<#Author : Dean Cefola # Creation Date: 09-15-2019 # Usage : Windows Virtual Desktop Scripted Install #******************************************************************************** # Date Version Changes #------------------------------------------------------------------------ # 09/15/2019 1.0 Intial Version # 09/16/2019 2.0 Add FSLogix installer # 09/16/2019 2.1 Add FSLogix Reg Keys # 09/16/2019 2.2 Add Input Parameters # 09/16/2019 2.3 Add TLS 1.2 settings # 09/17/2019 3.0 Chang download locations to dynamic # 09/17/2019 3.1 Add code to disable IESEC for admins # 09/20/2019 3.2 Add code to discover OS (Server / Client) # 09/20/2019 4.0 Add code for servers to add RDS Host role # 10/01/2019 4.2 Add all FSLogix Profile Container Reg entries for easier management # 10/07/2019 4.3 Add FSLogix Office Container Reg entries for easier management # 10/16/2019 5.0 Add Windows 7 Support # 07/20/2020 6.0 Add WVD Optimize Code from The-Virtual-Desktop-Team # 10/27/2020 7.0 Optimize FSLogix settings - Remove Office Profile Settings # 02/01/2021 7.1 Add RegKey for Screen Protection # 05/22/2021 7.2 Multiple changes to WVD Optimization code (remove winversion, Add EULA, Add Paramater for Optimize All # 06/30/2021 7.3 Add RegKey for Azure AD Join # #********************************************************************************* # #> ############################## # WVD Script Parameters # ############################## Param ( [Parameter(Mandatory=$true)] [string]$ProfilePath, [Parameter(Mandatory=$true)] [string]$RegistrationToken, [Parameter(Mandatory=$false)] [string]$Optimize = $true ) ###################### # WVD Variables # ###################### $LocalWVDpath = "c:\temp\wvd\" $WVDBootURI = 'https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWrxrH' $WVDAgentURI = 'https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWrmXv' $FSLogixURI = 'https://aka.ms/fslogix_download' $FSInstaller = 'FSLogixAppsSetup.zip' $WVDAgentInstaller = 'WVD-Agent.msi' $WVDBootInstaller = 'WVD-Bootloader.msi' $Win7x64_UpdateURI = 'https://download.microsoft.com/download/A/F/5/AF5C565C-9771-4BFB-973B-4094C1F58646/Windows6.1-KB2592687-x64.msu' $Win7x64_WMI5URI = 'https://download.microsoft.com/download/6/F/5/6F5FF66C-6775-42B0-86C4-47D41F2DA187/Win7AndW2K8R2-KB3191566-x64.zip' $Win7x64_UpdateInstaller = 'Win7-KB2592687-x64.msu' $Win7x64_WMI5Installer = 'Win7-KB3191566-WMI5-x64.zip' $Win7x64_WVDAgent = 'https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE3JZCm' $Win7x64_WVDBootMgrURI = 'https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE3K2e3' $Optimizations = "All" #################################### # Test/Create Temp Directory # #################################### if((Test-Path c:\temp) -eq $false) { Add-Content -LiteralPath C:\New-WVDSessionHost.log "Create C:\temp Directory" Write-Host ` -ForegroundColor Cyan ` -BackgroundColor Black ` "creating temp directory" New-Item -Path c:\temp -ItemType Directory } else { Add-Content -LiteralPath C:\New-WVDSessionHost.log "C:\temp Already Exists" Write-Host ` -ForegroundColor Yellow ` -BackgroundColor Black ` "temp directory already exists" } if((Test-Path $LocalWVDpath) -eq $false) { Add-Content -LiteralPath C:\New-WVDSessionHost.log "Create C:\temp\WVD Directory" Write-Host ` -ForegroundColor Cyan ` -BackgroundColor Black ` "creating c:\temp\wvd directory" New-Item -Path $LocalWVDpath -ItemType Directory } else { Add-Content -LiteralPath C:\New-WVDSessionHost.log "C:\temp\WVD Already Exists" Write-Host ` -ForegroundColor Yellow ` -BackgroundColor Black ` "c:\temp\wvd directory already exists" } New-Item -Path c:\ -Name New-WVDSessionHost.log -ItemType File Add-Content ` -LiteralPath C:\New-WVDSessionHost.log ` " ProfilePath = $ProfilePath RegistrationToken = $RegistrationToken Optimize = $Optimize " ################################# # Download WVD Componants # ################################# Add-Content -LiteralPath C:\New-WVDSessionHost.log "Downloading WVD Boot Loader" Invoke-WebRequest -Uri $WVDBootURI -OutFile "$LocalWVDpath$WVDBootInstaller" Add-Content -LiteralPath C:\New-WVDSessionHost.log "Downloading FSLogix" Invoke-WebRequest -Uri $FSLogixURI -OutFile "$LocalWVDpath$FSInstaller" Add-Content -LiteralPath C:\New-WVDSessionHost.log "Downloading WVD Agent" Invoke-WebRequest -Uri $WVDAgentURI -OutFile "$LocalWVDpath$WVDAgentInstaller" ############################## # Prep for WVD Install # ############################## Add-Content -LiteralPath C:\New-WVDSessionHost.log "Unzip FSLogix" Expand-Archive ` -LiteralPath "C:\temp\wvd\$FSInstaller" ` -DestinationPath "$LocalWVDpath\FSLogix" ` -Force ` -Verbose [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 cd $LocalWVDpath Add-Content -LiteralPath C:\New-WVDSessionHost.log "UnZip FXLogix Complete" ############################## # OS Specific Settings # ############################## $OS = (Get-WmiObject win32_operatingsystem).name If(($OS) -match 'server') { Add-Content -LiteralPath C:\New-WVDSessionHost.log "Windows Server OS Detected" write-host -ForegroundColor Cyan -BackgroundColor Black "Windows Server OS Detected" If(((Get-WindowsFeature -Name RDS-RD-Server).installstate) -eq 'Installed') { "Session Host Role is already installed" } Else { "Installing Session Host Role" Install-WindowsFeature ` -Name RDS-RD-Server ` -Verbose ` -LogPath "$LocalWVDpath\RdsServerRoleInstall.txt" } $AdminsKey = "SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}" $UsersKey = "SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}" $BaseKey = [Microsoft.Win32.RegistryKey]::OpenBaseKey("LocalMachine","Default") $SubKey = $BaseKey.OpenSubkey($AdminsKey,$true) $SubKey.SetValue("IsInstalled",0,[Microsoft.Win32.RegistryValueKind]::DWORD) $SubKey = $BaseKey.OpenSubKey($UsersKey,$true) $SubKey.SetValue("IsInstalled",0,[Microsoft.Win32.RegistryValueKind]::DWORD) } Else { Add-Content -LiteralPath C:\New-WVDSessionHost.log "Windows Client OS Detected" write-host -ForegroundColor Cyan -BackgroundColor Black "Windows Client OS Detected" if(($OS) -match 'Windows 10') { write-host ` -ForegroundColor Yellow ` -BackgroundColor Black ` "Windows 10 detected...skipping to next step" Add-Content -LiteralPath C:\New-WVDSessionHost.log "Windows 10 Detected...skipping to next step" } else { $OSArch = (Get-WmiObject win32_operatingsystem).OSArchitecture If(($OSArch) -match '64-bit') { write-host ` -ForegroundColor Magenta ` -BackgroundColor Black ` "Windows 7 x64 detected" Add-Content -LiteralPath C:\New-WVDSessionHost.log "Windows 7 x64 Detected" ################################# # Begin