text

sethayes

·

README

·

Plain Text

·

Total Size: 29.8 KB

·

·

Created: 5 years ago

·

Edited: 5 years ago

8 888888888o. 8 8888888888 .8. 8 888888888o. ,8. ,8. 8 8888888888 8 8888 `88. 8 8888 .888. 8 8888 `^888. ,888. ,888. 8 8888 8 8888 `88 8 8888 :88888. 8 8888 `88. .`8888. .`8888. 8 8888 8 8888 ,88 8 8888 . `88888. 8 8888 `88 ,8.`8888. ,8.`8888. 8 8888 8 8888. ,88' 8 888888888888 .8. `88888. 8 8888 88 ,8'8.`8888,8^8.`8888. 8 888888888888 8 888888888P' 8 8888 .8`8. `88888. 8 8888 88 ,8' `8.`8888' `8.`8888. 8 8888 8 8888`8b 8 8888 .8' `8. `88888. 8 8888 ,88 ,8' `8.`88' `8.`8888. 8 8888 8 8888 `8b. 8 8888 .8' `8. `88888. 8 8888 ,88' ,8' `8.`' `8.`8888. 8 8888 8 8888 `8b. 8 8888 .888888888. `88888. 8 8888 ,o88P' ,8' `8 `8.`8888. 8 8888 8 8888 `88. 8 888888888888 .8' `8. `88888. 8 888888888P' ,8' `8.`8888. 8 888888888888 Ok, Guys - I'm gonna break this down into Sections. Funnily enough, the Script is ALSO broken down this way. Though, in the script, the Sections are called 'Steps'. HERE ARE THE SCRIPTS/STEPS: ################################################################################################# * | Step 00 . . . .OPTIONAL - Really, this is just a Watered-Down Version of Step 01 * | Step 01 . . . .START - Setup PS-Remoting, Set Local Admin, Download all Script Files, etc. * | Step 02 . . . . . . . . WMF 5.0 and .NET 4.5 (NEEDED for Step 08) * | Step 03 . . . . . . . . Trust Relationship Check/Fix * | Step 04 . . . . . . . . Install ALL Windows Updates (Important for Step 06 & Step 08) * | Step 05 . . . . . . . . Removes Previous AV Product * | Step 06 . . . . . . . . Install SentinelOne * | Step 07 . . . .MANUAL INPUT REQUIRED - Check for and Remove Previous Microsoft Office Products * | Step 08 . . . . . . . . Install Office 365 * | Step 09 . . . .END - Cleans Up ALL Files Downloaded by any of the Previous Steps ################################################################################################# If you'll notice - up there at Step 07, you need to do a piece that CAN'T be automated. I've tried. Microsoft has intentionally made it an impossible venture. So - be sure to check out Step 07, so you can be ready! HOW SCRIPT WORKS: The 'script' is actually 9 individual scripts. The first Script ("step01.ps1") will download all the other scripts. Each Step will do 1 of 2 things, depending on whether or not a Reboot is required for the specific command/function it servers: 1. If NO Reboot is Required - It will automatically launch the next Step. 2. If Reboot IS Required - It will set a Registry Key that launches the next Step as soon as the PC Starts back up. (more specifically, the next time someone logs in) The last Script ("step09.ps1") will clean everything up, except for the Log File The Log File is saved to "C:\Users\Public\Log.txt" - this is where all output will be (script will also output to console, if you're not running it programmatically - i.e. via the PowerShell ISE/Terminal) OK - LET'S GET STARTED: 888 88e 888 88e 888'Y88 e88'Y88 e Y8b e e 888'Y88 888 888D 888 888D 888 ,'Y d888 'Y d8b Y8b d8b Y8b 888 ,'Y 888 88" 888 88" 888C8 888 C8888 eeee d888b Y8b e Y8b Y8b 888C8 888 888 b, 888 ",d Y888 888P d888888888b d8b Y8b Y8b 888 ",d 888 888 88b, 888,d88 "88 88" d8888888b Y8b d888b Y8b Y8b 888,d88 The FIRST thing you're gonna wanna do is make note of ANY PST files that are connected to the OLD Outlook Profile. > Open up Control Panel, and change the view to "Large Icons" or "Small Icons" (we want all items shown, not categories). > Double-Click on 'Mail' (may be called 'Mail (32-bit)') > Click on 'Show Profiles...' > If