Hey everyone! I'm a junior IT technician and I'm looking to streamline my process after deploying workstations via MDT. Currently, I configure everything manually, but I want to automate this with a PowerShell script. Importantly, I need to ensure it doesn't uninstall or download any unauthorized software. My main goal is to set up the post-MDT workstation with all the necessary customized settings and provide a clear success or failure report for each step.
Here's what I want to automate:
1. **File Explorer settings** – Showing file extensions and always opening in 'This PC'.
2. **Group Policies** – Enabling camera permission and long Win32 paths.
3. **Power Options** – Configuring settings for both battery and plugged-in modes.
4. **Taskbar modifications** – Unpinning Microsoft Store and Edge while keeping them installed.
5. **Firefox** – Pinning it to the desktop and taskbar, and setting it as the default browser.
6. **Default Applications** – Associating .eml with an email client and .pdf with Adobe Acrobat.
7. **Other settings** – Confirming deletions and enabling the numeric keypad at startup.
8. **Windows Updates** – Checking for and installing updates without an automatic restart.
9. **Results display** – Reporting each action as successful or failed, with any notes required for manual checks.
I'd really appreciate it if anyone could guide me on creating this PowerShell script or let me know about any potential limitations I might face, especially regarding taskbar modifications, setting defaults, or applying group policies! Thank you!
5 Answers
You should definitely create the PowerShell script locally and test it thoroughly before integrating it into your deployment process. Start with smaller sections of your tasks to see what works without any issues. Also, consider using Scheduled Tasks if you want to schedule some scripts to run periodically. Another tip would be to utilize functions in your PowerShell script to keep it organized by action type!
For your question about technical limitations, it can get challenging with user policies and defaults. Not everything that you configure in the GUI can be replicated in PowerShell, especially for taskbar applications. It might be easier to set those up as part of a script that runs post-deployment rather than trying to force everything into one script. And remember, always back up the current settings before applying new ones!
You can definitely use PowerShell to automate a lot of these tasks! For the Group Policies, you'll want to look into the `Set-ItemProperty` cmdlet to modify registry keys, since many of those policies correspond to registry settings. Just remember to run the script with admin privileges. For unpinning apps from the taskbar, you might have to dig a bit deeper since it involves shell commands. You could maybe use PowerShell to call `Shell.Application` to manipulate taskbar items, although it can be a bit tricky. Also, for reporting, consider using `Write-Output` to log results directly to a file as you run the script. Good luck!
That’s right! Using write-verbose can help you log detailed messages too. You can make use of try-catch blocks to handle errors and keep track of which configurations succeed or fail.
Yes, it’s totally possible to script these out. Just make sure that your users have appropriate permissions to change their settings if needed. It’s wise to encapsulate sections of the script with checks to prevent errors and unwanted behavior, too. Good luck!
Have you tried doing this through SCCM? A lot of these settings can be managed with configuration baselines. This way, you don’t have to handle individual scripts for everything!
That’s solid advice! Organizing scripts into functions can really make a difference, especially when you’re dealing with multiple changes. Testing each section separately helps in troubleshooting.