diff --git a/scripts/Windows/OS/User/Add.ps1 b/scripts/Windows/OS/User/Add.ps1
index 3ce66497..34a4b8b1 100644
--- a/scripts/Windows/OS/User/Add.ps1
+++ b/scripts/Windows/OS/User/Add.ps1
@@ -57,7 +57,7 @@ function New-PersonalUser([Context] $context)
Enable-PersonalUserAutologon $context;
$context.RegisterReboot();
$context.SetStage("RemoveAdmin");
- Write-EventLog -LogName Application -Source "Application" -EventId $context.Get($uacDisablerTriggerProperty) -Message "This event was created by $env:Username";
+ Start-EventDrivenTask $context.Get($uacDisablerTriggerProperty);
exit;
}
elseif ($context.GetStage() -eq "RemoveAdmin")
@@ -83,11 +83,11 @@ function Enable-UACNextLogin([Context] $context) {
[System.Tuple]::Create(
$autoLoginTrigger,
$autoLoginName,
- "{ $((Get-AutoLoginScript)) }.Invoke('$contextScript', '$preparedUsernameProperty', '$preparedPasswordProperty')")
+ "{ $((Get-AutoLoginScript)) }.Invoke($autoLoginTrigger, '$contextScript', '$preparedUsernameProperty', '$preparedPasswordProperty')")
[System.Tuple]::Create(
$uacDisablerTrigger,
$uacDisablerName,
- "{ $((Get-UACDisablerScript)) }.Invoke('$contextScript', '$autoLoginName', '$uacDisablerName', '$autoLoginTriggerProperty', '$uacDisablerTriggerProperty')"));
+ "{ $((Get-UACDisablerScript)) }.Invoke($uacDisablerTrigger, '$contextScript', '$autoLoginName', '$uacDisablerName', '$autoLoginTriggerProperty', '$uacDisablerTriggerProperty')"));
foreach ($options in $optionCollection) {
$action = New-ScheduledTaskAction -Execute "pwsh.exe" -Argument (
@@ -127,5 +127,16 @@ function Enable-PersonalUserAutologon([Context] $context)
$context.Set($preparedUsernameProperty, $context.UserName, "ExpandString");
$context.Set($preparedPasswordProperty, $password, "ExpandString");
- Write-EventLog -LogName Application -Source "Application" -EventId $context.Get($autoLoginTriggerProperty) -Message "This event was created by $env:Username";
+ Start-EventDrivenTask $context.Get($autoLoginTriggerProperty);
+}
+
+function Start-EventDrivenTask() {
+ param(
+ [int]$EventID
+ );
+
+ $identifier = "EventLog$_";
+ Write-EventLog -LogName Application -Source "Application" -EventId $EventID -Message "This event was created by $env:Username";
+ Register-WmiEvent -Query "SELECT * FROM __InstanceCreationEvent WHERE TargetInstance ISA 'Win32_NTLogEvent' AND EventIdentifier=$EventID" -SourceIdentifier "$identifier";
+ Wait-Event -SourceIdentifier $identifier;
}
diff --git a/scripts/Windows/OS/User/AutoLogin.ps1 b/scripts/Windows/OS/User/AutoLogin.ps1
index d98d061c..e16cbebb 100644
--- a/scripts/Windows/OS/User/AutoLogin.ps1
+++ b/scripts/Windows/OS/User/AutoLogin.ps1
@@ -4,6 +4,7 @@
function Get-AutoLoginScript() {
return {
param(
+ [int]$EventID,
[string]$ContextScriptPath,
[string]$PreparedUsernameProperty,
[string]$PreparedSecretProperty
@@ -14,5 +15,6 @@ function Get-AutoLoginScript() {
$userName = $context.Get($PreparedUsernameProperty);
$password = $context.Get($PreparedSecretProperty);
$context.SetAutologin($userName, $password);
+ Write-EventLog -LogName Application -Source "Application" -EventId $EventID -Message "This event was created by $env:Username";
};
}
diff --git a/scripts/Windows/OS/User/UACDisabler.ps1 b/scripts/Windows/OS/User/UACDisabler.ps1
index 8ad78ba9..373a3b93 100644
--- a/scripts/Windows/OS/User/UACDisabler.ps1
+++ b/scripts/Windows/OS/User/UACDisabler.ps1
@@ -4,6 +4,7 @@
function Get-UACDisablerScript() {
return {
param (
+ [int]$EventID,
[string]$ContextScriptPath,
[string]$AutoLoginTaskName,
[string]$UACDisablerTaskName,
@@ -19,6 +20,7 @@ function Get-UACDisablerScript() {
$context.Remove($AutoLoginTriggerProperty);
$context.Remove($UACDisablerTriggerProperty);
$context.DeregisterNewUserReboot();
+ Write-EventLog -LogName Application -Source "Application" -EventId $EventID -Message "This event was created by $env:Username";
Restart-Computer -Force;
};
}