<#
.SYNOPSIS
    Configures PowerShell transcript logging for remote sessions.

.DESCRIPTION
    Enables comprehensive transcript logging via registry settings,
    creates the logging directory with proper permissions, and sets up
    automatic log rotation.

.NOTES
    Author: ClaudeTools Automation
    Version: 1.0
    Run as Administrator
#>

$ErrorActionPreference = 'Stop'
$transcriptPath = "C:\ClaudeTools\Logs\Transcripts"

Write-Host "Configuring PowerShell Transcript Logging..." -ForegroundColor Cyan

# Create transcript directory
if (-not (Test-Path $transcriptPath)) {
    New-Item -ItemType Directory -Path $transcriptPath -Force | Out-Null
    Write-Host "Created transcript directory: $transcriptPath" -ForegroundColor Green
}

# Set permissions on transcript directory
# Administrators: Full Control, SYSTEM: Full Control, Remote Management Users: Read/Write
$acl = Get-Acl $transcriptPath
$acl.SetAccessRuleProtection($true, $false)  # Disable inheritance

# Add Administrators - Full Control
$adminRule = New-Object System.Security.AccessControl.FileSystemAccessRule(
    "Administrators", "FullControl", "ContainerInherit,ObjectInherit", "None", "Allow"
)
$acl.AddAccessRule($adminRule)

# Add SYSTEM - Full Control
$systemRule = New-Object System.Security.AccessControl.FileSystemAccessRule(
    "SYSTEM", "FullControl", "ContainerInherit,ObjectInherit", "None", "Allow"
)
$acl.AddAccessRule($systemRule)

# Add Remote Management Users - Modify (so they can write transcripts)
$rmRule = New-Object System.Security.AccessControl.FileSystemAccessRule(
    "Remote Management Users", "Modify", "ContainerInherit,ObjectInherit", "None", "Allow"
)
$acl.AddAccessRule($rmRule)

Set-Acl $transcriptPath $acl
Write-Host "Set permissions on transcript directory" -ForegroundColor Green

# Configure PowerShell transcript logging via registry
$psPath = "HKLM:\SOFTWARE\Policies\Microsoft\Windows\PowerShell\Transcription"

if (-not (Test-Path $psPath)) {
    New-Item -Path $psPath -Force | Out-Null
}

# Enable transcription
Set-ItemProperty -Path $psPath -Name "EnableTranscripting" -Value 1 -Type DWord
Set-ItemProperty -Path $psPath -Name "EnableInvocationHeader" -Value 1 -Type DWord
Set-ItemProperty -Path $psPath -Name "OutputDirectory" -Value $transcriptPath -Type String

Write-Host "Enabled PowerShell transcription via registry" -ForegroundColor Green

# Also enable module logging for additional audit trail
$modulePath = "HKLM:\SOFTWARE\Policies\Microsoft\Windows\PowerShell\ModuleLogging"
if (-not (Test-Path $modulePath)) {
    New-Item -Path $modulePath -Force | Out-Null
}
Set-ItemProperty -Path $modulePath -Name "EnableModuleLogging" -Value 1 -Type DWord

# Enable script block logging
$scriptPath = "HKLM:\SOFTWARE\Policies\Microsoft\Windows\PowerShell\ScriptBlockLogging"
if (-not (Test-Path $scriptPath)) {
    New-Item -Path $scriptPath -Force | Out-Null
}
Set-ItemProperty -Path $scriptPath -Name "EnableScriptBlockLogging" -Value 1 -Type DWord

Write-Host "Enabled module and script block logging" -ForegroundColor Green

Write-Host "`nTranscript logging configuration complete!" -ForegroundColor Green
Write-Host "Transcripts will be saved to: $transcriptPath"

# Display current settings
Write-Host "`n--- Current Settings ---" -ForegroundColor Yellow
Get-ItemProperty -Path $psPath | Select-Object EnableTranscripting, EnableInvocationHeader, OutputDirectory