EnhancedPSADTAO.psm1
#Region '.\Public\Create-LocalAdminAccount.ps1' -1 function Create-LocalAdminAccount { [CmdletBinding()] param ( [Parameter(Mandatory = $true)] [string]$Username, [Parameter(Mandatory = $true)] [string]$Password ) begin { Write-EnhancedLog -Message 'Starting Create-LocalAdminAccount function' -Level 'INFO' Log-Params -Params $PSCmdlet.MyInvocation.BoundParameters } process { try { # Check if the user already exists $userExists = Get-LocalUser -Name $Username -ErrorAction SilentlyContinue if (-not $userExists) { # Create the user account $securePassword = ConvertTo-SecureString -String $Password -AsPlainText -Force $userParams = @{ Name = $Username Password = $securePassword FullName = "FC Remove Account" Description = "Account used for FC removal process" PasswordNeverExpires = $true AccountNeverExpires = $true } New-LocalUser @userParams Write-EnhancedLog -Message "Local administrator account '$Username' created." -Level 'INFO' } else { Write-EnhancedLog -Message "Local administrator account '$Username' already exists." -Level 'WARNING' } # Check if the user is already a member of the local Administrators group $group = Get-LocalGroup -Name "Administrators" $memberExists = $null try { $memberExists = $group | Get-LocalGroupMember | Where-Object { $_.Name -eq $Username } } catch { Write-EnhancedLog -Message "Failed to retrieve group members: $_" -Level 'ERROR' } if (-not $memberExists) { # Add the user to the local Administrators group $groupParams = @{ Group = "Administrators" Member = $Username } try { Add-LocalGroupMember @groupParams Write-EnhancedLog -Message "User '$Username' added to the Administrators group." -Level 'INFO' } catch [Microsoft.PowerShell.Commands.AddLocalGroupMemberCommand+MemberExistsException] { Write-EnhancedLog -Message "User '$Username' is already a member of the Administrators group." -Level 'WARNING' } } else { Write-EnhancedLog -Message "User '$Username' is already a member of the Administrators group." -Level 'WARNING' } } catch { Write-EnhancedLog -Message "An error occurred while creating the local admin account or adding to Administrators group: $_" -Level 'ERROR' Handle-Error -ErrorRecord $_ } } end { Write-EnhancedLog -Message 'Create-LocalAdminAccount function completed' -Level 'INFO' } } # # Define parameters for creating the local admin account # $localAdminParams = @{ # Username = "fcremove" # Password = "fcremove" # } # # Create the local admin account # Create-LocalAdminAccount @localAdminParams #EndRegion '.\Public\Create-LocalAdminAccount.ps1' 82 #Region '.\Public\Detect-BitLockerStatus.ps1' -1 function Detect-BitLockerStatus { [CmdletBinding()] param ( [string[]]$DriveLetters = @("C:") ) begin { Write-EnhancedLog -Message 'Starting Detect-BitLockerStatus function' -Level 'INFO' Log-Params -Params $PSCmdlet.MyInvocation.BoundParameters } process { foreach ($drive in $DriveLetters) { try { $bitLockerStatus = Get-BitLockerVolume -MountPoint $drive if ($bitLockerStatus) { $protectionStatus = $bitLockerStatus.ProtectionStatus Write-EnhancedLog -Message "BitLocker status for drive $drive $protectionStatus" -Level 'INFO' Write-Output "BitLocker status for drive $drive $protectionStatus" } else { Write-EnhancedLog -Message "BitLocker status not found for drive $drive" -Level 'WARNING' Write-Output "BitLocker status not found for drive $drive" } } catch { Handle-Error -ErrorRecord $_ } } } end { Write-EnhancedLog -Message 'Detect-BitLockerStatus function completed' -Level 'INFO' } } # # Example usage of Detect-BitLockerStatus function with splatting # $params = @{ # DriveLetters = @("C:", "D:") # } # # Call the Detect-BitLockerStatus function using splatting # Detect-BitLockerStatus @params #EndRegion '.\Public\Detect-BitLockerStatus.ps1' 43 #Region '.