updates

PowerShellCrack · PowerShellCrack · commit 0c950f19a546 · 2019-06-05T11:47:27.000-04:00
diff --git a/.vscode/launch.json b/.vscode/launch.json
@@ -0,0 +1,52 @@
+{
+    // Use IntelliSense to learn about possible attributes.
+    // Hover to view descriptions of existing attributes.
+    // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
+    "version": "0.2.0",
+    "configurations": [
+        {
+            "name": "PowerShell Launch Current File",
+            "type": "PowerShell",
+            "request": "launch",
+            "script": "${file}",
+            "args": [],
+            "cwd": "${file}"
+        },
+        {
+            "name": "PowerShell Launch Current File in Temporary Console",
+            "type": "PowerShell",
+            "request": "launch",
+            "script": "${file}",
+            "args": [],
+            "cwd": "${file}",
+            "createTemporaryIntegratedConsole": true
+        },
+        {
+            "name": "PowerShell Launch Current File w/Args Prompt",
+            "type": "PowerShell",
+            "request": "launch",
+            "script": "${file}",
+            "args": [
+                "${command:SpecifyScriptArgs}"
+            ],
+            "cwd": "${file}"
+        },
+        {
+            "name": "PowerShell Attach to Host Process",
+            "type": "PowerShell",
+            "request": "attach"
+        },
+        {
+            "name": "PowerShell Interactive Session",
+            "type": "PowerShell",
+            "request": "launch",
+            "cwd": ""
+        },
+        {
+            "name": "PowerShell Attach Interactive Session Runspace",
+            "type": "PowerShell",
+            "request": "attach",
+            "processId": "current"
+        }
+    ]
+}
diff --git a/AppOptimizeAndConfig.ps1 b/AppOptimizeAndConfig.ps1
@@ -26,8 +26,8 @@
 
     .NOTES
         Author:         Richard Tracy	    
-        Last Update:    05/30/2019
-        Version:        1.1.5
+        Last Update:    06/5/2019
+        Version:        1.1.6
         Thanks to:      unixuser011,W4RH4WK,TheVDIGuys,cluberti
 
     .EXAMPLE
@@ -49,6 +49,7 @@
         https://github.com/cluberti/VDI/blob/master/ConfigAsVDI.ps1
 
     .LOG
+        1.1.6 - Jun 5, 2019 - Fixed Remove-AppxPackage for AllUsers    
         1.1.5 - May 30, 2019 - defaulted reg type to dword if not specified, standarized registry keys captalizations    
         1.1.4 - May 29, 2019 - fixed FOD issue and messages. fixed set-usersettings default users; fixed office detection
                                 resolved all VSC problems  
@@ -1101,6 +1102,7 @@ If($RemoveAppxPackages)
 
     $p = 1
     $c = 0
+    $d = 0
     # Loop through the list of appx packages
     foreach ($App in $AppArrayList) {
 
@@ -1110,49 +1112,57 @@ If($RemoveAppxPackages)
         }
         else {
             # Gather package names
-            $AppPackageFullName = Get-AppxPackage -Name $App.Name | Select-Object -ExpandProperty PackageFullName
+            $AppPackageDetails = Get-AppxPackage -AllUsers -Name $App.Name 
             
-            $AppProvisioningPackageName = Get-AppxProvisionedPackage -Online | Where-Object { $_.DisplayName -like $App.Name } | Select-Object -ExpandProperty PackageName
+            $AppProvisioningPackageName = Get-AppxProvisionedPackage -Online | Where-Object { $_.DisplayName -like $AppPackageDetails.Name } | Select-Object -ExpandProperty PackageName
 
             # Attempt to remove AppxPackage
-            if ($null -ne $AppPackageFullName) {
-                Show-ProgressStatus -Message ("Removing application package: {0}" -f $App.Name) -Step $p -MaxStep $AppArrayList.count
+            if ($null -ne $AppPackageDetails) {
+                Show-ProgressStatus -Message ("Removing application package: {0}" -f $AppPackageDetails.Name) -Step $p -MaxStep $AppArrayList.count
                 
                 try {
-                    Remove-AppxPackage -Package $AppPackageFullName -ErrorAction Stop | Out-Null
+                    Remove-AppxPackage -AllUsers -Package $AppPackageDetails.PackageFullName -ErrorAction Stop | Out-Null
                     
