wingetautoupdate/Winget-AutoUpdate/functions/Get-Policies.ps1

227 lines
14 KiB
PowerShell

#Function to get Domain/Local Policies (GPO)
Function Get-Policies {
#Get WAU Policies and set the Configurations Registry Accordingly
$WAUPolicies = Get-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Romanitho\Winget-AutoUpdate" -ErrorAction SilentlyContinue
if ($WAUPolicies) {
if ($($WAUPolicies.WAU_ActivateGPOManagement -eq 1)) {
$ChangedSettings = 0
Write-Log "Activated WAU GPO Management detected, comparing..."
$regPath = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winget-AutoUpdate"
if ($null -ne $($WAUPolicies.WAU_BypassListForUsers) -and ($($WAUPolicies.WAU_BypassListForUsers) -ne $($WAUConfig.WAU_BypassListForUsers))) {
New-ItemProperty $regPath -Name WAU_BypassListForUsers -Value $($WAUPolicies.WAU_BypassListForUsers) -PropertyType DWord -Force | Out-Null
$ChangedSettings++
}
elseif ($null -eq $($WAUPolicies.WAU_BypassListForUsers) -and ($($WAUConfig.WAU_BypassListForUsers) -or $($WAUConfig.WAU_BypassListForUsers) -eq 0)) {
Remove-ItemProperty $regPath -Name WAU_BypassListForUsers -Force -ErrorAction SilentlyContinue | Out-Null
$ChangedSettings++
}
if ($null -ne $($WAUPolicies.WAU_DisableAutoUpdate) -and ($($WAUPolicies.WAU_DisableAutoUpdate) -ne $($WAUConfig.WAU_DisableAutoUpdate))) {
New-ItemProperty $regPath -Name WAU_DisableAutoUpdate -Value $($WAUPolicies.WAU_DisableAutoUpdate) -PropertyType DWord -Force | Out-Null
$ChangedSettings++
}
elseif ($null -eq $($WAUPolicies.WAU_DisableAutoUpdate) -and ($($WAUConfig.WAU_DisableAutoUpdate) -or $($WAUConfig.WAU_DisableAutoUpdate) -eq 0)) {
Remove-ItemProperty $regPath -Name WAU_DisableAutoUpdate -Force -ErrorAction SilentlyContinue | Out-Null
$ChangedSettings++
}
if ($null -ne $($WAUPolicies.WAU_DoNotRunOnMetered) -and ($($WAUPolicies.WAU_DoNotRunOnMetered) -ne $($WAUConfig.WAU_DoNotRunOnMetered))) {
New-ItemProperty $regPath -Name WAU_DoNotRunOnMetered -Value $($WAUPolicies.WAU_DoNotRunOnMetered) -PropertyType DWord -Force | Out-Null
$ChangedSettings++
}
elseif ($null -eq $($WAUPolicies.WAU_DoNotRunOnMetered) -and !$($WAUConfig.WAU_DoNotRunOnMetered)) {
New-ItemProperty $regPath -Name WAU_DoNotRunOnMetered -Value 1 -PropertyType DWord -Force | Out-Null
$ChangedSettings++
}
if ($null -ne $($WAUPolicies.WAU_UpdatePrerelease) -and ($($WAUPolicies.WAU_UpdatePrerelease) -ne $($WAUConfig.WAU_UpdatePrerelease))) {
New-ItemProperty $regPath -Name WAU_UpdatePrerelease -Value $($WAUPolicies.WAU_UpdatePrerelease) -PropertyType DWord -Force | Out-Null
$ChangedSettings++
}
elseif ($null -eq $($WAUPolicies.WAU_UpdatePrerelease) -and $($WAUConfig.WAU_UpdatePrerelease)) {
New-ItemProperty $regPath -Name WAU_UpdatePrerelease -Value 0 -PropertyType DWord -Force | Out-Null
$ChangedSettings++
}
if ($null -ne $($WAUPolicies.WAU_UseWhiteList) -and ($($WAUPolicies.WAU_UseWhiteList) -ne $($WAUConfig.WAU_UseWhiteList))) {
New-ItemProperty $regPath -Name WAU_UseWhiteList -Value $($WAUPolicies.WAU_UseWhiteList) -PropertyType DWord -Force | Out-Null
$ChangedSettings++
}
elseif ($null -eq $($WAUPolicies.WAU_UseWhiteList) -and ($($WAUConfig.WAU_UseWhiteList) -or $($WAUConfig.WAU_UseWhiteList) -eq 0)) {
Remove-ItemProperty $regPath -Name WAU_UseWhiteList -Force -ErrorAction SilentlyContinue | Out-Null
$ChangedSettings++
}
if ($null -ne $($WAUPolicies.WAU_ListPath) -and ($($WAUPolicies.WAU_ListPath.TrimEnd(" ", "\", "/")) -ne $($WAUConfig.WAU_ListPath.TrimEnd(" ", "\", "/")))) {
New-ItemProperty $regPath -Name WAU_ListPath -Value $($WAUPolicies.WAU_ListPath.TrimEnd(" ", "\", "/")) -Force | Out-Null
