Simple script to activate Windows using Powershell. Adjust the X's on line 3 with your Key.
Note: Script could be pushed with Intune (Device configuraiton -> PowerShell scripts) but I would not recommend it as the full powershell script gets saved to the intune management extension logs. For more information check out Oliver Kieselbach's part 1 & part 2 about Inutne mangement extions powershell scripts.
Simple script for cleaning up a fresh Windows 10:
- Sets keyboard lay-out
- Remove default apps (Except Windows Store)
- Unpins all-apps from start-menu
Simplified powershell script from Michael Mardahl for my organisation for adding AZUREAD/people to the local administrator group.
Usage:
- Create security group in Azure Active Directory and add the people you want to give local administrator rights.
- Go to Device configuration - Powershell scripts and add "Make_useradmin_on_device.ps1"
- Run as system
- Don't enforce signature check
- Assign the group created in the first step to the script.
Why:
Intune only let's you add a local administrator to ALL devices. I originaly searched for something like this because I made my autopilot group a standard user and I already deployed a few devices before I noticed and didn't want to recall the devices.
Special Thanks to Michael Mardahl, full script here. Article explaining his full script here.
[ublock origin in this example]
This is Martin Bengtsson's work please visit his blog's article for understanding this script and the usage.
They asked me to set "This PC" on the desktop, I couldn't find any options to do this in Intune and most script just put a shortcut on the desktop where you still needed to fiddle with icon's etc...
You can use the ".intunewin" file or package it yourself with Microsoft Win32 Content Prep Tool.
Showing the desktop icon via intune Win32App
Upload ShowComputerIcon.intunewin
Install command: powershell -ex bypass -file ShowComputerIcon.ps1
Uninstall command: powershell -ex bypass -file ShowComputerIcon.ps1 -uninstall
Manually configure detection rules
Use detection script: ShowComputerIconDETECTION.ps1
This is a translation of a well known GPO ("Allow non-administrators to install drivers for these device setup classes") under "Computer Configuration -> Policies -> Administrative Templates -> System -> Driver Installation" to be used with intune. AFAIK this is the only way to set this policy as no Configuration profile is availble, not even a custom OMA-URI.
Via intune Win32App
Install command: powershell -ex bypass -file AllowNon-AdministratorsToInstallPrinterDrivers.ps1
Uninstall command: powershell -ex bypass -file AllowNon-AdministratorsToInstallPrinterDrivers.ps1 -uninstall
Manually configure detection rules
Manually configure detection rules:
- Rule type: Registery
- Key path: HKLM:\Software\Policies\Microsoft\Windows\DriverInstall\Restrictions\AllowUserDeviceClasses\
- Value name: printer
- Detection method: Key exists