I know you can enable Windows 10 Developer mode interactively by going to Settings | For developers, selecting 'Developer mode' and then rebooting.
Is there a way to enable this programmatically? (eg. via PowerShell or similar so that I can include it as a step in a Boxstarter script when refreshing my developer workstation)
Turns out Nickolaj Andersen has written an article which includes just such a PowerShell script..
http://www.scconfigmgr.com/2016/09/11/enable-ubuntu-in-windows-10-during-osd-with-configmgr/
Here are the relevant lines extracted from his post:
# Create AppModelUnlock if it doesn't exist, required for enabling Developer Mode
$RegistryKeyPath = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock"
if (-not(Test-Path -Path $RegistryKeyPath)) {
New-Item -Path $RegistryKeyPath -ItemType Directory -Force
}
# Add registry value to enable Developer Mode
New-ItemProperty -Path $RegistryKeyPath -Name AllowDevelopmentWithoutDevLicense -PropertyType DWORD -Value 1
I modified the accepted answer and ended up with the following script:
param([Switch]$WaitForKey)
if (([Version](Get-CimInstance Win32_OperatingSystem).version).Major -lt 10)
{
Write-Host -ForegroundColor Red "The DeveloperMode is only supported on Windows 10"
exit 1
}
# Get the ID and security principal of the current user account
$myWindowsID=[System.Security.Principal.WindowsIdentity]::GetCurrent()
$myWindowsPrincipal=new-object System.Security.Principal.WindowsPrincipal($myWindowsID)
# Get the security principal for the Administrator role
$adminRole=[System.Security.Principal.WindowsBuiltInRole]::Administrator
if ($myWindowsPrincipal.IsInRole($adminRole))
{
$RegistryKeyPath = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock"
if (! (Test-Path -Path $RegistryKeyPath))
{
New-Item -Path $RegistryKeyPath -ItemType Directory -Force
}
if (! (Get-ItemProperty -Path $RegistryKeyPath -Name AllowDevelopmentWithoutDevLicense))
{
# Add registry value to enable Developer Mode
New-ItemProperty -Path $RegistryKeyPath -Name AllowDevelopmentWithoutDevLicense -PropertyType DWORD -Value 1
}
$feature = Get-WindowsOptionalFeature -FeatureName Microsoft-Windows-Subsystem-Linux -Online
if ($feature -and ($feature.State -eq "Disabled"))
{
Enable-WindowsOptionalFeature -FeatureName Microsoft-Windows-Subsystem-Linux -Online -All -LimitAccess -NoRestart
}
if ($WaitForKey)
{
Write-Host -NoNewLine "Press any key to continue..."
$null = $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
}
}
else
{
# We are not running "as Administrator" - so relaunch as administrator
# Create a new process object that starts PowerShell
$newProcess = new-object System.Diagnostics.ProcessStartInfo "PowerShell";
# Specify the current script path and name as a parameter
$newProcess.Arguments = "-NoProfile",$myInvocation.MyCommand.Definition,"-WaitForKey";
# Indicate that the process should be elevated
$newProcess.Verb = "runas";
# Start the new process
[System.Diagnostics.Process]::Start($newProcess);
# Exit from the current, unelevated, process
exit
}
It automatically elevates itself, if not already running elevated and enables the optional feature mentioned by Julian Knight.
Related
**I installed the module PolicyFileEditor through the command "Install-Module -Name PolicyFileEditor"
Is there a way in which i can write a script using this module that would add MyGlue on Favorites Bar (with favorites bar being always shown) for Chrome and Edge**
I have done it through the LGPO but not through PowerShell script.
We cant do it manually as we are the MSP and we need to push this script through our RMM on all the workstations which we manage
Any help is appreciated
PS: This Needs to be a powershell script for LGPO as the workstations are not in domain but workgroup.
