azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fa4ac2ea37a32e0fde79ff87a109ffbcb01dc787
claudetools/.claude/temp/gpo-script2.ps1
Howard Enos 4c94254477 sync: auto-sync from HOWARD-HOME at 2026-05-20 14:53:36 
Author: Howard Enos
Machine: HOWARD-HOME
Timestamp: 2026-05-20 14:53:36
2026-05-20 14:53:38 -07:00

135 lines
7.9 KiB
PowerShell
Raw Blame History

Import-Module GroupPolicy -ErrorAction Stop
$ErrorActionPreference = 'Continue'
$domain = 'cascades.local'
$srv = 'CS-SERVER'
$sysvol = "\\$srv\SYSVOL\$domain\Policies"
$ts = Get-Date -Format "yyyy-MM-dd HH:mm:ss"
Write-Output "=== 1. CSC - Printer Deployment ==="
if (-not (Get-GPO -Name 'CSC - Printer Deployment' -Domain $domain -ErrorAction SilentlyContinue)) {
New-GPO -Name 'CSC - Printer Deployment' -Domain $domain `
-Comment 'Phase 2.6: Deploy CS-SERVER shared printers with OU-based ILT. UNLINKED - link to OU=Workstations at Phase 3 cutover.' | Out-Null
Write-Output " [OK] GPO created"
} else { Write-Output " [--] Already exists" }
$gpo = Get-GPO -Name 'CSC - Printer Deployment' -Domain $domain
$gpoPath = "$sysvol\{$($gpo.Id.ToString().ToUpper())}"
$pDir = "$gpoPath\User\Preferences\Printers"
New-Item -Path $pDir -ItemType Directory -Force | Out-Null
$printers = @(
@{ Share='CopyRoom'; OUs=@() }
@{ Share='BusinessOffice'; OUs=@('OU=Administrative,OU=Departments,DC=cascades,DC=local') }
@{ Share='Accounting'; OUs=@('OU=Administrative,OU=Departments,DC=cascades,DC=local') }
@{ Share='AdminOffice'; OUs=@('OU=Administrative,OU=Departments,DC=cascades,DC=local','OU=Resident Services,OU=Departments,DC=cascades,DC=local') }
@{ Share='ExecDirector'; OUs=@('OU=Administrative,OU=Departments,DC=cascades,DC=local') }
@{ Share='SalesMarketing'; OUs=@('OU=Marketing,OU=Departments,DC=cascades,DC=local') }
@{ Share='Kitchen'; OUs=@('OU=Culinary,OU=Departments,DC=cascades,DC=local') }
@{ Share='CulinaryChef'; OUs=@('OU=Culinary,OU=Departments,DC=cascades,DC=local') }
@{ Share='FrontDesk'; OUs=@('OU=Resident Services,OU=Departments,DC=cascades,DC=local') }
@{ Share='HealthServices'; OUs=@('OU=Care-Assisted Living,OU=Departments,DC=cascades,DC=local','OU=Care-Memorycare,OU=Departments,DC=cascades,DC=local') }
@{ Share='LifeEnrichment'; OUs=@('OU=Life Enrichment,OU=Departments,DC=cascades,DC=local') }
@{ Share='MCDirector'; OUs=@('OU=Care-Memorycare,OU=Departments,DC=cascades,DC=local') }
@{ Share='MCMedTech'; OUs=@('OU=Caregivers,OU=Departments,DC=cascades,DC=local','OU=Care-Memorycare,OU=Departments,DC=cascades,DC=local') }
)
$sb = [System.Text.StringBuilder]::new()
[void]$sb.AppendLine('<?xml version="1.0" encoding="utf-8"?>')
[void]$sb.AppendLine('<Printers clsid="{1F577D12-3D1B-471c-A7BF-E0F49DC793FE}">')
