<# .SYNOPSIS PSAppDeployToolkit - This script performs the installation or uninstallation of an application(s). .DESCRIPTION - The script is provided as a template to perform an install, uninstall, or repair of an application(s). - The script either performs an "Install", "Uninstall", or "Repair" deployment type. - The install deployment type is broken down into 3 main sections/phases: Pre-Install, Install, and Post-Install. The script imports the PSAppDeployToolkit module which contains the logic and functions required to install or uninstall an application. PSAppDeployToolkit is licensed under the GNU LGPLv3 License - (C) 2025 PSAppDeployToolkit Team (Sean Lillis, Dan Cunningham, Muhammad Mashwani, Mitch Richters, Dan Gough). This program is free software: you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation, either version 3 of the License, or any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this program. If not, see . .PARAMETER DeploymentType The type of deployment to perform. .PARAMETER DeployMode Specifies whether the installation should be run in Interactive (shows dialogs), Silent (no dialogs), or NonInteractive (dialogs without prompts) mode. NonInteractive mode is automatically set if it is detected that the process is not user interactive. .PARAMETER AllowRebootPassThru Allows the 3010 return code (requires restart) to be passed back to the parent process (e.g. SCCM) if detected from an installation. If 3010 is passed back to SCCM, a reboot prompt will be triggered. .PARAMETER TerminalServerMode Changes to "user install mode" and back to "user execute mode" for installing/uninstalling applications for Remote Desktop Session Hosts/Citrix servers. .PARAMETER DisableLogging Disables logging to file for the script. .EXAMPLE powershell.exe -File Invoke-AppDeployToolkit.ps1 -DeployMode Silent .EXAMPLE powershell.exe -File Invoke-AppDeployToolkit.ps1 -AllowRebootPassThru .EXAMPLE powershell.exe -File Invoke-AppDeployToolkit.ps1 -DeploymentType Uninstall .EXAMPLE Invoke-AppDeployToolkit.exe -DeploymentType "Install" -DeployMode "Silent" .INPUTS None. You cannot pipe objects to this script. .OUTPUTS None. This script does not generate any output. .NOTES Toolkit Exit Code Ranges: - 60000 - 68999: Reserved for built-in exit codes in Invoke-AppDeployToolkit.ps1, and Invoke-AppDeployToolkit.exe - 69000 - 69999: Recommended for user customized exit codes in Invoke-AppDeployToolkit.ps1 - 70000 - 79999: Recommended for user customized exit codes in PSAppDeployToolkit.Extensions module. .LINK https://psappdeploytoolkit.com #> [CmdletBinding()] param ( [Parameter(Mandatory = $false)] [ValidateSet('Install', 'Uninstall', 'Repair')] [PSDefaultValue(Help = 'Install', Value = 'Install')] [System.String]$DeploymentType, [Parameter(Mandatory = $false)] [ValidateSet('Interactive', 'Silent', 'NonInteractive')] [PSDefaultValue(Help = 'Interactive', Value = 'Interactive')] [System.String]$DeployMode, [Parameter(Mandatory = $false)] [System.Management.Automation.SwitchParameter]$AllowRebootPassThru = $false, [Parameter(Mandatory = $false)] [System.Management.Automation.SwitchParameter]$TerminalServerMode = $false, [Parameter(Mandatory = $false)] [System.Management.Automation.SwitchParameter]$DisableLogging ) ##================================================ ## MARK: Variables ##================================================ $adtSession = @{ # App variables. AppVendor = 'NCHIS' AppName = 'Enable Signature Pad USB Passthrough' AppVersion = '1.0' AppArch = 'x86' AppLang = 'EN' AppRevision = '01' AppSuccessExitCodes = @(0) AppRebootExitCodes = @(1641, 3010) AppScriptVersion = '1.0.0' AppScriptDate = '07/03/2025' AppScriptAuthor = 'jxp066admin' # Install Titles (Only set here to override defaults set by the toolkit). InstallName = '' InstallTitle = '' # Script variables. DeployAppScriptFriendlyName = $MyInvocation.MyCommand.Name DeployAppScriptVersion = '4.0.6' DeployAppScriptParameters = $PSBoundParameters } function Install-ADTDeployment { ##================================================ ## MARK: Pre-Install ##================================================ $adtSession.InstallPhase = "Pre-$($adtSession.DeploymentType)" ##================================================ ## MARK: Install ##================================================ $adtSession.InstallPhase = $adtSession.DeploymentType <# SYNOPSIS Enable Citrix ICA Generic USB AutoRedirect for specific devices. DESCRIPTION For each VID/PID pair, creates the registry key (if missing) and sets AutoRedirect (REG_DWORD) = 1 under: HKLM:\SOFTWARE\WOW6432Node\Citrix\ICA Client\GenericUSB\Devices\ EXAMPLE .