GPO Black/White List Activated in WAU

pull/263/head
KnifMelti 2023-01-19 07:11:20 +01:00
parent 21fa9eb25d
commit a6e1a5030a
4 changed files with 45 additions and 25 deletions

View File

@ -26,19 +26,20 @@ If this policy is disabled or not configured, the default is No.</string>
<string id="UpdatePrerelease_Explain">This policy setting specifies whether to update WAU to PreRelease versions or not (via WAU AutoUpdate).
If this policy is disabled or not configured, the default is No.</string>
<string id="BlackList_Name">Application Blacklist</string>
<string id="BlackList_Name">Application GPO Blacklist</string>
<string id="BlackList_Explain">Provide the WinGet IDs of applications you want to exclude.</string>
<string id="WhiteList_Name">Application Whitelist</string>
<string id="WhiteList_Name">Application GPO Whitelist</string>
<string id="WhiteList_Explain">Provide the WinGet IDs of applications you want to include.</string>
<string id="UseWhiteList_Name">Use WhiteList instead of BlackList</string>
<string id="UseWhiteList_Explain">This policy setting specifies whether to use a Whitelist or not.
If this policy is disabled or not configured, the default is No.</string>
<string id="ListPath_Name">Get Black/White List from external Path (URL/UNC/Local)</string>
<string id="ListPath_Explain">If this policy is enabled, you can set a (URL/UNC/Local) Path to external lists other than the default.
<string id="ListPath_Name">Get Black/White List from external Path (URL/UNC/GPO/Local)</string>
<string id="ListPath_Explain">If this policy is enabled, you can set a (URL/UNC/GPO/Local) Path to external lists other than the default.
If "Application GPO Blacklist/Whitelist" is set in this GPO the Path should be: GPO
If this policy is disabled or not configured, the default ListPath is used (WAU InstallLocation).</string>
<string id="ModsPath_Name">Get Mods from external Path (URL/UNC/Local)</string>
<string id="ModsPath_Explain">If this policy is enabled, you can set a (URL/UNC/Local) Path to external mods other than the default.
@ -140,7 +141,7 @@ If this policy is disabled or not configured, the default size is used.</string>
</presentation>
<presentation id="ListPath">
<textBox refId="ListPath">
<label>(URL/UNC/Local) Path:</label>
<label>(URL/UNC/GPO/Local) Path:</label>
</textBox>
</presentation>
<presentation id="ModsPath">

View File

@ -127,26 +127,32 @@ if (Test-Network) {
#Get External ListPath if run as System
if ($WAUConfig.WAU_ListPath) {
Write-Log "WAU uses External Lists from: $($WAUConfig.WAU_ListPath.TrimEnd(" ", "\", "/"))"
$NewList = Test-ListPath $WAUConfig.WAU_ListPath.TrimEnd(" ", "\", "/") $WAUConfig.WAU_UseWhiteList $WAUConfig.InstallLocation.TrimEnd(" ", "\")
if ($ReachNoPath) {
Write-Log "Couldn't reach/find/compare/copy from $($WAUConfig.WAU_ListPath.TrimEnd(" ", "\", "/"))..." "Red"
$Script:ReachNoPath = $False
}
if ($NewList) {
Write-Log "Newer List downloaded/copied to local path: $($WAUConfig.InstallLocation.TrimEnd(" ", "\"))" "Yellow"
if ($($WAUConfig.WAU_ListPath) -eq "GPO") {
Write-Log "WAU uses External Lists from: $($WAUConfig.WAU_ListPath.TrimEnd(" ", "\", "/"))"
$Script:GPOList = $True
}
else {
if ($WAUConfig.WAU_UseWhiteList -and (Test-Path "$WorkingDir\included_apps.txt")) {
Write-Log "List (white) is up to date." "Green"
Write-Log "WAU uses External Lists from: $($WAUConfig.WAU_ListPath.TrimEnd(" ", "\", "/"))"
$NewList = Test-ListPath $WAUConfig.WAU_ListPath.TrimEnd(" ", "\", "/") $WAUConfig.WAU_UseWhiteList $WAUConfig.InstallLocation.TrimEnd(" ", "\")
if ($ReachNoPath) {
Write-Log "Couldn't reach/find/compare/copy from $($WAUConfig.WAU_ListPath.TrimEnd(" ", "\", "/"))..." "Red"
$Script:ReachNoPath = $False
}
elseif (!$WAUConfig.WAU_UseWhiteList -and (Test-Path "$WorkingDir\excluded_apps.txt")) {
Write-Log "List (black) is up to date." "Green"
if ($NewList) {
Write-Log "Newer List downloaded/copied to local path: $($WAUConfig.InstallLocation.TrimEnd(" ", "\"))" "Yellow"
}
else {
Write-Log "Critical: White/Black List doesn't exist, exiting..." "Red"
New-Item "$WorkingDir\logs\error.txt" -Value "White/Black List doesn't exist!" -Force
Exit 1
if ($WAUConfig.WAU_UseWhiteList -and (Test-Path "$WorkingDir\included_apps.txt")) {
Write-Log "List (white) is up to date." "Green"
}
elseif (!$WAUConfig.WAU_UseWhiteList -and (Test-Path "$WorkingDir\excluded_apps.txt")) {
Write-Log "List (black) is up to date." "Green"
}
else {
Write-Log "Critical: White/Black List doesn't exist, exiting..." "Red"
New-Item "$WorkingDir\logs\error.txt" -Value "White/Black List doesn't exist!" -Force
Exit 1
}
}
}
}
@ -176,6 +182,10 @@ if (Test-Network) {
}
}
if ($($WAUConfig.WAU_ListPath) -eq "GPO") {
$Script:GPOList = $True
}
#Get White or Black list
if ($WAUConfig.WAU_UseWhiteList -eq 1) {
Write-Log "WAU uses White List config"
@ -221,7 +231,7 @@ if (Test-Network) {
if ($UseWhiteList) {
#For each app, notify and update
foreach ($app in $outdated) {
if (($toUpdate -contains $app.Id) -and $($app.Version) -ne "Unknown") {
if (($toUpdate -match $app.Id) -and $($app.Version) -ne "Unknown") {
Update-App $app
}
#if current app version is unknown
@ -238,7 +248,7 @@ if (Test-Network) {
else {
#For each app, notify and update
foreach ($app in $outdated) {
if (-not ($toSkip -contains $app.Id) -and $($app.Version) -ne "Unknown") {
if (-not ($toSkip -match $app.Id) -and $($app.Version) -ne "Unknown") {
Update-App $app
}
#if current app version is unknown

View File

@ -2,7 +2,11 @@
function Get-ExcludedApps {
if (Test-Path "$WorkingDir\excluded_apps.txt") {
if ($GPOList) {
return Get-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Romanitho\Winget-AutoUpdate\BlackList"
}
elseif (Test-Path "$WorkingDir\excluded_apps.txt") {
return (Get-Content -Path "$WorkingDir\excluded_apps.txt").Trim() | Where-Object { $_.length -gt 0 }

View File

@ -2,7 +2,12 @@
function Get-IncludedApps {
if (Test-Path "$WorkingDir\included_apps.txt") {
if ($GPOList) {
return Get-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Romanitho\Winget-AutoUpdate\WhiteList"
}
elseif (Test-Path "$WorkingDir\included_apps.txt") {
return (Get-Content -Path "$WorkingDir\included_apps.txt").Trim() | Where-Object { $_.length -gt 0 }