there is ONLY ONE Profile listed, then not to worry. You can close out. If there's MORE than one Profile listed, proceed to the next '>' > Select any Profile that doesn't have 'O365' in the name, or end with '_sk' and Click 'Properties' > Next, Click on 'Data Files...' > For any file listed that ends in .PST (we do not care if it's an .OST): > Document the Name > Document the (Full) Location Path We will enter the documented Name and Location Path in Step 07, so be sure you get them. e e d888b d888b d88888b d88888b 888 Did you do that stuff up there ^ yet? 888 888 888 dp"8 88P'888'Y88 888'Y88 888 88e e88 88e e88 88e C8b Y P' 888 'Y 888 ,'Y 888 888D d888 888b d888 888b Y8b 888 888C8 888 88" C8888 8888D C8888 8888D b Y8D 888 888 ",d 888 Y888 888P Y888 888P 8edP 888 888,d88 888 "88 88" "88 88" Name: step00.ps1 Source: https://lt.msinetworks.com/labtech/Transfer/Software/SentinelOne-MSP/Steps/ Destination: %PUBLIC%\ Description: This Script is a 'watered-down' version of Step 01. It is not important, and only exists as a way to do the initial configuration without launching into Step 02. Only use if you *specifically* only need initial configuration. Run: powershell.exe /executionpolicy bypass /command "$source = 'https://lt.msinetworks.com/labtech/Transfer/Software/SentinelOne-MSP/Steps/step00.ps1'); $dest BreakDown: - Create new Local Admin User - - UserName: msish - - Password: password - Set Firewall Policy to "allowinbound,allouwoutbound" - Set FDResPub Service to Automatically Start - - Then Start the FDResPub Service - Set SSDPSRV Service to Automatically Start - - Then Start the SSDPSRV Service - Set UpnpHost Service to Automatically Start - - Then Start the UpnpHost Service - Set WinRM Service to Automatically Start - - Then Start the WinRM Service - Enable PS-Remoting dp"8 88P'888'Y88 888'Y88 888 88e e88 88e d88 C8b Y P' 888 'Y 888 ,'Y 888 888D d888 888b d888 Y8b 888 888C8 888 88" C8888 8888D d"888 b Y8D 888 888 ",d 888 Y888 888P 888 8edP 888 888,d88 888 "88 88" 888 Name: step01.ps1 Source: https://lt.msinetworks.com/labtech/Transfer/Software/SentinelOne-MSP/Steps/ Destination: %PUBLIC%\ Description: This is the true #1/Start to the whole shebang! It will download the subsequent steps, perform the initial configuration, and then kick off Step 02 automatically. To run, copy and paste the "Run" command (it is all ONE line, line breaks are for making it easier to read - delete them after you paste the command) into the CMD section of a PC in Screen Connect. Run: powershell.exe /executionpolicy bypass /command "$source = 'https://lt.msinetworks.com/labtech/Transfer/Software/SentinelOne-MSP/Steps/step01.ps1'; $dest = 'C:\Users\Public\step01.ps1'; (New-Object System.Net.WebClient).DownloadFile($source,$dest) BreakDown: - If the Log File already exists - deletes it - Create new Local Admin User - - UserName: msish - - Password: password - Set Firewall Policy to "allowinbound,allouwoutbound" - Set FDResPub Service to Automatically Start - - Then Start the FDResPub Service - Set SSDPSRV Service to Automatically Start - - Then Start the SSDPSRV Service - Set UpnpHost Service to Automatically Start - - Then Start the UpnpHost Service - Set WinRM Service to Automatically Start - - Then Start the WinRM Service - Enable PS-Remoting - Downloads all the other steps to "C:\Users\Public" - Runs Step 02 dp"8 88P'888'Y88 888'Y88 888 88e e88 88e ,8,"88e C8b Y P' 888 'Y 888 ,'Y 888 888D d888 888b " 888D Y8b 888 888C8 888 88" C8888 8888D 88P b Y8D 888 888 ",d 888 Y888 888P ,*" 8edP 888 888,d88 888 "88 88" 8888888 Name: step02.ps1 Source: https://lt.msinetworks.com/labtech/Transfer/Software/SentinelOne-MSP/Steps/ Destination: %PUBLIC%\ Description: *IMPORTANT* This script is necessary, if you want to run Step 08 (Install Microsoft Office 365). "Why?" You Ask? Because the 365 Installer is a .ZIP archive. To extract the contents, Step 08 uses the Expand-Archive Cmdlet - which is not something PowerShell 2.0 has. And, if you're going to upgrade PowerShell at all, you might as well upgrade it to 5.0 (5.1 is a little different, so we aren't going to mess with that on client workstations at the moment). This will also install .NET Framework 4.5, which is good - because SentinelOne requires a minimum of .NET Framework 4.0 be installed. NOTE: PowerShell 5.0 is included in Windows Management Framework 5.0 (referred to as WMF 5) Run: powershell.exe /executionpolicy bypass /command "$source = 'https://lt.msinetworks.com/labtech/Transfer/Software/SentinelOne-MSP/Steps/step02.ps1'; $dest = 'C:\Users\Public\step02.ps1'; (New-Object System.Net.WebClient).DownloadFile($source,$dest) BreakDown: - Checks for .NET Framework 4.5 - - Installs it (and WMF 5) if it's not. - If .NET Framework 4.5 or Better is Installed, Checks for WMF 5 - - Installs it if it's not. - If it Installs WMF 5: - - Sets "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ScriptStep" Registry Key to run Step 03 on Startup/Logon - - Restarts Computer - If WMF 5 is already installed: - - Runs Step 03 dp"8 88P'888'Y88 888'Y88 888 88e e88 88e ,8,"88b, C8b Y P' 888 'Y 888 ,'Y 888 888D d888 888b " ,88P' Y8b 888 888C8 888 88" C8888 8888D C8K b Y8D 888 888 ",d 888 Y888 888P e `88b, 8edP 888 888,d88 888 "88 88" "8",88P' Name: step03.ps1 Source: https://lt.msinetworks.com/labtech/Transfer/Software/SentinelOne-MSP/Steps/ Destination: %PUBLIC%\ Description: This Step is all about the Trust Relationship with the Domain. If it's broken, one of two things will happen: 1. The Script will Fix the Broken Trust Relationship 2. The Script will NOT Fix the Broken Trust Relationship In the event of #2 - if you want it fixed, you gotta do the ol' Disjoin/Rejoin Method. Run: powershell.exe /executionpolicy bypass /command "$source = 'https://lt.msinetworks.com/labtech/Transfer/Software/SentinelOne-MSP/Steps/step03.ps1'; $dest = 'C:\Users\Public\step03.ps1'; (New-Object System.Net.WebClient).DownloadFile($source,$dest) BreakDown: - Checks the Trust Relationship with the Domain - If it's broken, it will try to fix it - and then test again - If it's still broken, it will try another method to fix it - and then test again - If it's *still* broken, it will tell you that you gotta Disjoin/Rejoin - It will then run Step 04 dp"8 88P'888'Y88 888'Y88 888 88e e88 88e d 888 C8b Y P' 888 'Y 888 ,'Y 888 888D d888 888b d8 888 Y8b 888 888C8 888 88" C8888 8888D d88 888e b Y8D 888 888 ",d 888 Y888 888P """ 888" 8edP 888 888,d88 888 "88 88" 888 Name: step04.ps1 Source: https://lt.msinetworks.com/labtech/Transfer/Software/SentinelOne-MSP/Steps/ Destination: %PUBLIC%\ Description: This is the fun step. Get ready to do some waiting. This step will Install ALL Windows Updates, and Reboot as often as is needed. For some PC's...this could take a while. But, it's a pretty vital script, as both SentinelOne and Office 365 Pro Plus require certain Windows Updates before they will install. Run: powershell.exe /executionpolicy bypass /command "$source = 'https://lt.msinetworks.com/labtech/Transfer/Software/SentinelOne-MSP/Steps/step04.ps1'; $dest = 'C:\Users\Public\step04.ps1'; (New-Object System.Net.WebClient).DownloadFile($source,$dest) BreakDown: - Checks for Windows Updates - - If there are Windows Updates: - - - Logs