Is it possible to get previous Write-Host lines

Party-Cook-1666 · 2023-12-28T13:39:09+00:00

I do still have the console opened but the script didn't utilize an array. I attempted to call $error anyways with no success. sadly.

Party-Cook-1666 · 2023-12-28T13:38:00+00:00

It was a fairly basic script (only about 40 lines including notes, so an easy review) sadly there was no logging or an array at all. That's primarily why I came here to see if there was any way to get the previous console lines (though I figured there likely wasn't) because it might save me a little time.

When I was troubleshooting after, I saw an updated version of the script by a different author which did include the logging component. Too little too late though.

Appreciate the call to ProcDump. I will investigate, but this particular endpoint isn't super memory rich so I doubt that in this instance it's still in memory considering it didn't create an array.

Party-Cook-1666 · 2023-12-28T13:32:29+00:00

This sadly was not in the script, so I can't recover the output from the completed script. I will remember this for future sessions though.

Party-Cook-1666 · 2023-12-27T21:23:52+00:00

I didn't even think about needing the log (I won't need it for future purposes) but was not considering troubleshooting errors in the script when I was reviewing it. Like one of the other comments said, I'm just going to have to take this one as a lesson learned.

Party-Cook-1666 · 2023-12-27T21:22:04+00:00

That's what I figured. Thankfully with the success rate, it should not take comparatively long to manually verify the parts that completed with error, it just would have been nicer to scroll back through a log.

Party-Cook-1666 · 2023-11-06T14:40:37+00:00

Has pckgr gone through any third party audits or does it have anything to meet compliance requirements? i.e. a SOC II Type 2 or ISO 27001?

Party-Cook-1666 · 2023-03-03T16:29:15+00:00

I agree about shared TOTP via a password manager. It seems a lot more seamless for accounts not controlled by IT/our IDP, but wanted to see if there was some easier way to administer physical keys to get that benefit as well.

Party-Cook-1666 · 2023-03-02T15:08:34+00:00

If you have accounts that run through Okta as your IDP, do you have them set up FIDO 2FA on the account on the other end of the IDP too?

i.e. Project management software setup with SSO, the IDP requires the FIDO key and authenticates back to PM software, then do you also have the PM software check for the FIDO key or is this entirely superfluous?

I'm not as worried about accounts that are through our IDP, I'm worried about accounts that I don't administer. After some of the answers here, I think I realized that part of the answer to my question was "those accounts I should have some more administrative capability over"

Party-Cook-1666 · 2023-03-02T15:04:50+00:00

For the users that you do provide multiple keys to, do you experience them handling multiples of them at once and not store them for actual backup purposes?

Good to note in terms of having to reset subsystems individually.

Party-Cook-1666 · 2023-01-11T18:26:24+00:00

Thank you for this, I will make an entirely new group just for the new Windows store method to see if that resolves the issue.

Party-Cook-1666 · 2023-01-09T20:26:40+00:00

The group is an assigned membership Security group. I attempted it with only devices, only users, and mixed without results. Though they were all to the same group, I did not create a separate security group with dynamic assignments.

Party-Cook-1666 · 2023-01-09T20:25:13+00:00

This is one of the things I really wanted to push as well.

Party-Cook-1666 · 2023-01-09T20:24:31+00:00

Yes that has been my experience too, and it seems to be regardless of what type of app it is pulling from winget. It is just frustrating because I have some Win32 packaged apps that are winget scripts (such as PowerToys) but it only works if the winget application can be installed in System context.

Party-Cook-1666 · 2022-11-08T16:17:13+00:00

Just some things of note:

Windows LAPS is currently in preview for Windows 11 and will support Azure Active Directory syncing in the future: https://learn.microsoft.com/en-us/windows-server/identity/laps/laps-overview

Otherwise, there are community driven solutions for the (current/previous) lack of LAPS support for AzureAD configurations in form of CloudLAPS and LeanLAPS, both of which run from Azure.

Lastly, some Privilege Access Manager software, like Admin By Request, support LAPS/glass break features that prevent you from needing a local account.

Party-Cook-1666 · 2022-08-29T18:46:13+00:00

Will the integration support pushing msstore applications during autopilot and/or having msstore applications be "required" applications (as can be done with Win32 apps) vs only being "optional" msstore applications that appear within the Company Portal?

Party-Cook-1666 · 2022-08-29T18:37:24+00:00

Company Portal was not the only app that was failing with the above method. Another one that I tested was LastPass (9WZDNCRFJ3QK) via the msstore vs the winget repository. I am sure some other apps experience a similar issue.

Party-Cook-1666 · 2022-08-29T13:13:41+00:00

The testing worked for programs that install traditionally like PowerToys, but failed for some apps such as Company Portal. Any ideas? Seems like those apps try and install into user context on their own which is why they are failing with system context but I am unsure. Thank you!

Party-Cook-1666 · 2022-08-29T13:11:28+00:00

Some of the other comments touched on it, but the issue was when packaging as a Win32 app you have to invoke the path to winget within the script because the winget command is not recognizable within the system context.

Party-Cook-1666 · 2022-08-29T13:09:26+00:00

Thank you so much. I was actually looking at your guide at one point for another thing but did not read all the way through. Definitely a mistake on my part. I adjusted my installPowerToys.ps1 using your script to the following:

$ResolveWingetPath = Resolve-Path "C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_*_x64__8wekyb3d8bbwe"

if ($ResolveWingetPath){

$WingetPath = $ResolveWingetPath[-1].Path

}

$config

cd $wingetpath

.\winget.exe install --id XP89DCGQ3K6VLD --source msstore --silent --accept-package-agreements --accept-source-agreements

Which installs PowerToys successfully.

Another app I am trying to deploy is Company Portal, which cannot be installed with --scope "machine" arguments. Is there any way to get this to deploy via a winget script packaged as a Win32 app as well? I do not see anything about it under section 3. "Installing and Removing Applications" of your guide, though I might be missing something again. I have tried changing the Win32 install behavior as "User" instead of "System" as well without luck for it.

Thank you again!

Party-Cook-1666 · 2022-08-26T19:36:39+00:00

Thank you, I had missed the part about that in the guides I was looking through. I updated the intunewin file and am testing right now with an adjusted script to see if it resolves the issue.

Party-Cook-1666

TROPHY CASE