\Public\Detect-FortiClientEMSInstallation.ps1' -1 function Detect-FortiClientEMSInstallation { <# .SYNOPSIS Checks for FortiClientEMS installation and version. .PARAMETER RegistryPaths An array of registry paths to check. .PARAMETER SoftwareName The name of the software to search for. .PARAMETER ExcludedVersion The version of the software to exclude. .OUTPUTS A hashtable indicating whether the software is installed and its version. #> [CmdletBinding()] param ( [string[]]$RegistryPaths, [string]$SoftwareName, [version]$ExcludedVersion ) foreach ($path in $RegistryPaths) { $items = Get-ChildItem -Path $path -ErrorAction SilentlyContinue foreach ($item in $items) { $app = Get-ItemProperty -Path $item.PsPath -ErrorAction SilentlyContinue if ($app.DisplayName -like "*$SoftwareName*") { $installedVersion = New-Object Version $app.DisplayVersion if ($installedVersion -lt $ExcludedVersion) { return @{ IsInstalled = $true Version = $app.DisplayVersion ProductCode = $app.PSChildName } } } } } return @{IsInstalled = $false} } #EndRegion '.\Public\Detect-FortiClientEMSInstallation.ps1' 41 #Region '.\Public\Detect-SystemMode.ps1' -1 function Detect-SystemMode { [CmdletBinding()] param ( [string]$RegistryPath ) begin { Write-EnhancedLog -Message 'Starting Detect-SystemMode function' -Level 'INFO' Log-Params -Params $PSCmdlet.MyInvocation.BoundParameters } process { try { $safeMode = Get-ItemProperty -Path $RegistryPath -ErrorAction Stop if ($safeMode.Option -eq 1) { Write-EnhancedLog -Message "System is in Safe Mode" -Level 'INFO' $Global:SystemMode = "Safe Mode" } else { Write-EnhancedLog -Message "System is in Normal Mode" -Level 'INFO' $Global:SystemMode = "Normal Mode" } } catch { Write-EnhancedLog -Message "System is in Normal Mode (SafeBoot key not found)" -Level 'INFO' $Global:SystemMode = "Normal Mode" } } end { Write-EnhancedLog -Message 'Detect-SystemMode function completed' -Level 'INFO' } } # # Example usage of Detect-SystemMode function with splatting # $params = @{ # RegistryPath = 'HKLM:\SYSTEM\CurrentControlSet\Control\SafeBoot\Option' # } # # Call the Detect-SystemMode function using splatting # Detect-SystemMode @params # Access the result # $SystemMode #EndRegion '.\Public\Detect-SystemMode.ps1' 44 #Region '.\Public\Disable-BitLocker.ps1' -1 function Disable-BitLocker { [CmdletBinding()] param ( [string[]]$DriveLetters = @("C:") ) begin { Write-EnhancedLog -Message 'Starting Disable-BitLocker function' -Level 'INFO' Log-Params -Params $PSCmdlet.MyInvocation.BoundParameters } process { # Detect BitLocker status for the provided drives $bitLockerStatusResults = Detect-BitLockerStatus -DriveLetters $DriveLetters foreach ($status in $bitLockerStatusResults) { $drive = $status.MountPoint $protectionStatus = $status.ProtectionStatus if ($protectionStatus -eq "On") { try { Write-EnhancedLog -Message "Disabling BitLocker on drive $drive" -Level 'INFO' Disable-BitLocker -MountPoint $drive -RebootCount 0 -Wait Write-EnhancedLog -Message "BitLocker disabled on drive $drive" -Level 'INFO' Write-Output "BitLocker disabled on drive $drive" } catch { Handle-Error -ErrorRecord $_ } } else { Write-EnhancedLog -Message "BitLocker is not enabled on drive $drive" -Level 'INFO' Write-Output "BitLocker is not enabled on drive $drive" } } } end { Write-EnhancedLog -Message 'Disable-BitLocker function completed' -Level 'INFO' } } # # Example usage of Disable-BitLocker function with splatting # $params = @{ # DriveLetters = @("C:", "D:") # } # # Call the Disable-BitLocker function using splatting # Disable-BitLocker @params #EndRegion '.\Public\Disable-BitLocker.ps1' 49 #Region '.\Public\Enter-SafeModeBasedOnDetection.ps1' -1 function Enter-SafeModeBasedOnDetection { [CmdletBinding()] param ( [string]$RegistryPath, [string]$BCDeditPath, [string]$ArgumentTemplate ) begin { Write-EnhancedLog -Message 'Starting Enter-SafeModeBasedOnDetection function' -Level 'INFO' Log-Params -Params $PSCmdlet.MyInvocation.BoundParameters } process { try { # Detect system mode $params = @{ RegistryPath = $RegistryPath } Detect-SystemMode @params if ($Global:SystemMode -eq "Normal Mode") { # Construct the arguments $arguments = $ArgumentTemplate # Execute the bcdedit command to enable Safe Mode Write-EnhancedLog -Message "Executing bcdedit with arguments: $arguments" -Level 'INFO' Start-Process -FilePath $BCDeditPath -ArgumentList $arguments -Wait Write-EnhancedLog -Message 'Successfully set the system to boot into Safe Mode on next restart' -Level 'INFO' } else { Write-EnhancedLog -Message 'System is already in Safe Mode' -Level 'INFO' } } catch { Handle-Error -ErrorRecord $_ } } end { Write-EnhancedLog -Message 'Enter-SafeModeBasedOnDetection function completed' -Level 'INFO' } } # # Example usage of Enter-SafeModeBasedOnDetection function with splatting # $params = @{ # RegistryPath = 'HKLM:\SYSTEM\CurrentControlSet\Control\SafeBoot\Option' # BCDeditPath = 'bcdedit.exe' # ArgumentTemplate = '/set {current} safeboot minimal' # } # # Call the Enter-SafeModeBasedOnDetection function using splatting # Enter-SafeModeBasedOnDetection @params #EndRegion '.\Public\Enter-SafeModeBasedOnDetection.ps1' 53 #Region '.\Public\Exit-SafeModeBasedOnDetection.ps1' -1 function Exit-SafeModeBasedOnDetection { [CmdletBinding()] param ( [string]$RegistryPath, [string]$BCDeditPath, [string]$ArgumentTemplate ) begin { Write-EnhancedLog -Message 'Starting Exit-SafeModeBasedOnDetection function' -Level 'INFO' Log-Params -Params $PSCmdlet.MyInvocation.BoundParameters } process { try { # Detect system mode $params = @{ RegistryPath = $RegistryPath } Detect-SystemMode @params if ($Global:SystemMode -eq "Safe Mode") { # Construct the arguments $arguments = $ArgumentTemplate # Execute the bcdedit command to disable Safe Mode Write-EnhancedLog -Message "Executing bcdedit with arguments: $arguments" -Level 'INFO' Start-Process -FilePath $BCDeditPath -ArgumentList $arguments -Wait Write-EnhancedLog -Message 'Successfully set the system to boot into Normal Mode on next restart' -Level 'INFO' } else { Write-EnhancedLog -Message 'System is already in Normal Mode' -Level 'INFO' } } catch { Handle-Error -ErrorRecord $_ } } end { Write-EnhancedLog -Message 'Exit-SafeModeBasedOnDetection function completed' -Level 'INFO' } } # # Example usage of Exit-SafeModeBasedOnDetection function with splatting # $params = @{ # RegistryPath = 'HKLM:\SYSTEM\CurrentControlSet\Control\SafeBoot\Option' # BCDeditPath = 'bcdedit.exe' # ArgumentTemplate = '/deletevalue {current} safeboot' # } # # Call the Exit-SafeModeBasedOnDetection function using splatting # Exit-SafeModeBasedOnDetection @params #EndRegion '.\Public\Exit-SafeModeBasedOnDetection.ps1' 53 #Region '.\Public\Export-RegistryKeys.ps1' -1 function Export-RegistryKeys { [CmdletBinding()] param ( [string]$ScriptDirectory, [string]$RegistryKeyPath ) begin { Write-EnhancedLog -Message 'Starting Export-RegistryKeys function' -Level 'INFO' Log-Params -Params $PSCmdlet.MyInvocation.BoundParameters } process { try { if (-not (Test-Path $ScriptDirectory)) { Write-EnhancedLog -Message "Script directory not found: $ScriptDirectory" -Level 'ERROR' return } $timestamp = (Get-Date).ToString("yyyyMMddHHmmss") $exportFilePath = Join-Path -Path $ScriptDirectory -ChildPath "RegistryExport_$timestamp.reg" $arguments = "export `"$RegistryKeyPath`" `"$exportFilePath`" /y" $startProcessParams = @{ FilePath = "reg.exe" ArgumentList = $arguments Wait = $true } Write-EnhancedLog -Message "Exporting registry key: $RegistryKeyPath to file: $exportFilePath" -Level 'INFO' Start-Process @startProcessParams if (Test-Path $exportFilePath) { Write-EnhancedLog -Message "Registry key export completed successfully: $exportFilePath" -Level 'INFO' # Validate the exported registry keys $validateParams = @{ RegistryFilePath = $exportFilePath } Validate-RegistryKeys @validateParams } else { Write-EnhancedLog -Message "Failed to export registry key: $RegistryKeyPath" -Level 'ERROR' } } catch { Handle-Error -ErrorRecord $_ } } end { Write-EnhancedLog -Message 'Export-RegistryKeys function completed' -Level 'INFO' } } # # Usage Example with Splatting # $scriptDirectory = "C:\Path\To\Your\Export\Directory" # $params = @{ # ScriptDirectory = $scriptDirectory # RegistryKeyPath = 'HKEY_LOCAL_MACHINE\SOFTWARE\Fortinet\FortiClient\Sslvpn\Tunnels' # } # Export-RegistryKeys @params #EndRegion '.\Public\Export-RegistryKeys.ps1' 63 #Region '.