New adjustments for GPO optimisation
parent
0e86328787
commit
3c92204c44
|
@ -315,7 +315,7 @@ function Install-WingetAutoUpdate {
|
|||
& reg add "HKCR\AppUserModelId\Windows.SystemToast.Winget.Notification" /v DisplayName /t REG_EXPAND_SZ /d "Application Update" /f | Out-Null
|
||||
& reg add "HKCR\AppUserModelId\Windows.SystemToast.Winget.Notification" /v IconUri /t REG_EXPAND_SZ /d %SystemRoot%\system32\@WindowsUpdateToastIcon.png /f | Out-Null
|
||||
|
||||
# Settings for the scheduled task for Updates
|
||||
# Settings for the scheduled task for Updates (System)
|
||||
$taskAction = New-ScheduledTaskAction -Execute "powershell.exe" -Argument "-NoProfile -ExecutionPolicy Bypass -File `"$($WingetUpdatePath)\winget-upgrade.ps1`""
|
||||
$taskTriggers = @()
|
||||
if ($UpdatesAtLogon) {
|
||||
|
@ -338,7 +338,6 @@ function Install-WingetAutoUpdate {
|
|||
}
|
||||
$taskUserPrincipal = New-ScheduledTaskPrincipal -UserId S-1-5-18 -RunLevel Highest
|
||||
$taskSettings = New-ScheduledTaskSettingsSet -Compatibility Win8 -StartWhenAvailable -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries -ExecutionTimeLimit 03:00:00
|
||||
|
||||
# Set up the task, and register it
|
||||
if ($taskTriggers) {
|
||||
$task = New-ScheduledTask -Action $taskAction -Principal $taskUserPrincipal -Settings $taskSettings -Trigger $taskTriggers
|
||||
|
@ -346,28 +345,23 @@ function Install-WingetAutoUpdate {
|
|||
else {
|
||||
$task = New-ScheduledTask -Action $taskAction -Principal $taskUserPrincipal -Settings $taskSettings
|
||||
}
|
||||
Register-ScheduledTask -TaskName 'Winget-AutoUpdate' -TaskPath 'WAU' -InputObject $task -Force | Out-Null
|
||||
|
||||
Register-ScheduledTask -TaskName 'Winget-AutoUpdate' -InputObject $task -Force | Out-Null
|
||||
|
||||
if ($InstallUserContext) {
|
||||
# Settings for the scheduled task in User context
|
||||
$taskAction = New-ScheduledTaskAction -Execute "wscript.exe" -Argument "`"$($WingetUpdatePath)\Invisible.vbs`" `"powershell.exe -NoProfile -ExecutionPolicy Bypass -File `"`"`"$($WingetUpdatePath)\winget-upgrade.ps1`"`""
|
||||
$taskUserPrincipal = New-ScheduledTaskPrincipal -GroupId S-1-5-11
|
||||
$taskSettings = New-ScheduledTaskSettingsSet -Compatibility Win8 -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries -ExecutionTimeLimit 03:00:00
|
||||
|
||||
# Set up the task for user apps
|
||||
$task = New-ScheduledTask -Action $taskAction -Principal $taskUserPrincipal -Settings $taskSettings
|
||||
Register-ScheduledTask -TaskName 'Winget-AutoUpdate-UserContext' -InputObject $task -Force | Out-Null
|
||||
}
|
||||
Register-ScheduledTask -TaskName 'Winget-AutoUpdate-UserContext' -TaskPath 'WAU' -InputObject $task -Force | Out-Null
|
||||
|
||||
# Settings for the scheduled task for Notifications
|
||||
$taskAction = New-ScheduledTaskAction -Execute "wscript.exe" -Argument "`"$($WingetUpdatePath)\Invisible.vbs`" `"powershell.exe -NoProfile -ExecutionPolicy Bypass -File `"`"`"$($WingetUpdatePath)\winget-notify.ps1`"`""
|
||||
$taskUserPrincipal = New-ScheduledTaskPrincipal -GroupId S-1-5-11
|
||||
$taskSettings = New-ScheduledTaskSettingsSet -Compatibility Win8 -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries -ExecutionTimeLimit 00:05:00
|
||||
|
||||
# Set up the task, and register it
|
||||
$task = New-ScheduledTask -Action $taskAction -Principal $taskUserPrincipal -Settings $taskSettings
|
||||
Register-ScheduledTask -TaskName 'Winget-AutoUpdate-Notify' -InputObject $task -Force | Out-Null
|
||||
Register-ScheduledTask -TaskName 'Winget-AutoUpdate-Notify' -TaskPath 'WAU' -InputObject $task -Force | Out-Null
|
||||
|
||||
#Set task readable/runnable for all users
|
||||
$scheduler = New-Object -ComObject "Schedule.Service"
|
||||
|
@ -400,6 +394,10 @@ function Install-WingetAutoUpdate {
|
|||
New-ItemProperty $regPath -Name WAU_PostUpdateActions -Value 0 -PropertyType DWord -Force | Out-Null
|
||||
New-ItemProperty $regPath -Name WAU_MaxLogFiles -Value $MaxLogFiles -PropertyType DWord -Force | Out-Null
|
||||
New-ItemProperty $regPath -Name WAU_MaxLogSize -Value $MaxLogSize -PropertyType DWord -Force | Out-Null
|
||||
New-ItemProperty $regPath -Name WAU_UpdatesAtTime -Value $UpdatesAtTime -PropertyType DWord -Force | Out-Null
|
||||
if ($UpdatesAtLogon) {
|
||||
New-ItemProperty $regPath -Name WAU_UpdatesAtLogon -Value 1 -PropertyType DWord -Force | Out-Null
|
||||
}
|
||||
if ($DisableWAUAutoUpdate) {
|
||||
New-ItemProperty $regPath -Name WAU_DisableAutoUpdate -Value 1 -Force | Out-Null
