311 lines
12 KiB
PowerShell
311 lines
12 KiB
PowerShell
<#
|
|
|
|
.SYNOPSIS
|
|
PSAppDeployToolkit - This script performs the installation or uninstallation of an application(s).
|
|
|
|
.DESCRIPTION
|
|
- The script is provided as a template to perform an install, uninstall, or repair of an application(s).
|
|
- The script either performs an "Install", "Uninstall", or "Repair" deployment type.
|
|
- The install deployment type is broken down into 3 main sections/phases: Pre-Install, Install, and Post-Install.
|
|
|
|
The script imports the PSAppDeployToolkit module which contains the logic and functions required to install or uninstall an application.
|
|
|
|
PSAppDeployToolkit is licensed under the GNU LGPLv3 License - (C) 2025 PSAppDeployToolkit Team (Sean Lillis, Dan Cunningham, Muhammad Mashwani, Mitch Richters, Dan Gough).
|
|
|
|
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the
|
|
Free Software Foundation, either version 3 of the License, or any later version. This program is distributed in the hope that it will be useful, but
|
|
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
|
for more details. You should have received a copy of the GNU Lesser General Public License along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
.PARAMETER DeploymentType
|
|
The type of deployment to perform.
|
|
|
|
.PARAMETER DeployMode
|
|
Specifies whether the installation should be run in Interactive (shows dialogs), Silent (no dialogs), or NonInteractive (dialogs without prompts) mode.
|
|
|
|
NonInteractive mode is automatically set if it is detected that the process is not user interactive.
|
|
|
|
.PARAMETER AllowRebootPassThru
|
|
Allows the 3010 return code (requires restart) to be passed back to the parent process (e.g. SCCM) if detected from an installation. If 3010 is passed back to SCCM, a reboot prompt will be triggered.
|
|
|
|
.PARAMETER TerminalServerMode
|
|
Changes to "user install mode" and back to "user execute mode" for installing/uninstalling applications for Remote Desktop Session Hosts/Citrix servers.
|
|
|
|
.PARAMETER DisableLogging
|
|
Disables logging to file for the script.
|
|
|
|
.EXAMPLE
|
|
powershell.exe -File Invoke-AppDeployToolkit.ps1 -DeployMode Silent
|
|
|
|
.EXAMPLE
|
|
powershell.exe -File Invoke-AppDeployToolkit.ps1 -AllowRebootPassThru
|
|
|
|
.EXAMPLE
|
|
powershell.exe -File Invoke-AppDeployToolkit.ps1 -DeploymentType Uninstall
|
|
|
|
.EXAMPLE
|
|
Invoke-AppDeployToolkit.exe -DeploymentType "Install" -DeployMode "Silent"
|
|
|
|
.INPUTS
|
|
None. You cannot pipe objects to this script.
|
|
|
|
.OUTPUTS
|
|
None. This script does not generate any output.
|
|
|
|
.NOTES
|
|
Toolkit Exit Code Ranges:
|
|
- 60000 - 68999: Reserved for built-in exit codes in Invoke-AppDeployToolkit.ps1, and Invoke-AppDeployToolkit.exe
|
|
- 69000 - 69999: Recommended for user customized exit codes in Invoke-AppDeployToolkit.ps1
|
|
- 70000 - 79999: Recommended for user customized exit codes in PSAppDeployToolkit.Extensions module.