\Public\Find-UninstallString.ps1' -1 # Function to find the uninstall string from the registry function Find-UninstallString { param ( [string[]]$UninstallKeys, [string]$ApplicationName ) try { foreach ($key in $UninstallKeys) { $items = Get-ChildItem -Path $key -ErrorAction SilentlyContinue foreach ($item in $items) { $app = Get-ItemProperty -Path $item.PsPath if ($app.DisplayName -like $ApplicationName) { Write-EnhancedLog -Message "Found application: $($app.DisplayName) with product ID: $($app.PSChildName)" -Level 'INFO' return $app.PSChildName.Trim('{}') } } } Write-EnhancedLog -Message "No matching application found for: $ApplicationName" -Level 'WARNING' } catch { Handle-Error -ErrorRecord $_ } return $null } #EndRegion '.\Public\Find-UninstallString.ps1' 25 #Region '.\Public\Import-FortiClientConfig.ps1' -1 function Import-FortiClientConfig { [CmdletBinding()] param ( [string]$ScriptRoot, [string]$FortiClientPath, [string]$ConfigFileExtension, [string]$FCConfigExecutable, [string]$ArgumentTemplate ) begin { Write-EnhancedLog -Message 'Starting Import-FortiClientConfig function' -Level 'INFO' Log-Params -Params $PSCmdlet.MyInvocation.BoundParameters } process { try { # Find the configuration file in the root of the script directory $xmlConfigFile = Get-ChildItem -Path $ScriptRoot -Filter $ConfigFileExtension | Select-Object -First 1 if (-not $xmlConfigFile) { Write-EnhancedLog -Message "No configuration file found in the script directory: $ScriptRoot" -Level 'ERROR' Write-Output "No configuration file found in the script directory: $ScriptRoot" return } # Check if the FortiClient directory exists if (-not (Test-Path -Path $FortiClientPath)) { Write-EnhancedLog -Message "FortiClient directory not found at path: $FortiClientPath" -Level 'ERROR' Write-Output "FortiClient directory not found at path: $FortiClientPath" return } # Set location to FortiClient directory Set-Location -Path $FortiClientPath # Execute the FCConfig.exe with the specified arguments $fcConfigPath = Join-Path -Path $FortiClientPath -ChildPath $FCConfigExecutable $arguments = $ArgumentTemplate -replace '{ConfigFilePath}', $xmlConfigFile.FullName Start-Process -FilePath $fcConfigPath -ArgumentList $arguments -Wait Write-EnhancedLog -Message 'FCConfig process completed' -Level 'INFO' Write-Output "FCConfig process completed" } catch { Handle-Error -ErrorRecord $_ } } end { Write-EnhancedLog -Message 'Import-FortiClientConfig function completed' -Level 'INFO' } } # # Example usage of Import-FortiClientConfig function with splatting # $importParams = @{ # ScriptRoot = $PSScriptRoot # FortiClientPath = "C:\Program Files\Fortinet\FortiClient" # ConfigFileExtension = "*.xml" # FCConfigExecutable = "FCConfig.exe" # ArgumentTemplate = "-m all -f `{ConfigFilePath}` -o import -i 1" # } # # Call the Import-FortiClientConfig function using splatting # Import-FortiClientConfig @importParams #EndRegion '.\Public\Import-FortiClientConfig.ps1' 66 #Region '.\Public\Import-RegistryFilesInScriptRoot.ps1' -1 function Import-RegistryFilesInScriptRoot { [CmdletBinding()] param ( [string]$Filter, [string]$FilePath, [string]$Arguments, $scriptDirectory ) begin { Write-EnhancedLog -Message 'Starting Import-RegistryFilesInScriptRoot function' -Level 'INFO' Log-Params -Params $PSCmdlet.MyInvocation.BoundParameters } process { try { $registryFiles = Get-ChildItem -Path $scriptDirectory -Filter $Filter if ($registryFiles.Count -eq 0) { Write-EnhancedLog -Message "No registry files found in the directory: $scriptDirectory" -Level 'WARNING' return } foreach ($registryFile in $registryFiles) { $registryFilePath = $registryFile.FullName if (Test-Path $registryFilePath) { Write-EnhancedLog -Message "Found registry file: $registryFilePath" -Level 'INFO' $startProcessParams = @{ FilePath = $FilePath ArgumentList = $Arguments Wait = $true } Start-Process @startProcessParams Write-EnhancedLog -Message "Registry file import process completed for: $registryFilePath" -Level 'INFO' # Validate the registry keys Validate-RegistryKeys -RegistryFilePath $registryFilePath } else { Write-EnhancedLog -Message "Registry file not found at path: $registryFilePath" -Level 'ERROR' } } } catch { Handle-Error -ErrorRecord $_ } } end { Write-EnhancedLog -Message 'Import-RegistryFilesInScriptRoot function completed' -Level 'INFO' } } # # Define parameters for splatting # $params = @{ # Filter = "*.reg" # FilePath = "reg.exe" # Args = "import `"$registryFilePath`"" # } # # Call the Import-RegistryFilesInScriptRoot function using splatting # Import-RegistryFilesInScriptRoot @params #EndRegion '.