diff --git a/scripts/Common/Scripts/Config.ps1 b/scripts/Common/Scripts/Config.ps1 index 0a1859d2..97fa6fe8 100644 --- a/scripts/Common/Scripts/Config.ps1 +++ b/scripts/Common/Scripts/Config.ps1 @@ -155,6 +155,16 @@ $null = New-Module { Get-Attributes "valhalla.windows.users"; } + <# + .SYNOPSIS + Gets the name of the setup user. + #> + function Get-SetupUser { + [OutputType([string])] + param() + Get-Config "valhalla.windows.setupUser"; + } + <# .SYNOPSIS Gets the value of an option related to the setup. diff --git a/scripts/Windows/OS/Install.ps1 b/scripts/Windows/OS/Install.ps1 index b9246806..d2e092c5 100644 --- a/scripts/Windows/OS/Install.ps1 +++ b/scripts/Windows/OS/Install.ps1 @@ -1,4 +1,6 @@ #!/bin/pwsh +using namespace System.Security.Principal; + . "$PSScriptRoot/../Scripts/Prerequisites.ps1"; . "$PSScriptRoot/Manage.ps1"; @@ -9,6 +11,7 @@ $null = New-Module { . "$PSScriptRoot/../Scripts/Hooks.ps1"; . "$PSScriptRoot/../Scripts/PowerManagement.ps1"; + . "$PSScriptRoot/../Scripts/Registry.ps1"; . "$PSScriptRoot/../Scripts/Update.ps1"; . "$PSScriptRoot/../Scripts/Users.ps1"; . "$PSScriptRoot/../../Common/Scripts/Config.ps1"; @@ -429,6 +432,49 @@ $null = New-Module { Set-Stage ([SetupStage]::ConfigureUser); } ([SetupStage]::ConfigureUser) { + $userOption = "CurrentUser"; + + function Get-CurrentUser { + (Get-SetupOption $userOption) ?? 0; + } + + function Set-CurrentUser { + param([int] $Value) + Set-SetupOption $userOption $Value; + } + + [string[]] $users = Get-Users; + $currentUser = Get-CurrentUser; + Set-BootMessage; + + if ($currentUser -lt $users.Count) { + $user = Get-LocalUser $users[$currentUser]; + + Add-LocalGroupMember ` + -SID ([SecurityIdentifier]::new([WellKnownSidType]::BuiltinAdministratorsSid, $null))` + $user ` + -ErrorAction SilentlyContinue; + + if ($env:UserName -ne "$user") { + Disable-LocalUser $env:UserName; + Enable-LocalUser $user; + + if (Get-UserConfig -UserName "$user" -Name "microsoftAccount") { + Disable-Autologin; + Set-BootMessage -Caption "Login" -Message "Please login using your account."; + } else { + Set-AutologinUser "$user"; + } + + Restart-Intermediate + return; + } + + if (-not (Get-UserConfig -UserName "$user" "microsoftAccount")) { + net user "$user" /logonpasswordchg:yes; + } + } + Set-IsFinished $true; } } diff --git a/scripts/Windows/Scripts/PowerManagement.ps1 b/scripts/Windows/Scripts/PowerManagement.ps1 index 774eaa98..74b4b5a6 100644 --- a/scripts/Windows/Scripts/PowerManagement.ps1 +++ b/scripts/Windows/Scripts/PowerManagement.ps1 @@ -1,10 +1,16 @@ using namespace Microsoft.Win32; $null = New-Module { + . "$PSScriptRoot/../../Common/Scripts/Config.ps1"; . "$PSScriptRoot/../../Common/Scripts/Scripting.ps1"; [RegistryKey] $key = $null; $runOncePath = "HKLM:\Software\Microsoft\Windows\CurrentVersion\RunOnce"; + $logonPath = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" $runOnceName = "PortValhalla"; + $autologinOption = "AutoAdminLogon"; + $domainOption = "DefaultDomainName"; + $userOption = "DefaultUserName"; + $passwordOption = "DefaultPassword"; <# .SYNOPSIS @@ -45,6 +51,56 @@ $null = New-Module { $key.Handle.Close(); } + <# + .SYNOPSIS + Sets the user to login automatically on boot. + + .PARAMETER Name + The name of the user to login automatically. + #> + function Set-AutologinUser { + param( + [string] $Name + ) + + Set-ItemProperty $autologinOption -Name $autologinOption "1"; + + if (-not $Name) { + $Name = Get-SetupUser; + } + + $options = @{ + $domainOption = ""; + $userOption = $Name; + $passwordOption = ""; + }; + + foreach ($key in $options.Keys) { + Set-ItemProperty -Name $key + $displayName = Get-UserConfig -UserName $name "displayName"; + + $userArguments = @{ + name = $name; + }; + + if ($displayName) { + $userArguments.fullName = $displayName; + } -Value $options[$key]; + } + } + + <# + .SYNOPSIS + Disables the automatic login. + #> + function Disable-Autologin { + Set-ItemProperty $logonPath -Name $autologinOption "0"; + + foreach ($key in @($domainOption, $userOption, $passwordOption)) { + Remove-ItemProperty $logonPath -Name $key -ErrorAction SilentlyContinue; + } + } + <# .SYNOPSIS Reboots the machine intermediately and restarts the setup after the next login. diff --git a/scripts/Windows/Scripts/Users.ps1 b/scripts/Windows/Scripts/Users.ps1 index 7024231c..c975943c 100644 --- a/scripts/Windows/Scripts/Users.ps1 +++ b/scripts/Windows/Scripts/Users.ps1 @@ -101,10 +101,6 @@ $null = New-Module { Set-LocalUser $name -PasswordNeverExpires $true; Set-LocalUser $name -PasswordNeverExpires $false; } - - if (-not (Get-UserConfig -UserName $name "microsoftAccount")) { - net user $name /logonpasswordchg:yes; - } } } };