Thanks
I'd do it like this:
Write-host "Trusting PS Gallery"
Set-PSRepository -Name 'PSGallery' -InstallationPolicy Trusted -ErrorAction Stop
Write-Host "Installing PolicyFileEditor"
Install-Module -Name PolicyFileEditor -Scope CurrentUser -ErrorAction Stop
Write-Host "Installing MyGlue Chrome Extension Add-On (set LGPO)"
$MachineDir = "$env:windir\system32\GroupPolicy\Machine\registry.pol"
$RegPath = 'SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist'
$RegData = 'bfcdaalpeodhimbiipneeaoeogkkminc;https://clients2.google.com/service/update2/crx'
$RegName = '1'
$RegType = 'ExpandString'
Set-PolicyFileEntry -Path $MachineDir -Key $RegPath -ValueName $RegName -Data $RegData -Type $RegType -ErrorAction Stop
Write-Host "Updating LGPO w/o restart"
echo N | gpupdate.exe /target:Computer /force
But please make sure that the value name '1' does not already exist for another add-on, otherwise it will be overwritten.
You could solve it e.g. like this:
$RegName = '1'
if ((Get-ItemProperty "HKLM:$RegPath").PSObject.Properties.Name -contains $RegName) { $RegName = '2' }
if ((Get-ItemProperty "HKLM:$RegPath").PSObject.Properties.Name -contains $RegName) { $RegName = '3' }
if ((Get-ItemProperty "HKLM:$RegPath").PSObject.Properties.Name -contains $RegName) { $RegName = '4' }
But this is not nice, maybe there is a better solution: e.g. with RegEx or a loop, which checks the value names and takes the next free available number as name.
Somthing like: $RegName = "Take the next available (not existing) number as name (string)"
On my work computer, I don't have admin privileges.
Installing new fonts cannot be done "the easy way".
At the time I was using Windows 7, I managed to run a PowerShell script that was launched at session startup and that installed the fonts from a given folder.
Here is the code I used:
add-type -name Session -namespace "" -member #"
[DllImport("gdi32.dll")]
public static extern int AddFontResource(string filePath);
"#
$FontFolder = "C:\Users\myusername\Documents\Fonts"
$null = foreach($font in Get-ChildItem -Path $FontFolder -Recurse -Include *.ttf, *.otg, *.otf) {
Write-Host "Installing : $($font.FullName)"
$result = [Session]::AddFontResource($font.FullName)
Write-Host "Installed $($result) fonts"
}
Now that I have switched to Windows 10, I thought I could go back to installing fonts "the easy way", as it is supposed to be possible to install fonts for your user without admin privileges.
This however still does not work: there is a popup window saying that "The requested file is not a valid font file". One solution is apparently to start the Windows firewall, which of course is not allowed by my administrator... but it is already running (see Edit below)
Back to the PowerShell then. The script unfortunately does not work anymore and does not provide any interesting pointers to where the problem comes from:
Installing : C:\Users\myusername\Documents\Fonts\zilla-slab\ZillaSlab-SemiBold.otf
Installed 0 fonts
Installing : C:\Users\myusername\Documents\Fonts\zilla-slab\ZillaSlab-SemiBoldItalic.otf
Installed 0 fonts
Installing : C:\Users\myusername\Documents\Fonts\zilla-slab\ZillaSlabHighlight-Bold.otf
Installed 0 fonts
I tried using a try catch, but still have no identified error:
add-type -name Session -namespace "" -member #"
[DllImport("gdi32.dll")]
public static extern int AddFontResource(string filePath);
"#
$FontFolder = "C:\Users\myusername\Documents\Fonts"
$null = foreach($font in Get-ChildItem -Path $FontFolder -Recurse -Include *.ttf, *.otg, *.otf) {
try {
Write-Host "Installing : $($font.FullName)"
$result = [Session]::AddFontResource($font.FullName)
Write-Host $result
}
catch {
Write-Host "An error occured installing $($font)"
Write-Host "$($error)"
Write-Host "$($error[0].ToString())"
Write-Host ""
1
}
}
And the resulting output
Installing : C:\Users\myusername\Documents\Fonts\zilla-slab\ZillaSlabHighlight-Bold.otf
0
Installing : C:\Users\myusername\Documents\Fonts\zilla-slab\ZillaSlabHighlight-Regular.otf
0
Installing : C:\Users\myusername\Documents\Fonts\ZillaSlab-Light.otf
0
Any idea how to solve this issue?