|
|
|
|
.LINK
|
|
https://psappdeploytoolkit.com
|
|
|
|
#>
|
|
|
|
|
|
[CmdletBinding()]
|
|
param
|
|
(
|
|
[Parameter(Mandatory = $false)]
|
|
[ValidateSet('Install', 'Uninstall', 'Repair')]
|
|
[PSDefaultValue(Help = 'Install', Value = 'Install')]
|
|
[System.String]$DeploymentType,
|
|
|
|
[Parameter(Mandatory = $false)]
|
|
[ValidateSet('Interactive', 'Silent', 'NonInteractive')]
|
|
[PSDefaultValue(Help = 'Interactive', Value = 'Interactive')]
|
|
[System.String]$DeployMode = 'Interactive',
|
|
|
|
[Parameter(Mandatory = $false)]
|
|
[System.Management.Automation.SwitchParameter]$AllowRebootPassThru = $false,
|
|
|
|
[Parameter(Mandatory = $false)]
|
|
[System.Management.Automation.SwitchParameter]$TerminalServerMode = $false,
|
|
|
|
[Parameter(Mandatory = $false)]
|
|
[System.Management.Automation.SwitchParameter]$DisableLogging
|
|
)
|
|
|
|
# 🚀 Force Interactive Mode in PSADT 4.0
|
|
|
|
|
|
##================================================
|
|
## MARK: Variables
|
|
##================================================
|
|
|
|
$adtSession = @{
|
|
# App variables.
|
|
AppVendor = 'Ivanti'
|
|
AppName = 'Ivanti Secure Access Client'
|
|
AppVersion = '22.8.33059'
|
|
AppArch = 'x64'
|
|
AppLang = 'EN'
|
|
AppRevision = '01'
|
|
AppSuccessExitCodes = @(0)
|
|
AppRebootExitCodes = @(1641, 3010)
|
|
AppScriptVersion = '1.0.0'
|
|
AppScriptDate = '07/07/2025'
|
|
AppScriptAuthor = 'jxp066admin'
|
|
|
|
# Install Titles (Only set here to override defaults set by the toolkit).
|
|
InstallName = ''
|
|
InstallTitle = ''
|
|
|
|
# Script variables.
|
|
DeployAppScriptFriendlyName = $MyInvocation.MyCommand.Name
|
|
DeployAppScriptVersion = '4.0.6'
|
|
DeployAppScriptParameters = $PSBoundParameters
|
|
}
|
|
|
|
|
|
|
|
function Install-ADTDeployment
|
|
{
|
|
##================================================
|
|
## MARK: Pre-Install
|
|
##================================================
|
|
$adtSession.InstallPhase = "Pre-$($adtSession.DeploymentType)"
|
|
|
|
# 🚀 Force PSADT 4.0 to Run in Interactive Mode
|
|
If ($adtSession.IsSilent()) {
|
|
Write-ADTLogEntry "Forcing Interactive Mode in PSADT 4.0..."
|
|
$global:DeployMode = "Interactive"
|
|
Set-Variable -Name DeployMode -Value "Interactive" -Scope Global -Force
|
|
}
|
|
|
|
|
|
# VPN Detection (Improved)
|
|
$VPNAdapter = Get-NetAdapter | Where-Object { $_.InterfaceDescription -match "Juniper" }
|
|
$VPNActive = if ($VPNAdapter.Status -match "Up") { $true } else { $false }
|
|
|
|
# Create Temporary Directory for Ivanti Files
|
|
$TempLocation = New-Item -Path "C:\ProgramData\" -Name "Ivanti" -ItemType "directory" -Force
|
|
Copy-ADTFile -Path "$($adtSession.DirFiles)\*" -Destination 'C:\ProgramData\Ivanti'
|
|
|
|
# Handle VPN-Connected Scenario
|
|
If ($VPNActive) {
|
|
Write-ADTLogEntry "The VPN is currently active and connected. Prompting the user to update or defer."
|
|
|
|
Show-ADTInstallationPrompt -Message "The Ivanti Secure Access VPN client requires an update. Since you are currently connected to the VPN, you may experience a brief disconnection during the update process. Once the update is complete, you will be automatically reconnected. On the next screen, you will have the option to either Close Apps & Install or Defer the update to a later time." -ButtonMiddleText 'OK'
|
|
|
|
Show-ADTInstallationWelcome -CloseProcesses Pulse -AllowDefer -DeferTimes 4 -CloseProcessesCountdown 300 -PersistPrompt
|
|
|
|
} else {
|
|
Write-ADTLogEntry "The VPN is not currently active, proceeding with the update."