foreach ($p in $printers) {
$uid = [System.Guid]::NewGuid().ToString().ToUpper()
$unc = "\\CS-SERVER\$($p.Share)"
[void]$sb.AppendLine(" <SharedPrinter clsid=""{9A5E9697-9095-436d-A0EE-4D128FDFBCE5}"" name=""$unc"" status=""$unc"" image=""0"" changed=""$ts"" uid=""{$uid}"">")
[void]$sb.AppendLine(" <Properties action=""U"" comment="""" path=""$unc"" location="""" default=""0"" skipLocal=""1"" deleteAll=""0"" persistent=""0"" deleteMaps=""0"" portName="""">")
if ($p.OUs.Count -gt 0) {
[void]$sb.AppendLine(" <Filters>")
$first = $true
foreach ($ou in $p.OUs) {
$bool = if ($first) { 'AND' } else { 'OR' }
[void]$sb.AppendLine(" <FilterOrgUnit bool=""$bool"" not=""0"" name=""LDAP://$ou"" userContext=""1"" directMember=""0""/>")
$first = $false
}
[void]$sb.AppendLine(" </Filters>")
} else {
[void]$sb.AppendLine(" <Filters/>")
}
[void]$sb.AppendLine(" </Properties>")
[void]$sb.AppendLine(" </SharedPrinter>")
}
[void]$sb.AppendLine("</Printers>")
[System.IO.File]::WriteAllText("$pDir\Printers.xml", $sb.ToString(), [System.Text.Encoding]::UTF8)
Write-Output " [OK] Printers.xml written (13 printers with OU-based ILT)"
$iniPath = "$gpoPath\GPT.INI"
$raw = [System.IO.File]::ReadAllText($iniPath)
$ver = 0; if ($raw -match '(?m)^Version=(\d+)') { $ver = [int]$Matches[1] }
$uVer = (($ver -shr 16) -band 0xFFFF) + 1
$mVer = $ver -band 0xFFFF
$newVer = ($uVer -shl 16) -bor $mVer
$machExt = ''; if ($raw -match '(?m)^gPCMachineExtensionNames=([^\r\n]+)') { $machExt = $Matches[1] }
$ini = "[General]`r`nVersion=$newVer`r`n"
if ($machExt) { $ini += "gPCMachineExtensionNames=$machExt`r`n" }
$ini += "gPCUserExtensionNames=[{BC75B1ED-5833-4858-9BB8-CBF0B166DF9D}{D02B1F72-3407-48AE-BA88-E8213C6761F1}]`r`n"
[System.IO.File]::WriteAllText($iniPath, $ini, [System.Text.Encoding]::ASCII)
Write-Output " [OK] GPT.INI updated"
Write-Output ""
Write-Output "=== 2. CSC - Drive Mappings ==="
if (-not (Get-GPO -Name 'CSC - Drive Mappings' -Domain $domain -ErrorAction SilentlyContinue)) {
New-GPO -Name 'CSC - Drive Mappings' -Domain $domain `
-Comment 'Phase 2.6: M: S: T: K: R: with group/OU ILT. UNLINKED - link to OU=Departments at Phase 3 cutover.' | Out-Null
Write-Output " [OK] GPO created"
} else { Write-Output " [--] Already exists" }
$gpo = Get-GPO -Name 'CSC - Drive Mappings' -Domain $domain
$gpoPath = "$sysvol\{$($gpo.Id.ToString().ToUpper())}"
$dDir = "$gpoPath\User\Preferences\Drives"
New-Item -Path $dDir -ItemType Directory -Force | Out-Null
$drives = @(
@{ Letter='M'; Share='\\CS-SERVER\Management'; Label='Management'; FType='Group'; FVal='CASCADES\SG-Mgmt-RW' }
@{ Letter='S'; Share='\\CS-SERVER\Sales'; Label='Sales'; FType='Group'; FVal='CASCADES\SG-Sales-RW' }
