manuth/PortValhalla
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Move user creation script

Browse source
This commit is contained in:
Manuel Thalmann 2024-03-22 09:26:54 +01:00
parent a5eb0f1d87
commit 9ab5e776d9
2 changed files with 1 additions and 1 deletions
scripts/Windows/OS/User
Add.ps1

144
scripts/Windows/OS/User/Add.ps1 Normal file
View file

@ -0,0 +1,144 @@
#!/bin/pwsh
. "$PSScriptRoot/../Scripts/Context.ps1";
$preparedUsernameProperty = "AutoLoginUser";
$preparedPasswordProperty = "AutoLoginPassword";
$autoLoginTriggerProperty = "AutoLoginTrigger";
$uacDisablerTriggerProperty = "UACDisablerTrigger";
function New-PersonalUser([Context] $context)
{
if (-not (Get-LocalUser $context.UserName -ErrorAction SilentlyContinue))
{
Write-Host "Creating Personal User";
while ($true) {
Write-Host (
[string]::Join(
"`n",
"So... Windows is too dumb to create users which are bound to a Microsoft Account.",
"Thus, you have to do it by yourself.",
"So sorry..."));
$users = Get-LocalUser | ForEach-Object { $_.Name };
Write-Host "Following users exist already:"
Write-Host $users;
Read-Host "Please hit enter once you're done...";
$user = Get-LocalUser | Where-Object { -not ($users -contains $_.Name) } | Select-Object -Last 1;
if ($user) {
Write-Information "Found New User:";
Write-Information $user;
break;
}
}
Write-Information "Renaming the new User to $($context.UserName)";
Rename-LocalUser $user $context.UserName;
Add-LocalGroupMember -Group "Administrators" -Member $user && Set-LocalUser $context.AdminName -Password (ConvertTo-SecureString -AsPlainText "Admin") && Disable-LocalUser $context.AdminName;
Write-Host "Registering setup script for all new users";
$context.RegisterNewUserReboot();
Write-Information "Enabling UAC for the next login (Microsoft Account login won't work otherwise, lol)";
Enable-UACNextLogin $context;
Write-Information "Disabling Auto login";
$context.RemoveAutologin();
$context.SetStage("DisableUAC");
Restart-Computer -Force;
exit;
}
elseif ($context.GetStage() -eq "DisableUAC")
{
Enable-PersonalUserAutologon $context;
$context.RegisterReboot();
$context.SetStage("RemoveAdmin");
Write-EventLog -LogName Application -Source "Application" -EventId $context.Get($uacDisablerTriggerProperty) -Message "This event was created by $env:Username";
exit;
}
elseif ($context.GetStage() -eq "RemoveAdmin")
{
Write-Information "Removing Admin Account";
Get-CimInstance -ClassName "Win32_UserProfile" -Filter "SID = '$((Get-LocalUser $context.AdminName).SID)'" | Remove-CimInstance;
$context.RemoveStage();
}
}
function Enable-UACNextLogin([Context] $context) {
$context.SetUACState($true);
$tempTask = "PortValhalla Temp";
$autoLoginName = "PortValhalla AutoLogin Setup";
$uacDisablerName = "PortValhalla UAC Disabler";
$autoLoginTrigger = Get-Random -Maximum 65535;
$uacDisablerTrigger = Get-Random -Maximum 65535;
$context.Set($autoLoginTriggerProperty, $autoLoginTrigger, "DWord");
$context.Set($uacDisablerTriggerProperty, $uacDisablerTrigger, "DWord");
$optionCollection = [System.Tuple[int, string, string[]][]]@(
[System.Tuple]::Create(
$autoLoginTrigger,
$autoLoginName,
@(
". '$PSScriptRoot/../Scripts/Context.ps1';",
"`$context = [Context]::new();",
"`$username = `$context.Get('$preparedUsernameProperty');",
"`$password = `$context.Get('$preparedPasswordProperty');",
"`$context.SetAutologin(`$username, `$password);",
"`$context.Remove('$preparedUsernameProperty');",
"`$context.Remove('$preparedPasswordProperty');")),
[System.Tuple]::Create(
$uacDisablerTrigger,
"PortValhalla UAC Disabler",
@(
"Unregister-ScheduledTask -Confirm:`$false '$autoLoginName';",
"Unregister-ScheduledTask -Confirm:`$false '$uacDisablerName';",
". '$PSScriptRoot/../Scripts/Context.ps1';",
"`$context = [Context]::new();",
"`$context.SetUACState(`$false);",
"`$context.Remove('$autoLoginTriggerProperty');",
"`$context.Remove('$uacDisablerTriggerProperty');",
"`$context.DeregisterNewUserReboot();",
"Restart-Computer -Force;")));
foreach ($options in $optionCollection) {
$action = New-ScheduledTaskAction -Execute "pwsh.exe" -Argument (
[string]::Join(
" ",
(
@("-c") +
($options.Item3 | ForEach-Object { $_.TrimEnd(";") + ";" }))));
schtasks /Create /SC ONEVENT /EC Application /MO "*[System[Provider[@Name='Application'] and EventID=$($options.Item1)]]" /TR cmd.exe /TN "$tempTask";
$trigger = (Get-ScheduledTask $tempTask).Triggers;
$principal = New-ScheduledTaskPrincipal -UserId "SYSTEM" -RunLevel Highest;
$task = New-ScheduledTask -Action $action -Principal $principal -Trigger $trigger;
$null = Register-ScheduledTask $options.Item2 -InputObject $task;
$null = Unregister-ScheduledTask -Confirm:$false $tempTask;
}
}
function Enable-PersonalUserAutologon([Context] $context)
{
Add-Type -assemblyname System.DirectoryServices.AccountManagement;
Write-Information "Re-Enabling Autologin for Current User";
$principalContext = [System.DirectoryServices.AccountManagement.PrincipalContext]::new("Machine");
while ($true)
{
$password = Read-Host "Please enter the password of your Microsoft Account" -MaskInput;
if ($principalContext.ValidateCredentials($context.UserName, $password))
{
break;
}
else {
Write-Error "The specified password is incorrect!";
}
}
$context.Set($preparedUsernameProperty, $context.UserName, "ExpandString");
$context.Set($preparedPasswordProperty, $password, "ExpandString");
Write-EventLog -LogName Application -Source "Application" -EventId $context.Get($autoLoginTriggerProperty) -Message "This event was created by $env:Username";
}