|
|
}
|
|
|
|
#Write-ADTLogEntry "Running the ISACDeepCleanScript to remove all previous installations of Pulse/Ivanti."
|
|
|
|
# Execute Deep Clean Script
|
|
|
|
# Define the PowerShell script path
|
|
$ScriptPath = "$($adtSession.DirFiles)"
|
|
Write-ADTLogEntry "Running the ISACDeepCleanScript to remove all previous installations of Pulse/Ivanti."
|
|
|
|
|
|
##================================================
|
|
## MARK: Install
|
|
##================================================
|
|
$adtSession.InstallPhase = $adtSession.DeploymentType
|
|
|
|
if($VPNActive -eq 'Up') {
|
|
Show-ADTInstallationProgress -StatusMessage 'Installation in Progress...'
|
|
|
|
Start-ADTProcess -FilePath "powershell.exe" -ArgumentList "-ExecutionPolicy Bypass -NoProfile -File `"$ScriptPath\ISACDeepCleanScriptSilentSigned.ps1`"" -Wait
|
|
Start-ADTMsiProcess -FilePath 'PulseSecure.x64.msi' -ArgumentList 'CONFIGFILE=C:\ProgramData\Ivanti\NCH-Pulse-Secure.pulsepreconfig /qn'
|
|
Restart-Service -Name PulseSecureService
|
|
}
|
|
|
|
else {
|
|
Start-ADTProcess -FilePath "powershell.exe" -ArgumentList "-ExecutionPolicy Bypass -NoProfile -File `"$ScriptPath\ISACDeepCleanScriptSilentSigned.ps1`"" -Wait
|
|
Start-ADTMsiProcess -FilePath 'PulseSecure.x64.msi' -ArgumentList 'CONFIGFILE=C:\ProgramData\Ivanti\NCH-Pulse-Secure.pulsepreconfig /qn'
|
|
Restart-Service -Name PulseSecureService
|
|
}
|
|
|
|
##================================================
|
|
## MARK: Post-Install
|
|
##================================================
|
|
$adtSession.InstallPhase = "Post-$($adtSession.DeploymentType)"
|
|
|
|
if($VPNActive -eq 'Up') {
|
|
Show-ADTInstallationPrompt -Message "The Ivanti Secure Access VPN has been successfully updated." -ButtonMiddleText 'Ok'
|
|
}
|
|
|
|
## Master Wrapper detection
|
|
Set-ADTRegistryKey -Key "HKLM\SOFTWARE\InstalledApps\Ivanti_Ivanti Secure Access Client_22.8.31699 (Fix)"
|
|
}
|
|
|
|
function Uninstall-ADTDeployment
|
|
{
|
|
##================================================
|
|
## MARK: Pre-Uninstall
|
|
##================================================
|
|
$adtSession.InstallPhase = "Pre-$($adtSession.DeploymentType)"
|
|
|
|
##================================================
|
|
## MARK: Uninstall
|
|
##================================================
|
|
$adtSession.InstallPhase = $adtSession.DeploymentType
|
|
|
|
Start-ADTMsiProcess -Action 'Uninstall' -ProductCode '{603BA4C0-89B0-4A01-9FB3-4913CC44EECF}' -ArgumentList '/qn'
|
|
|
|
##================================================
|
|
## MARK: Post-Uninstallation
|
|
##================================================
|
|
$adtSession.InstallPhase = "Post-$($adtSession.DeploymentType)"
|
|
|
|
## Master Wrapper detection
|
|
Remove-ADTRegistryKey -Key "HKLM\SOFTWARE\InstalledApps\Ivanti_Ivanti Secure Access Client_22.8.31699 (Fix)"
|
|
}
|
|
|
|
function Repair-ADTDeployment
|
|
{
|
|
##================================================
|
|
## MARK: Pre-Repair
|
|
##================================================
|
|
$adtSession.InstallPhase = "Pre-$($adtSession.DeploymentType)"
|
|
|
|
##================================================
|
|
## MARK: Repair
|
|
##================================================
|
|
$adtSession.InstallPhase = $adtSession.DeploymentType
|
|
|
|
##================================================
|
|
## MARK: Post-Repair
|
|
##================================================
|
|
$adtSession.InstallPhase = "Post-$($adtSession.DeploymentType)"
|
|
|
|
## Master Wrapper detection
|
|
Set-ADTRegistryKey -Key "HKLM\SOFTWARE\InstalledApps\Ivanti_Ivanti Secure Access Client_22.8.31699 (Fix)"