@{ Letter='T'; Share='\\CS-SERVER\Activities'; Label='Activities'; FType='Group'; FVal='CASCADES\SG-Activities-RW' }
@{ Letter='K'; Share='\\CS-SERVER\Culinary'; Label='Culinary'; FType='OU'; FVal='OU=Culinary,OU=Departments,DC=cascades,DC=local' }
@{ Letter='R'; Share='\\CS-SERVER\Receptionist'; Label='Receptionist'; FType='OU'; FVal='OU=Resident Services,OU=Departments,DC=cascades,DC=local' }
)
$sb2 = [System.Text.StringBuilder]::new()
[void]$sb2.AppendLine('<?xml version="1.0" encoding="utf-8"?>')
[void]$sb2.AppendLine('<Drives clsid="{8FDDCC1A-0C3C-43cd-A6B4-8A48251CB2FE}">')
foreach ($d in $drives) {
$uid = [System.Guid]::NewGuid().ToString().ToUpper()
[void]$sb2.AppendLine(" <Drive clsid=""{935D1B74-9CB8-4e3c-9914-7DD559B7A417}"" name=""$($d.Letter):"" status=""$($d.Letter):"" image=""2"" changed=""$ts"" uid=""{$uid}"">")
[void]$sb2.AppendLine(" <Properties action=""U"" thisDrive=""SHOW"" allDrives=""NOCHANGE"" userName="""" path=""$($d.Share)"" label=""$($d.Label)"" persistent=""1"" useLetter=""1"" letter=""$($d.Letter)"">")
[void]$sb2.AppendLine(" <Filters>")
if ($d.FType -eq 'Group') {
[void]$sb2.AppendLine(" <FilterGroup bool=""AND"" not=""0"" name=""$($d.FVal)"" sid="""" userContext=""1"" primaryGroup=""0"" localGroup=""0""/>")
} else {
[void]$sb2.AppendLine(" <FilterOrgUnit bool=""AND"" not=""0"" name=""LDAP://$($d.FVal)"" userContext=""1"" directMember=""0""/>")
}
[void]$sb2.AppendLine(" </Filters>")
[void]$sb2.AppendLine(" </Properties>")
[void]$sb2.AppendLine(" </Drive>")
}
[void]$sb2.AppendLine("</Drives>")
[System.IO.File]::WriteAllText("$dDir\Drives.xml", $sb2.ToString(), [System.Text.Encoding]::UTF8)
Write-Output " [OK] Drives.xml written (M: S: T: K: R: with group/OU ILT)"
$iniPath = "$gpoPath\GPT.INI"
$raw = [System.IO.File]::ReadAllText($iniPath)
$ver = 0; if ($raw -match '(?m)^Version=(\d+)') { $ver = [int]$Matches[1] }
$uVer = (($ver -shr 16) -band 0xFFFF) + 1
$mVer = $ver -band 0xFFFF
$newVer = ($uVer -shl 16) -bor $mVer
$machExt = ''; if ($raw -match '(?m)^gPCMachineExtensionNames=([^\r\n]+)') { $machExt = $Matches[1] }
$ini = "[General]`r`nVersion=$newVer`r`n"
if ($machExt) { $ini += "gPCMachineExtensionNames=$machExt`r`n" }
$ini += "gPCUserExtensionNames=[{5794DAFD-BE60-433f-88A2-1A31939AC01F}{D02B1F72-3407-48AE-BA88-E8213C6761F1}]`r`n"
[System.IO.File]::WriteAllText($iniPath, $ini, [System.Text.Encoding]::ASCII)
Write-Output " [OK] GPT.INI updated"
Write-Output ""
Write-Output "=== All CSC GPOs ==="
Get-GPO -All -Domain $domain | Where-Object { $_.DisplayName -like 'CSC - *' } |
Select-Object DisplayName, GpoStatus | Sort-Object DisplayName | Format-Table -AutoSize
Reference in New Issue View Git Blame Copy Permalink