From 1b94afa0dbc07e082bf5a9dc4de25811fab82593 Mon Sep 17 00:00:00 2001 From: romanitho <96626929+Romanitho@users.noreply.github.com> Date: Thu, 19 Oct 2023 16:48:04 +0200 Subject: [PATCH 1/2] ServiceUI integration --- .github/workflows/WAU-AutoCreatePreVersion.yml | 8 ++++++++ .github/workflows/WAU-CreateNewVersion.yml | 8 ++++++++ Winget-AutoUpdate-Install.ps1 | 8 +++++++- .../functions/Confirm-Installation.ps1 | 2 +- .../functions/Invoke-PostUpdateActions.ps1 | 13 +++++++++++++ 5 files changed, 37 insertions(+), 2 deletions(-) diff --git a/.github/workflows/WAU-AutoCreatePreVersion.yml b/.github/workflows/WAU-AutoCreatePreVersion.yml index 3424177..78a4e8e 100644 --- a/.github/workflows/WAU-AutoCreatePreVersion.yml +++ b/.github/workflows/WAU-AutoCreatePreVersion.yml @@ -82,11 +82,19 @@ jobs: - name: Build project run: | + # Get MDT from Microsoft + wget https://download.microsoft.com/download/3/3/9/339BE62D-B4B8-4956-B58D-73C4685FC492/MicrosoftDeploymentToolkit_x64.msi + # Extract MSI + 7z x MicrosoftDeploymentToolkit_x64.msi + # Copy ServiceUI.exe to Winget-AutoUpdate folder + mv Modena_File206 Winget-AutoUpdate/ServiceUI.exe + # Zip WAU zip -r WAU.zip Winget-AutoUpdate zip WAU.zip Winget-AutoUpdate-Install.ps1 zip WAU.zip excluded_apps.txt zip WAU.zip install.bat zip WAU.zip uninstall.bat + # Zip ADMX cd Policies zip -r ../WAU_ADMX.zip * cd .. diff --git a/.github/workflows/WAU-CreateNewVersion.yml b/.github/workflows/WAU-CreateNewVersion.yml index dc0facc..3ce22dc 100644 --- a/.github/workflows/WAU-CreateNewVersion.yml +++ b/.github/workflows/WAU-CreateNewVersion.yml @@ -55,11 +55,19 @@ jobs: - name: Build project run: | + # Get MDT from Microsoft + wget https://download.microsoft.com/download/3/3/9/339BE62D-B4B8-4956-B58D-73C4685FC492/MicrosoftDeploymentToolkit_x64.msi + # Extract MSI + 7z x MicrosoftDeploymentToolkit_x64.msi + # Copy ServiceUI.exe to Winget-AutoUpdate folder + mv Modena_File206 Winget-AutoUpdate/ServiceUI.exe + # Zip WAU zip -r WAU.zip Winget-AutoUpdate zip WAU.zip Winget-AutoUpdate-Install.ps1 zip WAU.zip excluded_apps.txt zip WAU.zip install.bat zip WAU.zip uninstall.bat + # Zip ADMX cd Policies zip -r ../WAU_ADMX.zip * cd .. diff --git a/Winget-AutoUpdate-Install.ps1 b/Winget-AutoUpdate-Install.ps1 index 2e736b8..b65e17d 100644 --- a/Winget-AutoUpdate-Install.ps1 +++ b/Winget-AutoUpdate-Install.ps1 @@ -328,7 +328,13 @@ function Install-WingetAutoUpdate { Get-ScheduledTask -TaskName "Winget-AutoUpdate-UserContext" -ErrorAction SilentlyContinue | Unregister-ScheduledTask -Confirm:$False # Settings for the scheduled task for Updates (System) - $taskAction = New-ScheduledTaskAction -Execute "powershell.exe" -Argument "-NoProfile -ExecutionPolicy Bypass -File `"$($WingetUpdatePath)\winget-upgrade.ps1`"" + $ServiceUI = Test-Path "$PSScriptRoot\Winget-AutoUpdate\ServiceUI.exe" + if ($ServiceUI) { + $taskAction = New-ScheduledTaskAction -Execute "$WingetUpdatePath\ServiceUI.exe" -Argument "-process:explorer.exe %windir%\System32\wscript.exe \`"$WingetUpdatePath\Invisible.vbs \`" \`"powershell.exe -NoProfile -ExecutionPolicy Bypass -File \`"\`"$WingetUpdatePath\winget-upgrade.ps1\`"\`"\`"" + } + else { + $taskAction = New-ScheduledTaskAction -Execute "powershell.exe" -Argument "-NoProfile -ExecutionPolicy Bypass -File `"$($WingetUpdatePath)\winget-upgrade.ps1`"" + } $taskTriggers = @() if ($UpdatesAtLogon) { $tasktriggers += New-ScheduledTaskTrigger -AtLogOn diff --git a/Winget-AutoUpdate/functions/Confirm-Installation.ps1 b/Winget-AutoUpdate/functions/Confirm-Installation.ps1 index e96b66d..8ee0005 100644 --- a/Winget-AutoUpdate/functions/Confirm-Installation.ps1 +++ b/Winget-AutoUpdate/functions/Confirm-Installation.ps1 @@ -1,7 +1,7 @@ Function Confirm-Installation ($AppName, $AppVer){ #Set json export file - $JsonFile = "$WorkingDir\Config\InstalledApps.json" + $JsonFile = "$WorkingDir\InstalledApps.json" #Get installed apps and version in json file & $Winget export -s winget -o $JsonFile --include-versions | Out-Null diff --git a/Winget-AutoUpdate/functions/Invoke-PostUpdateActions.ps1 b/Winget-AutoUpdate/functions/Invoke-PostUpdateActions.ps1 index 77e5f80..30d3720 100644 --- a/Winget-AutoUpdate/functions/Invoke-PostUpdateActions.ps1 +++ b/Winget-AutoUpdate/functions/Invoke-PostUpdateActions.ps1 @@ -197,6 +197,19 @@ function Invoke-PostUpdateActions { Write-ToLog "-> Policies task created." } + #Set WAU scheduled task with ServiceUI + $WAUTask = Get-ScheduledTask -TaskName 'Winget-AutoUpdate' -ErrorAction SilentlyContinue + $ServiceUI = Test-Path "$($WorkingDir)\ServiceUI.exe" + if ($ServiceUI) { + $taskAction = New-ScheduledTaskAction -Execute "$($WorkingDir)\ServiceUI.exe" -Argument "-process:explorer.exe %windir%\System32\wscript.exe \`"$($WorkingDir)\Invisible.vbs \`" \`"powershell.exe -NoProfile -ExecutionPolicy Bypass -File \`"\`"$WingetUpdatePath\winget-upgrade.ps1\`"\`"\`"" + Write-ToLog "-> ServiceUI enabled." + } + else { + $taskAction = New-ScheduledTaskAction -Execute "powershell.exe" -Argument "-NoProfile -ExecutionPolicy Bypass -File `"$($WorkingDir)\winget-upgrade.ps1`"" + } + Set-ScheduledTask -TaskPath $WAUTask.TaskPath -TaskName $WAUTask.TaskName -Action $taskAction | Out-Null + + ### End of post update actions ### #Reset WAU_UpdatePostActions Value From e6fd88f2521d04edadbf9d442130bb161e30b8c4 Mon Sep 17 00:00:00 2001 From: romanitho <96626929+Romanitho@users.noreply.github.com> Date: Thu, 19 Oct 2023 18:55:40 +0200 Subject: [PATCH 2/2] Add rerun if ServiceUI exists and conditions ok --- Winget-AutoUpdate-Install.ps1 | 8 +---- Winget-AutoUpdate/Winget-Upgrade.ps1 | 30 +++++++++++++++---- .../functions/Invoke-PostUpdateActions.ps1 | 12 -------- Winget-AutoUpdate/functions/Write-ToLog.ps1 | 2 +- 4 files changed, 27 insertions(+), 25 deletions(-) diff --git a/Winget-AutoUpdate-Install.ps1 b/Winget-AutoUpdate-Install.ps1 index b65e17d..2e736b8 100644 --- a/Winget-AutoUpdate-Install.ps1 +++ b/Winget-AutoUpdate-Install.ps1 @@ -328,13 +328,7 @@ function Install-WingetAutoUpdate { Get-ScheduledTask -TaskName "Winget-AutoUpdate-UserContext" -ErrorAction SilentlyContinue | Unregister-ScheduledTask -Confirm:$False # Settings for the scheduled task for Updates (System) - $ServiceUI = Test-Path "$PSScriptRoot\Winget-AutoUpdate\ServiceUI.exe" - if ($ServiceUI) { - $taskAction = New-ScheduledTaskAction -Execute "$WingetUpdatePath\ServiceUI.exe" -Argument "-process:explorer.exe %windir%\System32\wscript.exe \`"$WingetUpdatePath\Invisible.vbs \`" \`"powershell.exe -NoProfile -ExecutionPolicy Bypass -File \`"\`"$WingetUpdatePath\winget-upgrade.ps1\`"\`"\`"" - } - else { - $taskAction = New-ScheduledTaskAction -Execute "powershell.exe" -Argument "-NoProfile -ExecutionPolicy Bypass -File `"$($WingetUpdatePath)\winget-upgrade.ps1`"" - } + $taskAction = New-ScheduledTaskAction -Execute "powershell.exe" -Argument "-NoProfile -ExecutionPolicy Bypass -File `"$($WingetUpdatePath)\winget-upgrade.ps1`"" $taskTriggers = @() if ($UpdatesAtLogon) { $tasktriggers += New-ScheduledTaskTrigger -AtLogOn diff --git a/Winget-AutoUpdate/Winget-Upgrade.ps1 b/Winget-AutoUpdate/Winget-Upgrade.ps1 index e904e4d..2ebc584 100644 --- a/Winget-AutoUpdate/Winget-Upgrade.ps1 +++ b/Winget-AutoUpdate/Winget-Upgrade.ps1 @@ -17,7 +17,31 @@ $Script:IsSystem = [System.Security.Principal.WindowsIdentity]::GetCurrent().IsS #Log initialisation $LogFile = "$WorkingDir\logs\updates.log" -Write-ToLog -LogMsg "CHECK FOR APP UPDATES" -IsHeader + +if ($IsSystem) { + #Check if any