-                    Write-LogEntry -Message ("Successfully removed application package: {0}" -f $App.Name) -Outhost
+                    Write-LogEntry -Message ("Successfully removed application package: {0}" -f $AppPackageDetails.PackageFullName) -Outhost
                     $c++
                 }
                 catch [System.Exception] {
-                    Write-LogEntry -Message ("Failed removing AppxPackage: {0}" -f $_.Message) -Severity 3 -Outhost
+                    Write-LogEntry -Message ("Failed removing AppxPackage: {0}" -f $_) -Severity 3 -Outhost
+                }   
+                Finally{
+                    Write-LogEntry -Message ("--------------------------------------------------" ) -Outhost
                 }
             }
             else {
-                Write-LogEntry -Message ("Unable to locate AppxPackage for app: {0}" -f $App.Name) -Outhost
+                Write-LogEntry -Message ("Unable to locate AppxPackage for app: {0}" -f $AppPackageDetails.Name) -Outhost
             }
 
             # Attempt to remove AppxProvisioningPackage
-            if ($null -eq $AppProvisioningPackageName) {
-                Write-LogEntry -Message ("Removing application provisioning package: {0}" -f $AppProvisioningPackageName)
+            if ($null -ne $AppProvisioningPackageName) {
+                Write-LogEntry -Message ("Removing application PROVISIONED package: {0}" -f $AppProvisioningPackageName)
                 try {
                     Remove-AppxProvisionedPackage -PackageName $AppProvisioningPackageName -Online -ErrorAction Stop | Out-Null
-                    Write-LogEntry -Message ("Successfully removed application provisioning package: {0}" -f $AppProvisioningPackageName) -Outhost
+                    Write-LogEntry -Message ("Successfully removed application PROVISIONED package: {0}" -f $AppProvisioningPackageName) -Outhost
+                    $d++
                 }
                 catch [System.Exception] {
-                    Write-LogEntry -Message ("Failed removing Appx Provisioning Package: {0}" -f $_.Message) -Severity 3 -Outhost
+                    Write-LogEntry -Message ("Failed removing Appx PROVISIONED Package: {0}" -f $_) -Severity 3 -Outhost
+                }
+                Finally{
+                    Write-LogEntry -Message ("--------------------------------------------------" ) -Outhost
                 }
             }
             else {
-                Write-LogEntry -Message ("Unable to locate Appx Provisioning Package for app: {0}" -f $App.Name) -Outhost
+                Write-LogEntry -Message ("Unable to locate Appx PROVISIONED Package for app: {0}" -f $AppPackageDetails.Name) -Outhost
             }
 
         }
 
         $p++
     }
 
-    Write-LogEntry -Message ("Removed {0} built-in AppxPackage and AppxProvisioningPackage" -f $c) -Outhost
+    Write-LogEntry -Message ("Removed {0} All Users App Package's" -f $c) -Outhost
+    Write-LogEntry -Message ("Removed {0} built-in App PROVISIONED Package's" -f $d) -Outhost
 }
 Else{$stepCounter++}
 
diff --git a/Win10OptimizeAndConfig.ps1 b/Win10OptimizeAndConfig.ps1
@@ -2694,7 +2694,7 @@ If($EnableCredGuard)
             Write-LogEntry "Successfully enabled Microsoft-Hyper-V-HyperVisor feature"
         }
         catch [System.Exception] {
-            Write-LogEntry ("An error occured when enabling Microsoft-Hyper-V-HyperVisor. Error: -f $_") -Severity 3
+            Write-LogEntry ("An error occured when enabling Microsoft-Hyper-V-HyperVisor. {0}" -f $_) -Severity 3
         }
 
         try {
@@ -2703,7 +2703,7 @@ If($EnableCredGuard)
             Write-LogEntry "Successfully enabled IsolatedUserMode feature"
         }
         catch [System.Exception] {
-            Write-LogEntry ("An error occured when enabling IsolatedUserMode. Error: -f $_") -Severity 3
+            Write-LogEntry ("An error occured when enabling IsolatedUserMode. {0}" -f $_) -Severity 3
         }
     }
     
@@ -2718,7 +2718,7 @@ If($EnableCredGuard)
     Set-SystemSetting -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity' -Name 'Enabled' -Type DWord -Value 1 -Force
     Set-SystemSetting -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity' -Name 'Locked' -Type DWord -Value 0 -Force
 