\Enable-CitrixAutoRedirect.ps1 -Verbose #> # -- Ensure the script is running as Administrator -- if (-not ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)) { Write-ADTLogEntry "This script must be run as Administrator." exit 1 } # Base registry path $basePath = 'HKLM:\SOFTWARE\WOW6432Node\Citrix\ICA Client\GenericUSB\Devices' # List of device subkeys to configure $deviceKeys = @( 'VID18FB PID0201', 'VID18FB PID0400', 'VID18FB PID0480', 'VID06A8 PID0043', 'VID06A8 PID0057' ) foreach ($keyName in $deviceKeys) { $fullPath = Join-Path -Path $basePath -ChildPath $keyName try { # Create the key if it doesn't exist if (-not (Test-Path -Path $fullPath)) { New-Item -Path $fullPath -Force | Out-Null Write-ADTLogEntry "Created registry key: $fullPath" } # Create or update the AutoRedirect DWORD value to 1 New-ItemProperty ` -Path $fullPath ` -Name 'AutoRedirect' ` -PropertyType DWord ` -Value 1 ` -Force | Out-Null Write-ADTLogEntry "Set AutoRedirect=1 at $fullPath" } catch { Write-ADTLogEntry "Failed to configure '$fullPath': $_" } } Write-ADTLogEntry "All specified AutoRedirect entries have been created/updated." ##================================================ ## MARK: Post-Install ##================================================ $adtSession.InstallPhase = "Post-$($adtSession.DeploymentType)" ## Master Wrapper detection Set-ADTRegistryKey -Key "HKLM\SOFTWARE\InstalledApps\NCHIS_Enable Signature Pad USB Passthrough_1.0" } function Uninstall-ADTDeployment { ##================================================ ## MARK: Pre-Uninstall ##================================================ $adtSession.InstallPhase = "Pre-$($adtSession.DeploymentType)" ##================================================ ## MARK: Uninstall ##================================================ $adtSession.InstallPhase = $adtSession.DeploymentType # Ensure running as Administrator if (-not ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)) { Write-ADTLogEntry "This script must be run as Administrator." exit 1 } # Base registry path $basePath = 'HKLM:\SOFTWARE\WOW6432Node\Citrix\ICA Client\GenericUSB\Devices' # List of device subkeys to remove $deviceKeys = @( 'VID18FB PID0201', 'VID18FB PID0400', 'VID18FB PID0480', 'VID06A8 PID0043', 'VID06A8 PID0057' ) foreach ($keyName in $deviceKeys) { $fullPath = Join-Path -Path $basePath -ChildPath $keyName try { if (Test-Path -Path $fullPath) { Remove-Item -Path $fullPath -Recurse -Force Write-ADTLogEntry "Removed registry key: $fullPath" } else { Write-ADTLogEntry "Registry key not found: $fullPath" } } catch { Write-ADTLogEntry "Failed to remove '$fullPath': $_" } } Write-ADTLogEntry "All specified AutoRedirect entries have been removed (if they existed)." ##================================================ ## MARK: Post-Uninstallation ##================================================ $adtSession.InstallPhase = "Post-$($adtSession.DeploymentType)" ## Master Wrapper detection Remove-ADTRegistryKey -Key "HKLM\SOFTWARE\InstalledApps\NCHIS_Enable Signature Pad USB Passthrough_1.0" } function Repair-ADTDeployment { ##================================================ ## MARK: Pre-Repair ##================================================ $adtSession.InstallPhase = "Pre-$($adtSession.DeploymentType)" ##================================================ ## MARK: Repair ##================================================ $adtSession.InstallPhase = $adtSession.DeploymentType ##================================================ ## MARK: Post-Repair ##================================================ $adtSession.InstallPhase = "Post-$($adtSession.DeploymentType)" ## Master Wrapper detection Set-ADTRegistryKey -Key "HKLM\SOFTWARE\InstalledApps\NCHIS_Enable Signature Pad USB Passthrough_1.0" } ##================================================ ## MARK: Initialization ##================================================ # Set strict error handling across entire operation. $ErrorActionPreference = [System.Management.Automation.ActionPreference]::Stop $ProgressPreference = [System.Management.Automation.ActionPreference]::SilentlyContinue Set-StrictMode -Version 1 # Import the module and instantiate a new session. try { $moduleName = if ([System.IO.File]::Exists("$PSScriptRoot\PSAppDeployToolkit\PSAppDeployToolkit.psd1")) { Get-ChildItem -LiteralPath $PSScriptRoot\PSAppDeployToolkit -Recurse -File | Unblock-File -ErrorAction Ignore "$PSScriptRoot\PSAppDeployToolkit\PSAppDeployToolkit.psd1" } else { 'PSAppDeployToolkit' } Import-Module -FullyQualifiedName @{ ModuleName = $moduleName; Guid = '8c3c366b-8606-4576-9f2d-4051144f7ca2'; ModuleVersion = '4.0.6' } -Force try { $iadtParams = Get-ADTBoundParametersAndDefaultValues -Invocation $MyInvocation $adtSession = Open-ADTSession -SessionState $ExecutionContext.SessionState @adtSession @iadtParams -PassThru } catch { Remove-Module -Name PSAppDeployToolkit* -Force throw } } catch { $Host.UI.WriteErrorLine((Out-String -InputObject $_ -Width ([System.Int32]::MaxValue))) exit 60008 } ##================================================ ## MARK: Invocation ##================================================ try { Get-Item -Path $PSScriptRoot\PSAppDeployToolkit.* | & { process { Get-ChildItem -LiteralPath $_.FullName -Recurse -File | Unblock-File -ErrorAction Ignore Import-Module -Name $_.FullName -Force } } & "$($adtSession.DeploymentType)-ADTDeployment" Close-ADTSession } catch { Write-ADTLogEntry -Message ($mainErrorMessage = Resolve-ADTErrorRecord -ErrorRecord $_) -Severity 3 Show-ADTDialogBox -Text $mainErrorMessage -Icon Stop | Out-Null Close-ADTSession -ExitCode 60001 } finally { Remove-Module -Name PSAppDeployToolkit* -Force }