\Public\Import-RegistryFilesInScriptRoot.ps1' 65 #Region '.\Public\Install-MSIPackage.ps1' -1 function Install-MsiPackage { [CmdletBinding()] param ( [string]$ScriptRoot, [string]$MsiFileName, [string]$FilePath, [string]$ArgumentTemplate ) begin { Write-EnhancedLog -Message "Starting Install-MsiPackage function for: $MsiFileName" -Level 'INFO' Log-Params -Params $PSCmdlet.MyInvocation.BoundParameters } process { try { $installerPath = Join-Path -Path $ScriptRoot -ChildPath $MsiFileName if (Test-Path $installerPath) { Write-EnhancedLog -Message "Found installer file: $installerPath" -Level 'INFO' $arguments = $ArgumentTemplate -replace '{InstallerPath}', $installerPath Start-Process -FilePath $FilePath -ArgumentList $arguments -Wait Write-EnhancedLog -Message "Installation process completed for: $installerPath" -Level 'INFO' Write-EnhancedLog -Message "Installation process completed for: $installerPath" -Level 'INFO' } else { Write-EnhancedLog -Message "Installer file not found at path: $installerPath.. proceeding to extract ZIP files" -Level 'WARNING' Write-EnhancedLog -Message "Extracting all ZIP files recursively..." $zipFiles = Get-ChildItem -Path $ScriptRoot -Recurse -Include '*.zip.001' foreach ($zipFile in $zipFiles) { $destinationFolder = [System.IO.Path]::GetDirectoryName($zipFile.FullName) Write-EnhancedLog -Message "Combining and extracting segmented ZIP files for $($zipFile.BaseName) using 7-Zip..." $sevenZipCommand = "& `"$env:ProgramFiles\7-Zip\7z.exe`" x `"$zipFile`" -o`"$destinationFolder`"" Write-EnhancedLog -Message "Executing: $sevenZipCommand" Invoke-Expression $sevenZipCommand } Write-EnhancedLog -Message "All ZIP files extracted." $arguments = $ArgumentTemplate -replace '{InstallerPath}', $installerPath Start-Process -FilePath $FilePath -ArgumentList $arguments -Wait # Write-Output "Installer file not found at path: $installerPath" } } catch { Handle-Error -ErrorRecord $_ } } end { Write-EnhancedLog -Message 'Install-MsiPackage function completed' -Level 'INFO' } } # # Example usage of Install-MsiPackage function with splatting # $params = @{ # ScriptRoot = $PSScriptRoot # MsiFileName = 'FortiClient.msi' # FilePath = 'MsiExec.exe' # ArgumentTemplate = "/i `{InstallerPath}` /quiet /norestart" # } # Install-MsiPackage @params #EndRegion '.\Public\Install-MSIPackage.ps1' 63 #Region '.\Public\Invoke-Uninstall.ps1' -1 function Invoke-Uninstall { [CmdletBinding()] param ( [string]$ProductId, [string]$FilePath, [string]$ArgumentTemplate ) begin { Write-EnhancedLog -Message 'Starting Invoke-Uninstall function' -Level 'INFO' Log-Params -Params $PSCmdlet.MyInvocation.BoundParameters } process { try { Write-EnhancedLog -Message 'Starting uninstallation process.' -Level 'INFO' # Ensure the ProductId is wrapped in curly braces $wrappedProductId = "{$ProductId}" # Construct the argument list using the template $arguments = $ArgumentTemplate -replace '{ProductId}', $wrappedProductId Write-EnhancedLog -Message "FilePath: $FilePath" -Level 'INFO' Write-EnhancedLog -Message "Arguments: $arguments" -Level 'INFO' Start-Process -FilePath $FilePath -ArgumentList $arguments -Wait -WindowStyle Hidden Write-EnhancedLog -Message "Executed uninstallation with arguments: $arguments" -Level 'INFO' } catch { Write-EnhancedLog -Message "An error occurred during the uninstallation process: $($_.Exception.Message)" -Level 'ERROR' Handle-Error -ErrorRecord $_ } } end { Write-EnhancedLog -Message 'Invoke-Uninstall function completed' -Level 'INFO' } } # # Example usage of Invoke-Uninstall function with splatting # $params = @{ # ProductId = '0DC51760-4FB7-41F3-8967-D3DEC9D320EB' # FilePath = 'MsiExec.exe' # ArgumentTemplate = "/X{ProductId} /quiet /norestart" # } # Invoke-Uninstall @params #EndRegion '.