Skip to content

Commit

Permalink
Merge branch 'v2.5' into SA-3471-ADMU-Disable-Scheduled-Tasks
Browse files Browse the repository at this point in the history
  • Loading branch information
@kmaranionjc
kmaranionjc committed Aug 29, 2023
2 parents ceee11a + bd69d5a commit a1ed2fb
Show file tree
Hide file tree
Showing 7 changed files with 99 additions and 143 deletions.
16 changes: 10 additions & 6 deletions .circleci/config.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -101,12 +101,16 @@ release: &release
- Build
- Build Module
- Build Nuspec
- Start Sign Job:
requires:
- Build
- Build Module
- Invoke Git Commit
- Upload Artifact
# - Start Sign Job:
# requires:

# - Build

# - Build Module

# - Invoke Git Commit

# - Upload Artifact
workflows:
version: 2
ci:
Expand Down
Binary file modified Deploy/ADMU.ps1
View file
Binary file not shown.
17 changes: 1 addition & 16 deletions Deploy/TestSetup.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,12 +15,6 @@ process {

#USMT & VC Variables
$jcAdmuTempPath = 'C:\Windows\Temp\JCADMU\'
$msvc2013x64File = 'vc_redist.x64.exe'
$msvc2013x86File = 'vc_redist.x86.exe'
$msvc2013x86Link = 'http://download.microsoft.com/download/0/5/6/056dcda9-d667-4e27-8001-8a0c6971d6b1/vcredist_x86.exe'
$msvc2013x64Link = 'http://download.microsoft.com/download/0/5/6/056dcda9-d667-4e27-8001-8a0c6971d6b1/vcredist_x64.exe'
$msvc2013x86Install = "$jcAdmuTempPath$msvc2013x86File /install /quiet /norestart"
$msvc2013x64Install = "$jcAdmuTempPath$msvc2013x64File /install /quiet /norestart"

# JumpCloud Agent Installation Variables
$AGENT_PATH = "${env:ProgramFiles}\JumpCloud"
Expand Down Expand Up @@ -52,15 +46,6 @@ process {
}
#Recreate JCADMU folder
New-Item -ItemType Directory -Path 'C:\windows\Temp\JCADMU' -Force
#Is agent installed? If so uninstall it
if (Test-ProgramInstalled -programName:('Jumpcloud')) {
#TODO: if uninstall doesn't exist, check service and stop & delete folder & regkeys
& cmd /C 'C:\Program Files\JumpCloud\unins000.exe' /Silent
}
#Is vcredistx86 & vcredistx64 installed? If so uninstall it
if ((Test-ProgramInstalled -programName('Microsoft Visual C\+\+ 2013 x64')) -or ((Test-ProgramInstalled -programName:([Regex]'(Microsoft Visual C\+\+ 2013 Redistributable \(x86\))(.*?)')))) {
Uninstall-Program -programName 'Microsoft Visual C'
}
#If JC directory still exists delete it
if (Test-Path 'C:\Program Files\JumpCloud') {
Start-Sleep -Seconds 5
Expand All @@ -70,5 +55,5 @@ process {
if (!(Test-path $jcAdmuTempPath)) {
new-item -ItemType Directory -Force -Path $jcAdmuTempPath
}
Install-JumpCloudAgent -msvc2013x64link:($msvc2013x64Link) -msvc2013path:($jcAdmuTempPath) -msvc2013x64file:($msvc2013x64File) -msvc2013x64install:($msvc2013x64Install) -msvc2013x86link:($msvc2013x86Link) -msvc2013x86file:($msvc2013x86File) -msvc2013x86install:($msvc2013x86Install) -AGENT_INSTALLER_URL:($AGENT_INSTALLER_URL) -AGENT_INSTALLER_PATH:($AGENT_INSTALLER_PATH) -JumpCloudConnectKey:($JumpCloudConnectKey) -AGENT_PATH:($AGENT_PATH) -AGENT_BINARY_NAME:($AGENT_BINARY_NAME) -AGENT_CONF_PATH:($AGENT_CONF_PATH)
Install-JumpCloudAgent -AGENT_INSTALLER_URL:($AGENT_INSTALLER_URL) -AGENT_INSTALLER_PATH:($AGENT_INSTALLER_PATH) -JumpCloudConnectKey:($JumpCloudConnectKey) -AGENT_PATH:($AGENT_PATH) -AGENT_BINARY_NAME:($AGENT_BINARY_NAME) -AGENT_CONF_PATH:($AGENT_CONF_PATH)
}
15 changes: 15 additions & 0 deletions ModuleChangelog.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,21 @@ Release Date: August 28, 2023
* The ADMU now checks for scheduled tasks before migration and attempts to disable any non-microsoft task. Scheduled tasks which load a user's registry into memory have been reported to have locked a user's registry into memory which will prevent the ADMU from functioning. This release of ADMU will attempt to disable any root level scheduled tasks and will re-enable these tasks after migration or if the ADMU fails to migrate.
- Only tasks that are in a "Ready" state will be disabled, currently running tasks are not stopped.
```
## 2.4.3

Release Date: Aug 23,2023

#### RELEASE NOTES