Edit:
Regarding the status of the security applications, here is the McAfee status:
McAfee Data Exchange Layer OK
McAfee DLP Endpoint OK
Programme de mise à jour McAfee OK
McAfee Endpoint Security OK
"Programme de mise à jour" means "update program" in French.
I also checked the list of running services :
mpssvc service (Windows defender firewall) is running
mfefire (McAfee Firewall core service) is not running
Edit2:
My last attempt is the following:
I copied the font file manually to the $($env:LOCALAPPDATA)\Microsoft\Windows\Fonts\ folder
Using regedit, I added the entry as shown below
I restarted. Still no Bebas font in WordPad or Publisher
Here's how I do it with a com object. This works for me as non-admin based on Install fonts without administrative privileges. I can see the fonts installed to "$env:LOCALAPPDATA\Microsoft\Windows\Fonts" in the Fonts area under Settings. I have Windows 10 20H2 (it should work in 1803 or higher). I also see the fonts installed in Wordpad.
$Destination = (New-Object -ComObject Shell.Application).Namespace(20)
$TempFolder = "$($env:windir)\Temp\Fonts\"
New-Item -Path $TempFolder -Type Directory -Force | Out-Null
Get-ChildItem -Path $PSScriptRoot\fonts\* -Include '*.ttf','*.ttc','*.otf' |
ForEach {
If (-not(Test-Path "$($env:LOCALAPPDATA)\Microsoft\Windows\Fonts\$($_.Name)")) {
$Font = "$($env:windir)\Temp\Fonts\$($_.Name)"
Copy-Item $($_.FullName) -Destination $TempFolder
$Destination.CopyHere($Font)
Remove-Item $Font -Force
} else { "font $($env:LOCALAPPDATA)\Microsoft\Windows\Fonts\$($_.Name) already installed" }
}
Example REG_SZ registry entry:
dir 'HKCU:\Software\Microsoft\Windows NT\CurrentVersion\Fonts*' | ft -a
Hive: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion
Name Property
---- --------
Fonts Nunito Black (TrueType) : C:\Users\myuser\AppData\Local\Microsoft\Windows\Fonts\Nunito-Black.ttf
You can install fonts on windows using following powershell scripts.
param(
[Parameter(Mandatory=$true,Position=0)]
[ValidateNotNull()]
[array]$pcNames,
[Parameter(Mandatory=$true,Position=1)]
[ValidateNotNull()]
[string]$fontFolder
)
$padVal = 20
$pcLabel = "Connecting To".PadRight($padVal," ")
$installLabel = "Installing Font".PadRight($padVal," ")
$errorLabel = "Computer Unavailable".PadRight($padVal," ")
$openType = "(Open Type)"
$regPath = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts"
$objShell = New-Object -ComObject Shell.Application
if(!(Test-Path $fontFolder))
{
Write-Warning "$fontFolder - Not Found"
}
else
{
$objFolder = $objShell.namespace($fontFolder)
foreach ($pcName in $pcNames)
{
Try{
Write-Output "$pcLabel : $pcName"
$null = Test-Connection $pcName -Count 1 -ErrorAction Stop
$destination = "\\",$pcname,"\c$\Windows\Fonts" -join ""
foreach ($file in $objFolder.items())
{
$fileType = $($objFolder.getDetailsOf($file, 2))
if(($fileType -eq "OpenType font file") -or ($fileType -eq "TrueType font file"))
{
$fontName = $($objFolder.getDetailsOf($File, 21))
$regKeyName = $fontName,$openType -join " "
$regKeyValue = $file.Name
Write-Output "$installLabel : $regKeyValue"
Copy-Item $file.Path $destination
Invoke-Command -ComputerName $pcName -ScriptBlock { $null = New-ItemProperty -Path $args[0] -Name $args[1] -Value $args[2] -PropertyType String -Force } -ArgumentList $regPath,$regKeyname,$regKeyValue
}
}
}
catch{
Write-Warning "$errorLabel : $pcName"
}
}
}
This is the first thing I have ever done with Powershell. The gist of the script is to do some base setup for my companies web server installation. Basically it should
Take a list of names
Make a user with that name
configure user make a folder with that name
make an application pool with that name
set application pool properties
set folder permissions for a group
The code is below.