-    Write-LogEntry "STIG Rule ID: SV-78089r7_rule :: Enabling Credential Guard on domain-joined systems"
+    Write-LogEntry "Enabling Credential Guard on domain-joined systems"
     Set-SystemSetting -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Lsa' -Name 'LsaCfgFlags' -Type DWord -Value 1 -Force   
     
     $DeviceGuardProperty = Get-CimInstance –ClassName Win32_DeviceGuard –Namespace root\Microsoft\Windows\DeviceGuard
diff --git a/Win10STIGAndMitigations.ps1 b/Win10STIGAndMitigations.ps1
@@ -960,7 +960,7 @@ If($ApplySTIGItems )
                 Write-LogEntry "Successfully enabled Microsoft-Hyper-V-HyperVisor feature" -Outhost
             }
             catch [System.Exception] {
-                Write-LogEntry ("An error occured when enabling Microsoft-Hyper-V-HyperVisor. Error: -f $_") -Severity 3 -Outhost
+                Write-LogEntry ("An error occured when enabling Microsoft-Hyper-V-HyperVisor. {0}" -f $_) -Severity 3 -Outhost
             }
 
             try {
@@ -969,7 +969,7 @@ If($ApplySTIGItems )
                 Write-LogEntry "Successfully enabled IsolatedUserMode feature" -Outhost
             }
             catch [System.Exception] {
-                Write-LogEntry ("An error occured when enabling IsolatedUserMode. Error: -f $_") -Severity 3 -Outhost
+                Write-LogEntry ("An error occured when enabling IsolatedUserMode. {0}" -f $_) -Severity 3 -Outhost
             }
         }
 
@@ -1010,7 +1010,7 @@ If($ApplySTIGItems )
         'admin' {$value = 2;$label = "to Require Admin approval"}
         default {$value = 1;$label = "to Warning Users"}
     }
-    Show-ProgressStatus -Message "Configuring Smart Screen Filte :: Configuring Smart Screen Filter $label" -Step ($stepCounter++) -MaxStep $script:Maxsteps -Outhost
+    Show-ProgressStatus -Message "Configuring Smart Screen Filter :: Configuring Smart Screen Filter $label" -Step ($stepCounter++) -MaxStep $script:Maxsteps -Outhost
     Set-SystemSetting -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\System' -Name 'EnableSmartScreen' -Type DWord -Value $value -Force -TryLGPO:$true
     Set-SystemSetting -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\System' -Name 'ShellSmartScreenLevel' -Type String -Value "Block" -Force -TryLGPO:$true
 
@@ -1084,7 +1084,7 @@ If($ApplySTIGItems )
     Show-ProgressStatus -Message "STIG Rule ID: SV-78287r1_rule :: Disabling LAN Manager hash of passwords for storage" -Step ($stepCounter++) -MaxStep $script:Maxsteps -Outhost
     Set-SystemSetting -Path 'HKLM:\System\CurrentControlSet\Control\Lsa' -Name 'NoLMHash' -Value 1 -Force
 
-    Show-ProgressStatus -Message "STIG Rule ID:  SV-78291r1_rule :: Disabling NTLMv2 response only, and to refuse LM and NTLM" -Step ($stepCounter++) -MaxStep $script:Maxsteps -Outhost
+    Show-ProgressStatus -Message "STIG Rule ID: SV-78291r1_rule :: Disabling NTLMv2 response only, and to refuse LM and NTLM" -Step ($stepCounter++) -MaxStep $script:Maxsteps -Outhost
     Set-SystemSetting -Path 'HKLM:\System\CurrentControlSet\Control\Lsa' -Name 'LmCompatibilityLevel' -Value 5 -Force
 
     Show-ProgressStatus -Message "STIG Rule ID: SV-78293r1_rule :: Enabling LDAP client signing level" -Step ($stepCounter++) -MaxStep $script:Maxsteps -Outhost
@@ -1102,7 +1102,7 @@ If($ApplySTIGItems )
     Show-ProgressStatus -Message "STIG Rule ID: SV-78143r1_rule :: Disabling the ability to reset computer account password" -Step ($stepCounter++) -MaxStep $script:Maxsteps -Outhost
     Set-SystemSetting -Path 'HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters' -Name 'DisablePasswordChange' -Value 1 -Force
     