them - - - Downloads them - - - Installs them - - - Reboots - - - Repeats the Cycle, until there are no more Windows Updates (or 10 cycles have been done) - - If there are No/No More Windows Updates: - - - Runs Step 05 dp"8 88P'888'Y88 888'Y88 888 88e e88 88e 8888888 C8b Y P' 888 'Y 888 ,'Y 888 888D d888 888b 88 Y8b 888 888C8 888 88" C8888 8888D """Y88b b Y8D 888 888 ",d 888 Y888 888P e 888 8edP 888 888,d88 888 "88 88" "8",88P Name: step05.ps1 Source: https://lt.msinetworks.com/labtech/Transfer/Software/SentinelOne-MSP/Steps/ Destination: %PUBLIC%\ Description: Anti-Virus Step. To Prevent things like Symantec, or McAfee, from getting in the way of our SentinelOne install, we have Step 05. It will detect the existing Anti-Virus Product, and then remove it. Unless it's Windows Defender/MSE, or SentinelOne. Obviously. Run: powershell.exe /executionpolicy bypass /command "$source = 'https://lt.msinetworks.com/labtech/Transfer/Software/SentinelOne-MSP/Steps/step05.ps1'; $dest = 'C:\Users\Public\step05.ps1'; (New-Object System.Net.WebClient).DownloadFile($source,$dest) BreakDown: - Queries WMI for Anti-Virus Product - If it's SEP/McAfee: - - It will uninstall it - - If a Reboot is required: - - - Sets "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ScriptStep" Registry Key to run Step 06 on Startup/Logon - - - Reboots PC - If it's NOT SEP/McAfee: - - It will run Step 06 dp"8 88P'888'Y88 888'Y88 888 88e e88 88e e88",8, C8b Y P' 888 'Y 888 ,'Y 888 888D d888 888b d888 " Y8b 888 888C8 888 88" C8888 8888D C8888 88e b Y8D 888 888 ",d 888 Y888 888P Y888 888D 8edP 888 888,d88 888 "88 88" "88 88" Name: step06.ps1 Source: https://lt.msinetworks.com/labtech/Transfer/Software/SentinelOne-MSP/Steps/ Destination: %PUBLIC%\ Description: Installs SentinelOne. At Long Last - we get 1/2 of the things we set out to install installed. Because SentinelOne Requirements also list "ShadowCopies Enabled" - this script will turn them on before installing SentinelOne. NOTE: There was another Step in this process (11 total, if you include Step 00), that would check to verify that the Required Windows Updates for SentinelOne were installed. However, Step 04 *should* take care of that. If it doesn't...then I'll throw the other one back in the mix. Run: powershell.exe /executionpolicy bypass /command "$source = 'https://lt.msinetworks.com/labtech/Transfer/Software/SentinelOne-MSP/Steps/step06.ps1'; $dest = 'C:\Users\Public\step06.ps1'; (New-Object System.Net.WebClient).DownloadFile($source,$dest) BreakDown: - Checks to see if ShadowCopies are Enabled - - Enables ShadowCopies if they're not. - Checks to see if SentinelOne is Installed - - If SentinelOne is NOT Installed: - - - Installs SentinelOne v2.6.3.5948 (v2.5.4.104 was having way too many problems on the install) - - - Sets "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ScriptStep" Registry Key to run Step 07 on Startup/Logon - - - Reboots PC - - If SentinelOne is already Installed: - - - Runs Step 07 dp"8 88P'888'Y88 888'Y88 888 88e e88 88e 8888888 C8b Y P' 888 'Y 888 ,'Y 888 888D d888 888b ,8P Y8b 888 888C8 888 88" C8888 8888D ,eP b Y8D 888 888 ",d 888 Y888 888P ,e8P 8edP 888 888,d88 888 "88 88" 88P Name: step07.ps1 Source: https://lt.msinetworks.com/labtech/Transfer/Software/SentinelOne-MSP/Steps/ Destination: %PUBLIC%\ Description: *IMPORTANT* Remember how, before we ran the script, we jotted down that PST Information from the OLD (aka NON-Office 365) Outlook Profile? Cool - well, this is where you're gonna need to enter it. This Step will start off by checking the CURRENT Outlook Profile for any PST's - and then