```
* Fixed an issue with Windows 10 devices, where migrated users would no longer be able to access their start menu and search bars.
* Remove Microsoft Visual C++ 2013 dependencies that are not needed for JCAgent installation.
* Fixed incorrect agent binary name causing incorrect installation checks.
* Add validation of JCAgent using Service instead of file path for installation.
* Fixed an issue when Migrating from AzureAD users where their AppxPackages were not properly identified.
* Fixed an issue when leaving an AzureAD domain where the tool would not leave the domain.
```

## 2.4.2

Release Date: Aug 4,2023
Expand Down
2 changes: 1 addition & 1 deletion jumpcloud-ADMU/JumpCloud.ADMU.nuspec
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
<package xmlns="http://schemas.microsoft.com/packaging/2011/08/nuspec.xsd">
<metadata>
<id>JumpCloud.ADMU</id>
<version>2.5.0.3257</version>
<version>2.5.0</version>
<description>Powershell Module to run JumpCloud Active Directory Migration Utility.</description>
<authors>JumpCloud Solutions Architect Team</authors>
<owners>JumpCloud</owners>
Expand Down
148 changes: 60 additions & 88 deletions jumpcloud-ADMU/Powershell/Start-Migration.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -620,29 +620,6 @@ Function Remove-ItemIfExist {
}
}
}

#Check if program is on system
function Test-ProgramInstalled {
[OutputType([Boolean])]
[CmdletBinding()]
param (
[Parameter()]
[String]
$programName
)
process {
if ($programName) {
$installed = (Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* | Where-Object { $_.DisplayName -match $programName })
$installed32 = (Get-ItemProperty HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | Where-Object { $_.DisplayName -match $programName })
}
if ((-not [System.String]::IsNullOrEmpty($installed)) -or (-not [System.String]::IsNullOrEmpty($installed32))) {
return $true
} else {
return $false
}
}
}

# Check reg for program uninstall string and silently uninstall
function Uninstall-Program($programName) {
$Ver = Get-ChildItem -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall, HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall |
Expand Down Expand Up @@ -940,49 +917,15 @@ function Get-mtpOrganization {
}

Function Install-JumpCloudAgent(
[System.String]$msvc2013x64Link
, [System.String]$msvc2013Path
, [System.String]$msvc2013x64File
, [System.String]$msvc2013x64Install
, [System.String]$msvc2013x86Link
, [System.String]$msvc2013x86File
, [System.String]$msvc2013x86Install
, [System.String]$AGENT_INSTALLER_URL
[System.String]$AGENT_INSTALLER_URL
, [System.String]$AGENT_INSTALLER_PATH
, [System.String]$AGENT_PATH
, [System.String]$AGENT_BINARY_NAME
, [System.String]$AGENT_CONF_PATH
, [System.String]$JumpCloudConnectKey
) {
If (!(Test-ProgramInstalled("Microsoft Visual C\+\+ 2013 x64"))) {
Write-ToLog -Message:('Downloading & Installing JCAgent prereq Visual C++ 2013 x64')
(New-Object System.Net.WebClient).DownloadFile("${msvc2013x64Link}", ($JcAdmuTempPath + $msvc2013x64File))
