<# .SYNOPSIS OSDCloud Logic secret gist .DESCRIPTION osdcloudlogic.hwz.osdcloud.ch .NOTES Version: 0.1 Creation Date: 04.12.2023 Author: Akos Bakos Company: SmartCon GmbH Contact: akos.bakos@smartcon.ch Copyright (c) 2023 SmartCon GmbH HISTORY: Date By Comments ---------- --- ---------------------------------------------------------- 04.12.2023 Akos Bakos Script created 24.11.2025 Akos Bakos Modified for HWZ deployment #> function OSDCloudLogic { param ( [Parameter(ParameterSetName = 'ComputerPrefix', Mandatory = $true)] [string]$ComputerPrefix ) if (-NOT (Test-Path 'X:\OSDCloud\Logs')) { New-Item -Path 'X:\OSDCloud\Logs' -ItemType Directory -Force -ErrorAction Stop | Out-Null } #Transport Layer Security (TLS) 1.2 Write-Host -ForegroundColor Green "Transport Layer Security (TLS) 1.2" [Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12 #[System.Net.WebRequest]::DefaultWebProxy.Credentials = [System.Net.CredentialCache]::DefaultCredentials $Transcript = "$((Get-Date).ToString('yyyy-MM-dd-HHmmss'))-Start-OSDCloudLogic.log" Start-Transcript -Path (Join-Path "X:\OSDCloud\Logs" $Transcript) -ErrorAction Ignore | Out-Null #================================================ Write-Host -ForegroundColor DarkGray "=========================================================================" Write-Host -ForegroundColor DarkGray "$((Get-Date).ToString('yyyy-MM-dd-HHmmss')) " -NoNewline Write-Host -ForegroundColor Cyan "[PreOS] OSD module tasks" #================================================ # Write-Host -ForegroundColor Green "Updating OSD PowerShell Module" # Install-Module OSD -Force Write-Host -ForegroundColor DarkGray "$((Get-Date).ToString('yyyy-MM-dd-HHmmss')) " -NoNewline Write-Host -ForegroundColor Green "Importing OSD PowerShell Module" Import-Module OSD -Force Write-Host -ForegroundColor DarkGray "$((Get-Date).ToString('yyyy-MM-dd-HHmmss')) " -NoNewline Write-Host -ForegroundColor Green "PSCloudScript at functions.osdcloud.com" Invoke-Expression (Invoke-RestMethod -Uri functions.osdcloud.com) #region Helper Functions function Write-DarkGrayDate { [CmdletBinding()] param ( [Parameter(Position=0)] [System.String] $Message ) if ($Message) { Write-Host -ForegroundColor DarkGray "$((Get-Date).ToString('yyyy-MM-dd-HHmmss')) $Message" } else { Write-Host -ForegroundColor DarkGray "$((Get-Date).ToString('yyyy-MM-dd-HHmmss')) " -NoNewline } } function Write-DarkGrayHost { [CmdletBinding()] param ( [Parameter(Mandatory=$true, Position=0)] [System.String] $Message ) Write-Host -ForegroundColor DarkGray $Message } function Write-DarkGrayLine { [CmdletBinding()] param () Write-Host -ForegroundColor DarkGray "=========================================================================" } function Write-SectionHeader { [CmdletBinding()] param ( [Parameter(Mandatory=$true, Position=0)] [System.String] $Message ) Write-DarkGrayLine Write-DarkGrayDate Write-Host -ForegroundColor Cyan $Message } function Write-SectionSuccess { [CmdletBinding()] param ( [Parameter(Position=0)] [System.String] $Message = 'Success!' ) Write-DarkGrayDate Write-Host -ForegroundColor Green $Message } #endregion #======================================================================= Write-SectionHeader "[PreOS] Define OSDCloud Customer Parameters" #======================================================================= $Global:HWZ = $null $Global:HWZ = [ordered]@{ Development = [bool]$false } Write-SectionHeader "HWZ variables" Write-Host ($Global:HWZ | Out-String) #======================================================================= # [OS] Params and Start-OSDCloud #======================================================================= $Params = @{ OSVersion = "Windows 11" OSBuild = "25H2" OSEdition = "Pro" OSLanguage = "de-de" ZTI = $true Firmware = $true } Start-OSDCloud @Params #================================================ # [PostOS] AutopilotOOBE Configuration Staging #================================================ Write-Host -ForegroundColor Green "Define Computername:" $Serial = Get-WmiObject Win32_bios | Select-Object -ExpandProperty SerialNumber #$TargetComputername = $Serial.Substring(4,4) $pos = $Serial.Length - 4 $laenge = $Serial.Length $TargetComputername = $Serial.Substring($pos,$laenge - $pos) $AssignedComputerName = $ComputerPrefix + "WS" + $TargetComputername Write-Host -ForegroundColor Red $AssignedComputerName Write-Host -ForegroundColor Green "Create C:\ProgramData\OSDeploy\OSDeploy.AutopilotOOBE.json" $AutopilotOOBEJson = @" { "AddToGroup": "Autopilot Devices", "Assign": { "IsPresent": true }, "GroupTag": "Autopilot-$ComputerPrefix", "Hidden": [ "AddToGroup", "AssignedUser", "PostAction", "GroupTag", "Assign" ], "PostAction": "Quit", "Run": "NetworkingWireless", "Docs": "https://google.com/", "Title": "HWZ Autopilot Manual Register", "@ $AutopilotOOBEJson += '"AssignedComputerName" : "' + $AssignedComputerName + '"}' If (!(Test-Path "C:\ProgramData\OSDeploy")) { New-Item "C:\ProgramData\OSDeploy" -ItemType Directory -Force | Out-Null } $AutopilotOOBEJson | Out-File -FilePath "C:\ProgramData\OSDeploy\OSDeploy.AutopilotOOBE.json" -Encoding ascii -Force #region Specialize Tasks #================================================ Write-SectionHeader "[PostOS] SetupComplete CMD Command Line" #================================================ Write-DarkGrayHost "Cleanup SetupComplete Files from OSDCloud Module" Get-ChildItem -Path 'C:\Windows\Setup\Scripts\SetupComplete*' -Recurse | Remove-Item -Force #================================================= Write-SectionHeader "[PostOS] Define Specialize Phase" #================================================= $UnattendXml = @' 1 Start Autopilot Import & Assignment Process PowerShell -ExecutionPolicy Bypass C:\Windows\Setup\scripts\autopilot.ps1 de-CH de-DE de-DE de-CH '@ # Get-OSDGather -Property IsWinPE Block-WinOS if (-NOT (Test-Path 'C:\Windows\Panther')) { New-Item -Path 'C:\Windows\Panther'-ItemType Directory -Force -ErrorAction Stop | Out-Null } $Panther = 'C:\Windows\Panther' $UnattendPath = "$Panther\Unattend.xml" $UnattendXml | Out-File -FilePath $UnattendPath -Encoding utf8 -Width 2000 -Force Write-DarkGrayHost "Use-WindowsUnattend -Path 'C:\' -UnattendPath $UnattendPath" Use-WindowsUnattend -Path 'C:\' -UnattendPath $UnattendPath | Out-Null #endregion #region OOBE Tasks #================================================ Write-SectionHeader "[PostOS] OOBE CMD Command Line" #================================================ Write-DarkGrayHost "Downloading Scripts for OOBE and specialize phase" Invoke-RestMethod http://autopilot.hwz.osdcloud.ch | Out-File -FilePath 'C:\Windows\Setup\scripts\autopilot.ps1' -Encoding ascii -Force Invoke-RestMethod http://oobe.hwz.osdcloud.ch | Out-File -FilePath 'C:\Windows\Setup\scripts\oobe.ps1' -Encoding ascii -Force Invoke-RestMethod http://cleanup.hwz.osdcloud.ch | Out-File -FilePath 