05 November 2015

Deploying Microsoft Endpoint

I recently converted my firm to Microsoft Endpoint. Part of the process is including endpoint in the golden image. I wrote this powershell script that will install endpoint and then remove the necessary registry keys so it will set itself back up when the reference image is laid down on a new machine. The script also allows you to visually see if the application is installed correctly by returning a success/failure by checking to see if MsMpEng.exe is running. You may wonder why I have an uninstall first. I do this in all of my installation scripts in the event something is wrong with the currently installed app and it needs to be reinstalled. You can easily comment out that line if you do not want that to occur.

I execute this script using psexec so that it is run under the local system context. I use the following:
psexec.exe \\%computername% -s -h cmd.exe /c "echo . | powershell.exe -executionpolicy bypass -file install_build.ps1"

You can download the script from here.



1:  <#       
2:       .NOTES  
3:       ===========================================================================  
4:        Created with:      SAPIEN Technologies, Inc., PowerShell Studio 2015 v4.2.98  
5:        Created on:       05 November 2015 10:37 AM  
6:        Created by:       Mick Pletcher  
7:        Organization:        
8:        Filename:        installEndPoint_build.ps1  
9:       ===========================================================================  
10:       .DESCRIPTION  
11:            Install endpoint during the generation of a golden image. This will  
12:            also remove all necessary registry keys required in preparation of   
13:            generating a golden image.  
14:  #>  
15:    
16:  #Declare Global Memory  
17:  $Global:RelativePath = (split-path $SCRIPT:MyInvocation.MyCommand.Path -parent) + "\"  
18:    
19:  Function Wait-ProcessEnd {  
20:       <#  
21:       .SYNOPSIS  
22:            Wait-Process  
23:       .DESCRIPTION  
24:            Waits for a Process to end before continuing.  
25:       #>  
26:         
27:       Param ([String]$Process)  
28:       $Proc = Get-Process $Process -ErrorAction SilentlyContinue  
29:       If ($Proc -ne $null) {  
30:            Do {  
31:                 Start-Sleep -Seconds 5  
32:                 $Proc = Get-Process $Process -ErrorAction SilentlyContinue  
33:            } While ($Proc -ne $null)  
34:       }  
35:  }  
36:    
37:  Function Install-EXE {  
38:       <#  
39:       .SYNOPSIS  
40:            Install-EXE  
41:       .DESCRIPTION  
42:            Installs an EXE file  
43:       #>  
44:         
45:       Param ([String]$DisplayName,  
46:            [String]$Executable,  
47:            [String]$Switches)  
48:       Write-Host "Install"$DisplayName"....." -NoNewline  
49:       If ((Test-Path $Executable) -eq $true) {  
50:            Start-Process -FilePath $Executable -ArgumentList $Switches  
51:            Wait-ProcessEnd -Process "scepinstall"  
52:       } else {  
53:            $ErrCode = 1  
54:       }  
55:       $Process = Get-Process -ProcessName MsMpEng -ErrorAction SilentlyContinue  
56:       If ($Process.ProcessName -eq "MsMpEng") {  
57:            Write-Host "Success" -ForegroundColor Yellow  
58:       } else {  
59:            Write-Host "Failed" -ForegroundColor Red  
60:       }  
61:  }  
62:    
63:  Function Uninstall-EXE {  
64:       <#  
65:       .SYNOPSIS  
66:            Uninstall-EXE  
67:       .DESCRIPTION  
68:            Uninstalls an EXE file  
69:       #>  
70:         
71:       Param ([String]$DisplayName,  
72:            [String]$Executable,  
73:            [String]$Switches)  