Invoke-Expression -Command:($msvc2013x64Install)
$timeout = 0
While (!(Test-ProgramInstalled("Microsoft Visual C\+\+ 2013 x64"))) {
Start-Sleep 5
Write-ToLog -Message:("Waiting for Visual C++ 2013 x64 to finish installing")
$timeout += 1
if ($timeout -eq 10) {
break
}
}
}
If (!(Test-ProgramInstalled("Microsoft Visual C\+\+ 2013 x86"))) {
Write-ToLog -Message:('Downloading & Installing JCAgent prereq Visual C++ 2013 x86')
(New-Object System.Net.WebClient).DownloadFile("${msvc2013x86Link}", ($JcAdmuTempPath + $msvc2013x86File))
Invoke-Expression -Command:($msvc2013x86Install)
$timeout = 0
While (!(Test-ProgramInstalled("Microsoft Visual C\+\+ 2013 x86"))) {
Start-Sleep 5
Write-ToLog -Message:("Waiting for Visual C++ 2013 x86 to finish installing")
$timeout += 1
if ($timeout -eq 10) {
break
}
}
}
If (!(Test-Path -Path:(${AGENT_PATH} + '/' + ${AGENT_BINARY_NAME}))) {
$AgentService = Get-Service -Name "jumpcloud-agent" -ErrorAction SilentlyContinue
If (!$AgentService) {
Write-ToLog -Message:('Downloading JCAgent Installer')
#Download Installer
if ((Test-Path $AGENT_INSTALLER_PATH)) {
Expand All @@ -995,18 +938,23 @@ Function Install-JumpCloudAgent(
Write-ToLog -Message:("LogPath: $env:TEMP\jcUpdate.log")
# run .MSI installer
msiexec /i $AGENT_INSTALLER_PATH /quiet /L "$env:TEMP\jcUpdate.log" JCINSTALLERARGUMENTS=`"-k $($JumpCloudConnectKey) /VERYSILENT /NORESTART /NOCLOSEAPPLICATIONS`"
Start-Sleep 1
# perform installation checks:
$timeout = 0
while (!(Test-ProgramInstalled -programName:("JumpCloud"))) {
for ($i = 0; $i -le 17; $i++) {
Write-ToLog -Message:('Waiting on JCAgent Installer...')
if ($timeout -eq 20) {
Write-ToLog -Message:('JCAgent did not install in the expected window') -Level Error
Start-Sleep -Seconds 30
#Output the errors encountered
$AgentService = Get-Service -Name "jumpcloud-agent" -ErrorAction SilentlyContinue
if ($AgentService.Status -eq 'Running') {
Write-ToLog 'JumpCloud Agent Succesfully Installed'
$agentInstalled = $true
break
}
Start-Sleep 5
$timeout += 1
if (($i -eq 17) -and ($AgentService.Status -ne 'Running')) {
Write-ToLog -Message:('JCAgent did not install in the expected window') -Level Error
$agentInstalled = $false
}
}

# wait on configuration file:
$config = get-content -Path $AGENT_CONF_PATH -ErrorAction Ignore
$regex = 'systemKey\":\"(\w+)\"'
Expand Down Expand Up @@ -1040,9 +988,10 @@ Function Install-JumpCloudAgent(
Write-ToLog -Message:("SystemKey Generated: $($systemKey)")
}
}
If ((Test-ProgramInstalled -programName:("Microsoft Visual C\+\+ 2013 x64")) -and (Test-ProgramInstalled -programName:("Microsoft Visual C\+\+ 2013 x86")) -and (Test-ProgramInstalled -programName:("JumpCloud")) -and (-not [system.string]::IsNullOrEmpty($systemKey))) {
Write-ToLog -Message:("Is JumpCloud Agent Installed?: $($agentInstalled)")
if (($agentInstalled) -and (-not [system.string]::IsNullOrEmpty($systemKey)) ) {
Return $true
} Else {
} else {
Return $false
}
}
Expand Down Expand Up @@ -1534,20 +1483,15 @@ Function Start-Migration {