save it to CSV File. Once it does that, it will prompt YOU (with popup boxes) to enter in the OLD Outlook Profile PST Info, which it will add to that CSV File. How to enter the information: [Name] + [comma] + [Location Path] EXAMPLE 1: steve@stevemail.com,C:\Users\steve\Documents\Outlook Files\steve@stevemail.com - Default.pst EXAMPLE 2: Debbie,C:\Users\debbie\AppData\Local\Microsoft\Office\Outlook\thedebster@allthemail.com.pst If you do not have any PST files to enter, or you've already entered all the PST files you have, leave the fields blank, and click OK. Once all of the PST Files are documented in the CSV file, this Step will then REMOVE all the Previous Versions of Microsoft Office from the PC (including 2016 Versions). HOWEVER, it will also KEEP all of the User's existing Settings. This makes your life easier in Step 08. A little. Run: powershell.exe /executionpolicy bypass /command "$source = 'https://lt.msinetworks.com/labtech/Transfer/Software/SentinelOne-MSP/Steps/step07.ps1'; $dest = 'C:\Users\Public\step07.ps1'; (New-Object System.Net.WebClient).DownloadFile($source,$dest) BreakDown: - Check CURRENT Outlook Profile for any .PST Files - and store them in a CSV File - - C:\Users\Public\OutlookPSTs.csv - Prompt YOU to enter in the OLD Outlook Profile PST's (in CSV Format) - Detect existing versions of Microsoft Office on the PC - REMOVE All existing versions of Microsoft Office from the PC - - While KEEPING All the User's Settings - If PC had Office Products removed by this script: - - Sets "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ScriptStep" to run Step 08 on Startup/Logon - - Reboots PC - If PC did NOT have Office Products removed by this script: - - Runs Step 08 dp"8 88P'888'Y88 888'Y88 888 88e e88 88e ,d8 8b, C8b Y P' 888 'Y 888 ,'Y 888 888D d888 888b "Y8 8P" Y8b 888 888C8 888 88" C8888 8888D ,d8 8b, b Y8D 888 888 ",d 888 Y888 888P C888 888D 8edP 888 888,d88 888 "88 88" "Y8 8P" Name: step08.ps1 Source: https://lt.msinetworks.com/labtech/Transfer/Software/SentinelOne-MSP/Steps/ Destination: %PUBLIC%\ Description: Installs Office 365 Pro Plus. Finally - we're almost done! Only problem is: This process can take HOURS. And the Instal is Silent, which means that, unless you're running the script in ISE/from a Console, you will not know when it's done. If the script is running in the Evening/Night time, the time seems to vary between ~20 Minutes, and 2.5 hours. During the day? No telling. *IMPORTANT* Once this script is done, it will run Step 09 to clean up after itself and the other steps. What it will NOT do, however, is configure Outlook for you. Or Activate Office for you. So, YOU will need to: 1. Open up Microsoft Word a. If you're NOT prompted to Activate: i. Click on 'Switch Account' in the upper-Right corner ii. Click on 'Add Account' at the bottom of the 'Accounts' Window that opens iii. Enter in the User's Email Address as the UserName and Click Next iv. Enter in the User's Office 365 Password as the Password and Click Next v. Follow the rest of the prompts (Add the Account to Windows, if Prompted) b. If you ARE prompted to Activate: i. Follow the prompts * UserName = User's Email Address * Password = User's 365 Password 2. Open up Outlook a. When asked if you'd like to setup an Account to use with Outlook, click 'Yes' (or whatever the verbage is) i. The correct account *should* automatically be filled in - if it's not, type it in and click Next ii. Enter the User's 365 Password and click Next iii. Once Outlook verifies the account information, and configures the profile: * If you're prompted to 'Allow Organization to