Import-Module WebAdministration
#$apps = #('H','N1','N2')
foreach ($app in $apps){
## I need to check for if a user exists first
NET USER $app "password" /ADD
NET LOCALGROUP "iis_iusrs" $app /ADD
WMIC USERACCOUNT WHERE "Name=$app" SET PaswordExpires=False
#See if the application's folder exists
if (!(Test-Path("C:\inetpub\wwwroot\"+$app)))
{
New-Item -ItemType Directory -Force -Path C:\inetpub\wwwroot\$app
}
## See if the application Pool exists. If it doesn't then create it
if (!(Test-Path("IIS:\AppPools\"+$app)))
{
$appPool = New-Item ("IIS:\AppPools\"+$app)
$appPool.ProcessModel.identityType = 3
$appPool.ProcessModel.userName=$app
$appPool.ProcessModel.password="password"
$appPool.ProcessModel.idleTimeout=[TimeSpan]::FromMinutes(0)
$appPool.processModel.loadUserProfile="True"
$appPool.recycling.disallowOverlappingRotation = "True"
$appPool.recycling.disallowRotationOnConfigChange = "True"
$appPool.recycling.periodicRestart.time = [TimeSpan]::FromMinutes(0)
$appPool | Set-Item
$propPath = "IIS:\AppPools\"+$appPool
New-ItemProperty -Path $propPath -Name recycling.periodicRestart.schedule -Value #{value="00:06:00"}
}
}
$webserver = Hostname
if(!(Test-Path("C:\"+$webserver)))
{
$hostserver = Read-Host "What is the host server's name?"
New-Item -ItemType Directory -Force -Path C:\$webserver\$hostserver
}
if(!(Test-Path('C:\Temp')))
{
New-Item -ItemType Directory -Force -Path C:\Temp
}
$Acl_inetpub = Get-Acl C:\inetpub
$Acl_temp = Get-Acl C:\Temp
$Acl_windows_temp = Get-Acl C:\Windows\Temp
$Ar_iis = New-Object System.Security.AccessControl.FileSystemAccessRule(".\iis_iusrs","FullControl","ContainerInherit,ObjectInherit","None","Allow")
$Ar_users = New-Object System.Security.AccessControl.FileSystemAccessRule(".\users","FullControl","ContainerInherit,ObjectInherit","None","Allow")
$Acl_inetpub.SetAccessRule($Ar_iis)
$Acl_inetpub.SetAccessRule($Ar_users)
$Acl_temp.SetAccessRule($Ar_iis)
$Acl_temp.SetAccessRule($Ar_users)
$Acl_windows_temp.SetAccessRule($Ar_iis)
$Acl_windows_temp.SetAccessRule($Ar_users)
Set-Acl C:\inetpub $Acl_inetpub
Set-Acl C:\temp $Acl_temp
Set-Acl C:\Windows\Temp $Acl_windows_temp
My issue currently is.
