filter "SID = '$((Get-LocalUser $context.AdminName).SID)'" | Remove-CimInstance;
|
||||||
$context.Remove($userStageProperty);
|
$context.Remove($userStageProperty);
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue