From bd43db4e0429c57c020a1f2a2e7b5f18733a4b66 Mon Sep 17 00:00:00 2001 From: "Michael H.G. Schmidt" Date: Tue, 27 Dec 2022 11:31:44 +0100 Subject: [PATCH] new tool isuseradmin and optimization of logon script --- scripts/autoconfig-all.cmd | 7 - scripts/cleanup-tiles.cmd | 11 +- scripts/disable-networkfeatures.cmd | 11 +- source/isuseradmin.pb | 23 ++++ tools/logon.cmd | 195 ++++++++++++++++------------ 5 files changed, 144 insertions(+), 103 deletions(-) create mode 100644 source/isuseradmin.pb diff --git a/scripts/autoconfig-all.cmd b/scripts/autoconfig-all.cmd index 571d222..06d4dec 100644 --- a/scripts/autoconfig-all.cmd +++ b/scripts/autoconfig-all.cmd @@ -138,13 +138,6 @@ echo. powershell -command .\uninstall-apps.ps1 echo. -call uninstall-onedrive.cmd -echo. - -call uninstall-edge.cmd -echo. - - echo ##################### echo ### INSTALL tasks ### echo ##################### diff --git a/scripts/cleanup-tiles.cmd b/scripts/cleanup-tiles.cmd index d22f378..ec4165f 100644 --- a/scripts/cleanup-tiles.cmd +++ b/scripts/cleanup-tiles.cmd @@ -1,12 +1,9 @@ @echo off -set TOOLS=c:\tools -net session >nul 2>&1 -if NOT %ERRORLEVEL% == 0 ( - echo ERROR: User has NO ADMINISTRATOR rights! - exit /b -) +echo ####### %0 ####### -echo cleaning START menu tiles ... +echo Cleaning up tiles in the START menu ... powershell -command %TOOLS%\scripts\cleanup-tiles.ps1 +echo ####### %0 ####### + diff --git a/scripts/disable-networkfeatures.cmd b/scripts/disable-networkfeatures.cmd index 8576128..85531f7 100644 --- a/scripts/disable-networkfeatures.cmd +++ b/scripts/disable-networkfeatures.cmd @@ -1,12 +1,9 @@ @echo off -set TOOLS=c:\tools -net session >nul 2>&1 -if %ERRORLEVEL% NEQ 0 ( - echo ERROR: User has NO ADMINISTRATOR rights! - exit /b -) +echo ####### %0 ####### -echo disabling unwanted NETWORK features ... +echo Disabling unwanted NETWORK features ... powershell -command %TOOLS%\scripts\disable-networkfeatures.ps1 +echo ####### %0 ####### + diff --git a/source/isuseradmin.pb b/source/isuseradmin.pb new file mode 100644 index 0000000..1f766ab --- /dev/null +++ b/source/isuseradmin.pb @@ -0,0 +1,23 @@ +; isuseradmin.pb +; ------------------------------------------------------------ +; this tool checks for admin rights and returns: +; 0 = is ADMIN +; 1 = NOT an admin +; LICENSE : GPL +; AUTHOR : Michael H.G. Schmidt +; EMAIL : michael@schmidt2.de +; DATE : 20221227 +; ------------------------------------------------------------ +; + +OpenConsole() + +If IsUserAdmin_() + End 0 +Else + End 1 +EndIf + +; IDE Options = PureBasic 5.73 LTS (Windows - x64) +; CursorPosition = 17 +; EnableXP \ No newline at end of file diff --git a/tools/logon.cmd b/tools/logon.cmd index 1f6dd0f..a1b861c 100644 --- a/tools/logon.cmd +++ b/tools/logon.cmd @@ -33,6 +33,7 @@ rem =================== rem CONFIGFILE CHECKS rem =================== +echo. echo searching for SCRIPT settings ... if NOT EXIST %SCRIPT_SETTINGS% ( echo INFO: config file %COMPANY_SETTINGS% NOT FOUND @@ -42,6 +43,7 @@ if NOT EXIST %SCRIPT_SETTINGS% ( echo LANG=%LANG% ) +echo. echo searching for COMPANY settings ... if NOT EXIST %COMPANY_SETTINGS% ( echo INFO: config file %COMPANY_SETTINGS% NOT FOUND @@ -50,6 +52,11 @@ if NOT EXIST %COMPANY_SETTINGS% ( call %COMPANY_SETTINGS% ) +echo. +echo ##### +echo ##### GENERIC tasks +echo ##### +echo. rem =================== rem EMCLIENT LICENSING @@ -59,18 +66,18 @@ rem licensing for emClient already done ? if EXIST %EMLICENSE_DONE% GOTO EMCLIENT_END if %emclient_license% == 0 ( - echo no em Client license found! + echo no emClient license found! ) else ( echo. if EXIST "%ProgramFiles(x86)%\eM Client\MailClient.exe" ( - echo adding em Client license ... + echo Adding emClient license ... "%ProgramFiles(x86)%\eM Client\MailClient.exe" /activate %emclient_license% rem create a statusfile (this codeblock must be executed only once per use) ... echo 1 >%EMLICENSE_DONE% ) else ( - echo em Client