cancel
Showing results forย 
Search instead forย 
Did you mean:ย 
Disclaimer
JUMPCLOUD EXPRESSLY DISCLAIMS ALL REPRESENTATIONS, WARRANTIES, CONDITIONS, AND LIABILITIES OF ANY KIND ARISING FROM OR RELATED TO THIRD-PARTY SOFTWARE, SCRIPTS, REPOSITORIES, AND APIS. JUMPCLOUD IS NOT REQUIRED TO SUPPORT ANY SUCH THIRD-PARTY MATERIALS AND ALL RISKS RELATED TO THIRD-PARTY MATERIALS ARE YOUR RESPONSIBILITY. PLEASE ALSO REVIEW THE JUMPCLOUD TOS.

[POWERSHELL] PPKG Creator: A script to download, customise and create a Provisioning Package for Windows

JuergenKlaassen
Rising Star III
Rising Star III

Hi Community Folks

The recently released option to enroll Windows devices via Provisioning Packages (PPKG) requires you to take a couple of steps manually by using the Windows Configuration Designer (ICD.exe) as shown in this nice video.

SCR-20240326-mbtq.png

What if you could use a PowerShell Script instead to do all this?

 

I've written a PPKG Creator for you guys which does the following:

- prompt the user for the JumpCloud API key
- prompt the user for the desired prefix for the hostname (before the %SERIAL%)
- prompt the user for the desired username and password to be added to the <Users> section of the customizations.xml file
- generate a new GUID for the package ID
- construct the customizations.xml file with the <Users> section
- query the registry for the path to the ICD.exe and check if it exists
- copy the Desktop Store File to the Common Store File to work around a bug in ICD.exe
- create the PPKG using the ICD.exe and the customizations.xml file
- restore the Store Files back to the original state

Important to know and consider is that

  1. this currently only works with the Windows Configuration Designer from the Windows ADK, the Windows Store version doesn't work
  2. there's currently a bug in the ICD.exe which only allows to take in 2 parameters and therefore I had to add some logic to shuffle the so called 'Store Files' around to make it work. 
  3. You need to run the PS-script with elevated privileges because files get copied and renamed (reason above)

Once executed your terminal output looks like this:

SCR-20240326-lzxu.png

 ...and you end up with a PPKG which you can use for the bulk deployments:

SCR-20240326-mabz.png

 

SCR-20240326-maez.png

When you look at the script, you will notice that the XML content needed for the PPKG creation is manipulated. If you like, you can add any other section here based on the specifications. As an example:

        <Policies>
          <ApplicationManagement>
            <AllowAllTrustedApps>Yes</AllowAllTrustedApps>
          </ApplicationManagement>
          <WindowsLogon>
            <HideFastUserSwitching>No</HideFastUserSwitching>
          </WindowsLogon>
        </Policies>

That's it. You can find the script on my Github here

Thanks for reading
- Juergen

0 REPLIES 0