connected user when running as system + $explorerprocesses = @(Get-WmiObject -Query "Select * FROM Win32_Process WHERE Name='explorer.exe'" -ErrorAction SilentlyContinue) + #Check if ServiceUI exists + $ServiceUI = Test-Path "$WorkingDir\ServiceUI.exe" + If ($explorerprocesses.Count -gt 0 -and $ServiceUI) { + #User connected, Check for current session ID (O = system) + $SessionID = [System.Diagnostics.Process]::GetCurrentProcess().SessionId + if ($SessionID -eq 0) { + #Rerun WAU in system context with ServiceUI + & $WorkingDir\ServiceUI.exe -process:explorer.exe $env:windir\System32\wscript.exe \`"$WorkingDir\Invisible.vbs\`" \`"powershell.exe -NoProfile -ExecutionPolicy Bypass -File \`"\`"$WorkingDir\winget-upgrade.ps1\`"\`"\`" + Exit 0 + } + else { + Write-ToLog -LogMsg "CHECK FOR APP UPDATES (System context with ServiceUI)" -IsHeader + } + } + else { + Write-ToLog -LogMsg "CHECK FOR APP UPDATES (System context)" -IsHeader + } +} +else { + Write-ToLog -LogMsg "CHECK FOR APP UPDATES (User context)" -IsHeader +} #Get settings and Domain/Local Policies (GPO) if activated. $Script:WAUConfig = Get-WAUConfig @@ -27,7 +51,6 @@ if ($($WAUPolicies.WAU_ActivateGPOManagement -eq 1)) { #Log running context and more... if ($IsSystem) { - Write-ToLog "Running in System context" # Maximum number of log files to keep. Default is 3. Setting MaxLogFiles to 0 will keep all log files. $MaxLogFiles = $WAUConfig.WAU_MaxLogFiles @@ -61,9 +84,6 @@ if ($IsSystem) { $SettingsPath = "$Env:windir\system32\config\systemprofile\AppData\Local\Microsoft\WinGet\Settings\defaultState\settings.json" Add-ScopeMachine $SettingsPath } -else { - Write-ToLog "Running in User context" -} #Get Notif Locale function $LocaleDisplayName = Get-NotifLocale diff --git a/Winget-AutoUpdate/functions/Invoke-PostUpdateActions.ps1 b/Winget-AutoUpdate/functions/Invoke-PostUpdateActions.ps1 index 30d3720..eb52cb9 100644 --- a/Winget-AutoUpdate/functions/Invoke-PostUpdateActions.ps1 +++ b/Winget-AutoUpdate/functions/Invoke-PostUpdateActions.ps1 @@ -197,18 +197,6 @@ function Invoke-PostUpdateActions { Write-ToLog "-> Policies task created." } - #Set WAU scheduled task with ServiceUI - $WAUTask = Get-ScheduledTask -TaskName 'Winget-AutoUpdate' -ErrorAction SilentlyContinue - $ServiceUI = Test-Path "$($WorkingDir)\ServiceUI.exe" - if ($ServiceUI) { - $taskAction = New-ScheduledTaskAction -Execute "$($WorkingDir)\ServiceUI.exe" -Argument "-process:explorer.exe %windir%\System32\wscript.exe \`"$($WorkingDir)\Invisible.vbs \`" \`"powershell.exe -NoProfile -ExecutionPolicy Bypass -File \`"\`"$WingetUpdatePath\winget-upgrade.ps1\`"\`"\`"" - Write-ToLog "-> ServiceUI enabled." - } - else { - $taskAction = New-ScheduledTaskAction -Execute "powershell.exe" -Argument "-NoProfile -ExecutionPolicy Bypass -File `"$($WorkingDir)\winget-upgrade.ps1`"" - } - Set-ScheduledTask -TaskPath $WAUTask.TaskPath -TaskName $WAUTask.TaskName -Action $taskAction | Out-Null - ### End of post update actions ### diff --git a/Winget-AutoUpdate/functions/Write-ToLog.ps1 b/Winget-AutoUpdate/functions/Write-ToLog.ps1 index 976a639..5643832 100644 --- a/Winget-AutoUpdate/functions/Write-ToLog.ps1 +++ b/Winget-AutoUpdate/functions/Write-ToLog.ps1 @@ -26,7 +26,7 @@ function Write-ToLog { #If header requested if ($IsHeader) { - $Log = " `n##################################################`n# $LogMsg - $(Get-Date -Format (Get-culture).DateTimeFormat.ShortDatePattern)`n##################################################" + $Log = " `n########################################################`n# $LogMsg - $(Get-Date -Format (Get-culture).DateTimeFormat.ShortDatePattern)`n########################################################" } else { $Log = "$(Get-Date -UFormat "%T") - $LogMsg"