Win7x64 downloads # ################################# $Win7x64_WinUpdateRequest = [System.Net.WebRequest]::Create($Win7x64_UpdateURI) $Win7x64_WMI5Request = [System.Net.WebRequest]::Create($Win7x64_WMI5URI) $Win7x64_WVDAgentRequest = [System.Net.WebRequest]::Create($Win7x64_WVDAgentURI) $Win7x64_WVDBootRequest = [System.Net.WebRequest]::Create($Win7x64_WVDBootMgrURI) ################################ # Begin Win7x64 Installs # ################################ write-host ` -ForegroundColor Magenta ` -BackgroundColor Black ` "...installing Update KB2592687 for x64" Expand-Archive ` -LiteralPath "C:\temp\wvd\$Win7x64_WMI5Installer" ` -DestinationPath "$LocalWVDpath\Win7Wmi5x64" ` -Force ` -Verbose $packageName = 'Win7AndW2K8R2-KB3191566-x64.msu' $packagePath = 'C:\temp\wvd\Win7Wmi5x64' $wusaExe = "$env:windir\system32\wusa.exe" $wusaParameters += @("/quiet", "/promptrestart") $wusaParameterString = $wusaParameters -join " " & $wusaExe $wusaParameterString } } } ################################ # Install WVD Componants # ################################ Add-Content -LiteralPath C:\New-WVDSessionHost.log "Installing WVD Bootloader" $bootloader_deploy_status = Start-Process ` -FilePath "msiexec.exe" ` -ArgumentList "/i $WVDBootInstaller", ` "/quiet", ` "/qn", ` "/norestart", ` "/passive", ` "/l* $LocalWVDpath\AgentBootLoaderInstall.txt" ` -Wait ` -Passthru $sts = $bootloader_deploy_status.ExitCode Add-Content -LiteralPath C:\New-WVDSessionHost.log "Installing WVD Bootloader Complete" Write-Output "Installing RDAgentBootLoader on VM Complete. Exit code=$sts`n" Wait-Event -Timeout 5 Add-Content -LiteralPath C:\New-WVDSessionHost.log "Installing WVD Agent" Write-Output "Installing RD Infra Agent on VM $AgentInstaller`n" $agent_deploy_status = Start-Process ` -FilePath "msiexec.exe" ` -ArgumentList "/i $WVDAgentInstaller", ` "/quiet", ` "/qn", ` "/norestart", ` "/passive", ` "REGISTRATIONTOKEN=$RegistrationToken", "/l* $LocalWVDpath\AgentInstall.txt" ` -Wait ` -Passthru Add-Content -LiteralPath C:\New-WVDSessionHost.log "WVD Agent Install Complete" Wait-Event -Timeout 5 <# ######################### # FSLogix Install # ######################### Add-Content -LiteralPath C:\New-WVDSessionHost.log "Installing FSLogix" $fslogix_deploy_status = Start-Process ` -FilePath "$LocalWVDpath\FSLogix\x64\Release\FSLogixAppsSetup.exe" ` -ArgumentList "/install /quiet" ` -Wait ` -Passthru #> ####################################### # FSLogix User Profile Settings # ####################################### Add-Content -LiteralPath C:\New-WVDSessionHost.log "Configure FSLogix Profile Settings" Push-Location Set-Location HKLM:\SOFTWARE\ New-Item ` -Path HKLM:\SOFTWARE\FSLogix ` -Name Profiles ` -Value "" ` -Force New-Item ` -Path HKLM:\Software\FSLogix\Profiles\ ` -Name Apps ` -Force Set-ItemProperty ` -Path HKLM:\Software\FSLogix\Profiles ` -Name "Enabled" ` -Type "Dword" ` -Value "1" New-ItemProperty ` -Path HKLM:\Software\FSLogix\Profiles ` -Name "CCDLocations" ` -Value "type=smb,connectionString=$ProfilePath" ` -PropertyType MultiString ` -Force Set-ItemProperty ` -Path HKLM:\Software\FSLogix\Profiles ` -Name "SizeInMBs" ` -Type "Dword" ` -Value "30000" Set-ItemProperty ` -Path HKLM:\Software\FSLogix\Profiles ` -Name "IsDynamic" ` -Type "Dword" ` -Value "1" Set-ItemProperty ` -Path HKLM:\Software\FSLogix\Profiles ` -Name "VolumeType" ` -Type String ` -Value "vhdx" Set-ItemProperty ` -Path HKLM:\Software\FSLogix\Profiles ` -Name "FlipFlopProfileDirectoryName" ` -Type "Dword" ` -Value "1" Set-ItemProperty ` -Path HKLM:\Software\FSLogix\Profiles ` -Name "SIDDirNamePattern" ` -Type String ` -Value "%username%%sid%" Set-ItemProperty ` -Path HKLM:\Software\FSLogix\Profiles ` -Name "SIDDirNameMatch" ` -Type String ` -Value "%username%%sid%" Set-ItemProperty ` -Path HKLM:\Software\FSLogix\Profiles ` -Name DeleteLocalProfileWhenVHDShouldApply ` -Type DWord ` -Value 1 Pop-Location ########################################## # Enable Screen Capture Protection # ########################################## Add-Content -LiteralPath C:\New-WVDSessionHost.log "Enable Screen Capture Protection" Push-Location Set-Location "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" New-ItemProperty ` -Path .\ ` -Name fEnableScreenCaptureProtection ` -Value "1" ` -PropertyType DWord ` -Force Pop-Location ############################## # Enable Azure AD Join # ############################## Add-Content -LiteralPath C:\New-WVDSessionHost.log "Enable Azure AD Join" Push-Location Set-Location HKLM:\SOFTWARE\Microsoft New-Item ` -Path HKLM:\SOFTWARE\Microsoft ` -Name RDInfraAgent ` -Force New-Item ` -Path HKLM:\Software\Microsoft\RDInfraAgent ` -Name AADJPrivate ` -Force Pop-Location ############################################## # WVD Optimizer (Virtual Desktop Team) # ############################################## If ($Optimize -eq $true) { Write-Output "Optimizer selected" ################################ # Download WVD Optimizer # ################################ Add-Content -LiteralPath C:\New-WVDSessionHost.log "Optimize Selected" Add-Content -LiteralPath C:\New-WVDSessionHost.log "Creating C:\Optimize folder" New-Item -Path C:\ -Name Optimize -ItemType Directory -ErrorAction SilentlyContinue $LocalPath = "C:\Optimize\" $WVDOptimizeURL = 'https://github.com/The-Virtual-Desktop-Team/Virtual-Desktop-Optimization-Tool/archive/refs/heads/main.zip' $WVDOptimizeInstaller = "Windows_10_VDI_Optimize-master.zip" Invoke-WebRequest ` -Uri $WVDOptimizeURL ` -OutFile "$Localpath$WVDOptimizeInstaller" ############################### # Prep for WVD Optimize # ############################### Add-Content -LiteralPath C:\New-WVDSessionHost.log "Optimize downloaded and extracted" Expand-Archive ` -LiteralPath "C:\Optimize\Windows_10_VDI_Optimize-master.zip" ` -DestinationPath "$Localpath" ` -Force ` -Verbose ################################# # Run WVD Optimize Script # ################################# Add-Content -LiteralPath C:\New-WVDSessionHost.log "Begining Optimize" Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force -Verbose .\Win10_VirtualDesktop_Optimize.ps1 -Optimizations $Optimizations -Restart -AcceptEULA -Verbose Add-Content -LiteralPath C:\New-WVDSessionHost.log "Optimization Complete" } else { Write-Output "Optimize not selected" Add-Content -LiteralPath C:\New-WVDSessionHost.log "Optimize NOT selected" } ########################## # Restart Computer # ########################## Add-Content -LiteralPath C:\New-WVDSessionHost.log "Process Complete - REBOOT" Restart-Computer -Force