Manage Apps' - say yes. * On the screen where it asks you to add another account, DESLECT the option to 'Setup My Phone, Too' 3. IMPORT OLD PST FILES a. Check C:\Users\Public\OutlookPSTs.csv and compare it to the Data Files for the CURRENT (aka New) Outlook Profile i. If there's an OLD PST file for the SAME email account as the existing one, but in a DIFFERENT location - Import it. * Click 'File' > 'Open & Export' * Click the 'Import/Export' button * Select 'import from another program or file' and Click 'Next' * Select 'Outlook Data File (.pst)' and Click 'Next' * Click 'Browse...' then navigate to and select the OLD PST File then click 'Open' * Under 'Options' choose 'Do not import duplicates' and then click 'Next' * On the Next Screen: - Select the TOP-LEVEL Folder - Make Sure 'Include subfolders' is CHECKED - Select 'Import itmes into the same folder in:' and Select the appropriate account from the Drop-Down Menu - Click 'Finish' ii. If there are other PST files that aren't shown in the Data Files for the CURRENT Outlook Profile, ADD them. * Click 'File' * Click the 'Account Settings' button, and Click on 'Account Settings' from the Drop-Down Menu * Click on the 'Data Files' Tab * Click 'Add...' * Select 'Outlook data file (.pst)' and click 'OK' * Navigate to the Desired .PST File, Select it, and click 'OK' NOTE: If the password for 365 is not working, you can change it in LabTech. See Bottom of this READ ME for procedure. Run: powershell.exe /executionpolicy bypass /command "$source = 'https://lt.msinetworks.com/labtech/Transfer/Software/SentinelOne-MSP/Steps/step08.ps1'; $dest = 'C:\Users\Public\step08.ps1'; (New-Object System.Net.WebClient).DownloadFile($source,$dest) BreakDown: - Installs Microsoft Office 365 Pro Plus - Runs Step 09 dp"8 88P'888'Y88 888'Y88 888 88e e88 88e e88 88e C8b Y P' 888 'Y 888 ,'Y 888 888D d888 888b C888 888b Y8b 888 888C8 888 88" C8888 8888D "88 8888D b Y8D 888 888 ",d 888 Y888 888P e 888P 8edP 888 888,d88 888 "88 88" "8",88P' Name: step09.ps1 Source: https://lt.msinetworks.com/labtech/Transfer/Software/SentinelOne-MSP/Steps/ Destination: %PUBLIC%\ Description: https://bit.ly/2u9aDUC Run: powershell.exe /executionpolicy bypass /command "$source = 'https://lt.msinetworks.com/labtech/Transfer/Software/SentinelOne-MSP/Steps/step09.ps1'; $dest = 'C:\Users\Public\step09.ps1'; (New-Object System.Net.WebClient).DownloadFile($source,$dest) BreakDown: - Removes all Files Downloaded by Script Steps 01-08 - Removes any Folders Created by Script Steps 01-08 - Removes the Registry Key value for running the Steps on Startup/Logon - Removes itself 888 e Y8b 888 88b, 88P'888'Y88 888'Y88 e88'Y88 888 888 888 d8b Y8b 888 88P' P' 888 'Y 888 ,'Y d888 'Y 888 888 888 d888b Y8b 888 8K 888 888C8 C8888 8888888 888 ,d d888888888b 888 88b, 888 888 ",d Y888 ,d 888 888 888,d88 d8888888b Y8b 888 88P' 888 888,d88 "88,d88 888 888 CHANGE 365 PASSWORD FOR User 1. Navigate to, and Double-Click on the Client's Name in LabTech 2. Open up the 'Office365' Tab 3. On the left-hand side, select the User for which you'd like to change the Password 4. Open the 'Permissions' Tab from the middle section 5. Again, select the User for which you'd like to change the Password from this 2nd Selection List 6. Type the new password in the 'Update User Password' field (to the right of the 2nd Selection List) 7. Click 'Reset Password' button 8. On the dialog box that opens up, click 'OK' 9. A CMD Window will appear, wait for it to say that it was changed the password, and that you should press 'Enter' to exit. 10. Press Enter

0 bits

1809 views

Are you sure you want to delete?