$ChangedSettings++
}
elseif ($null -eq $($WAUPolicies.WAU_ListPath) -and $($WAUConfig.WAU_ListPath)) {
Remove-ItemProperty $regPath -Name WAU_ListPath -Force -ErrorAction SilentlyContinue | Out-Null
$ChangedSettings++
}
if ($null -ne $($WAUPolicies.WAU_ModsPath) -and ($($WAUPolicies.WAU_ModsPath.TrimEnd(" ", "\", "/")) -ne $($WAUConfig.WAU_ModsPath.TrimEnd(" ", "\", "/")))) {
New-ItemProperty $regPath -Name WAU_ModsPath -Value $($WAUPolicies.WAU_ModsPath.TrimEnd(" ", "\", "/")) -Force | Out-Null
$ChangedSettings++
}
elseif ($null -eq $($WAUPolicies.WAU_ModsPath) -and $($WAUConfig.WAU_ModsPath)) {
Remove-ItemProperty $regPath -Name WAU_ModsPath -Force -ErrorAction SilentlyContinue | Out-Null
$ChangedSettings++
}
if ($null -ne $($WAUPolicies.WAU_NotificationLevel) -and ($($WAUPolicies.WAU_NotificationLevel) -ne $($WAUConfig.WAU_NotificationLevel))) {
New-ItemProperty $regPath -Name WAU_NotificationLevel -Value $($WAUPolicies.WAU_NotificationLevel) -Force | Out-Null
$ChangedSettings++
}
elseif ($null -eq $($WAUPolicies.WAU_NotificationLevel) -and $($WAUConfig.WAU_NotificationLevel) -ne "Full") {
New-ItemProperty $regPath -Name WAU_NotificationLevel -Value "Full" -Force | Out-Null
$ChangedSettings++
}
if ($null -ne $($WAUPolicies.WAU_UpdatesInterval) -and (($($WAUPolicies.WAU_UpdatesInterval) -ne $($WAUConfig.WAU_UpdatesInterval)))) {
New-ItemProperty $regPath -Name WAU_UpdatesInterval -Value $($WAUPolicies.WAU_UpdatesInterval) -Force | Out-Null
$service = New-Object -ComObject Schedule.Service
$service.Connect($env:COMPUTERNAME)
$folder = $service.GetFolder('\')
$task = $folder.GetTask("Winget-AutoUpdate")
$definition = $task.Definition
for($triggerId=1; $triggerId -le $definition.Triggers.Count; $triggerId++){
if(($definition.Triggers.Item($triggerId).Type -eq "2") -or ($definition.Triggers.Item($triggerId).Type -eq "3")){
$definition.Triggers.Remove($triggerId)
$triggerId-=1
}
}
$folder.RegisterTaskDefinition($task.Name, $definition, 4, $null, $null, $null) | Out-Null
if ($($WAUPolicies.WAU_UpdatesInterval) -ne "Never") {
#Count Triggers (correctly)
$service = New-Object -ComObject Schedule.Service
$service.Connect($env:COMPUTERNAME)
$folder = $service.GetFolder('\')
$task = $folder.GetTask("Winget-AutoUpdate")
$definition = $task.Definition
$definition.Triggers.Count | Out-Null
switch ($($WAUPolicies.WAU_UpdatesInterval)) {
"Daily" {$tasktrigger = New-ScheduledTaskTrigger -Daily -At 06am; break}
"BiDaily" {$tasktrigger = New-ScheduledTaskTrigger -Daily -At 06am -DaysInterval 2; break}
"Weekly" {$tasktrigger = New-ScheduledTaskTrigger -Weekly -At 06am -DaysOfWeek 2; break}
"BiWeekly" {$tasktrigger = New-ScheduledTaskTrigger -Weekly -At 06am -DaysOfWeek 2 -WeeksInterval 2; break}
"Monthly" {$tasktrigger = New-ScheduledTaskTrigger -Weekly -At 06am -DaysOfWeek 2 -WeeksInterval 4; break}
}
if ($definition.Triggers.Count -gt 0) {
$triggers = @()
$triggers += (Get-ScheduledTask "Winget-AutoUpdate").Triggers
$triggers += $tasktrigger
Set-ScheduledTask -TaskName "Winget-AutoUpdate" -Trigger $triggers
}
else {
Set-ScheduledTask -TaskName "Winget-AutoUpdate" -Trigger $tasktrigger
}
}
$ChangedSettings++
}
elseif ($null -eq $($WAUPolicies.WAU_UpdatesInterval) -and $($WAUConfig.WAU_UpdatesInterval) -ne "Daily") {
New-ItemProperty $regPath -Name WAU_UpdatesInterval -Value "Daily" -Force | Out-Null
$service = New-Object -ComObject Schedule.Service
$service.Connect($env:COMPUTERNAME)
$folder = $service.GetFolder('\')
$task = $folder.GetTask("Winget-AutoUpdate")
