-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Setup.ps1
148 lines (114 loc) · 5.97 KB
/
Setup.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
param (
[Switch]$SimulatingIntune = $false
)
function Test-Admin {
$currentUser = New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent())
return $currentUser.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
}
function Write-AADMigrationLog {
param (
[string]$Message,
[string]$Level = "INFO"
)
# Get the PowerShell call stack to determine the actual calling function
$callStack = Get-PSCallStack
$callerFunction = if ($callStack.Count -ge 2) { $callStack[1].Command } else { '<Unknown>' }
# Prepare the formatted message with the actual calling function information
$formattedMessage = "[$(Get-Date -Format 'yyyy-MM-dd HH:mm:ss')] [$Level] [$callerFunction] $Message"
# Display the log message based on the log level using Write-Host
switch ($Level.ToUpper()) {
"DEBUG" { Write-Host $formattedMessage -ForegroundColor DarkGray }
"INFO" { Write-Host $formattedMessage -ForegroundColor Green }
"NOTICE" { Write-Host $formattedMessage -ForegroundColor Cyan }
"WARNING" { Write-Host $formattedMessage -ForegroundColor Yellow }
"ERROR" { Write-Host $formattedMessage -ForegroundColor Red }
"CRITICAL" { Write-Host $formattedMessage -ForegroundColor Magenta }
default { Write-Host $formattedMessage -ForegroundColor White }
}
# Append to log file
$logFilePath = [System.IO.Path]::Combine($env:TEMP, 'setupAADMigration.log')
$formattedMessage | Out-File -FilePath $logFilePath -Append -Encoding utf8
}
#region CHECKING IF RUNNING AS WEB SCRIPT
#################################################################################################
# #
# CHECKING IF RUNNING AS WEB SCRIPT #
# #
#################################################################################################
# Check if running as a web script (no $MyInvocation.MyCommand.Path)
if (-not $MyInvocation.MyCommand.Path) {
Write-AADMigrationLog -Message "Running as web script, downloading and executing locally..." -Level "NOTICE"
# Ensure TLS 1.2 is used for secure downloads
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
# Create a time-stamped folder in the temp directory
$timestamp = Get-Date -Format "yyyyMMdd_HHmmss"
$downloadFolder = Join-Path -Path $env:TEMP -ChildPath "IntuneDeviceMigration_$timestamp"
New-Item -Path $downloadFolder -ItemType Directory | Out-Null
# Download the script to the time-stamped folder
$localScriptPath = Join-Path -Path $downloadFolder -ChildPath "IntuneDeviceMigration.setup.ps1"
Invoke-WebRequest -Uri "https://raw.githubusercontent.com/aollivierre/IntuneDeviceMigration/main/Setup.ps1" -OutFile $localScriptPath
Write-AADMigrationLog -Message "Re-running the script locally from: $localScriptPath" -Level "NOTICE"
# Re-run the script locally with elevation if needed
if (-not (Test-Admin)) {
Write-AADMigrationLog -Message "Relaunching downloaded script with elevated permissions..." -Level "NOTICE"
$startProcessParams = @{
FilePath = "powershell.exe"
ArgumentList = @("-NoProfile", "-ExecutionPolicy", "Bypass", "-File", $localScriptPath)
Verb = "RunAs"
}
Start-Process @startProcessParams
exit
}
else {
& $localScriptPath
}
Exit # Exit after running the script locally
}
else {
Write-AADMigrationLog -Message "Running in regular context locally..." -Level "INFO"
# # Elevate to administrator if not already
if (-not (Test-Admin)) {
Write-AADMigrationLog -Message "Restarting script with elevated permissions..." -Level "NOTICE"
$startProcessParams = @{
FilePath = "powershell.exe"
ArgumentList = @("-NoProfile", "-ExecutionPolicy", "Bypass", "-File", $PSCommandPath)
Verb = "RunAs"
}
Start-Process @startProcessParams
exit
}
}
# Set Execution Policy to Bypass if not already set
$currentExecutionPolicy = Get-ExecutionPolicy
if ($currentExecutionPolicy -ne 'Bypass') {
Write-AADMigrationLog -Message "Setting Execution Policy to Bypass..." -Level "NOTICE"
Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass -Force
}
else {
Write-AADMigrationLog -Message "Execution Policy is already set to Bypass." -Level "INFO"
}
#endregion CHECKING IF RUNNING AS WEB SCRIPT
# Core logic to download the entire repository and execute DeviceMigration.ps1
# Create a time-stamped folder in the temp directory
$timestamp = Get-Date -Format "yyyyMMdd_HHmmss"
$tempDir = [System.IO.Path]::Combine([System.IO.Path]::GetTempPath(), "IntuneDeviceMigration_$timestamp")
New-Item -ItemType Directory -Path $tempDir -Force | Out-Null
# Download the ZIP file from GitHub
$repoUrl = "https://github.com/aollivierre/IntuneDeviceMigration/archive/refs/heads/main.zip"
$zipFile = [System.IO.Path]::Combine($tempDir, "IntuneDeviceMigration.zip")
Invoke-WebRequest -Uri $repoUrl -OutFile $zipFile
# Extract the ZIP file
Add-Type -AssemblyName System.IO.Compression.FileSystem
[System.IO.Compression.ZipFile]::ExtractToDirectory($zipFile, $tempDir)
# Update the script path to include the correct subfolder
$extractedDir = [System.IO.Path]::Combine($tempDir, "IntuneDeviceMigration-main", "DeviceMigration")
$scriptPath = [System.IO.Path]::Combine($extractedDir, "DeviceMigration.ps1")
# Open the destination folder for visual verification
Start-Process "explorer.exe" -ArgumentList $extractedDir
if (Test-Path $scriptPath) {
Write-AADMigrationLog -Message "Executing DeviceMigration.ps1 script..." -Level "NOTICE"
& $scriptPath
}
else {
Write-AADMigrationLog -Message "DeviceMigration.ps1 not found!" -Level "ERROR"
}