-    Show-ProgressStatus -Message "STIG Rule ID:  SV-78151r1_rule :: Configuring maximum age for machine account password to 30 days" -Step ($stepCounter++) -MaxStep $script:Maxsteps -Outhost
+    Show-ProgressStatus -Message "STIG Rule ID: SV-78151r1_rule :: Configuring maximum age for machine account password to 30 days" -Step ($stepCounter++) -MaxStep $script:Maxsteps -Outhost
     Set-SystemSetting -Path 'HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters' -Name 'MaximumPasswordAge' -Value 30 -Force
 
     Show-ProgressStatus -Message "STIG Rule ID: SV-78155r1_rule :: Configuring strong session key for machine account password" -Step ($stepCounter++) -MaxStep $script:Maxsteps -Outhost

Original file line number	Diff line number	Diff line change
`@@ -2694,7 +2694,7 @@ If($EnableCredGuard)`
`2694`	`2694`	`Write-LogEntry "Successfully enabled Microsoft-Hyper-V-HyperVisor feature"`
`2695`	`2695`	`}`
`2696`	`2696`	`catch [System.Exception] {`
`2697`		`- Write-LogEntry ("An error occured when enabling Microsoft-Hyper-V-HyperVisor. Error: -f $_") -Severity 3`
	`2697`	`+ Write-LogEntry ("An error occured when enabling Microsoft-Hyper-V-HyperVisor. {0}" -f $_) -Severity 3`
`2698`	`2698`	`}`
`2699`	`2699`
`2700`	`2700`	`try {`
`@@ -2703,7 +2703,7 @@ If($EnableCredGuard)`
`2703`	`2703`	`Write-LogEntry "Successfully enabled IsolatedUserMode feature"`
`2704`	`2704`	`}`
`2705`	`2705`	`catch [System.Exception] {`
`2706`		`- Write-LogEntry ("An error occured when enabling IsolatedUserMode. Error: -f $_") -Severity 3`
	`2706`	`+ Write-LogEntry ("An error occured when enabling IsolatedUserMode. {0}" -f $_) -Severity 3`
`2707`	`2707`	`}`
`2708`	`2708`	`}`
`2709`	`2709`
`@@ -2718,7 +2718,7 @@ If($EnableCredGuard)`
`2718`	`2718`	`Set-SystemSetting -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity' -Name 'Enabled' -Type DWord -Value 1 -Force`
`2719`	`2719`	`Set-SystemSetting -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity' -Name 'Locked' -Type DWord -Value 0 -Force`
`2720`	`2720`
`2721`		`- Write-LogEntry "STIG Rule ID: SV-78089r7_rule :: Enabling Credential Guard on domain-joined systems"`
	`2721`	`+ Write-LogEntry "Enabling Credential Guard on domain-joined systems"`
`2722`	`2722`	`Set-SystemSetting -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Lsa' -Name 'LsaCfgFlags' -Type DWord -Value 1 -Force`
`2723`	`2723`
`2724`	`2724`	`$DeviceGuardProperty = Get-CimInstance –ClassName Win32_DeviceGuard –Namespace root\Microsoft\Windows\DeviceGuard`
Original file line number	Diff line number	Diff line change
`@@ -960,7 +960,7 @@ If($ApplySTIGItems )`
`960`	`960`	`Write-LogEntry "Successfully enabled Microsoft-Hyper-V-HyperVisor feature" -Outhost`
`961`	`961`	`}`
`962`	`962`	`catch [System.Exception] {`
`963`		`- Write-LogEntry ("An error occured when enabling Microsoft-Hyper-V-HyperVisor. Error: -f $_") -Severity 3 -Outhost`
	`963`	`+ Write-LogEntry ("An error occured when enabling Microsoft-Hyper-V-HyperVisor. {0}" -f $_) -Severity 3 -Outhost`
`964`	`964`	`}`
`965`	`965`
`966`	`966`	`try {`
`@@ -969,7 +969,7 @@ If($ApplySTIGItems )`
`969`	`969`	`Write-LogEntry "Successfully enabled IsolatedUserMode feature" -Outhost`
`970`	`970`	`}`
`971`	`971`	`catch [System.Exception] {`
`972`		`- Write-LogEntry ("An error occured when enabling IsolatedUserMode. Error: -f $_") -Severity 3 -Outhost`