$definition = $task.Definition
for($triggerId=1; $triggerId -le $definition.Triggers.Count; $triggerId++){
if(($definition.Triggers.Item($triggerId).Type -eq "2") -or ($definition.Triggers.Item($triggerId).Type -eq "3")){
$definition.Triggers.Remove($triggerId)
$triggerId-=1
}
}
$folder.RegisterTaskDefinition($task.Name, $definition, 4, $null, $null, $null) | Out-Null
$tasktrigger = New-ScheduledTaskTrigger -Daily -At 06am
#Count Triggers (correctly)
$service = New-Object -ComObject Schedule.Service
$service.Connect($env:COMPUTERNAME)
$folder = $service.GetFolder('\')
$task = $folder.GetTask("Winget-AutoUpdate")
$definition = $task.Definition
$definition.Triggers.Count | Out-Null
if ($definition.Triggers.Count -gt 0) {
$triggers = @()
$triggers += (Get-ScheduledTask "Winget-AutoUpdate").Triggers
$triggers += $tasktrigger
Set-ScheduledTask -TaskName "Winget-AutoUpdate" -Trigger $triggers
}
else {
Set-ScheduledTask -TaskName "Winget-AutoUpdate" -Trigger $tasktrigger
}
$ChangedSettings++
}
if ($null -ne $($WAUPolicies.WAU_UpdatesAtLogon) -and ($($WAUPolicies.WAU_UpdatesAtLogon) -ne $($WAUConfig.WAU_UpdatesAtLogon))) {
if ($WAUPolicies.WAU_UpdatesAtLogon -eq 1) {
New-ItemProperty $regPath -Name WAU_UpdatesAtLogon -Value $($WAUPolicies.WAU_UpdatesAtLogon) -PropertyType DWord -Force | Out-Null
$triggers = @()
$triggers += (Get-ScheduledTask "Winget-AutoUpdate").Triggers
#Count Triggers (correctly)
$service = New-Object -ComObject Schedule.Service
$service.Connect($env:COMPUTERNAME)
$folder = $service.GetFolder('\')
$task = $folder.GetTask("Winget-AutoUpdate")
$definition = $task.Definition
$definition.Triggers.Count | Out-Null
if ($definition.Triggers.Count -gt 0) {
$triggers += New-ScheduledTaskTrigger -AtLogon
Set-ScheduledTask -TaskName "Winget-AutoUpdate" -Trigger $triggers
}
else {
$tasktrigger = New-ScheduledTaskTrigger -AtLogon
Set-ScheduledTask -TaskName "Winget-AutoUpdate" -Trigger $tasktrigger
}
}
else {
Remove-ItemProperty $regPath -Name WAU_UpdatesAtLogon -Force -ErrorAction SilentlyContinue | Out-Null
$service = New-Object -ComObject Schedule.Service
$service.Connect($env:COMPUTERNAME)
$folder = $service.GetFolder('\')
$task = $folder.GetTask("Winget-AutoUpdate")
$definition = $task.Definition
$definition.Triggers.Count | Out-Null
for($triggerId=1; $triggerId -le $definition.Triggers.Count; $triggerId++){
if($definition.Triggers.Item($triggerId).Type -eq "9"){
$definition.Triggers.Remove($triggerId)
$triggerId-=1
}
}
$folder.RegisterTaskDefinition($task.Name, $definition, 4, $null, $null, $null) | Out-Null
}
$ChangedSettings++
}
elseif ($null -eq $($WAUPolicies.WAU_UpdatesAtLogon) -and ($($WAUConfig.WAU_UpdatesAtLogon) -or $($WAUConfig.WAU_UpdatesAtLogon) -eq 0)) {
Remove-ItemProperty $regPath -Name WAU_UpdatesAtLogon -Force -ErrorAction SilentlyContinue | Out-Null
$service = New-Object -ComObject Schedule.Service
$service.Connect($env:COMPUTERNAME)
$folder = $service.GetFolder('\')
$task = $folder.GetTask("Winget-AutoUpdate")
$definition = $task.Definition
for($triggerId=1; $triggerId -le $definition.Triggers.Count; $triggerId++){
if($definition.Triggers.Item($triggerId).Type -eq "9"){
$definition.Triggers.Remove($triggerId)
$triggerId-=1
}
}
$folder.RegisterTaskDefinition($task.Name, $definition, 4, $null, $null, $null) | Out-Null
$ChangedSettings++
}
if ($ChangedSettings -gt 0) {
Write-Log "Changed settings: $ChangedSettings" "Yellow"
}
#Get WAU Configurations after Policies change
$Script:WAUConfig = Get-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winget-AutoUpdate"
}
}
Return
}