'C:\Windows\Setup\scripts\cleanup.ps1' -Encoding ascii -Force Invoke-RestMethod http://osdgather.hwz.osdcloud.ch | Out-File -FilePath 'C:\Windows\Setup\scripts\osdgather.ps1' -Encoding ascii -Force $OOBEcmdTasks = @' @echo off REM Wait for Network 10 seconds REM ping 127.0.0.1 -n 10 -w 1 >NUL 2>&1 REM Execute OOBE Tasks start /wait powershell.exe -NoL -ExecutionPolicy Bypass -F C:\Windows\Setup\Scripts\oobe.ps1 REM Execute OSD Gather Script start /wait powershell.exe -NoL -ExecutionPolicy Bypass -F C:\Windows\Setup\Scripts\osdgather.ps1 REM Execute Cleanup Script start /wait powershell.exe -NoL -ExecutionPolicy Bypass -F C:\Windows\Setup\Scripts\cleanup.ps1 REM Below a PS session for debug and testing in system context, # when not needed REM start /wait powershell.exe -NoL -ExecutionPolicy Bypass exit '@ $OOBEcmdTasks | Out-File -FilePath 'C:\Windows\Setup\scripts\oobe.cmd' -Encoding ascii -Force #endregion #================================================ # [PostOS] Copying PFX file and script #================================================ Write-DarkGrayHost "Copying PFX file and script" Copy-Item X:\OSDCloud\Scripts C:\OSDCloud\ -Recurse -Force Write-DarkGrayHost "Disabling Shift F10 in OOBE for security Reasons" $Tagpath = "C:\Windows\Setup\Scripts\DisableCMDRequest.TAG" New-Item -ItemType file -Force -Path $Tagpath | Out-Null Write-DarkGrayHost "Shift F10 disabled now!" #region Development if ($Global:HWZ.Development -eq $true){ #================================================ Write-SectionHeader "[WINPE] DEVELOPMENT - Activate some debugging features" #================================================ Write-DarkGrayHost "Enabling Shift+F10 in OOBE for security Reasons" $Tagpath = "C:\Windows\Setup\Scripts\DisableCMDRequest.TAG" Remove-Item -Force -Path $Tagpath | Out-Null Write-DarkGrayHost "Shift F10 enabled now!" Write-DarkGrayHost "Disable Cursor Suppression" #cmd.exe /c reg load HKLM\Offline c:\windows\system32\config\software & cmd.exe /c REG ADD "HKLM\Offline\Microsoft\Windows\CurrentVersion\Policies\System" /v EnableCursorSuppression /t REG_DWORD /d 0 /f & cmd.exe /c reg unload HKLM\Offline Invoke-Exe cmd.exe -Arguments "/c reg load HKLM\Offline c:\windows\system32\config\software" | Out-Null New-ItemProperty -Path HKLM:\Offline\Microsoft\Windows\CurrentVersion\Policies\System -Name EnableCursorSuppression -Value 0 -Force | Out-Null #Invoke-Exe cmd.exe -Arguments "/c REG ADD 'HKLM\Offline\Microsoft\Windows\CurrentVersion\Policies\System' /v EnableCursorSuppression /t REG_DWORD /d 0 /f " Invoke-Exe cmd.exe -Arguments "/c reg unload HKLM\Offline" | Out-Null } #endregion #======================================================================= Write-SectionHeader "Moving OSDCloud Logs to IntuneManagementExtension\Logs\OSD" #======================================================================= if (-NOT (Test-Path 'C:\ProgramData\Microsoft\IntuneManagementExtension\Logs\OSD')) { New-Item -Path 'C:\ProgramData\Microsoft\IntuneManagementExtension\Logs\OSD' -ItemType Directory -Force -ErrorAction Stop | Out-Null } Get-ChildItem -Path X:\OSDCloud\Logs\ | Copy-Item -Destination 'C:\ProgramData\Microsoft\IntuneManagementExtension\Logs\OSD' -Force if ($Global:HWZ.Development -eq $false){ Write-DarkGrayHost "Restarting in 20 seconds!" Start-Sleep -Seconds 20 wpeutil reboot Stop-Transcript | Out-Null } else { Write-DarkGrayHost "Development Mode - No reboot!" Stop-Transcript | Out-Null } }