diff --git a/functions/microwin/Invoke-Microwin.ps1 b/functions/microwin/Invoke-Microwin.ps1 index aedcbc3e..acaa2654 100644 --- a/functions/microwin/Invoke-Microwin.ps1 +++ b/functions/microwin/Invoke-Microwin.ps1 @@ -162,6 +162,28 @@ public class PowerManagement { Write-Host "Removing Appx Bloat" Invoke-MicrowinRemoveProvisionedPackages + # Detect Windows 11 24H2 and add dependency to FileExp to prevent Explorer look from going back - thanks @WitherOrNot and @thecatontheceiling + if ((Test-CompatibleImage $imgVersion $([System.Version]::new(10,0,26100,1))) -eq $true) { + try { + if (Test-Path "$scratchDir\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy\appxmanifest.xml" -PathType Leaf) { + # Found the culprit. Do the following: + # 1. Take ownership of the file, from TrustedInstaller to Administrators + takeown /F "$scratchDir\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy\appxmanifest.xml" /A + # 2. Set ACLs so that we can write to it + icacls "$scratchDir\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy\appxmanifest.xml" /grant "$(Invoke-MicrowinGetLocalizedUsers -admins $true):(M)" | Out-Host + # 3. Open the file and do the modification + $appxManifest = Get-Content -Path "$scratchDir\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy\appxmanifest.xml" + $originalLine = $appxManifest[13] + $dependency = "`n " + $appxManifest[13] = "$originalLine$dependency" + Set-Content -Path "$scratchDir\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy\appxmanifest.xml" -Value $appxManifest -Force -Encoding utf8 + } + } + catch { + # Do nothing + } + } + Invoke-MicrowinRemoveFileOrDirectory -pathToDelete "$($scratchDir)\Windows\System32\LogFiles\WMI\RtBackup" -Directory Invoke-MicrowinRemoveFileOrDirectory -pathToDelete "$($scratchDir)\Windows\DiagTrack" -Directory Invoke-MicrowinRemoveFileOrDirectory -pathToDelete "$($scratchDir)\Windows\InboxApps" -Directory diff --git a/functions/microwin/Invoke-MicrowinGet-LocalizedUsers.ps1 b/functions/microwin/Invoke-MicrowinGet-LocalizedUsers.ps1 new file mode 100644 index 00000000..0fd98e4a --- /dev/null +++ b/functions/microwin/Invoke-MicrowinGet-LocalizedUsers.ps1 @@ -0,0 +1,21 @@ +function Invoke-MicrowinGetLocalizedUsers +{ + <# + .SYNOPSIS + Gets a localized user group representation for ICACLS commands (Port from DISMTools PE Helper) + .PARAMETER admins + Determines whether to get a localized user group representation for the Administrators user group + .OUTPUTS + A string containing the localized user group + .EXAMPLE + Invoke-MicrowinGetLocalizedUsers -admins $true + #> + param ( + [Parameter(Mandatory = $true, Position = 0)] [bool]$admins + ) + if ($admins) { + return (Get-LocalGroup | Where-Object { $_.SID.Value -like "S-1-5-32-544" }).Name + } else { + return (Get-LocalGroup | Where-Object { $_.SID.Value -like "S-1-5-32-545" }).Name + } +} \ No newline at end of file diff --git a/functions/microwin/Invoke-MicrowinRemoveFeatures.ps1 b/functions/microwin/Invoke-MicrowinRemoveFeatures.ps1 index a3e4205a..8c32dbf9 100644 --- a/functions/microwin/Invoke-MicrowinRemoveFeatures.ps1 +++ b/functions/microwin/Invoke-MicrowinRemoveFeatures.ps1 @@ -22,7 +22,6 @@ function Invoke-MicrowinRemoveFeatures() { $_.FeatureName -NotLike "*NFS*" -AND $_.FeatureName -NotLike "*SearchEngine*" -AND $_.FeatureName -NotLike "*RemoteDesktop*" -AND - $_.FeatureName -NotLike "*Recall*" -AND $_.State -ne "Disabled" }