|
||||
}
|
||||
|
@ -421,6 +419,19 @@ function Install-WingetAutoUpdate {
|
|||
if ($BypassListForUsers) {
|
||||
New-ItemProperty $regPath -Name WAU_BypassListForUsers -Value 1 -PropertyType DWord -Force | Out-Null
|
||||
}
|
||||
if ($InstallUserContext) {
|
||||
New-ItemProperty $regPath -Name WAU_UserContext -Value 1 -PropertyType DWord -Force | Out-Null
|
||||
}
|
||||
else {
|
||||
New-ItemProperty $regPath -Name WAU_UserContext -Value 0 -PropertyType DWord -Force | Out-Null
|
||||
}
|
||||
if ($DesktopShortcut) {
|
||||
New-ItemProperty $regPath -Name WAU_DesktopShortcut -Value 1 -PropertyType DWord -Force | Out-Null
|
||||
}
|
||||
if ($StartMenuShortcut) {
|
||||
New-ItemProperty $regPath -Name WAU_StartMenuShortcut -Value 1 -PropertyType DWord -Force | Out-Null
|
||||
}
|
||||
|
||||
|
||||
#Log file and symlink initialization
|
||||
. "$WingetUpdatePath\functions\Start-Init.ps1"
|
||||
|
|
|
@ -305,30 +305,27 @@ if (Test-Network) {
|
|||
Write-ToLog "No new update." "Green"
|
||||
}
|
||||
|
||||
#Check if any user is logged on if System and run User task (if installed)
|
||||
#Check if user context is activated during system run
|
||||
if ($IsSystem) {
|
||||
|
||||
#Run WAU in user context if feature is activated
|
||||
if ($WAUConfig.WAU_UserContext -eq 1) {
|
||||
|
||||
#User check routine from: https://stackoverflow.com/questions/23219718/powershell-script-to-see-currently-logged-in-users-domain-and-machine-status
|
||||
$explorerprocesses = @(Get-WmiObject -Query "Select * FROM Win32_Process WHERE Name='explorer.exe'" -ErrorAction SilentlyContinue)
|
||||
If ($explorerprocesses.Count -eq 0) {
|
||||
Write-ToLog "No explorer process found / Nobody interactively logged on..."
|
||||
}
|
||||
Else {
|
||||
#Run WAU in user context if the user task exist
|
||||
$UserScheduledTask = Get-ScheduledTask -TaskName "Winget-AutoUpdate-UserContext" -ErrorAction SilentlyContinue
|
||||
if ($UserScheduledTask) {
|
||||
|
||||
#Get Winget system apps to excape them befor running user context
|
||||
Write-ToLog "User logged on, get a list of installed Winget apps in System context..."
|
||||
Get-WingetSystemApps
|
||||
|
||||
#Run user context scheduled task
|
||||
Write-ToLog "Starting WAU in User context"
|
||||
Write-ToLog "Starting WAU in User context..."
|
||||
Start-ScheduledTask $UserScheduledTask.TaskName -ErrorAction SilentlyContinue
|
||||
Exit 0
|
||||
}
|
||||
elseif (!$UserScheduledTask) {
|
||||
Write-ToLog "User context execution not installed..."
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -186,6 +186,28 @@ function Invoke-PostUpdateActions {
|
|||
}
|
||||
}
|
||||
|
||||
#Create User context task if not existing and manage its activation
|
||||
$UserContextTask = Get-ScheduledTask -TaskName 'Winget-AutoUpdate-UserContext' -ErrorAction SilentlyContinue
|
||||
if (!$UserContextTask) {
|
||||
#Create the scheduled task in User context
|
||||
$taskAction = New-ScheduledTaskAction -Execute "wscript.exe" -Argument "`"$($WingetUpdatePath)\Invisible.vbs`" `"powershell.exe -NoProfile -ExecutionPolicy Bypass -File `"`"`"$($WingetUpdatePath)\winget-upgrade.ps1`"`""
|
||||
$taskUserPrincipal = New-ScheduledTaskPrincipal -GroupId S-1-5-11
|
||||
$taskSettings = New-ScheduledTaskSettingsSet -Compatibility Win8 -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries -ExecutionTimeLimit 03:00:00
|
||||
$task = New-ScheduledTask -Action $taskAction -Principal $taskUserPrincipal -Settings $taskSettings
|
||||
Register-ScheduledTask -TaskName 'Winget-AutoUpdate-UserContext' -TaskPath 'WAU' -InputObject $task -Force | Out-Null
|
||||
|
||||
#If scheduled task didn't exist, user context was not activated. Set it in registry.
|
||||
New-ItemProperty $regPath -Name WAU_UserContext -Value 0 -PropertyType DWord -Force | Out-Null
|
||||
Write-ToLog "-> User Context task created and set to 'disabled' in registry."
|
||||
}
|
||||
#If scheduled task exists but no WAU_UserContext setting, user context was activated. Set it in registry.
|
||||
elseif (!($WAUConfig.WAU_UserContext)) {
|
||||
New-ItemProperty $regPath -Name WAU_UserContext -Value 1 -PropertyType DWord -Force | Out-Null
|
||||
Write-ToLog "-> User Context task existes and set to 'enabled' in registry."
|
||||
}
|
||||
|
||||
### End of post update actions ###
|
||||
|
||||
#Reset WAU_UpdatePostActions Value
|
||||
$WAUConfig | New-ItemProperty -Name WAU_PostUpdateActions -Value 0 -Force
|
||||
|
||||
|
|
Loading…
Reference in New Issue