|
|
}
|
|
|
|
|
|
##================================================
|
|
## MARK: Initialization
|
|
##================================================
|
|
|
|
# Set strict error handling across entire operation.
|
|
$ErrorActionPreference = [System.Management.Automation.ActionPreference]::Stop
|
|
$ProgressPreference = [System.Management.Automation.ActionPreference]::SilentlyContinue
|
|
Set-StrictMode -Version 1
|
|
|
|
# Import the module and instantiate a new session.
|
|
try
|
|
{
|
|
$moduleName = if ([System.IO.File]::Exists("$PSScriptRoot\PSAppDeployToolkit\PSAppDeployToolkit.psd1"))
|
|
{
|
|
Get-ChildItem -LiteralPath $PSScriptRoot\PSAppDeployToolkit -Recurse -File | Unblock-File -ErrorAction Ignore
|
|
"$PSScriptRoot\PSAppDeployToolkit\PSAppDeployToolkit.psd1"
|
|
}
|
|
else
|
|
{
|
|
'PSAppDeployToolkit'
|
|
}
|
|
Import-Module -FullyQualifiedName @{ ModuleName = $moduleName; Guid = '8c3c366b-8606-4576-9f2d-4051144f7ca2'; ModuleVersion = '4.0.6' } -Force
|
|
try
|
|
{
|
|
$iadtParams = Get-ADTBoundParametersAndDefaultValues -Invocation $MyInvocation
|
|
$adtSession = Open-ADTSession -SessionState $ExecutionContext.SessionState @adtSession @iadtParams -PassThru
|
|
}
|
|
catch
|
|
{
|
|
Remove-Module -Name PSAppDeployToolkit* -Force
|
|
throw
|
|
}
|
|
}
|
|
catch
|
|
{
|
|
$Host.UI.WriteErrorLine((Out-String -InputObject $_ -Width ([System.Int32]::MaxValue)))
|
|
exit 60008
|
|
}
|
|
|
|
|
|
##================================================
|
|
## MARK: Invocation
|
|
##================================================
|
|
|
|
try
|
|
{
|
|
Get-Item -Path $PSScriptRoot\PSAppDeployToolkit.* | & {
|
|
process
|
|
{
|
|
Get-ChildItem -LiteralPath $_.FullName -Recurse -File | Unblock-File -ErrorAction Ignore
|
|
Import-Module -Name $_.FullName -Force
|
|
}
|
|
}
|
|
& "$($adtSession.DeploymentType)-ADTDeployment"
|
|
Close-ADTSession
|
|
}
|
|
catch
|
|
{
|
|
Write-ADTLogEntry -Message ($mainErrorMessage = Resolve-ADTErrorRecord -ErrorRecord $_) -Severity 3
|
|
Show-ADTDialogBox -Text $mainErrorMessage -Icon Stop | Out-Null
|
|
Close-ADTSession -ExitCode 60001
|
|
}
|
|
finally
|
|
{
|
|
Remove-Module -Name PSAppDeployToolkit* -Force
|
|
}
|
|
|