74:       Write-Host "Uninstall"$DisplayName"....." -NoNewline  
75:       If ((Test-Path $Executable) -eq $true) {  
76:            Start-Process -FilePath $Executable -ArgumentList $Switches  
77:            Wait-ProcessEnd -Process "scepinstall"  
78:       }  
79:       $Process = Get-Process -ProcessName MsMpEng -ErrorAction SilentlyContinue  
80:       If ($Process -eq $null) {  
81:            Write-Host "Success" -ForegroundColor Yellow  
82:       } else {  
83:            Write-Host "Failed" -ForegroundColor Red  
84:       }  
85:  }  
86:    
87:  Function Remove-RegistryValue {  
88:       <#  
89:       .SYNOPSIS  
90:            Remove-RegistryValue  
91:       .DESCRIPTION  
92:            Deletes a specific registry value  
93:       .EXAMPLE  
94:            Remove-RegistryValue "HKEY_LOCAL_MACHINE\SOFTWARE\Hummingbird"  
95:       #>  
96:         
97:       Param ([String]$RegistryKey,  
98:            [String]$Value)  
99:       $tempdrive = New-PSDrive -Name HKCR -PSProvider Registry -Root HKEY_CLASSES_ROOT  
100:       $RegistryKey1 = $RegistryKey.split("\")  
101:       switch ($RegistryKey1[0]) {  
102:            "HKEY_CLASSES_ROOT" { $RegistryKey1[0] = "HKCR" }  
103:            "HKEY_CURRENT_USER" { $RegistryKey1[0] = "HKCU" }  
104:            "HKEY_LOCAL_MACHINE" { $RegistryKey1[0] = "HKLM" }  
105:            "HKEY_USERS" { $RegistryKey1[0] = "HKU" }  
106:            "HKEY_CURRENT_CONFIG" { $RegistryKey1[0] = "HKCC" }  
107:       }  
108:       For ($i = 0; $i -lt $RegistryKey1.Count; $i++) {  
109:            $RegKey = $RegKey + $RegistryKey1[$i]  
110:            If ($i -eq 0) {  
111:                 $RegKey = $RegKey + ":\"  
112:            } elseif ($i -ne $RegistryKey1.Count - 1) {  
113:                 $RegKey = $RegKey + "\"  
114:            } else {  
115:                 $RegKey = $RegKey  
116:            }  
117:       }  
118:       Write-Host "Delete"$RegKey"\"$Value"....." -NoNewline  
119:       $exists = Get-ItemProperty -Path $RegKey -Name $Value -ErrorAction SilentlyContinue  
120:       If (($exists -ne $null) -and ($exists.Length -ne 0)) {  
121:            Remove-ItemProperty -Path $RegKey -Name $Value -Force  
122:       }  
123:       $exists = Get-ItemProperty -Path $RegKey -Name $Value -ErrorAction SilentlyContinue  
124:       If ($exists -eq $null) {  
125:            Write-Host "Success" -ForegroundColor Yellow  
126:       } else {  
127:            Write-Host "Failed" -ForegroundColor Yellow  
128:       }  
129:  }  
130:    
131:  cls  
132:  Uninstall-EXE -DisplayName "Microsoft Endpoint" -Executable $global:RelativePath"scepinstall.exe" -Switches "/u /s"  
133:  $Parameters = "/s /policy " + $global:RelativePath + "EndpointPolicies.xml"  
134:  Install-EXE -DisplayName "Microsoft Endpoint" -Executable $global:RelativePath"scepinstall.exe" -Switches $Parameters  
135:  Remove-RegistryValue -RegistryKey "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Antimalware" -Value "InstallTime"  
136:  Remove-RegistryValue -RegistryKey "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Antimalware\Scan" -Value "LastScanRun"  
137:  Remove-RegistryValue -RegistryKey "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Antimalware\Scan" -Value "LastScanType"  
138:  Remove-RegistryValue -RegistryKey "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Antimalware\Scan" -Value "LastQuickScanID"  
139:  Remove-RegistryValue -RegistryKey "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Antimalware\Scan" -Value "LastFullScanID"  
140:  Remove-RegistryValue -RegistryKey "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemovalTools\MRT" -Value "GUID"  
141:    

0 comments:

Post a Comment