is NOT installed! + echo emClient is NOT installed! ) echo. ) @@ -82,116 +89,122 @@ rem ================================================ rem GENERIC SETTINGS FOR THE USER (this runs always) rem ================================================ -echo removing wallpaper ... -reg add "HKEY_CURRENT_USER\Control Panel\Desktop" /v WallPaper /t REG_SZ /d " " /f 1>nul +echo Removing the wallpaper ... +reg add "HKCU\Control Panel\Desktop" /v WallPaper /t REG_SZ /d " " /f 1>nul RUNDLL32.EXE user32.dll,UpdatePerUserSystemParameters -echo setting desktop colour (RGB) ... +echo Setting the desktop colour (RGB) ... %TOOLS%\setbgcol %bgcol_R% %bgcol_G% %bgcol_B% -echo starting BGInfo ... +echo Starting BGInfo tool ... %TOOLS%\bginfo\bginfo64.exe %TOOLS%\bginfo\config.bgi /NOLICPROMPT /silent /timer:0 -echo setting RECYCLE BIN limits ... +echo Setting RECYCLE BIN limits ... +echo. powershell -command %TOOLS%\scripts\set-recyclebin.ps1 +echo. -echo remapping Desktop folder to standard location ... -reg add "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" ^ +echo Remapping Desktop folder to standard location ... +reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" ^ /v Desktop /t REG_EXPAND_SZ /d "%%USERPROFILE%%\Desktop" /f 1>nul -rem ========= -rem SEAFILE -rem ========= - -rem check for existence of client binary ... if EXIST "%ProgramFiles%\Seafile\bin\seafile-applet.exe" ( - echo setting autostart for SEAFILE ... - reg add "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" ^ + echo Setting autostart for SEAFILE client ... + reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" ^ /v Seafile /t REG_SZ /d "%ProgramFiles%\Seafile\bin\seafile-applet.exe" /f 1>nul ) rem fix for broken SEAFILE folder access rights ... if EXIST %USERPROFILE%\Seafile ( - echo removing SEAFILE folder system attributes ... + echo Removing "system" attribute on SEAFILE storage folder ... attrib -S %USERPROFILE%\Seafile /S /D ) -rem ================================================== -rem USER TWEAKS AND CONFIG FILES (this runs only once) -rem ================================================== +rem ===================================================== +rem ACCOUNT TWEAKS AND CONFIG FILES (this runs only once) +rem ===================================================== rem User tweaks already done ? if EXIST %USERCONFIG_DONE% GOTO USERTWEAKS_DONE +echo. +echo ##### +echo ##### INITIAL account setup +echo ##### +echo. + rem WORKSPACE folder -echo creating folder %USERPROFILE%\workspace ... +echo Creating folder %USERPROFILE%\workspace ... mkdir %USERPROFILE%\workspace 1>nul 2>nul rem SSH -echo setting up ssh client ... +echo Setting up SSH client ... mkdir %USERPROFILE%\.ssh 1>nul 2>nul -copy /Y %TOOLS%\scripts\config\ssh-config.txt %USERPROFILE%\.ssh\config +copy /Y %TOOLS%\scripts\config\ssh-config.txt %USERPROFILE%\.ssh\config 1>nul 2>nul rem VIM -echo copying vimrc ... -copy /Y %TOOLS%\scripts\config\vimrc.txt %USERPROFILE%\.vimrc +echo Installing a VIM configuration ... +copy /Y %TOOLS%\scripts\config\vimrc.txt %USERPROFILE%\.vimrc 1>nul 2>nul rem WINDOWS TERMINAL -echo seting up WINDOWS TERMINAL ... +echo Setting up WINDOWS TERMINAL ... set LOCALSTATE=%LOCALAPPDATA%\Packages\Microsoft.WindowsTerminal_8wekyb3d8bbwe\LocalState mkdir %LOCALSTATE% 1>nul 2>nul -copy /Y %TOOLS%\scripts\config\wt-settings.json %LOCALSTATE%\settings.json +copy /Y %TOOLS%\scripts\config\wt-settings.json %LOCALSTATE%\settings.json 1>nul 2>nul rem TOTALCOMMANDER mkdir %APPDATA%\GHISLER 1>nul 2>nul -echo copying ini file for TOTALCOMMANDER ... -copy /Y %TOOLS%\optional\config\WINCMD.ini %APPDATA%\GHISLER -echo copying TOTALCOMMANDER ftp config file ... -copy /Y %TOOLS%\optional\config\wcx_ftp.ini %APPDATA%\GHISLER +echo Copying standard inifile for TOTALCOMMANDER ... +copy /Y %TOOLS%\optional\config\WINCMD.ini %APPDATA%\GHISLER 1>nul 2>nul +echo Copying standard TOTALCOMMANDER ftp config file ... +copy /Y %TOOLS%\optional\config\wcx_ftp.ini %APPDATA%\GHISLER 1>nul 2>nul rem THISPC echo Adding "This PC" icon for current user on desktop Windows 10 ... -reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" ^ +reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" ^ /v "{20D04FE0-3AEA-1069-A2D8-08002B30309D}" /t REG_DWORD /d 0 /f 1>nul -reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu" ^ +reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu" ^ /v "{20D04FE0-3AEA-1069-A2D8-08002B30309D}" /t REG_DWORD /d 0 /f 1>nul -echo Refreshing desktop (W10 style) +echo Refreshing the desktop (W10 style) ... ie4uinit.exe -show -echo Adding seconds to clock ... -reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" ^ +echo Adding "seconds" display to clock ... +reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" ^ /v "ShowSecondsInSystemClock" /t REG_DWORD /d 1 /f 1>nul -echo setting GLOBAL view mode for windows EXPLORER ... +echo Setting the "GLOBAL" view mode for windows EXPLORER ... +echo. powershell -command %TOOLS%\scripts\set-explorer-viewmode.ps1 +echo. -echo Enabling the show file extensions feature in explorer ... -reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" ^ +echo Enabling the "show file extensions" feature in explorer ... +reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" ^ /v "HideFileExt" /t REG_DWORD /d 0 /f 1>nul echo Do not add "-Shortcut" text to the name of newly created shortcuts ... -reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer" ^ +reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer" ^ /v "link" /t REG_BINARY /d "00000000" /f 1>nul -echo Disabling search box on taskbar ... -reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Search" ^ +echo Disabling the search box on the taskbar ... +reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" ^ /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f 1>nul -echo Disabling multi tasking view button on the taskbar ... -reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" ^ +echo Disabling the multi tasking view button on the taskbar ... +reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" ^ /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f 1>nul -echo Disabling cortana button on the taskbar ... -reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" ^ +echo Disabling the cortana button on the taskbar ... +reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" ^ /v "ShowCortanaButton" /t REG_DWORD /d 0 /f 1>nul -echo Loading OpenShell config ... +echo Loading the OpenShell configuration ... rem config must be full qualified pathname (OpenShell BUG!) set CONFIG=%TOOLS%\scripts\config\OpenshellSettings.xml "%ProgramFiles%"\Open-Shell\StartMenu.exe -xml %CONFIG% -echo Removing user folders from explorer navigation pane ... +echo. +echo Removing the "user" folders from the explorer navigation pane ... for %%K in ( {0DB7E03F-FC29-4DC6-9020-FF41B59E513A} {B4BFCC3A-DB2C-424C-B029-7FE99A87C641} @@ -202,16 +215,17 @@ for %%K in ( {F86FA3AB-70D2-4FC7-9C99-FCBF05467F3A} ) do ( echo %%K - reg add "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\HideMyComputerIcons" ^ + reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\HideMyComputerIcons" ^ /v "%%K" /t REG_DWORD /d 1 /f 1>nul ) +echo. -echo Adding home folder to explorer navigation pane ... -reg add "HKEY_CURRENT_USER\Software\Classes\CLSID\{59031a47-3f72-44a7-89c5-5595fe6b30ee}" ^ +echo Adding the home folder to the explorer navigation pane ... +reg add "HKCU\Software\Classes\CLSID\{59031a47-3f72-44a7-89c5-5595fe6b30ee}" ^ /v "System.IsPinnedToNameSpaceTree" /t REG_DWORD /d 1 /f 1>nul -echo Make explorer show ThisPC on top ... -reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" ^ +echo Make explorer show "This PC" on top ... +reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" ^ /v "LaunchTo" /t REG_DWORD /d 1 /f 1>nul echo Cleaning up recent files and libraries ... @@ -219,37 +233,41 @@ del /F /Q %APPDATA%\Microsoft\Windows\Recent\AutomaticDestinations\* 2>nul del /F /Q %APPDATA%\Microsoft\Windows\Recent\* 2>nul del /F /Q %APPDATA%\Microsoft\Windows\Libraries\* 2>nul -echo Disabling frequent and recent files in explorer ... -reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer" ^ +echo Disabling frequent and recent files view in explorer ... +reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer" ^ /v "ShowRecent" /t REG_DWORD /d 0 /f 1>nul -reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer" ^ +reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer" ^ /v "ShowFrequent" /t REG_DWORD /d 0 /f 1>nul -rem try to disable unwanted network features -call %TOOLS%\scripts\disable-networkfeatures.cmd +rem =============== +rem ONLY FOR ADMINS +rem =============== -rem try to cleanup the tiles in the start menu (only for admins) -call %TOOLS%\scripts\cleanup-tiles.cmd +isuseradmin +if %ERRORLEVEL% == 0 ( + echo Disabling unwanted NETWORK features ... + call %TOOLS%\scripts\disable-networkfeatures.cmd 1>nul 2>nul + echo Cleaning up tiles in the START menu ... + call %TOOLS%\scripts\cleanup-tiles.cmd 1>nul 2>nul +) echo. -echo ========= -echo SEAFILE -echo ========= +echo preparing the SEAFILE configuration +echo ######################################## echo. -echo setting path for SEAFILE files ... -reg add "HKEY_CURRENT_USER\SOFTWARE\SeaFile" ^ +echo setting path for filestore ... +reg add "HKCU\SOFTWARE\SeaFile" ^ /v "PreconfigureDirectory" /d "%USERPROFILE%" /t REG_SZ /f 1>nul -echo setting USERNAME for SEAFILE ... +echo guessing SEAFILE username and setting a dummy token... if seafile_domain == 0 ( echo no SeaFile domain found - cannot guess username! ) else ( - echo guessing SEAFILE username and setting token... - reg add "HKEY_CURRENT_USER\SOFTWARE\SeaFile" ^ + reg add "HKCU\SOFTWARE\SeaFile" ^ /v "PreconfigureUsername" /d "%USERNAME%@%seafile_domain%" /t REG_SZ /f 1>nul - reg add "HKEY_CURRENT_USER\SOFTWARE\SeaFile" ^ - /v "PreconfigureUserToken" /d "null" /t REG_SZ /f 1>nul + reg add "HKCU\SOFTWARE\SeaFile" ^ + /v "PreconfigureUserToken" /d "dummy" /t REG_SZ /f 1>nul ) echo. @@ -312,19 +330,32 @@ echo ##### echo ##### CLEANUP echo ##### -echo. +rem =============== +rem ONLY FOR ADMINS +rem =============== -echo ... user settings +isuseradmin +if %ERRORLEVEL% == 0 ( + echo. + call %TOOLS%\scripts\uninstall-onedrive.cmd + echo. + call %TOOLS%\scripts\uninstall-edge.cmd + echo. + call %TOOLS%\scripts\uninstall-pchealth.cmd +) + +echo. +echo Cleaning user settings echo ######################################## echo. rem ... stupid OS problem #7 rem Rewards ? Really ? Seriously ? -echo Disabling nag screen in windows settings ... +echo Disabling the nag screen in windows settings ... %TOOLS%\vivetool delconfig 18299130 1 echo. -echo ... users home directory +echo Cleaning users home directory echo ######################################## echo. @@ -332,16 +363,16 @@ rem WARNING! rem DO NOT remove the "PICTURES" folder! rem this is used and needed by the snipping tool! -echo 3D Objects ... +echo folder "3D Objects" ... rd /S /Q %USERPROFILE%\"3D Objects" 2>nul -echo Links ... +echo folder Links ... rd /S /Q %USERPROFILE%\"Links" 2>nul -echo Saved Games (folder used by Microsoft only) ... +echo folder "Saved Games" (this is used by Microsoft only) ... rd /S /Q %USERPROFILE%\"Saved Games" 2>nul -echo Searches ... +echo folder "Searches" ... rd /S /Q %USERPROFILE%\"Searches" 2>nul for %%D in ( @@ -364,14 +395,14 @@ for %%D in ( ) echo. -echo OTHER tasks and fixes for the user +echo Other tasks and fixes for the user echo ######################################## echo. -echo Creating pictures folder for snipping tool ... +echo Creating "Pictures" folder for snipping tool ... mkdir %USERPROFILE%\Pictures 2>nul -echo Starting workstation service ... +echo Starting the workstation service ... net start workstation 1>nul 2>nul net config workstation