$netBiosName = Get-NetBiosName
$WmiComputerSystem = Get-WmiObject -Class:('Win32_ComputerSystem')
$localComputerName = $WmiComputerSystem.Name
$systemVersion = Get-ComputerInfo | Select-Object OSName, OSVersion, OsHardwareAbstractionLayer
$windowsDrive = Get-WindowsDrive
$jcAdmuTempPath = "$windowsDrive\Windows\Temp\JCADMU\"
$jcAdmuLogFile = "$windowsDrive\Windows\Temp\jcAdmu.log"
$msvc2013x64File = 'vc_redist.x64.exe'
$msvc2013x86File = 'vc_redist.x86.exe'
$msvc2013x86Link = 'http://download.microsoft.com/download/0/5/6/056dcda9-d667-4e27-8001-8a0c6971d6b1/vcredist_x86.exe'
$msvc2013x64Link = 'http://download.microsoft.com/download/0/5/6/056dcda9-d667-4e27-8001-8a0c6971d6b1/vcredist_x64.exe'
$msvc2013x86Install = "$jcAdmuTempPath$msvc2013x86File /install /quiet /norestart"
$msvc2013x64Install = "$jcAdmuTempPath$msvc2013x64File /install /quiet /norestart"
$netBiosName = Get-NetBiosName

# JumpCloud Agent Installation Variables
$AGENT_PATH = "${env:ProgramFiles}\JumpCloud"
$AGENT_BINARY_NAME = "jcagent-msi-signed.msi"
$AGENT_PATH = Join-Path ${env:ProgramFiles} "JumpCloud"
$AGENT_BINARY_NAME = "jumpcloud-agent.exe"
$AGENT_INSTALLER_URL = "https://cdn02.jumpcloud.com/production/jcagent-msi-signed.msi"
$AGENT_INSTALLER_PATH = "$windowsDrive\windows\Temp\JCADMU\jcagent-msi-signed.msi"
$AGENT_CONF_PATH = "$($AGENT_PATH)\Plugins\Contrib\jcagent.conf"
Expand Down Expand Up @@ -1597,20 +1541,21 @@ Function Start-Migration {
# Start Of Console Output
Write-ToLog -Message:('Windows Profile "' + $SelectedUserName + '" is going to be converted to "' + $localComputerName + '\' + $JumpCloudUsername + '"')
#region SilentAgentInstall
if ($InstallJCAgent -eq $true -and (!(Test-ProgramInstalled("Jumpcloud")))) {
$AgentService = Get-Service -Name "jumpcloud-agent" -ErrorAction SilentlyContinue
if ($InstallJCAgent -eq $true -and (!$AgentService)) {
#check if jc is not installed and clear folder
if (Test-Path "$windowsDrive\Program Files\Jumpcloud\") {
Remove-ItemIfExist -Path "$windowsDrive\Program Files\Jumpcloud\" -Recurse
}
# Agent Installer
$agentInstallStatus = Install-JumpCloudAgent -msvc2013x64link:($msvc2013x64Link) -msvc2013path:($jcAdmuTempPath) -msvc2013x64file:($msvc2013x64File) -msvc2013x64install:($msvc2013x64Install) -msvc2013x86link:($msvc2013x86Link) -msvc2013x86file:($msvc2013x86File) -msvc2013x86install:($msvc2013x86Install) -AGENT_INSTALLER_URL:($AGENT_INSTALLER_URL) -AGENT_INSTALLER_PATH:($AGENT_INSTALLER_PATH) -AGENT_CONF_PATH:($AGENT_CONF_PATH) -JumpCloudConnectKey:($JumpCloudConnectKey) -AGENT_PATH:($AGENT_PATH) -AGENT_BINARY_NAME:($AGENT_BINARY_NAME)
$agentInstallStatus = Install-JumpCloudAgent -AGENT_INSTALLER_URL:($AGENT_INSTALLER_URL) -AGENT_INSTALLER_PATH:($AGENT_INSTALLER_PATH) -AGENT_CONF_PATH:($AGENT_CONF_PATH) -JumpCloudConnectKey:($JumpCloudConnectKey) -AGENT_PATH:($AGENT_PATH) -AGENT_BINARY_NAME:($AGENT_BINARY_NAME)
if ($agentInstallStatus) {
Write-ToLog -Message:("JumpCloud Agent Install Done")
} else {