\Public\Invoke-Uninstall.ps1' 47 #Region '.\Public\Remove-Autologin.ps1' -1 function Remove-AutoLogin { [CmdletBinding()] param () begin { Write-EnhancedLog -Message 'Starting Remove-AutoLogin function' -Level 'INFO' Log-Params -Params $PSCmdlet.MyInvocation.BoundParameters } process { try { # Check and remove the auto-login registry keys if they exist $keysToRemove = @("AutoAdminLogon", "DefaultUserName", "DefaultPassword", "DefaultDomainName") foreach ($key in $keysToRemove) { $keyPath = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\$key" if (Test-Path -Path $keyPath) { Remove-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" -Name $key -Force Write-EnhancedLog -Message "Removed auto-login key '$key'." -Level 'INFO' } else { Write-EnhancedLog -Message "Auto-login key '$key' does not exist." -Level 'INFO' } } Write-EnhancedLog -Message "Auto-login settings removed." -Level 'INFO' } catch { Write-EnhancedLog -Message "An error occurred while removing auto-login settings: $_" -Level 'ERROR' Handle-Error -ErrorRecord $_ } } end { Write-EnhancedLog -Message 'Remove-AutoLogin function completed' -Level 'INFO' } } # Example usage: # Remove-AutoLogin #EndRegion '.\Public\Remove-Autologin.ps1' 39 #Region '.\Public\Remove-FortiSoftware.ps1' -1 function Remove-FortiSoftware { [CmdletBinding()] param ( [string]$ScriptRoot, [string]$SoftwareName, [string]$MsiZapFileName, [string]$ArgumentTemplate ) begin { Write-EnhancedLog -Message 'Starting Remove-FortiSoftware function' -Level 'INFO' Log-Params -Params $PSCmdlet.MyInvocation.BoundParameters } process { try { $msiZapPath = Join-Path -Path $ScriptRoot -ChildPath $MsiZapFileName if (Test-Path $msiZapPath) { $identifyingNumber = Get-CimInstance -ClassName Win32_Product | Where-Object { $_.Name -like $SoftwareName } | Select-Object -ExpandProperty IdentifyingNumber if ($identifyingNumber) { Write-EnhancedLog -Message "Found software with IdentifyingNumber: $identifyingNumber" -Level 'INFO' Write-EnhancedLog -Message "Executing MsiZap with IdentifyingNumber: $identifyingNumber" -Level 'INFO' $argumentList = $ArgumentTemplate -replace '{IdentifyingNumber}', $identifyingNumber Start-Process -FilePath $msiZapPath -ArgumentList $argumentList -Verb RunAs -Wait Write-EnhancedLog -Message 'MsiZap process completed' -Level 'INFO' } else { Write-EnhancedLog -Message 'No matching software found' -Level 'WARNING' } } else { Write-EnhancedLog -Message "MsiZap.exe not found at path: $msiZapPath" -Level 'ERROR' } } catch { Handle-Error -ErrorRecord $_ } } end { Write-EnhancedLog -Message 'Remove-FortiSoftware function completed' -Level 'INFO' } } # # Example usage of Remove-FortiSoftware function with splatting # $params = @{ # ScriptRoot = $PSScriptRoot # SoftwareName = '*forti*' # MsiZapFileName = 'MsiZap.Exe' # ArgumentTemplate= 'TW! {IdentifyingNumber}' # } # Remove-FortiSoftware @params #EndRegion '.\Public\Remove-FortiSoftware.ps1' 54 #Region '.\Public\Remove-RegistryPath.ps1' -1 function Remove-RegistryPath { param ( [string]$RegistryPath ) Write-EnhancedLog -Message "Starting Remove-RegistryPath function for: $RegistryPath" -Level 'INFO' try { if (Test-Path -Path "Registry::$RegistryPath") { Remove-Item -Path "Registry::$RegistryPath" -Recurse -Force Write-EnhancedLog -Message "Successfully removed registry path: $RegistryPath" -Level 'INFO' Write-Output "Successfully removed registry path: $RegistryPath" } else { Write-EnhancedLog -Message "Registry path not found: $RegistryPath" -Level 'WARNING' Write-Output "Registry path not found: $RegistryPath" } } catch { Handle-Error -ErrorRecord $_ } finally { Write-EnhancedLog -Message 'Remove-RegistryPath function completed' -Level 'INFO' } } #EndRegion '.\Public\Remove-RegistryPath.ps1' 23 #Region '.