$propPath = "IIS:\AppPools\"+$appPool
New-ItemProperty -Path $propPath -Name recycling.periodicRestart.schedule -Value #{value="00:06:00"}
I get a path error when I run this but I am not sure where the error is coming from. Also, is there a way to do this same thing but just using the object like I did the rest of the settings? So far I have not found a way to do this.
So I found the final issue thanks Randy Schuman's advice. I wasn't thinking about how I was using $app vs $appPool . I was just continuing the pattern of using the $appPool's object when I need to supply it the $appPools name which is just $app. When I switched that it worked.
I would like to add \XX01234ABC01 to Local intranet zone using a PowerShell script and possibly take the site from the variable below.
$computername=$env:computername -replace ".....$","ABC01"
Any help would be much appreciated.
I hope this help you
$prefixIntranet = "www"
$LocalIntranetSite = "xxxx.com"
$UserRegPath = "HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains"
$DWord = 1
try {
Write-Verbose "Creating a new key '$LocalIntranetSite' under $UserRegPath."
New-Item -Path "$UserRegPath" -ItemType File -Name "$LocalIntranetSite"
New-Item -Path "$UserRegPath\$LocalIntranetSite" -ItemType File -Name "$prefixIntranet"
Write-Verbose "Creating a Dword value named 'HTTP' and set the value to '$DWord' "
Set-ItemProperty -Path $UserRegPath\$LocalIntranetSite\$prefixIntranet -Name "http" -Value $DWord `
Write-Host "Successfully added '$prefixIntranet.$LocalIntranetSite' domain to Internet Explorer local intranet."
} Catch [System.Exception] {
Write-Warning "[CATCH] Errors found during attempt:`n$_" -BackgroundColor Red
}
I was looking to do something similar. This will do the job:
# Gets you PC Name like you had in your question
$LocalIntranetSite = $env:computername -replace ".....$","ABC01"
# Set your base registry location
$UserRegPath = "HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\ZoneMap\Domains"
# Set your zone. 1 is intranet.
$DWord = 1
try {
Write-Debug "Creating a new key '$LocalIntranetSite' under $UserRegPath."
# Check to be sure the key isn't already listed before trying to add
if (-not (Test-Path -Path "$UserRegPath\$LocalIntranetSite")) {
# Add your site to the domains list in the registry
New-Item -Path "$UserRegPath" -ItemType File -Name "$LocalIntranetSite"
}
# Set a Dword property named '*' and with value '$DWord' on your '$LocalIntranetSite'.
# This is what adds your site to the Intranet Zone.
Set-ItemProperty -Path "$UserRegPath\$LocalIntranetSite" -Name "*" -Value $DWord
} Catch [System.Exception] {
Write-Warning "[CATCH] Errors found during attempt:`n$_"
}
I'm trying to create a script to install receiver but I'm getting this popup box asking if I'm sure.
$InstallFiles = "C:\Users\raw.admin\Documents\CitrixReceiver.exe"
$ArgumentList = '/silent /includeSSON enable_SSON=yes enableprelaunch=true allowaddstore=a STORE0="Kiewit;https://apps.kiewit.com/citrix/kiewit/discovery;on"'
Write-host "Installing Citrix receiver"
Start-Process -FilePath $InstallFiles -ArgumentList $ArgumentList -wait
##Make sure Single Sign is in Provider Order Key
$Path = "HKLM:\system\CurrentControlSet\Control\NetworkProvider\Order"
$ProviderOrder = (Get-ItemProperty -path $path).ProviderOrder
If ($ProviderOrder -NotLike "*PnSson*")
{
Set-ItemProperty -path $path -Name ProviderOrder -value ($ProviderOrder + ",PnSson")
$NewProviderOrder = (Get-ItemProperty -path $path).ProviderOrder
Write-Host Provider Order key now has the following values $NewProviderOrder
}
Else
{
Write-Host "PnSson already present in Provider Order"
}
Write-host "Installation Complete"
I don't want the user to get prompt to answer the question of yes or no. Can it be done or is it something the user will just have to live with?