	`972`	`+ Write-LogEntry ("An error occured when enabling IsolatedUserMode. {0}" -f $_) -Severity 3 -Outhost`
`973`	`973`	`}`
`974`	`974`	`}`
`975`	`975`
`@@ -1010,7 +1010,7 @@ If($ApplySTIGItems )`
`1010`	`1010`	`'admin' {$value = 2;$label = "to Require Admin approval"}`
`1011`	`1011`	`default {$value = 1;$label = "to Warning Users"}`
`1012`	`1012`	`}`
`1013`		`- Show-ProgressStatus -Message "Configuring Smart Screen Filte :: Configuring Smart Screen Filter $label" -Step ($stepCounter++) -MaxStep $script:Maxsteps -Outhost`
	`1013`	`+ Show-ProgressStatus -Message "Configuring Smart Screen Filter :: Configuring Smart Screen Filter $label" -Step ($stepCounter++) -MaxStep $script:Maxsteps -Outhost`
`1014`	`1014`	`Set-SystemSetting -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\System' -Name 'EnableSmartScreen' -Type DWord -Value $value -Force -TryLGPO:$true`
`1015`	`1015`	`Set-SystemSetting -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\System' -Name 'ShellSmartScreenLevel' -Type String -Value "Block" -Force -TryLGPO:$true`
`1016`	`1016`
`@@ -1084,7 +1084,7 @@ If($ApplySTIGItems )`
`1084`	`1084`	`Show-ProgressStatus -Message "STIG Rule ID: SV-78287r1_rule :: Disabling LAN Manager hash of passwords for storage" -Step ($stepCounter++) -MaxStep $script:Maxsteps -Outhost`
`1085`	`1085`	`Set-SystemSetting -Path 'HKLM:\System\CurrentControlSet\Control\Lsa' -Name 'NoLMHash' -Value 1 -Force`
`1086`	`1086`
`1087`		`- Show-ProgressStatus -Message "STIG Rule ID: SV-78291r1_rule :: Disabling NTLMv2 response only, and to refuse LM and NTLM" -Step ($stepCounter++) -MaxStep $script:Maxsteps -Outhost`
	`1087`	`+ Show-ProgressStatus -Message "STIG Rule ID: SV-78291r1_rule :: Disabling NTLMv2 response only, and to refuse LM and NTLM" -Step ($stepCounter++) -MaxStep $script:Maxsteps -Outhost`
`1088`	`1088`	`Set-SystemSetting -Path 'HKLM:\System\CurrentControlSet\Control\Lsa' -Name 'LmCompatibilityLevel' -Value 5 -Force`
`1089`	`1089`
`1090`	`1090`	`Show-ProgressStatus -Message "STIG Rule ID: SV-78293r1_rule :: Enabling LDAP client signing level" -Step ($stepCounter++) -MaxStep $script:Maxsteps -Outhost`
`@@ -1102,7 +1102,7 @@ If($ApplySTIGItems )`
`1102`	`1102`	`Show-ProgressStatus -Message "STIG Rule ID: SV-78143r1_rule :: Disabling the ability to reset computer account password" -Step ($stepCounter++) -MaxStep $script:Maxsteps -Outhost`
`1103`	`1103`	`Set-SystemSetting -Path 'HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters' -Name 'DisablePasswordChange' -Value 1 -Force`
`1104`	`1104`
`1105`		`- Show-ProgressStatus -Message "STIG Rule ID: SV-78151r1_rule :: Configuring maximum age for machine account password to 30 days" -Step ($stepCounter++) -MaxStep $script:Maxsteps -Outhost`
	`1105`	`+ Show-ProgressStatus -Message "STIG Rule ID: SV-78151r1_rule :: Configuring maximum age for machine account password to 30 days" -Step ($stepCounter++) -MaxStep $script:Maxsteps -Outhost`
`1106`	`1106`	`Set-SystemSetting -Path 'HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters' -Name 'MaximumPasswordAge' -Value 30 -Force`
`1107`	`1107`
`1108`	`1108`	`Show-ProgressStatus -Message "STIG Rule ID: SV-78155r1_rule :: Configuring strong session key for machine account password" -Step ($stepCounter++) -MaxStep $script:Maxsteps -Outhost`