\Public\Set-AutoLogin.ps1' -1 function Set-AutoLogin { [CmdletBinding()] param ( [Parameter(Mandatory = $true)] [string]$Username = "fcremove", [Parameter(Mandatory = $true)] [string]$Password = "fcremove", [Parameter(Mandatory = $true)] [string]$Domain = $env:COMPUTERNAME ) begin { Write-EnhancedLog -Message 'Starting Set-AutoLogin function' -Level 'INFO' Log-Params -Params $PSCmdlet.MyInvocation.BoundParameters } process { try { # Check and set the auto-login registry keys $autoLoginParams = @{ Path = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" Name = "AutoAdminLogon" Value = "1" } if (Test-Path -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AutoAdminLogon") { Remove-ItemProperty @autoLoginParams } Set-ItemProperty @autoLoginParams $usernameParams = @{ Path = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" Name = "DefaultUserName" Value = $Username } if (Test-Path -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultUserName") { Remove-ItemProperty @usernameParams } Set-ItemProperty @usernameParams $passwordParams = @{ Path = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" Name = "DefaultPassword" Value = $Password } if (Test-Path -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultPassword") { Remove-ItemProperty @passwordParams } Set-ItemProperty @passwordParams $domainParams = @{ Path = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" Name = "DefaultDomainName" Value = $Domain } if (Test-Path -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultDomainName") { Remove-ItemProperty @domainParams } Set-ItemProperty @domainParams New-Item -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList" -Name $Username -Force Write-EnhancedLog -Message "Auto-login set for user '$Username'." -Level 'INFO' } catch { Write-EnhancedLog -Message "An error occurred while setting auto-login: $_" -Level 'ERROR' Handle-Error -ErrorRecord $_ } } end { Write-EnhancedLog -Message 'Set-AutoLogin function completed' -Level 'INFO' } } # # Example usage: # $autoLoginParams = @{ # Username = "fcremove" # Password = "fcremove" # Domain = $env:COMPUTERNAME # } # Set-AutoLogin @autoLoginParams #EndRegion '.\Public\Set-AutoLogin.ps1' 83 #Region '.\Public\Suspend-BitLockerForDrives.ps1' -1 function Suspend-BitLockerForDrives { [CmdletBinding()] param ( [string[]]$DriveLetters ) begin { Write-EnhancedLog -Message 'Starting Suspend-BitLockerForDrives function' -Level 'INFO' Log-Params -Params $PSCmdlet.MyInvocation.BoundParameters } process { # Detect BitLocker status for the provided drives $bitLockerStatusResults = Detect-BitLockerStatus -DriveLetters $DriveLetters foreach ($status in $bitLockerStatusResults) { $drive = $status.MountPoint $protectionStatus = $status.ProtectionStatus if ($protectionStatus -eq "On") { try { Write-EnhancedLog -Message "Suspending BitLocker on drive $drive" -Level 'INFO' Suspend-BitLocker -MountPoint $drive -RebootCount 0 Write-EnhancedLog -Message "BitLocker suspended on drive $drive" -Level 'INFO' } catch { Handle-Error -ErrorRecord $_ } } else { Write-EnhancedLog -Message "BitLocker is not enabled on drive $drive" -Level 'INFO' } } } end { Write-EnhancedLog -Message 'Suspend-BitLockerForDrives function completed' -Level 'INFO' } } # # Example usage of Suspend-BitLockerForDrives function with splatting # $params = @{ # DriveLetters = @("C:", "D:") # } # # Call the Suspend-BitLockerForDrives function using splatting # Suspend-BitLockerForDrives @params #EndRegion '.\Public\Suspend-BitLockerForDrives.ps1' 47 #Region '.\Public\Uninstall-FortiClientEMSAgentApplication.ps1' -1 function Uninstall-FortiClientEMSAgentApplication { [CmdletBinding()] param ( [string[]]$UninstallKeys, [string]$ApplicationName, [string]$FilePath, [string]$ArgumentTemplate ) begin { Write-EnhancedLog -Message 'Starting the Uninstall-FortiClientEMSAgentApplication function...' -Level 'INFO' Log-Params -Params $PSCmdlet.MyInvocation.BoundParameters } process { try { $findParams = @{ UninstallKeys = $UninstallKeys ApplicationName = $ApplicationName } $productId = Find-UninstallString @findParams if ($null -ne $productId) { Write-EnhancedLog -Message "Found product ID: $productId" -Level 'INFO' # Prepare parameters for Invoke-Uninstall $invokeParams = @{ ProductId = $productId FilePath = $FilePath ArgumentTemplate = $ArgumentTemplate } Invoke-Uninstall @invokeParams #wait a bit before going into detection/validation Start-Sleep -Seconds 30 } else { Write-EnhancedLog -Message 'Product ID not found for FortiClientEMSAgent application.' -Level 'WARNING' } } catch { Handle-Error -ErrorRecord $_ } } end { Write-EnhancedLog -Message 'Uninstall process completed.' -Level 'INFO' } } # # Example usage of Uninstall-FortiClientEMSAgentApplication function with splatting # $params = @{ # UninstallKeys = @( # 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall', # 'HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall' # ) # ApplicationName = '*Forti*' # FilePath = 'MsiExec.exe' # ArgumentTemplate = "/X{ProductId} /quiet /norestart" # } # Uninstall-FortiClientEMSAgentApplication @params #EndRegion '.\Public\Uninstall-FortiClientEMSAgentApplication.ps1' 59 #Region '.\Public\Validate-RegistryKeys.ps1' -1 function Validate-RegistryKeys { param ( [string]$RegistryFilePath ) Write-EnhancedLog -Message "Starting Validate-RegistryKeys function for: $RegistryFilePath" -Level 'INFO' try { $importedKeys = Get-Content -Path $RegistryFilePath | Where-Object { $_ -match '^\[.*\]$' } | ForEach-Object { $_ -replace '^\[|\]$', '' } $importSuccess = $true foreach ($key in $importedKeys) { if (Test-Path -Path "Registry::$key") { Write-EnhancedLog -Message "Validated registry key: $key" -Level 'INFO' Write-EnhancedLog "Validated registry key: $key" -Level 'INFO' } else { Write-EnhancedLog -Message "Failed to validate registry key: $key" -Level 'ERROR' Write-EnhancedLog "Failed to validate registry key: $key" -Level 'ERROR' $importSuccess = $false } } if ($importSuccess) { Write-EnhancedLog -Message "Successfully validated all registry keys for: $RegistryFilePath" -Level 'INFO' } else { Write-EnhancedLog -Message "Some registry keys failed to validate for: $RegistryFilePath" -Level 'ERROR' } } catch { Handle-Error -ErrorRecord $_ } finally { Write-EnhancedLog -Message 'Validate-RegistryKeys function completed' -Level 'INFO' } } #EndRegion '.\Public\Validate-RegistryKeys.ps1' 38 #Region '.\Public\Validate-RegistryRemoval.ps1' -1 function Validate-RegistryRemoval { param ( [string]$RegistryPath ) Write-EnhancedLog -Message "Starting Validate-RegistryRemoval function for: $RegistryPath" -Level 'INFO' try { if (Test-Path -Path "Registry::$RegistryPath") { Write-EnhancedLog -Message "Registry path still exists: $RegistryPath" -Level 'ERROR' Write-Output "Registry path still exists: $RegistryPath" } else { Write-EnhancedLog -Message "Registry path successfully removed: $RegistryPath" -Level 'INFO' Write-Output "Registry path successfully removed: $RegistryPath" } } catch { Handle-Error -ErrorRecord $_ } finally { Write-EnhancedLog -Message 'Validate-RegistryRemoval function completed' -Level 'INFO' } } #EndRegion '.\Public\Validate-RegistryRemoval.ps1' 22 #Region '.\Public\WaitForRegistryKey.ps1' -1 function WaitForRegistryKey { param ( [string[]]$RegistryPaths, [string]$SoftwareName, [version]$MinimumVersion, [int]$TimeoutSeconds = 120 ) Write-EnhancedLog -Message "Starting WaitForRegistryKey function" -Level "INFO" Write-EnhancedLog -Message "Checking for $SoftwareName version $MinimumVersion or later" -Level "INFO" $elapsedSeconds = 0 try { while ($elapsedSeconds -lt $TimeoutSeconds) { foreach ($path in $RegistryPaths) { $items = Get-ChildItem -Path $path -ErrorAction SilentlyContinue foreach ($item in $items) { $app = Get-ItemProperty -Path $item.PsPath -ErrorAction SilentlyContinue if ($app.DisplayName -like "*$SoftwareName*") { $installedVersion = New-Object Version $app.DisplayVersion if ($installedVersion -ge $MinimumVersion) { Write-EnhancedLog -Message "Found $SoftwareName version $installedVersion at $item.PsPath" -Level "INFO" return @{ IsInstalled = $true Version = $app.DisplayVersion ProductCode = $app.PSChildName } } } } } Start-Sleep -Seconds 1 $elapsedSeconds++ } Write-EnhancedLog -Message "Timeout reached. $SoftwareName version $MinimumVersion or later not found." -Level "WARNING" return @{ IsInstalled = $false } } catch { Handle-Error -ErrorRecord $_ } finally { Write-EnhancedLog -Message "WaitForRegistryKey function completed" -Level "INFO" } } #EndRegion '.\Public\WaitForRegistryKey.ps1' 50 |