This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 
Disclaimer
JUMPCLOUD EXPRESSLY DISCLAIMS ALL REPRESENTATIONS, WARRANTIES, CONDITIONS, AND LIABILITIES OF ANY KIND ARISING FROM OR RELATED TO THIRD-PARTY SOFTWARE, SCRIPTS, REPOSITORIES, AND APIS. JUMPCLOUD IS NOT REQUIRED TO SUPPORT ANY SUCH THIRD-PARTY MATERIALS AND ALL RISKS RELATED TO THIRD-PARTY MATERIALS ARE YOUR RESPONSIBILITY. PLEASE ALSO REVIEW THE JUMPCLOUD TOS.

[POWERSHELL] PPKG Creator: A script to download, customise and create a Provisioning Package for Windows

JuergenKlaassen
Rising Star III
Rising Star III

โ€Ž03-26-2024 01:49 AM

Hi Community Folks

The recently released option to enroll Windows devices via Provisioning Packages (PPKG) requires you to take a couple of steps manually by using the Windows Configuration Designer (ICD.exe) as shown in this nice video.

SCR-20240326-mbtq.png

What if you could use a PowerShell Script instead to do all this?

 

I've written a PPKG Creator for you guys which does the following:

- prompt the user for the JumpCloud API key
- prompt the user for the desired prefix for the hostname (before the %SERIAL%)
- prompt the user for the desired username and password to be added to the <Users> section of the customizations.xml file
- generate a new GUID for the package ID
- construct the customizations.xml file with the <Users> section
- query the registry for the path to the ICD.exe and check if it exists
- copy the Desktop Store File to the Common Store File to work around a bug in ICD.exe
- create the PPKG using the ICD.exe and the customizations.xml file
- restore the Store Files back to the original state

Important to know and consider is that

  1. this currently only works with the Windows Configuration Designer from the Windows ADK, the Windows Store version doesn't work
  2. there's currently a bug in the ICD.exe which only allows to take in 2 parameters and therefore I had to add some logic to shuffle the so called 'Store Files' around to make it work. 
  3. You need to run the PS-script with elevated privileges because files get copied and renamed (reason above)

Once executed your terminal output looks like this:

SCR-20240326-lzxu.png

 ...and you end up with a PPKG which you can use for the bulk deployments:

SCR-20240326-mabz.png

 

SCR-20240326-maez.png

When you look at the script, you will notice that the XML content needed for the PPKG creation is manipulated. If you like, you can add any other section here based on the specifications. As an example:

        <Policies>
          <ApplicationManagement>
            <AllowAllTrustedApps>Yes</AllowAllTrustedApps>
          </ApplicationManagement>
          <WindowsLogon>
            <HideFastUserSwitching>No</HideFastUserSwitching>
          </WindowsLogon>
        </Policies>

That's it. You can find the script on my Github here

Thanks for reading
- Juergen

Labels:
0 REPLIES 0
You Might Like

New to the site? Take a look at these additional resources:

Community created scripts:

Our new Radical Admin blog:

Keep up with Product News:

Read our community guidelines

Ready to join us? You can register here.