Write-ToLog -Message:("JumpCloud Agent Install Failed") -Level Error
exit
}
} elseif ($InstallJCAgent -eq $true -and (Test-ProgramInstalled("Jumpcloud"))) {
} elseif ($InstallJCAgent -eq $true -and ($AgentService)) {
Write-ToLog -Message:('JumpCloud agent is already installed on the system.')
}

Expand Down Expand Up @@ -1750,6 +1695,27 @@ Function Start-Migration {
$admuTracker.copyRegistry.fail = $true
break
}

# for Windows 10 devices, force refresh of start/ search app:
If ($systemVersion.OSName -Match "Windows 10") {
Write-ToLog -Message:('Windows 10 System, removing start and search reg keys to force refresh of those apps')
$regKeyClear = @(
"SOFTWARE\Microsoft\Windows\CurrentVersion\StartLayout",
"SOFTWARE\Microsoft\Windows\CurrentVersion\Start",
"SOFTWARE\Microsoft\Windows\CurrentVersion\SearchSettings",
"SOFTWARE\Microsoft\Windows\CurrentVersion\Search"
)

foreach ($key in $regKeyClear) {
if (reg query "HKU\$($NewUserSID)_admu\$($key)") {
write-ToLog -Message:("removing key: $key")
reg delete "HKU\$($NewUserSID)_admu\$($key)" /f
} else {
write-ToLog -Message:("key not found $key")
}
}
}

reg copy HKU\$($SelectedUserSID)_Classes_admu HKU\$($NewUserSID)_Classes_admu /s /f
if ($?) {
Write-ToLog -Message:('Copy Profile: ' + "$newUserProfileImagePath/AppData/Local/Microsoft/Windows/UsrClass.dat" + ' To: ' + "$oldUserProfileImagePath/AppData/Local/Microsoft/Windows/UsrClass.dat")
Expand Down Expand Up @@ -2001,7 +1967,19 @@ Function Start-Migration {
New-Item -ItemType Directory -Force -Path $path
}
$appxList = @()
if ($AzureADProfile -eq $true -or $netBiosName -match 'AzureAD') {

# Get Azure AD Status

$ADStatus = dsregcmd.exe /status
foreach ($line in $ADStatus) {
if ($line -match "AzureADJoined : ") {
$AzureADStatus = ($line.trimstart('AzureADJoined : '))
}
}

Write-ToLog "AzureAD Status: $AzureADStatus"
if ($AzureADStatus -eq 'YES' -or $netBiosName -match 'AzureAD') {

# Find Appx User Apps by Username
try {
$appxList = Get-AppXpackage -user (Convert-Sid $SelectedUserSID) | Select-Object InstallLocation
Expand All @@ -2010,7 +1988,7 @@ Function Start-Migration {
}
} else {
try {
$appxList = Get-AppXpackage -user $SelectedUserSID | Select-Object InstallLocation
$appxList = Get-AppXpackage -user (Convert-Sid $SelectedUserSID) | Select-Object InstallLocation
} catch {
Write-ToLog -Message "Could not determine AppXPackages for selected user, this is okay. Rebuilding UWP Apps from AllUsers list"
}
Expand Down Expand Up @@ -2066,12 +2044,6 @@ Function Start-Migration {
#region Leave Domain or AzureAD

if ($LeaveDomain -eq $true) {
# Get Azure AD Status
foreach ($line in $AzureADInfo) {
if ($line -match "AzureADJoined : ") {
$AzureADStatus = ($line.trimstart('AzureADJoined : '))
}
}
if ($AzureADStatus -match 'YES') {
# Check if user is not NTAUTHORITY\SYSTEM
if (([bool](([System.Security.Principal.WindowsIdentity]::GetCurrent()).user.Value -match "S-1-5-18")) -eq $false) {
Expand Down
Loading

0 comments on commit a1ed2fb

Please sign in to comment.